123,776 research outputs found
Octopus: A Secure and Anonymous DHT Lookup
Distributed Hash Table (DHT) lookup is a core technique in structured
peer-to-peer (P2P) networks. Its decentralized nature introduces security and
privacy vulnerabilities for applications built on top of them; we thus set out
to design a lookup mechanism achieving both security and anonymity, heretofore
an open problem. We present Octopus, a novel DHT lookup which provides strong
guarantees for both security and anonymity. Octopus uses attacker
identification mechanisms to discover and remove malicious nodes, severely
limiting an adversary's ability to carry out active attacks, and splits lookup
queries over separate anonymous paths and introduces dummy queries to achieve
high levels of anonymity. We analyze the security of Octopus by developing an
event-based simulator to show that the attacker discovery mechanisms can
rapidly identify malicious nodes with low error rate. We calculate the
anonymity of Octopus using probabilistic modeling and show that Octopus can
achieve near-optimal anonymity. We evaluate Octopus's efficiency on Planetlab
with 207 nodes and show that Octopus has reasonable lookup latency and
manageable communication overhead
Security aspects and efforts towards secure Internet of things
Abstract—Internet of Things (IoT) consists of wired and wireless devices, typically supplied with minimum physical resources including limited computational and communication resources. Most of the devices are distinguished by their low bandwidth, short range, scarce memory capacity, limited processing capability and other attributes of inexpensive hardware. The resulting networks are more prone to traffic loss and other vulnerabilities. One of the potential networking challenges is to ensure the network communication among these deployed devices remains secure at less processing and communication overhead, and small packet size. The purpose of this paper is to highlight possible security attacks in Low Power and Lossy Networks (LLNs) as identifying pertinent security issues is an initial step to design the effective countermeasures. The IETF efforts in relevance to security implementation of this type of network are presented with focus on layer-2 and authentication mechanism at upper layer
Low complexity physical layer security approach for 5G internet of things
Fifth-generation (5G) massive machine-type communication (mMTC) is expected to support the cellular adaptation of internet of things (IoT) applications for massive connectivity. Due to the massive access nature, IoT is prone to high interception probability and the use of conventional cryptographic techniques in these scenarios is not practical considering the limited computational capabilities of the IoT devices and their power budget. This calls for a lightweight physical layer security scheme which will provide security without much computational overhead and/or strengthen the existing security measures. Here a shift based physical layer security approach is proposed which will provide a low complexity security without much changes in baseline orthogonal frequency division multiple access (OFDMA) architecture as per the low power requirements of IoT by systematically rearranging the subcarriers. While the scheme is compatible with most fast Fourier transform (FFT) based waveform contenders which are being proposed in 5G especially in mMTC and ultra-reliable low latency communication (URLLC), it can also add an additional layer of security at physical layer to enhanced mobile broadband (eMBB)
ESIA: An Efficient and Stable Identity Authentication for Internet of Vehicles
Decentralized, tamper-proof blockchain is regarded as a solution to a
challenging authentication issue in the Internet of Vehicles (IoVs). However,
the consensus time and communication overhead of blockchain increase
significantly as the number of vehicles connected to the blockchain. To address
this issue, vehicular fog computing has been introduced to improve efficiency.
However, existing studies ignore several key factors such as the number of
vehicles in the fog computing system, which can impact the consensus
communication overhead. Meanwhile, there is no comprehensive study on the
stability of vehicular fog composition. The vehicle movement will lead to
dynamic changes in fog. If the composition of vehicular fog is unstable, the
blockchain formed by this fog computing system will be unstable, which can
affect the consensus efficiency. With the above considerations, we propose an
efficient and stable identity authentication (ESIA) empowered by hierarchical
blockchain and fog computing. By grouping vehicles efficiently, ESIA has low
communication complexity and achieves high stability. Moreover, to enhance the
consensus security of the hierarchical blockchain, the consensus process is
from the bottom layer to the up layer (bottom-up), which we call B2UHChain.
Through theoretical analysis and simulation verification, our scheme achieves
the design goals of high efficiency and stability while significantly improving
the IoV scalability to the power of 1.5 (^1.5) under similar security to a
single-layer blockchain. In addition, ESIA has less communication and
computation overhead, lower latency, and higher throughput than other baseline
authentication schemes
MuON: Epidemic based mutual anonymity in unstructured P2P networks
A mutual anonymity system enables communication between a client and a service provider without revealing their identities. In general, the anonymity guarantees made by the protocol are enhanced when a large number of participants are recruited into the anonymity system. Peer-to-peer (P2P) systems are able to attract a large number of nodes and hence are highly suitable for anonymity systems. However, the churn (changes in system membership) within P2P networks, poses a significant challenge for low-bandwidth reliable anonymous communication in these networks.
This paper presents MuON, a protocol to achieve mutual anonymity in unstructured P2P networks. MuON leverages epidemic-style data dissemination to deal with churn. Simulation results and security analysis indicate that MuON provides mutual anonymity in networks with high churn, while maintaining predictable latencies, high reliability, and low communication overhead
Access Authentication Via Blockchain in Space Information Network
These authors contributed equally to this work. Abstract Space Information Network (SIN) has significant benefits of providing communication anywhere at any time. This feature offers an innovative way for conventional wireless customers to access enhanced internet services by using SIN. However, SIN's characteristics, such as naked links and maximum signal latency, make it difficult to design efficient security and routing protocols, etc. Similarly, existing SIN authentication techniques can't satisfy all of the essentials for secure communication, such as privacy leaks or rising authentication latency. The article aims to develop a novel blockchain-based access authentication mechanism for SIN. The proposed scheme uses a blockchain application, which has offered anonymity to mobile users while considering the satellites' limited processing capacity. The proposed scheme uses a blockchain application, which offers anonymity to mobile users while considering the satellites' limited processing capacity. The SIN gains the likelihood of far greater computational capacity devices as technology evolves. Since authenticating in SIN, the technique comprises three entities: low Earth orbit, mobile user, and network control centre. The proposed mutual authentication mechanism avoids the requirement of a ground station, resulting in less latency and overhead during mobile user authentication. Finally, the new blockchain-based authentication approach is being evaluated with AVISPA, a formal security tool. The simulation and performance study results illustrate that the proposed technique delivers efficient security characteristics such as low authentication latency, minimal signal overhead and less computational cost with group authentication
Implementation and Performance Evaluation of Embedded IPsec in Microkernel OS
The rapid development of the embedded systems
and the wide use of them in many sensitive fields require
safeguarding their communications. Internet Protocol Security
(IPsec) is widely used to solve network security problems by
providing confidentiality and integrity for the communications
in the network, but it introduces communication overhead.
This overhead becomes a critical factor with embedded
systems because of their low computing power and limited
resources. In this research, we studied the overhead of using
embedded IPsec in constrained resource systems, which run
microkernel operating system (OS), in terms of the network
latency and throughput. To conduct our experiment first, we
ran the test with an unmodified network stack, and then we
ran the same test with the modified network stack which
contains the IPsec implementation. Later, we compared the
results obtained from these two sets of experiments to examine
the overhead. Our research demonstrated that the overhead
imposed by IPsec protocols is small and well within the
capabilities of even low cost microcontrollers such as the one
used in the Raspberry Pi computer
- …