Internet of Things" (IOT) has become the everyday buzz words in recent years. As part and parcel of the Smart environment where human beings and things interact intelligently, trust and mobility becomes the basic prerequisites. However, to unify trust and mobility, a security protocol must be used for information exchanges among human and things; as well as between things and things (such as between Wi-Fi Client and Wi-Fi AP). In this paper, we present an enhancement of a security protocol for bulk data transfer amongst embedded devices (similar to the practices in IOT). We also proposed a security framework for enhancing security, trust and privacy (STP) for embedded system infrastructure. We suggested the use of lightweight symmetric encryption (for data) and asymmetric encryption (for key exchange) protocols in Trivial File Transfer Protocol (TFTP). The target implementation of TFTP is for embedded devices such as Wi-Fi Access Points (AP) and remote Base Stations (BS). We have chosen Das U-Boot (Universal Boot loader) as the horizontal security platform for this new security implementation which is suitable for Smart Environment.
Cryptography is described as the study of encrypting or secret writing of data using logical and mathematical principles to protect information. This technique has grown in importance in computing technologies for banking services, medical systems, transportation and other Internet of Things (IoT)based applications which have been subjected to increasing security concerns. In cryptography, each scheme is built with its own respective strength, but the implementation of single cryptographic scheme into the system has some disadvantages. For instance, symmetric encryption method provides a costeffective technique of securing data without compromising security. However, sharing the secret key is a vital problem. On the other hand the asymmetric scheme solves the secret key distribution issue; yet the standalone technique is slow and consumes more computer resources compared to the symmetric encryption. In contrast, hashing function generates a unique and fixed-length signature for a message to provide data integrity but the method is only a one-way function which is infeasible to invert. As an alternative to solve the security weakness
This study discusses a method to secure Message Queuing Telemetry Transport-Sensor network (MQTT-SN). MQTT-SN is a popular data communication protocol used in developing IoT applications and can be secured by augmenting it with a security scheme. In this work, several lightweight encryption schemes to be used in tandem with MQTT-SN were tested and analysed. The best algorithm is identified based on the speed of encryption and overall power consumption when implemented in IoT environment. It was found that L-BLOCK is the overall performer in securing MQTT-SN and should be highly considered when developing IoT applications.
The advancing of Key Exchange Protocol (KEP) is compulsory to secure the connected world via Internet of Thing (IoT), cryptocurrency and blockchain, virtual intelligent, smart computing etc. To address the security issues in the Internet based computing systems, this paper explores the side-channel security for KEP, namely timing and relay attacks. Nowadays, various KEP variances are used by internet protocol such as IKEv2/3. The purpose of KEP is to enable a secret key(s) sharing between two or more computing systems on unsecure network. Later, the secret key(s) is used to encrypt all data transmitted for online systems such as internet banking, cryptocurrency transaction, IoT services etc. The timing attack was addressed by an adversary model and security assumptions. The relay attack on KEP was tested by an experiment testbed between a key fob and car using Raspberry Pi and RF module. The experiment result has shown that the propagation delay of KEP on RF communication is increased by 100% for each relay node. If the KEP runtime is increased greater than 50%, the KEP authentication key should be discarded to prevent the attacker from gaining access to the car.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.