A cryptographic perspective to achieve practical physical layer security

Communications, wired and wireless, have integrated various cryptographic techniques to ensure privacy and counter surveillance. These techniques have been integrated in most of the network layers, except for the physical layer. This physical layer has, thus far, dealt with schemes such as source coding, channel coding, and (de)modulation, to enable the transmission of data in a reliable and efficient manner. The emergence of physical layer security extends the functionalities at the physical layer to include secure communication, aiming at the transmission of a signal that can only be correctly retrieved by the intended receiver. Therefore, the goals of physical layer security align with cryptographic schemes utilized at the other network layers. From the extensive study of physical layer security schemes, we have observed that there is a knowledge gap regarding certain security principles practiced by cryptographers and the experts within physical layer security, causing many physical layer security schemes to be impractical for standardization and the wide-scale integration into information and communication technologies. This paper describes a variety of security principles and concepts, practiced by cryptographers, and of importance to physical layer security experts. We aim to raise the awareness of these security principles and concepts to experts within the field of physical layer security to improve the practicality, standardization, and integration potential of the design of future physical layer security schemes

Bit security estimation for leakage-prone key establishment schemes

The security guarantees of cryptographic primitives are subject to the assumption that established keys are known only by the legitimate users and no information about the key bits is known by illegitimate users. Unfortunately, this assumption may not be applicable in leakage-prone key establishment schemes. Namely, information leakage about an established key (defined as a bit inference rate of an adversary that is strictly greater than 50%) reduces its computational effort required in an exhaustive key search. In this paper, we present a methodology and a polynomial-time algorithm that determines the exact impact of information leakage on a generated bit sequence and expressed these findings in terms of the achieved level of bit security. Additional simulation results enable us to determine the achieved level of bit security of a leakage-prone bit sequence or, conversely, enable us to determine the length of a bit sequence necessary to achieve a selected level of bit security

Key management for beyond 5G mobile small cells: a survey

The highly anticipated 5G network is projected to be introduced in 2020. 5G stakeholders are unanimous that densification of mobile networks is the way forward. The densification will be realized by means of small cell technology, and it is capable of providing coverage with a high data capacity. The EU-funded H2020-MSCA project “SECRET” introduced covering the urban landscape with mobile small cells, since these take advantages of the dynamic network topology and optimizes network services in a cost-effective fashion. By taking advantage of the device-to-device communications technology, large amounts of data can be transmitted over multiple hops and, therefore, offload the general network. However, this introduction of mobile small cells presents various security and privacy challenges. Cryptographic security solutions are capable of solving these as long as they are supported by a key management scheme. It is assumed that the network infrastructure and mobile devices from network users are unable to act as a centralized trust anchor since these are vulnerable targets to malicious attacks. Security must, therefore, be guaranteed by means of a key management scheme that decentralizes trust. Therefore, this paper surveys the state-of-the-art key management schemes proposed for similar network architectures (e.g., mobile ad hoc networks and ad hoc device-to-device networks) that decentralize trust. Furthermore, these key management schemes are evaluated for adaptability in a network of mobile small cells

Distributed trusted authority-based key management for beyond 5G network coding-enabled mobile small cells

The 5G cellular network is projected to be introduced in 2020 and takes advantage of the small cell technology to deliver ubiquitous 5G services in an energy efficient manner. The next logical step is the introduction of network coding enabled mobile small cells (NC-MSCs). These are networks of mobile devices which can be set up on-the-fly, based on demand, and cover the urban landscape. Furthermore, they allow network offloading through multi-hop device-to-device (D2D) communication to provide high data rate services. In this paper we introduce DISTANT, a decentralized key management scheme specifically designed to provide security in a network which takes advantage of the benefits of NC-MSCs. In our key management scheme, we distribute the certification authority (CA) functions using threshold secret sharing. Each network node is provided with a share of the master private key such that key management services are available “anywhere, anytime”. Finally, our distributed CA takes advantage of the self-generated certificate paradigm. Certificates can therefore be issued and renewed without the interaction of the distributed CA which minimizes the communication overhead

DECENT: Decentralized and efficient key management to secure communication in dense and dynamic environments

Intelligent Transportation Systems (ITS), one aspect of the Smart City paradigm, aim to improve the efficiency, convenience, and safety of travelers. The integration of (vehicular) communication technologies allows communication between the on-board communication units (OBUs) of vehicles, roadside units (RSUs), and vulnerable road users (VRUs), and contribute to the efficacy of ITS applications. However, these additional sources of information must be reliable and accurate. Security primitives such as confidentiality, integrity, and authenticity are required, but only achievable when supported with a suitable cryptographic key management scheme. This paper presents the design of a decentralized and efficient key management scheme, abbreviated as the DECENT scheme. This scheme provides secure multihop communication in dense and dynamic network environments while functioning in a self-organized manner. Through threshold secret sharing techniques, network nodes act as a distributed trusted third party (TTP) such that a threshold number of nodes can collaborate to execute key management functions. These functions include decentralized node admission and key updating. Novelties include (i) the unique self-healing characteristic, meaning that DECENT is capable of independently recovering from network compromise, and (ii) guidelines for choosing an appropriate security threshold in any deployment scenario which maximizes the level of security while simultaneously guaranteeing that decentralized key management services can be provided

