Lightweight and Practical Anonymous Authentication Protocol for RFID systems using physically unclonable functions

Radio frequency identification (RFID) has been considered one of the imperative requirements for implementation of Internet-of-Things applications. It helps to solve the identification issues of the things in a cost-effective manner, but RFID systems often suffer from various security and privacy issues. To solve those issues for RFID systems, many schemes have been recently proposed by using the cryptographic primitive, called physically uncloneable functions (PUFs), which can ensure a tamper-evident feature. However, to the best of our knowledge, none of them has succeeded to address the problem of privacy preservation with the resistance of DoS attacks in a practical way. For instance, existing schemes need to rely on exhaustive search operations to identify a tag, and also suffer from several security and privacy related issues. Furthermore, a tag needs to store some security credentials (e.g., secret shared keys), which may cause several issues such as loss of forward and backward secrecy and large storage costs. Therefore, in this paper, we first propose a lightweight privacy-preserving authentication protocol for the RFID system by considering the ideal PUF environment. Subsequently, we introduce an enhanced protocol which can support the noisy PUF environment. It is argued that both of our protocols can overcome the limitations of existing schemes, and further ensure more security properties. By analyzing the performance, we have shown that the proposed solutions are secure, efficient, practical, and effective for the resource-constraint RFID tag

A user-centric privacy-preserving authentication protocol for IoT-AmI environments

Ambient Intelligence (AmI) in Internet of Things (IoT) has empowered healthcare professionals to monitor, diagnose, and treat patients remotely. Besides, the AmI-IoT has improved patient engagement and gratification as doctors’ interactions have become more comfortable and efficient. However, the benefits of the AmI-IoT-based healthcare applications are not availed entirely due to the adversarial threats. IoT networks are prone to cyber attacks due to vulnerable wireless mediums and the absentia of lightweight and robust security protocols. This paper introduces computationally-inexpensive privacy-assuring authentication protocol for AmI-IoT healthcare applications. The use of blockchain & fog computing in the protocol guarantees unforgeability, non-repudiation, transparency, low latency, and efficient bandwidth utilization. The protocol uses physically unclonable functions (PUF), biometrics, and Ethereum powered smart contracts to prevent replay, impersonation, and cloning attacks. Results prove the resource efficiency of the protocol as the smart contract incurs very minimal gas and transaction fees. The Scyther results validate the robustness of the proposed protocol against cyber-attacks. The protocol applies lightweight cryptography primitives (Hash, PUF) instead of conventional public-key cryptography and scalar multiplications. Consequently, the proposed protocol is better than centralized infrastructure-based authentication approaches

A Survey of Lightweight Cryptosystems for Smart Home Devices

A Smart Home uses interconnected network technology to monitor the environment, control the various physical appliances, and communicate with each other in a close environment. A typical smart home is made up of a security system, intercommunication system, lighting system, and ventilation system.  Data security schemes for smart homes are ineffective due to inefficiency cryptosystems, high energy consumption, and low exchange security. Traditional cryptosystems are less-applicable because of their large block size, large key size, and complex rounds. This paper conducts a review of smart homes, and adopts Ultra-Sooner Lightweight Cryptography to secure home door. It provides extensive background of cryptography, forms of cryptography as associated issues and strengths, current trends, smart home door system design, and future works suggestions. Specifically, there are prospects of utilizing XORed lightweight cryptosystem for developing encryption and decryption algorithms in smart home devices. The Substitution Permutation Network, and Feistel Network cryptographic primitives were most advanced forms of cipher operations with security guarantees. Therefore, better security, memory and energy efficiency can be obtained with lightweight ciphers in smart home devices when compared to existing solutions. In the subsequent studies, a blockchain-based lightweight cryptography can be the next springboard in attaining the most advanced security for smart home systems and their appliances.     &nbsp

AUTHENTICATED KEY ESTABLISHMENT PROTOCOL FOR CONSTRAINED SMART HEALTHCARE SYSTEMS BASED ON PHYSICAL UNCLONABLE FUNCTION

Smart healthcare systems are one of the critical applications of the internet of things. They benefit many categories of the population and provide significant improvement to healthcare services. Smart healthcare systems are also susceptible to many threats and exploits because they run without supervision for long periods of time and communicate via open channels. Moreover, in many implementations, healthcare sensor nodes are implanted or miniaturized and are resource-constrained. The potential risks on patients/individuals’ life from the threats necessitate that securing the connections in these systems is of utmost importance. This thesis provides a solution to secure end-to-end communications in such systems by proposing an authenticated key establishment protocol. The main objective of the protocol is to examine how physical unclonable functions could be utilized as a lightweight root of trust. The protocol’s design is based on rigid security requirements and inspired by the vulnerability of physical unclonable function to machine learning modeling attacks as well as the use of a ratchet technique. The proposed protocol verification and analysis revealed that it is a suitable candidate for resource-constrained smart healthcare systems. The proposed protocol’s design also has an impact on other important aspects such as anonymity of sensor nodes and gateway-lose scenario

