Attacks on and Countermeasures for Two RFID Protocols

Radio Frequency Identification (RFID) technology is expected to play a key role in the Internet of Things (IoT) and has applications in a wide variety of domains ranging from automation to healthcare systems. Therefore, the security and privacy of RFID communication is critical. In this paper, we analyze two recent RFID protocols proposed by researchers. Specifically we show that the ownership transfer protocol proposed by Wang et al., is vulnerable to tracing attacks while the mutual authentication protocol proposed by Cho et al. is vulnerable to key disclosure and backward traceable attacks. We propose secure improvements to these protocols to address the vulnerabilities, and improve the scalability of these schemes making them suitable for large-scale deployments.

     

Improved Shamir's CRT‐RSA Algorithm: Revisit with the Modulus Chaining Method

RSA signature algorithms using the Chinese remainder theorem (CRT‐RSA) are approximately four‐times faster than straightforward implementations of an RSA cryptosystem. However, the CRT‐RSA is known to be vulnerable to fault attacks; even one execution of the algorithm is sufficient to reveal the secret keys. Over the past few years, several countermeasures against CRT‐RSA fault attacks have tended to involve additional exponentiations or inversions, and in most cases, they are also vulnerable to new variants of fault attacks. In this paper, we review how Shamir's countermeasure can be broken by fault attacks and improve the countermeasure to prevent future fault attacks, with the added benefit of low additional costs. In our experiment, we use the side‐channel analysis resistance framework system, a fault injection testing and verification system, which enables us to inject a fault into the right position, even to within 1 μs. We also explain how to find the exact timing of the target operation using an Atmega128 software board.     

An Efficient Secure Authentication and Key Establishment Scheme for M2M Communication in 6LoWPAN in Unattended Scenarios

Machine-to-machine (M2M) is an important part of Internet of Things (IoT), and is used to describe those technologies applied in wireless communication automatically between mechanics or electronics instruments. With the rapid development and wide application of the Internet of Things, IETF is assigned to design IPv6 over low power wireless personal area network (6LoWPAN). The address of IPv6 is indefinite, which means it can satisfy addressing requirements for M2M. The 6LoWPAN standard has clarified important issues in M2M, but communication security has not been effectively resolved. In this article, we analyzed the existing security protocol for M2M communication in 6LoWPAN. The analysis result shows that the protocol has the defect of data leakage after the node is captured. In addition, the EAKES6Lo protocol is also vulnerable to sinkhole attacks and plaintext-chosen attacks. Based on the above analysis, an M2M communication mutual authentication protocol based on 6LoWPAN in unattended operation is proposed. The protocol establishes a reasonable secret key distribution mechanism and designs an anti-capture attack detection method for unattended nodes to resist attacks, such as replay attacks, sinkhole attacks, plaintext-chosen attacks, and physical capture attacks. Finally, the security of the protocol is proved by BAN.

     

A Secure and Efficient Chaotic Maps Based Authenticated Key-Exchange Protocol for Smart Grid

Nicanfar and Leung proposed a multilayer consensus elliptic curve based password authenticated key-exchange (MCEPAK) protocol for smart grid. They claimed that their protocol is secure against possible attacks. In this paper, we show that the MCEPAK protocol is vulnerable to the dictionary attack and an adversary can obtain the passwords of the appliances by eavesdropping the communicated messages in the protocol. Moreover, we state that the passwords can be discovered by curious operators of the building area networks and the neighbor area networks. Theses weaknesses motivated us to introduce a chaotic maps based authenticated key exchange protocol for smart grid. To the best of our knowledge, the chaotic maps based key exchange protocol has not yet been devised for smart grid and the same objective has been fulfilled in this paper. In addition, we prove the security of the proposed protocol by a formal analysis.

     

New types of cryptanalytic attacks using related keys

In this paper we study the influence of key-scheduling algorithms on the strength of blockciphers. We show that the key-scheduling algorithms of many blockciphers inherit obvious relationships between keys, and use these key relations to attack the blockciphers. Two new types of attacks are described: New chosen plaintext reductions of the complexity of exhaustive search attacks (and the faster variants based on complementation properties), and new low-complexity chosen key attacks. These attacks are independent of the number of rounds of the cryptosystems and of the details of the F-function and may have very small complexities. These attacks show that the key-scheduling algorithm should be carefully designed and that its structure should not be too simple. These attacks are applicable to both variants of LOKI and to Lucifer. DES is not vulnerable to the related keys attacks since the shift pattern in the key-scheduling algorithm is not the same in all the rounds.This research was supported by the fund for the promotion of research at the Technion.     

