A secure authentication scheme for Internet of Things

Wang, King-Hang; Chen, Chien‐Ming; Fang, Wu; Wu, Tsu-Yang

doi:10.1016/j.pmcj.2017.09.004

Cited by 82 publications

(44 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, understanding how to build low-cost-high-security IoT devices becomes critical. This awareness is of a particular importance since IoT devices have become “so seamlessly integrated into everyday life, that often the end users are completely unaware of the presence of these devices around them” [5]. This is especially true for low-cost connecting devices in the IoT ecosystem, such as (battery-less) passive Radio-Frequency Identification (RFID) tags, that are powered by the interrogator’s radio waves, i.e., by transmitting their signal upon request, when interrogated by a reader.…”

Section: Introductionmentioning

confidence: 99%

IoT Device Security: Challenging “A Lightweight RFID Mutual Authentication Protocol Based on Physical Unclonable Function”

Bendavid

Bagheri

Safkhani

et al. 2018

Sensors

View full text Add to dashboard Cite

With the exponential increase of Internet of things (IoT) connected devices, important security risks are raised as any device could be used as an attack channel. This preoccupation is particularly important with devices featuring limited processing power and memory capabilities for security purposes. In line with this idea, Xu et al. (2018) proposed a lightweight Radio Frequency Identification (RFID) mutual authentication protocol based on Physical Unclonable Function (PUF)—ensuring mutual tag-reader verification and preventing clone attacks. While Xu et al. claim that their security protocol is efficient to protect RFID systems, we found it still vulnerable to a desynchronization attack and to a secret disclosure attack. Hence, guidelines for the improvements to the protocol are also suggested, for instance by changing the structure of the messages to avoid trivial attacks. In addition, we provide an explicit protocol for which our formal and informal security analysis have found no weaknesses.

show abstract

Section: Introductionmentioning

confidence: 99%

IoT Device Security: Challenging “A Lightweight RFID Mutual Authentication Protocol Based on Physical Unclonable Function”

Bendavid

Bagheri

Safkhani

et al. 2018

Sensors

View full text Add to dashboard Cite

show abstract

“…The SN-FN communication normally takes place when FN manages the SN or gathering data from the SN. In the case where FN-HN communication is required, we assume that general purpose authentication protocols, e.g., [5,18], will be used since both of them have less constraint computation power.…”

Section: Architecturementioning

confidence: 99%

An Anonymous Mutual Authenticated Key Agreement Scheme for Wearable Sensors in Wireless Body Area Networks

Chen

Xiang

et al. 2018

Applied Sciences

Self Cite

View full text Add to dashboard Cite

Abstract:The advancement of Wireless Body Area Networks (WBAN) have led to significant progress in medical and health care systems. However, such networks still suffer from major security and privacy threats, especially for the data collected in medical or health care applications. Lack of security and existence of anonymous communication in WBAN brings about the operation failure of these networks. Recently, Li et al. proposed a lightweight protocol for wearable sensors in wireless body area networks. In their paper, the authors claimed that the protocol may provide anonymous mutual authentication and resist against various types of attacks. This study shows that such a protocol is still vulnerable to three types of attacks, i.e., the offline identity guessing attack, the sensor node impersonation attack and the hub node spoofing attack. We then present a secure scheme that addresses these problems, and retains similar efficiency in wireless sensors nodes and mobile phones.

show abstract

“…The methods for designing these protocols can be divided into two kinds. One is based on biological characteristics [21]- [26], and the other is mathematical difficulty [27]- [35]. In terms of security analysis, [21], [22], [24], [33], [34] establish capabilities of adversary to analyze the security of protocols.…”

Section: A Related Workmentioning

confidence: 99%

“…The adversary that steals secret parameter by side channels to attack can capture all messages sent or received in session and obtain stolen or lost devices of a legal user. Wang et al [35] propose an authentication protocol using key agreement schemes. The adversary is based on Dolev-Yao model.…”

Section: A Related Workmentioning

confidence: 99%

Design and Formal Analysis of an Authentication Protocol, eWMDP on Wearable Devices

Lü

Cao

et al. 2019

IEEE Access

View full text Add to dashboard Cite

For wearable devices, this paper proposes an authentication protocol eWMDP. We formally model and analyze it. In the execution model of the protocol, a Dolev-Yao adversary is constituted. With the above, various security properties can be defined for measuring security performance. Our protocol can achieve the injective-auth property, in which case it surpasses another existing wearable authentication protocol-WMDP. In addition, our analysis work is confirmed by Scyther and tamain-prover, and the two protocols are implemented on PC and on Ti CC3200 LAUNCHPAD widely used in wearable devices in the meanwhile. The results of experiments highlight the higher transmission efficiency of eWMDP under various configurations, including different platforms, sorts of combinations of encryption algorithms and hash algorithms, and sending packets in different sizes. INDEX TERMS Security protocol, formal analysis, wearable device protocol, scyther, tamarin-prover.

show abstract

A secure authentication scheme for Internet of Things

Cited by 82 publications

References 12 publications

IoT Device Security: Challenging “A Lightweight RFID Mutual Authentication Protocol Based on Physical Unclonable Function”

IoT Device Security: Challenging “A Lightweight RFID Mutual Authentication Protocol Based on Physical Unclonable Function”

An Anonymous Mutual Authenticated Key Agreement Scheme for Wearable Sensors in Wireless Body Area Networks

Design and Formal Analysis of an Authentication Protocol, eWMDP on Wearable Devices

Contact Info

Product

Resources

About