Fuzzy Elliptic Curve Cryptography for Authentication in Internet of Things

Abdaoui, Abderrazak; Erbad, Aiman; Al-Ali, Abdulla; Mohamed, Amr; Guizani, Mohsen

doi:10.1109/jiot.2021.3121350

Cited by 15 publications

(8 citation statements)

References 44 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our survey assumes that data sharing in smart home systems is governed by access control. 1 Under this assumption, sharing data with someone is equivalent to granting them access to that data. Therefore, we consider sharing principles as contextual factors that can be built into access control components of a smart home system.…”

Section: Sharing Principlesmentioning

confidence: 99%

Contextualizing Interpersonal Data Sharing in Smart Homes

He,

Reitinger,

Almogbil

et al. 2024

PoPETs

View full text Add to dashboard Cite

A key feature of smart home devices is monitoring the environment and recording data. These devices provide security via motion-detection video alerts, cost-savings via thermostat usage history, and peace of mind via functions like auto-locking doors or water leak detectors. At the same time, the sharing of this information in interpersonal relationships---though necessary---is currently accomplished on an all-or-nothing basis. This can easily lead to oversharing in a multi-user environment. Although prior work has studied people's perceptions of information sharing with vendors or ISPs, the sharing of household data among users who interact personally is less well understood. Interpersonal situations make data sharing much more context-based and, thus, more complicated. In this paper, we use themes from the theory of contextual integrity in an online survey (n=1,992) to study how people perceive data sharing with others in smart homes and inform future designs and research. Our results show that data recipients in a smart home can be reduced to three major groups, and data types matter more than device types. We also found that the types of access control desired by users can vary from scenario to scenario. Depending on whom they are sharing data with and about what data, participants expressed varying levels of comfort when presented with different types of access control (e.g., explicit approval versus time-limited access). Taken together, this provides strong evidence that a more dynamic access control system is needed, and we can design it in a more usable way.

show abstract

Section: Sharing Principlesmentioning

confidence: 99%

Contextualizing Interpersonal Data Sharing in Smart Homes

He,

Reitinger,

Almogbil

et al. 2024

PoPETs

View full text Add to dashboard Cite

show abstract

“…Biometric information is the best way to authenticate and verify users [ 16 , 17 , 18 ]. In 2004, Dodis et al [ 19 ] proposed the Fuzzy Extractor to obtain a unique bit string extracted from the biometric template.…”

Section: Preliminariesmentioning

confidence: 99%

An Improved Lightweight User Authentication Scheme for the Internet of Medical Things

Kim

Ryu

Lee

et al. 2023

Sensors

View full text Add to dashboard Cite

The Internet of Medical Things (IoMT) is used in the medical ecosystem through medical IoT sensors, such as blood glucose, heart rate, temperature, and pulse sensors. To maintain a secure sensor network and a stable IoMT environment, it is important to protect the medical IoT sensors themselves and the patient medical data they collect from various security threats. Medical IoT sensors attached to the patient’s body must be protected from security threats, such as being controlled by unauthorized persons or transmitting erroneous medical data. In IoMT authentication, it is necessary to be sensitive to the following attack techniques. (1) The offline password guessing attack easily predicts a healthcare administrator’s password offline and allows for easy access to the healthcare worker’s account. (2) Privileged-insider attacks executed through impersonation are an easy way for an attacker to gain access to a healthcare administrator’s environment. Recently, previous research proposed a lightweight and anonymity preserving user authentication scheme for IoT-based healthcare. However, this scheme was vulnerable to offline password guessing, impersonation, and privileged insider attacks. These attacks expose not only the patients’ medical data such as blood pressure, pulse, and body temperature but also the patients’ registration number, phone number, and guardian. To overcome these weaknesses, in the present study we propose an improved lightweight user authentication scheme for the Internet of Medical Things (IoMT). In our scheme, the hash function and XOR operation are used for operation in low-spec healthcare IoT sensor. The automatic cryptographic protocol tool ProVerif confirmed the security of the proposed scheme. Finally, we show that the proposed scheme is more secure than other protocols and that it has 266.48% better performance than schemes that have been previously described in other studies.

show abstract

“…Elliptic curve cryptography can be realized through software [ 10 ] and hardware [ 11 ] approaches. Software-based ECC offers low design costs and high portability, but it is constrained by processor performance and lower efficiency, rendering it unsuitable for high-performance IoT applications.…”

Section: Introductionmentioning

confidence: 99%

FPGA Implementation for Elliptic Curve Cryptography Algorithm and Circuit with High Efficiency and Low Delay for IoT Applications

Wang

Lin

et al. 2023

Micromachines

View full text Add to dashboard Cite

The Internet of Things requires greater attention to the security and privacy of the network. Compared to other public-key cryptosystems, elliptic curve cryptography can provide better security and lower latency with shorter keys, rendering it more suitable for IoT security. This paper presents a high-efficiency and low-delay elliptic curve cryptographic architecture based on the NIST-p256 prime field for IoT security applications. A modular square unit utilizes a fast partial Montgomery reduction algorithm, demanding just a mere four clock cycles to complete a modular square operation. The modular square unit can be computed simultaneously with the modular multiplication unit, consequently improving the speed of point multiplication operations. Synthesized on the Xilinx Virtex-7 FPGA platform, the proposed architecture completes one PM operation in 0.08 ms using 23.1 k LUTs at 105.3 MHz. These results show significantly better performance compared to that in previous works.

show abstract

Fuzzy Elliptic Curve Cryptography for Authentication in Internet of Things

Cited by 15 publications

References 44 publications

Contextualizing Interpersonal Data Sharing in Smart Homes

Contextualizing Interpersonal Data Sharing in Smart Homes

An Improved Lightweight User Authentication Scheme for the Internet of Medical Things

FPGA Implementation for Elliptic Curve Cryptography Algorithm and Circuit with High Efficiency and Low Delay for IoT Applications

Contact Info

Product

Resources

About