DSCOT: An NFT-Based Blockchain Architecture for the Authentication of IoT-Enabled Smart Devices in Smart Cities

Smart city architecture brings all the underlying architectures, i.e., Internet of Things (IoT), Cyber-Physical Systems (CPSs), Internet of Cyber-Physical Things (IoCPT), and Internet of Everything (IoE), together to work as a system under its umbrella. The goal of smart city architecture is to come up with a solution that may integrate all the real-time response applications. However, the cyber-physical space poses threats that can jeopardize the working of a smart city where all the data belonging to people, systems, and processes will be at risk. Various architectures based on centralized and distributed mechanisms support smart cities; however, the security concerns regarding traceability, scalability, security services, platform assistance, and resource management persist. In this paper, private blockchain-based architecture Decentralized Smart City of Things (DSCoT) is proposed. It actively utilizes fog computing for all the users and smart devices connected to a fog node in a particular management system in a smart city, i.e., a smart house or hospital, etc. Non-fungible tokens (NFTs) have been utilized for representation to define smart device attributes. NFTs in the proposed DSCoT architecture provide devices and user authentication (IoT) functionality. DSCoT has been designed to provide a smart city solution that ensures robust security features such as Confidentiality, Integrity, Availability (CIA), and authorization by defining new attributes and functions for Owner, User, Fog, and IoT devices authentication. The evaluation of the proposed functions and components in terms of Gas consumption and time complexity has shown promising results. Comparatively, the Gas consumption for minting DSCoT NFT showed approximately 27%, and a DSCoT approve() was approximately 11% more efficient than the PUF-based NFT solution.Comment: 18 pages, 15 figures, 5 tables, journa

The Internet of Things Security and Privacy: Current Schemes, Challenges and Future Prospects

The Internet of Things devices and users exchange massive amount of data. Some of these exchanged messages are highly sensitive as they involve organizational, military or patient personally identifiable information. Therefore, many schemes and protocols have been put forward to protect the transmitted messages. The techniques deployed in these schemes may include blockchain, public key infrastructure, elliptic curve cryptography, physically unclonable function and radio frequency identification. In this paper, a review is provided of these schemes including their strengths and weaknesses. Based on the obtained results, it is clear that majority of these protocols have numerous security, performance and privacy issues

Lightweight and privacy-preserving two-factor authentication scheme for IoT devices

Device authentication is an essential security feature for Internet of Things (IoT). Many IoT devices are deployed in the open and public places, which makes them vulnerable to physical and cloning attacks. Therefore, any authentication protocol designed for IoT devices should be robust even in cases when an IoT device is captured by an adversary. Moreover, many of the IoT devices have limited storage and computational capabilities. Hence, it is desirable that the security solutions for IoT devices should be computationally efficient. To address all these requirements, in this paper, we present a lightweight and privacy-preserving two-factor authentication scheme for IoT devices, where physically uncloneable functions have been considered as one of the authentication factors. Security and performance analysis show that our proposed scheme is not only robust against several attacks, but also very efficient in terms of computational efficiently

Security and privacy issues of physical objects in the IoT: Challenges and opportunities

In the Internet of Things (IoT), security and privacy issues of physical objects are crucial to the related applications. In order to clarify the complicated security and privacy issues, the life cycle of a physical object is divided into three stages of pre-working, in-working, and post-working. On this basis, a physical object-based security architecture for the IoT is put forward. According to the security architecture, security and privacy requirements and related protecting technologies for physical objects in different working stages are analyzed in detail. Considering the development of IoT technologies, potential security and privacy challenges that IoT objects may face in the pervasive computing environment are summarized. At the same time, possible directions for dealing with these challenges are also pointed out

Certificateless Algorithm for Body Sensor Network and Remote Medical Server Units Authentication over Public Wireless Channels

Wireless sensor networks process and exchange mission-critical data relating to patients’ health status. Obviously, any leakages of the sensed data can have serious consequences which can endanger the lives of patients. As such, there is need for strong security and privacy protection of the data in storage as well as the data in transit. Over the recent past, researchers have developed numerous security protocols based on digital signatures, advanced encryption standard, digital certificates and elliptic curve cryptography among other approaches. However, previous studies have shown the existence of many security and privacy gaps that can be exploited by attackers to cause some harm in these networks. In addition, some techniques such as digital certificates have high storage and computation complexities occasioned by certificate and public key management issues. In this paper, a certificateless algorithm is developed for authenticating the body sensors and remote medical server units. Security analysis has shown that it offers data privacy, secure session key agreement, untraceability and anonymity. It can also withstand typical wireless sensor networks attacks such as impersonation, packet replay and man-in-the-middle. On the other hand, it is demonstrated to have the least execution time and bandwidth requirements