The Internet of Things (IoT) is one of the most up-to-date and newest technologies that allows remote control of heterogeneous networks and has a good outlook for industrial applications. Wireless sensor networks (or in brief WSNs) have a key role on the Internet of industrial objects. Due to the limited resources of the sensor nodes, designing a balanced authentication scheme to provide security in reasonable performance in wireless sensor networks is a major challenge in these applications. So far, several security schemes have been presented in this context, but unfortunately, none of these schemes have provided desired security in reasonable cost. In 2017, Khemissa et al. proposed a security protocol for mutual authentication between sensor node and user in WSNs, however, in this paper we show that this protocol is not safe enough in the confrontation of desynchronization, user impersonation and gateway impersonation attacks. The proposed attacks succeed with the probability of one and to be realized only require an execution of the protocol. Given merits of the Khemissa et al.’s protocol, we also improved their protocol in such a way that provides suitable level of security, and also we prove its security using two formal ways, i.e. BAN logic and also the Scyther tool. We also argue informally about the improved protocol’s security.
相似文献In recent times, numerous Internet of Things (IoT) applications have begun to use biometric identity for authentication purposes. The integrity and confidentiality of biometric templates during storage and transmission is crucial as it contains key information on the physical identity of the users. Encryption is an effective template protection technique. However, most of the edge side gadgets in the IoT environment require lightweight encryption schemes due to constraints in available power and memory space. Conventional cryptosystems are expensive because of their complexity and multiple rounds for encryption. In the present work, a lightweight bio-cryptosystem is developed to ensure security while storing and transmitting biometric templates. The proposed bio-crypto architecture has three stages—key generation, confusion and diffusion. A two-dimensional logistic sine map is used for key generation. A novel method of diffusion using DNA encoding and ciphering is proposed to decrease the complexity of the encryption process considerably and achieve desirable integrity. Simulations and security analysis indicate that the proposed cryptosystem has sufficient level of security and robustness, involves lesser computational complexity and has the potential of satisfying the requirements of IoT applications.
相似文献Constraint Application Protocol (CoAP), an application layer based protocol, is a compressed version of HTTP protocol that is used for communication between lightweight resource constraint devices in Internet of Things (IoT) network. The CoAP protocol is generally associated with connectionless User Datagram Protocol (UDP) and works based on Representational State Transfer architecture. The CoAP is associated with Datagram Transport Layer Security (DTLS) protocol for establishing a secure session using the existing algorithms like Lightweight Establishment of Secure Session for communication between various IoT devices and remote server. However, several limitations regarding the key management, session establishment and multi-cast message communication within the DTLS layer are present in CoAP. Hence, development of an efficient protocol for secure session establishment of CoAP is required for IoT communication. Thus, to overcome the existing limitations related to key management and multicast security in CoAP, we have proposed an efficient and secure communication scheme to establish secure session key between IoT devices and remote server using lightweight elliptic curve cryptography (ECC). The proposed ECC-based CoAP is referred to as ECC-CoAP that provides a CoAP implementation for authentication in IoT network. A number of well-known cryptographic attacks are analyzed for validating the security strength of the ECC-CoAP and found that all these attacks are well defended. The performance analysis of the ECC-CoAP shows that our scheme is lightweight and secure.
相似文献Due to the increasing demand for IoMT applications in numerous fields such as healthcare, smart city, smart grids, industrial internet, etc. The privacy and security become a major issue in front of various researchers working in this field. This work proposed a lightweight image encryption algorithm based on a logistic-tent map and crossover operator of a genetic algorithm. Various 1-D chaotic maps are discussed in the literature review, but in some cases, hybrid 1-D chaotic maps have higher performance than simple 1-D chaotic maps. So 1-D chaotic map along with a crossover operator is used in this work. Here logistic-tent map and crossover are used to generate the random session key for each image encryption. Also, a crossover operator is used in encryption rounds for increasing confusion and diffusion. Here in this work, for each image encryption, a new intelligent session key is generated. The strength of the proposed image cryptographic scheme is assessed against resistance to the differential attack (UACI and NPCR), statistical attack (histogram analysis, correlation coefficient and information entropy) and sensitivity to the secret key. The extensive experiments of performance and security assessment show that the proposed cryptographic image scheme is secure enough to withstand all potential cryptanalytic attacks.
相似文献In the century of automation, which is digitized, and more and more technology is used, automatic systems' replacement of old manual systems makes people's lives easier. Nowadays, people have made the Internet an integral part of humans' daily lives unless they are insecure. The Internet of Things (IoT) secures a platform that authorizes devices and sensors to be remotely detected, connected, and controlled over the Internet. Due to the developments in sensor technologies, the production of tiny and low-cost sensors has increased. Many sensors, such as temperature, pressure, vibration, sound, light, can be used in the IoT. As a result of the development of these sensors with new generations, the power of the IoT technology increases, and accordingly, the revolution of IoT applications are developing rapidly. Therefore, their security issues and threats are challenging topics. In this paper, the benefits and open issues, threats, limitations of IoT applications are presented. The assessment shows that the most influential factor for evaluating IoT applications is the cost that is used in 79% of all articles, then the real-time-ness that is used in 64%, and security and error are used in 57% of all reviewed articles.
相似文献