Autonomous mobile robots in high occupancy aerospace manufacturing

Using a combination of active Radio-Frequency Identification tracking and staff interviews with members from an aerospace manufacturing company, it was uncovered that over 80 hours per week was spent in the manual movement of goods between departments. On a site of over 1000 employees that uses dedicated build cells in separated departments, this mixed-use facility proves challenging for the adoption of an autonomous delivery system due to its narrow corridors and high occupancy, however by investigating the concerns of employees and suggesting low-cost retroactive solutions, this project seeks to justify the transition from manual to automated onsite logistics. The conclusion found that indeed the company does have the transport yields to justify the use of Autonomous Mobile Robots, that the robots would supplement rather than replace workers and that safety was a key factor to address when using robots on a site of this configuration

DISTANT: DIStributed trusted Authority-based key managemeNT for beyond 5G wireless mobile small cells

The 5G mobile network is embracing new technologies to keep providing network subscribers with a high Quality of Service (QoS). However, this has become increasingly difficult in the urban landscape as more devices are being connected and each device is requesting increasing amounts of data. Network operators rely on the small cell technology to maintain coverage and service for its subscribers, but this technology is incapable of mitigating the increasing workload on the network infrastructure and preventing the associated network delays. The next logical step is to cover the urban landscape with mobile small cells, since these take advantage of the dynamic network topology and optimizes network services in a cost-effective fashion while taking advantage of the high device density. However, the introduction of mobile small cells raises various security challenges. Cryptographic solutions are capable of solving these as long as they are supported by an appropriate key management scheme. In this article, we propose DISTANT: a DIStributed Trusted Authoritybased key managemeNT scheme. This key management scheme is specifically designed to provide security in a network which takes advantage of the mobile small cell technology. The scheme relies on threshold secret sharing to decentralize trust and utilizes the self-generated certificates paradigm. Through an extensive security analysis and communication overhead evaluation, we conclude that our design provides an improved level of security and has a low communication overhead compared to previous works

Public key cryptography without certificates for beyond 5G mobile small cells

The 5G network takes advantage of the small cells technology. The next logical step is to cover the urban landscape with mobile small cells, to optimize network services. However, the introduction of mobile small cells raises various security challenges. Cryptographic solutions are capable of solving these as long as they are supported by appropriate key management schemes. The threshold-tolerant identity-based cryptosystem forms a solid basis for key management schemes for mobile small cells. However, this approach is unable to sustain security over time. Therefore, we introduce two extensions, proactive secret sharing and private key cloaking, to address this challenge

A key management framework to secure IoMT-enabled healthcare systems

The transformation of the healthcare sector through the adoption of the Internet of Medical Things (IoMT) provides major benefits, including the ability to provide efficient and timely medical support based on accurate continuous monitoring data. However, the necessity to collect, store, and process private medical data in order to provide a patient with these healthcare services may clash with regulations such as the General Data Protection Regulation (GDPR). In this article, we introduce a complete key management framework for an IoMT patient monitoring system. The key management framework is composed of a platform key management layer which establishes adhoc, point-to-point secure channels between devices in the IoMT system, and of a data key management layer which provisions keys for end-to-end encryption of patient data. The cornerstone of the design is that it empowers the patient to enforce their own privacy rights by making them the legal owner of their own private medical data and that interested parties must be granted consent in order to access this data. To the authors’ knowledge, this is the first time that consent granting of GDPR is hardwired into technology

Blockchain-based security mechanisms for IoMT Edge networks in IoMT-based healthcare monitoring systems

Despite the significant benefits that the rise of Internet of Medical Things (IoMT) can bring into citizens’ quality of life by enabling IoMT-based healthcare monitoring systems, there is an urgent need for novel security mechanisms to address the pressing security challenges of IoMT edge networks in an effective and efficient manner before they gain the trust of all involved stakeholders and reach their full potential in the market of next generation IoMT-based healthcare monitoring systems. In this context, blockchain technology has been foreseen by the industry and research community as a disruptive technology that can be integrated into novel security solutions for IoMT edge networks, as it can play a significant role in securing IoMT devices and resisting unauthorized access during data transmission (i.e., tamper-proof transmission of medical data). However, despite the fact that several blockchain-based security mechanisms have already been proposed in the literature for different types of IoT edge networks, there is a lack of blockchain-based security mechanisms for IoMT edge networks, and thus more effort is required to be put on the design and development of security mechanisms relying on blockchain technology for such networks. Towards this direction, the first step is the comprehensive understanding of the following two types of blockchain-based security mechanisms: (a) the very few existing ones specifically designed for IoMT edge networks, and (b) those designed for other types of IoT networks but could be possibly adopted in IoMT edge networks due to similar capabilities and technical characteristics. Therefore, in this paper, we review the state-of-the-art of the above two types of blockchain-based security mechanisms in order to provide a foundation for organizing research efforts towards the design and development of reliable blockchain-based countermeasures, addressing the pressing security challenges of IoMT edge networks in an effective and efficient manner