A realistic lightweight authentication protocol preserving strong anonymity for securing RFID system

2015

IEEE Sensors J.

Self Cite

Recent advances in information and communication technologies and embedded systems have given rise to a new disruptive technology: the Internet of Things (IoT). IoT allows people and objects in the physical world as well as data and virtual environments to interact with each other so as to create smart environments such as smart transport systems, smart cities, smart health, etc., However, IoT raises some important questions and also introduces new challenges for the security of systems and processes and the privacy of individuals such as their location and movements etc. In this article, at first we propose a distributed IoT system architecture. Subsequently, we propose an anonymous authentication scheme, which can ensure some of the notable properties like sensor anonymity, sensor untraceability, resistance to replay attacks, cloning attacks, etc. It is argued that the proposed authentication scheme will be useful in many distributed IoT applications (like RFID based IoT system, Bio-sensor based IoT healthcare system etc.), where privacy of the sensor movement is greatly desirable.

Section: F Resistance To Cloning Attacksmentioning

confidence: 99%

Untraceable Sensor Movement in Distributed IoT Infrastructure

2015

IEEE Sensors J.

Self Cite

“…The details of the performance comparison based on computational overhead and execution times are shown in Figures and , respectively. Conclusively, based on the aforesaid outcomes, it can be argued that our proposed scheme can be useful in many real‐time applications like GLOMONET , WSN , and RFID system .…”

Section: Comparison With Other Ae Modesmentioning

confidence: 65%

IAR‐CTR and IAR‐CFB: integrity aware real‐time based counter and cipher feedback modes

2015

Security Comm Networks

Self Cite

It is highly desirable that a real‐time crypto system should be designed to offer a strong security level by assuring both the privacy and integrity together in the same podium. However, the conventional stream cipher modes of operation (counter (CTR), cipher feedback (CFB), and Output Feedback (OFB)), often used in several real‐time applications, are unable to prevent any unauthorized message modification, which may often lead to several active attacks. This article shows a way to construct the real‐time based Authenticated Encryption (AE) environment, where the real‐time key stream is generated from any secure block algorithm like Advanced Encryption Standard (AES). Accordingly, in order to demonstrate the principle of the real‐time based AE environment, here we introduce two modes of operations, namely integrity aware real‐time based counter (IAR‐CTR) and cipher feedback (IAR‐CFB) modes, where both the proposed modes of operations can guarantee to offer both the confidentiality and message integrity in a single pass without any Message Authentication Code (MAC) or even any kind of non‐crypto checksum Cyclic Redundancy Check (CRC) support. Besides, here we argue that both the proposed real‐time based AE environments are quite robust against several active attacks, for example, message stream modification attacks and chosen‐plain‐text attacks, and at the same time, they can also be useful to deal with some other issues like ‘limited error propagation’ existing in several conventional stream cipher modes like CFB, OFB, and CTR. Copyright © 2015 John Wiley & Sons, Ltd.

“…Now, we can also apply our proposed concept of stream Authenticated Encryption s for ensuring both the privacy and integrity aware data communication in the GLOMONET , WSN , radio‐frequency identification , and authenticated cloud computing environment . In this case, our objective is to reduce the computational cost during the data communication process.…”

Section: Applicationsmentioning

confidence: 99%

“…Besides, because the PFC-CTR is also based on counter mode, accordingly, the system employ PFC-CTR is also resilient to replay attacks, like SNEP [26] and ZigBee [27]. Now, we can also apply our proposed concept of stream Authenticated Encryption s for ensuring both the privacy and integrity aware data communication in the GLOMONET [30][31][32][33], WSN [34], radio-frequency identification [35], and authenticated cloud computing environment [36]. In this case, our objective is to reduce the computational cost during the data communication process.…”

mentioning

confidence: 99%

Robust stream‐cipher mode of authenticated encryption for secure communication in wireless sensor network

2015

Security Comm Networks

Self Cite

Authenticated Encryption is a cryptographic process of providing confidentiality and integrity protection of messages in a single pass without any support of conventional checksum, Message Authentication Code (MAC), or hash function. In this paper, at first, we show that how to construct the stream-cipher-based Authenticated Encryption environment, where the key-stream is generated from any secure block algorithm like Advanced Encryption Standard. In order to do that, we introduce two stream-cipher modes of Authenticated Encryption, namely, PFC-CTR (Counter-based Authenticated Encryption environment) and PFC-OCB (OCB-based Authenticated Encryption environment), which are quite robust against several active attacks, for example, message stream modification attacks, known-plain-text attacks, and chosen-plain-text attacks, and at the same time, they can also efficiently deal with some other issues like "limited error propagation" existing in several conventional stream-cipher modes of operation like Cipher Feedback, Output Feedback, and Counter. Finally, we enforce the concept of Authenticated Encryption in the sense of data communication security of the wireless sensor network (WSN), Global Mobility Networks (GLOMONET), and Cloud Computing environment, where only encryption can guarantee both the privacy and integrity in a single pass with the assurance of reasonable computational overhead.