A comprehensive survey of AI-enabled phishing attacks detection techniques

In recent times, a phishing attack has become one of the most prominent attacks faced by internet users, governments, and service-providing organizations. In a phishing attack, the attacker(s) collects the client’s sensitive data (i.e., user account login details, credit/debit card numbers, etc.) by using spoofed emails or fake websites. Phishing websites are common entry points of online social engineering attacks, including numerous frauds on the websites. In such types of attacks, the attacker(s) create website pages by copying the behavior of legitimate websites and sends URL(s) to the targeted victims through spam messages, texts, or social networking. To provide a thorough understanding of phishing attack(s), this paper provides a literature review of Artificial Intelligence (AI) techniques: Machine Learning, Deep Learning, Hybrid Learning, and Scenario-based techniques for phishing attack detection. This paper also presents the comparison of different studies detecting the phishing attack for each AI technique and examines the qualities and shortcomings of these methodologies. Furthermore, this paper provides a comprehensive set of current challenges of phishing attacks and future research direction in this domain.

     

Optimized Implementation of Gift Cipher

The Internet of Things is an emerging area which deals with transfer of the data through the wired or wireless network. The prime thing that needs to be addressed in this is the security of the data that must be transferred within the optimized time limit. In this paper, throughput and time delay are need to be considered for the optimized data transfer and while concentrating on this, there is a possibility of allowing the data to be vulnerable to attacks. Security algorithms currently available may be adequate for the wired system and not as the same for wireless scenario. PRESENT cipher is a one of the popular cryptosystem used in wireless which falls under the light weight cryptography category. Gift cipher is an enhanced version of PRESENT cipher. Which aims that maximizing the throughput. In this, iteration structure used for encryption. This can still be improved and optimized in terms of increased data rate and reduced time delay. In this paper, implements the optimization technique of the existing GIFT cipher and throughput is considered as the performance metrics. Pipeline and sub-stage pipeline techniques are used for enhancing the architecture.

     

Zero-Power Defense Done Right: Shielding IMDs from Battery-Depletion Attacks

The wireless capabilities of modern Implantable Medical Devices (IMDs) make them vulnerable to security attacks. One prominent attack, which has disastrous consequences for the patient’s wellbeing, is the battery Denial-of-Service attack whereby the IMD is occupied with continuous authentication requests from an adversary with the aim of depleting its battery. Zero-Power Defense (ZPD), based on energy harvesting, is known to be an excellent protection against these attacks. This paper raises essential design considerations for employing ZPD techniques in commercial IMDs, offers a critical review of ZPD techniques found in literature and, subsequently, gives crucial recommendations for developing comprehensive ZPD solutions.

     

Achieving robust wireless localization resilient to signal strength attacks

Received signal strength (RSS) based algorithms have been very attractive for localization since they allow the reuse of existing communication infrastructure and are applicable to many commodity radio technologies. Such algorithms, however, are sensitive to a set of non-cryptographic attacks, where the physical measurement process itself can be corrupted by adversaries. For example, the attacker can perform signal strength attacks by placing an absorbing or reflecting material around a wireless device to modify its RSS readings. In this work, we first formulate the all-around signal strength attacks, where similar attacks are launched towards all landmarks, and experimentally show the feasibility of launching such attacks. We then propose a general principle for designing RSS-based algorithms so that they are robust to all-around signal strength attacks. To evaluate our approach, we adapt a set of representative RSS-based localization algorithms according to our principle. We experiment with both simulated attacks and two sets of real attack scenarios. All the experiments show that our design principle can be applied to a wide spectrum of algorithms to achieve comparable performance with much better robustness.     

