Survey on Lightweight Primitives and Protocols for RFID in Wireless Sensor Networks

The use of radio frequency identification (RFID) technologies is becoming widespread in all kind of wireless network-based applications. As expected, applications based on sensor networks, ad-hoc or mobile ad hoc networks (MANETs) can be highly benefited from the adoption of RFID solutions. There is a strong need to employ lightweight cryptographic primitives for many security applications because of the tight cost and constrained resource requirement of sensor based networks. This paper mainly focuses on the security analysis of lightweight protocols and algorithms proposed for the security of RFID systems. A large number of research solutions have been proposed to implement lightweight cryptographic primitives and protocols in sensor and RFID integration based resource constraint networks. In this work, an overview of the currently discussed lightweight primitives and their attributes has been done. These primitives and protocols have been compared based on gate equivalents (GEs), power, technology, strengths, weaknesses and attacks. Further, an integration of primitives and protocols is compared with the possibilities of their applications in practical scenarios

Design and Implementation of Triple DES Encryption Scheme

The speed of exhaustive key searches against DES after 1990 began to cause discomfort amongst users of DES. However, users did not want to replace DES as it takes an enormous amount of time and money to change encryption algorithms that are widely adopted and embedded in large security architectures. The DES algorithm was replaced by the Advanced Encryption Standard (AES) by the National Institute of Standards and Technology (NIST). The pragmatic approach was not to abandon the DES completely, but to change the manner in which DES is used. DES is often used in conjunction with Triple DES. It derives from single DES but the technique is used in triplicate and involves three sub keys and key padding when necessary, such as instances where the keys must be increased to 64 bits in length. Known for its compatibility and flexibility, software can easily be converted for Triple DES inclusion. Therefore, it may not be nearly as obsolete as deemed by NIST. This led to the modified schemes of Triple DES (sometimes known as 3DES).3DES is a way to reuse DES implementations, by chaining three instances of DES with different keys. 3DES is believed to still be secure because it requires 2^112 brute-force operations which is not achievable with foreseeable technology. While AES is a totally new encryption that uses the substitution-permutation network, 3DES is just an adaptation to the older DES encryption that relied on the balanced Feistel network. But since it is applied three times, the implementer can choose to have 3 discrete 56 bit keys, or 2identical and 1 discrete, or even three identical keys. This means that 3DES can have encryption key lengths of 168, 112, or 56 bit encryption key lengths respectively. But due to certain vulnerabilities when reapplying the same encryption thrice, it leads to slower performance. In this paper we present a pipelined implementation in VHDL, in Electronic Code Book (EBC) mode, of this commonly used Cryptography scheme with aim to improve performance. We achieve a 48-stage pipeline depth by implementing a TDES key buffer and right rotations in the DES decryption key scheduler. We design and verify our implementation using ModelSim SE 6.3f and Xilinx ISE 8.1i. We gather cost and throughput information from the synthesis and Timing results and compare the performance of our design to common implementations presented in other literatures

An Energy-Efficient Reconfigurable DTLS Cryptographic Engine for Securing Internet-of-Things Applications

This paper presents the first hardware implementation of the Datagram Transport Layer Security (DTLS) protocol to enable end-to-end security for the Internet of Things (IoT). A key component of this design is a reconfigurable prime field elliptic curve cryptography (ECC) accelerator, which is 238x and 9x more energy-efficient compared to software and state-of-the-art hardware respectively. Our full hardware implementation of the DTLS 1.3 protocol provides 438x improvement in energy-efficiency over software, along with code size and data memory usage as low as 8 KB and 3 KB respectively. The cryptographic accelerators are coupled with an on-chip low-power RISC-V processor to benchmark applications beyond DTLS with up to two orders of magnitude energy savings. The test chip, fabricated in 65 nm CMOS, demonstrates hardware-accelerated DTLS sessions while consuming 44.08 uJ per handshake, and 0.89 nJ per byte of encrypted data at 16 MHz and 0.8 V.Comment: Published in IEEE Journal of Solid-State Circuits (JSSC

Review on Lightweight Cryptography Techniques and Steganography Techniques for IOT Environment

In the modern world, technology has connected to our day-to-day life in different forms. The Internet of Things (IoT) has become an innovative criterion for mass implementations and a part of daily life. However, this rapid growth leads the huge traffic and security problems. There are several challenges arise while deploying IoT. The most common challenges are privacy and security during data transmission. To address these issues, various lightweight cryptography and steganography techniques were introduced. These techniques are helpful in securing the data over the IoT. The hybrid of cryptography and steganography mechanisms provides enhanced security to confidential messages. Any messages can be secured by cryptography or by embedding the messages into any media files, including text, audio, image, and video, using steganography. Hence, this article has provided a detailed review of efficient, lightweight security solutions based on cryptography and steganography and their function over IoT applications. The objective of the paper is to study and analyze various Light weight cryptography techniques and Steganography techniques for IoT. A few works of literature were reviewed in addition to their merits and limitations. Furthermore, the common problems in the reviewed techniques are explained in the discussion section with their parametric comparison. Finally, the future scope to improve IoT security solutions based on lightweight cryptography and steganography is mentioned in the conclusion part

