Research on Data Security Technology in Internet of Things

Zhao, Yan

doi:10.4028/www.scientific.net/amm.433-435.1752

Cited by 31 publications

(17 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As regards authentication, the approach presented in [18] makes use of a 90 custom encapsulation mechanism, namely smart business security IoT application Protocol -intelligent Service Security Application Protocol. It combines cross-platform communications with encryption, signature, and authentication, in order to improve IoT applications development capabilities by establishing a secure communication system among different things.…”

Section: Authentication and Confidentialitymentioning

confidence: 99%

Security, privacy and trust in Internet of Things: The road ahead

2015

View full text Add to dashboard Cite

Section: Authentication and Confidentialitymentioning

confidence: 99%

Security, privacy and trust in Internet of Things: The road ahead

2015

View full text Add to dashboard Cite

“…Recent research studies have proposed different protocols for different purposes: Diffie-Hellman for key agreement protocol, RSA and Advanced Encryption Standard (AES) for achieving message confidentiality, and hash-based message authentication code (HMAC) for maintaining message integrity. Even though traditional public key infrastructure (PKI) is not considered suitable for the IoT due to computation and communication costs, recent studies have proposed a lightweight PKI within IoT use cases, including efficient message transmission to ensure privacy and security [37,38]. Such novel schemes using customized data encapsulation could reduce both computation and communication overhead, thereby making RSA encryption viable for the IoT.…”

Section: Rsa-based Authentication Schemes For the Iotmentioning

confidence: 99%

New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT

Venkatraman¹,

Overmars²

2019

Cryptography

View full text Add to dashboard Cite

The potential benefits of the Internet of Things (IoT) are hampered by malicious interventions of attackers when the fundamental security requirements such as authentication and authorization are not sufficiently met and existing measures are unable to protect the IoT environment from data breaches. With the spectrum of IoT application domains increasing to include mobile health, smart homes and smart cities in everyday life, the consequences of an attack in the IoT network connecting billions of devices will become critical. Due to the challenges in applying existing cryptographic standards to resource constrained IoT devices, new security solutions being proposed come with a tradeoff between security and performance. While much research has focused on developing lightweight cryptographic solutions that predominantly adopt RSA (Rivest–Shamir–Adleman) authentication methods, there is a need to identify the limitations in the usage of such measures. This research paper discusses the importance of a better understanding of RSA-based lightweight cryptography and the associated vulnerabilities of the cryptographic keys that are generated using semi-primes. In this paper, we employ mathematical operations on the sum of four squares to obtain one of the prime factors of a semi-prime that could lead to the attack of the RSA keys. We consider the even sum of squares and show how a modified binary greatest common divisor (GCD) can be used to quickly recover one of the factors of a semi-prime. The method presented in this paper only uses binary arithmetic shifts that are more suitable for the resource-constrained IoT landscape. This is a further improvement on previous work based on Euler’s method which is demonstrated using an illustration that allows for the faster testing of multiple sums of squares solutions more quickly.

show abstract

“…Several studies which concern IoT security focus on solving specific aspects such as authentication, confidentiality, integrity, and access control. For example, Zhao and Ling [13] improve authentication by using a custom encapsulation mechanism which combines cross-platform communication with encryption. Moreover, Kothmayr et al [14] introduce IoT's first fully implemented two-way authentication security scheme, which is based on Rivest-Shamir-Adleman (RSA) and designed for Internet Protocol version 6 (IPv6) over Low power Wireless Personal Area Networks 3 (6LoWPANs).…”

Section: Related Workmentioning

confidence: 99%

EclipseIoT: A secure and adaptive hub for the Internet of Things

Anthi

Ahmad

Rana

et al. 2018

Computers & Security

View full text Add to dashboard Cite

With the proliferation in the quantity and types of devices that may be included in an Internet of Things (IoT) ecosystem, particularly in the context of a smart home, it is essential to provide mechanisms to deal with the heterogeneity which such devices encompass. Variations can occur in data formats, frequency of operation, or type of communication protocols supported. The ability to support integration between sensors using a "hub" has become central to address many of these issues. The implementation of such a hub can provide both the ability to act as an aggregator for various sensors, and also limit an attacker's visibility into locally provisioned sensing capability. This paper introduces EclipseIoT, an adaptive hub which uses dynamically loadable add-on modules to communicate with diverse IoT devices, provides policy-based access control, limits exposure of local IoT devices through cloaking, and offers a canary-function based capability to monitor attack behaviours. Its architecture and implementation are discussed, along with its use within a smart home testbed consisting of commercially available devices such as Phillips Hue Bridge, Samsung Smart Things Hub, TP-Link Smart Plug, and TP-Link Smart Camera. The effectiveness of EclipseIoT is further evaluated by simulating various attacks such as Address Resolution Protocol (ARP) spoofing, Media Access Control (MAC) address spoofing, Man-In-The-Middle (MITM), port scanning, capturing handshakes, sniffing, and Denial of Service (DoS). It is demonstrated that direct attacks upon EclipseIoT components are mitigated due to the security techniques being used.

show abstract

Research on Data Security Technology in Internet of Things

Cited by 31 publications

References 4 publications

Security, privacy and trust in Internet of Things: The road ahead

Security, privacy and trust in Internet of Things: The road ahead

New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT

EclipseIoT: A secure and adaptive hub for the Internet of Things

Contact Info

Product

Resources

About