5 research outputs found
An Authentication Protocol for Future Sensor Networks
Authentication is one of the essential security services in Wireless Sensor
Networks (WSNs) for ensuring secure data sessions. Sensor node authentication
ensures the confidentiality and validity of data collected by the sensor node,
whereas user authentication guarantees that only legitimate users can access
the sensor data. In a mobile WSN, sensor and user nodes move across the network
and exchange data with multiple nodes, thus experiencing the authentication
process multiple times. The integration of WSNs with Internet of Things (IoT)
brings forth a new kind of WSN architecture along with stricter security
requirements; for instance, a sensor node or a user node may need to establish
multiple concurrent secure data sessions. With concurrent data sessions, the
frequency of the re-authentication process increases in proportion to the
number of concurrent connections, which makes the security issue even more
challenging. The currently available authentication protocols were designed for
the autonomous WSN and do not account for the above requirements. In this
paper, we present a novel, lightweight and efficient key exchange and
authentication protocol suite called the Secure Mobile Sensor Network (SMSN)
Authentication Protocol. In the SMSN a mobile node goes through an initial
authentication procedure and receives a re-authentication ticket from the base
station. Later a mobile node can use this re-authentication ticket when
establishing multiple data exchange sessions and/or when moving across the
network. This scheme reduces the communication and computational complexity of
the authentication process. We proved the strength of our protocol with
rigorous security analysis and simulated the SMSN and previously proposed
schemes in an automated protocol verifier tool. Finally, we compared the
computational complexity and communication cost against well-known
authentication protocols.Comment: This article is accepted for the publication in "Sensors" journal. 29
pages, 15 figure
A Secure Key Agreement Protocol for Dynamic Group
To accomplish secure group communication, it is essential to share a unique
cryptographic key among group members. The underlying challenges to group key
agreement are scalability, efficiency, and security. In a dynamic group
environment, the rekeying process is more frequent; therefore, it is more
crucial to design an efficient group key agreement protocol. Moreover, with the
emergence of various group-based services, it is becoming common for several
multicast groups to coexist in the same network. These multicast groups may
have several shared users; a join or leave request by a single user can trigger
regeneration of multiple group keys. Under the given circumstances the rekeying
process becomes a challenging task. In this work, we propose a novel
methodology for group key agreement which exploits the state vectors of group
members. The state vector is a set of randomly generated nonce instances which
determine the logical link between group members and which empowers the group
member to generate multiple cryptographic keys independently. Using local
knowledge of a secret nonce, each member can generate and share a large number
of secure keys, indicating that SGRS inherently provides a considerable amount
of secure subgroup multicast communication using subgroup multicasting keys
derived from local state vectors. The resulting protocol is secure and
efficient in terms of both communication and computation.Comment: This article is accepted for the publication in Cluster Computing-The
Journal of Networks, Software Tools and Applications. Print ISSN 1386-7857,
Online ISSN 1573-754
Secure Distribution of Protected Content in Information-Centric Networking
The benefits of the ubiquitous caching in ICN are profound, such features
make ICN promising for content distribution, but it also introduces a challenge
to content protection against the unauthorized access. The protection of a
content against unauthorized access requires consumer authentication and
involves the conventional end-to-end encryption. However, in
information-centric networking (ICN), such end-to-end encryption makes the
content caching ineffective since encrypted contents stored in a cache are
useless for any consumers except those who know the encryption key. For
effective caching of encrypted contents in ICN, we propose a secure
distribution of protected content (SDPC) scheme, which ensures that only
authenticated consumers can access the content. SDPC is lightweight and allows
consumers to verify the originality of the published content by using a
symmetric key encryption. Moreover, SDPC naming scheme provides protection
against privacy leakage. The security of SDPC was proved with the BAN logic and
Scyther tool verification, and simulation results show that SDPC can reduce the
content download delay.Comment: 15 pages, 8 figures, This article is an enhancement version of
journal article published in IEEE Systems Journal, DOI:
10.1109/JSYST.2019.2931813. arXiv admin note: text overlap with
arXiv:1808.0328
Time-assisted authentication protocol
Authentication is the first step toward establishing a service provider and customer association. In a mobile network environment, a lightweight and secure authentication protocol is one of the most significant factors to enhance the degree of service persistence. This work presents a secure and lightweight keying and authentication protocol suite termed time-assisted authentication protocol (TAP). The TAP improves the security of protocols with the assistance of time-based encryption keys and scales down the authentication complexity by issuing a reauthentication ticket. While moving across the network, a mobile customer node sends a reauthentication ticket to establish new sessions with service-providing nodes. Consequently, this reduces the communication and computational complexity of the authentication process. In the keying protocol suite, a key distributor controls the key generation arguments and time factors, while other participants independently generate a keychain based on key generation arguments. We undertake a rigorous security analysis and prove the security strength of TAP using communicating sequential processes and rank function analysis