Security in serverless network environments

As portable computing devices grow in popularity, so does the need for secure communications. Lacking tethers, these devices are ideal for forming small proximal groups in an ad-hoc fashion in environments where no server or permanent services are available. Members of these groups communicate over a broadcast or multicast network interconnect, and rely upon each other to form a cohesive group. While generally small in size and short in lifetime, security is a critical aspect of these groups that has received much academic attention in recent years. Much of the research focuses upon generating a common, group-wide private key suitable for encryption. This group key agreement utilizes keying technology that is very costly for small, limited-lifetime devices. Furthermore, key agreement provides no constructs for message authentication or integrity. Traditional systems require two keypairs to address both aspects of the secure group and one for encryption, the other for message validation. This work investigates the appropriateness of using a shared keypair for both contributory group key agreement and message quality guarantees. A JCE-compliant key agreement and digital signature framework has been implemented and is presented, and discussed. Using elliptic curve-based keys, this is possible at no loss in security, and these keys are easily and quickly computable on smaller devices. Algorithms that are known for their cryptographic strength are leveraged in both encryption and digital signature applications. This technique provides a computationally-effient key agreement scheme and digital signature framework, and a network-effcient key and signature distribution system. Perfect forward and backward security is maintained, and all members retain a current view of the group from a cryptographic perspective. This thesis is the culmination of several quarters of research and work, all conducted at the Rochester Institute of Technology under the supervison of Dr. Hans-Peter Bischof between December 2002 and January 2004. This thesis is completed as partial fullfillment of the requirements for a Masters Degree in Computer Science from the Rochester Institute of Technology

Encryption Quality and Performance Analysis of GKSBC Algorithm

In the age of intensive data exchanges, security of data poses a major challenge to the existing communication arrangement. In this context the evolution and evaluation of new encryption system is inextricably linked to the process of realizing ever increasing network security needs. Recently a Generalized Key Scheme in a Block Cipher Algorithm (GKSBC) is found to be robust in cryptanalysis and the result of key sensitivity analysis was found satisfactory. This study compares GKSBC with the class of block cipher algorithms viz., RC6, AES and Blowfish, and presents a performance evaluation. To assess the encryption quality two measures viz., Encryption Quality measure and Correlation analysis is applied. Thorough experimental tests with detailed analysis showed the high quality and comparative efficiency of GKSBC algorithm. Keywords: symmetric, generalized, throughput, encryption, correlation

A security suite for wireless body area networks

Wireless Body Area Networks (WBANs) have gained a lot of research attention in recent years since they offer tremendous benefits for remote health monitoring and continuous, real-time patient care. However, as with any wireless communication, data security in WBANs is a challenging design issue. Since such networks consist of small sensors placed on the human body, they impose resource and computational restrictions, thereby making the use of sophisticated and advanced encryption algorithms infeasible. This calls for the design of algorithms with a robust key generation / management scheme, which are reasonably resource optimal. This paper presents a security suite for WBANs, comprised of IAMKeys, an independent and adaptive key management scheme for improving the security of WBANs, and KEMESIS, a key management scheme for security in inter-sensor communication. The novelty of these schemes lies in the use of a randomly generated key for encrypting each data frame that is generated independently at both the sender and the receiver, eliminating the need for any key exchange. The simplicity of the encryption scheme, combined with the adaptability in key management makes the schemes simple, yet secure. The proposed algorithms are validated by performance analysis.Comment: 20 pages, 10 figures, 3 tables, International Journal of Network Security & its Applications (IJNSA

Performance Evaluation of Cryptographic Algorithms: DES, 3DES, Blowfish, Twofish, and Threefish

With the advancement of the Internet, many individuals and organizations have started to use it to store and send personal or business information. Some of this information is highly confidential and that, in turn, raises an issue of data privacy and confidentiality. Major advances in the Internet have also aided intruders in getting unauthorized access to confidential information. Information Security is the art of securing data from illegitimate access while ensuring integrity, availability, and confidentiality of data. Information Security is achieved through cryptographic encryption and decryption algorithms. Encryption hides confidential information by converting it to an unreadable form while the reverse process of retrieving data from the unreadable or encrypted form is known as decryption. Many cryptographic algorithms exist today and selecting which one to use depends on several factors and measures. This paper conducts a comparison of the encryption speed for five different cryptographic symmetric block-cipher algorithms: DES, 3DES, Blowfish, Twofish, and Threefish. The simulation is done using Python with various text file sizes. The results show that Blowfish outperforms the rest of the algorithms that were tested