Security of IoT in 5G Cellular Networks: A Review of Current Status, Challenges and Future Directions

The Internet of Things (IoT) refers to a global network that integrates real life physical objects with the virtual world through the Internet for making intelligent decisions. In a pervasive computing environment, thousands of smart devices, that are constrained in storage, battery backup and computational capability, are connected with each other. In such an environment, cellular networks that are evolving from 4G to 5G, are set to play a crucial role. Distinctive features like high bandwidth, wider coverage, easy connectivity, in-built billing mechanism, interface for M2M communication, etc., makes 5G cellular network a perfect candidate to be adopted as a backbone network for the future IoT. However, due to resource constrained nature of the IoT devices, researchers have anticipated several security and privacy issues in IoT deployments over 5G cellular network. Off late, several schemes and protocols have been proposed to handle these issues. This paper performs a comprehensive review of such schemes and protocols proposed in recent times. Different open security issues, challenges and future research direction are also summarized in this review paper

Generating Boolean lattices by few elements and exchanging session keys

Let Sp($k$) denote the number of the $\lfloor k/2\rfloor$-element subsets of a finite $k$-element set. We prove that the least size of a generating subset of the Boolean lattice with $n$ atoms (or, equivalently, the powerset lattice of an $n$-element set) is the least number $k$ such that $n\leq$ Sp($k$). Based on this fact and our 2021 protocol based on equivalence lattices, we outline a cryptographic protocol for exchanging session keys, that is, frequently changing secondary keys. In the present paper, which belongs mainly to lattice theory, we do not elaborate and prove those details of this protocol that modern cryptology would require to guarantee security; the security of the protocol relies on heuristic considerations. However, as a first step, we prove that if an eavesdropper could break every instance of an easier protocol in polynomial time, then P would equal NP. As a byproduct, it turns out that in each nontrivial finite lattice that has a prime filter, in particular, in each nontrivial finite Boolean lattice, the solvability of systems of equations with constant-free left sides but constant right sides is an NP-complete problem.Comment: As the new title shows, the cryptology part has changed a lot; in particular, (4.3), Remark 4.1, and (in the lattice theoretic part) Remark 5.3 are new. Some details (like a Pascal program) in the earlier version are still relevant but they are not repeated in this shorter (14 page long) versio

Post-Quantum Secure Remote Password Protocol from RLWE Problem

Secure Remote Password (SRP) protocol is an augmented Password-based Authenticated Key Exchange (PAKE) protocol based on discrete logarithm problem (DLP) with various attractive security features. Compared with basic PAKE protocols, SRP does not require server to store user\u27s password and user does not send password to server to authenticate. These features are desirable for secure client-server applications. SRP has gained extensive real-world deployment, including Apple iCloud, 1Password etc. However, with the advent of quantum computer and Shor\u27s algorithm, classic DLP-based public key cryptography algorithms are no longer secure, including SRP. Motivated by importance of SRP and threat from quantum attacks, we propose a RLWE-based SRP protocol (RLWE-SRP) which inherit advantages from SRP and elegant design from RLWE key exchange. We also present parameter choice and efficient portable C++ implementation of RLWE-SRP. Implementation of our 209-bit secure RLWE-SRP is more than 3x faster than 112-bit secure original SRP protocol, 5.5x faster than 80-bit secure J-PAKE and 14x faster than two 184-bit secure RLWE-based PAKE protocols with more desired properties

Quantum Resistant Authentication Methods for Quantum Key Distribution

Màster Oficial de Ciència i Tecnologia Quàntiques / Quantum Science and Technology, Facultat de Física, Universitat de Barcelona. Curs: 2021-2022. Tutors: Marc Manzano, David JosephQuantum Key Distribution (QKD) can distribute keys securely, even in the era of quantum computers, only if the classical channel has been authenticated. This master thesis investigates several methods and optimal parameters for authenticating the classical channel as quickly as possible in the QKD protocol BB84. We utilized quantum-resistant signature algorithms for authentication as they withstand attacks from quantum adversaries. We introduce a novel authentication approach, mono-authentication, which comprises authenticating only at the end rather than the traditional multi-authentication after each stage of communication. We first simulated a simile of what would be performed in classical cryptography to distribute a key, where we ask the QKD for a determined number of security bits. Next, we studied how four different signature algorithms performed in a noisy quantum channel and found the optimal cases for implementing these algorithms. Then, we obtained a frequency of authentications for three payloads. Finally, we used the previous results to calculate the minimum period for each post-quantum algorithm needs for authentication in terms of the key rate. Results show that the mono-authentication style is at least twice faster than the multi-authentication case. We conclude that in noisy channels, the mono-case reduces its cost significantly. Regarding the performance of the signatures, CRYSTALS-DILITHIUM is shown to be the fastest overall, and in contrast to the other algorithms, its number of signatures per second fluctuates with the key rate while being consistently low for the others