A Practical-Time Related-Key Attack on the KASUMI Cryptosystem Used in GSM and 3G Telephony

Over the last 20 years, the privacy of most GSM phone conversations was protected by the A5/1 and A5/2 stream ciphers, which were repeatedly shown to be cryptographically weak. They are being replaced now by the new A5/3 and A5/4 algorithms, which are based on the block cipher KASUMI. In this paper we describe a new type of attack called a sandwich attack, and use it to construct a simple related-key distinguisher for 7 of the 8 rounds of KASUMI with an amazingly high probability of 2^?14. By using this distinguisher and analyzing the single remaining round, we can derive the complete 128-bit key of the full KASUMI with a related-key attack which uses only 4 related keys, 2²⁶ data, 2³⁰ bytes of memory, and 2³² time. These completely practical complexities were experimentally verified by performing the attack in less than two hours on a single-core of a PC. Interestingly, neither our technique nor any other published attack can break the original MISTY block cipher (on which KASUMI is based) significantly faster than exhaustive search. Our results thus indicate that the modifications made by ETSI’s SAGE group in moving from MISTY to KASUMI made it extremely weak when related-key attacks are allowed, but do not imply anything about its resistance to single-key attacks. Consequently, there is no indication that the way KASUMI is implemented in GSM and 3G networks is practically vulnerable in any realistic attack model.     

DTN-Balance: A Forwarding-Capacity and Forwarding-Queue Aware Routing for Self-organizing DTNs

In delay-tolerant networks (DTNs), intermittent network connectivity and lack of global system information pose serious challenges to achieve effective data forwarding. Most state-of-the-art DTN routing algorithms are based on hill-climbing heuristics in order to select the best available next hop to achieve satisfactory network throughput and routing efficiency. An adverse consequence of this approach is that a small subset of good users take on most of the forwarding tasks. This can quickly deplete scarce resources (e.g. storage, battery, etc.) in heavily utilized devices which degrades the network reliability. A system with a significant amount of traffic carried by a small number of users is not robust to denial of service attacks and random failures. To overcome these deficiencies, this paper proposes a new routing algorithm, DTN-Balance, that takes the forwarding capacity and forwarding queue of the relay nodes into account to achieve a better load distribution in the network. For this, we defined a new routing metric called message forwarding utility combining nodal available bandwidth and forwarding workload. Applying small world theory, we impose an upper bound on the end-to-end hop count that results in a sharp increase in routing efficiency. Queued messages in a forwarding node are arranged by DTN-Balance based on message dropping utility metric for a more intelligent decision in the case of a message drop. The performance of our method is compared with that of the existing algorithms by simulations on real DTN traces. The results show that our algorithm provides outstanding forward efficiency at the expense of a small drop in the throughput.

     

利用有限状态机的无线网状网的入侵检测

Wireless Mesh Networks is vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, lack of centralized monitoring and management point. The raditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective for those features. In this paper, we propose a distributed intrusion detection approach based on timed automata. A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then we construct the Finite State Machine (FSM) by the way of manually abstracting the correct behaviors of the node according to the routing protocol of Dynamic Source Routing (DSR). The monitor nodes can verify every node's behavior by the Finite State Machine (FSM), and validly detect real-time attacks without signatures of intrusion or trained data. Compared with the architecture where each node is its own IDS agent, our approach is much more efficient while maintaining the same level of effectiveness. Finally, we evaluate the intrusion detection method through simulation experiments.     

Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches

Hardware implementations of cryptographic algorithms are vulnerable to side-channel attacks. Side-channel attacks that are based on multiple measurements of the same operation can be countered by employing masking techniques. Many protection measures depart from an idealized hardware model that is very expensive to meet with real hardware. In particular, the presence of glitches causes many masking techniques to leak information during the computation of nonlinear functions. We discuss a recently introduced masking method which is based on secret sharing and multi-party computation methods. The approach results in implementations that are provably resistant against a wide range of attacks, while making only minimal assumptions on the hardware. We show how to use this method to derive secure implementations of some nonlinear building blocks for cryptographic algorithms. Finally, we provide a provable secure implementation of the block cipher Noekeon and verify the results by means of low-level simulations.     

SRDPV: secure route discovery and privacy-preserving verification in MANETs

In the routing discovery phase of the Mobile Ad hoc Networks (MANETs), the source node tries to find a fast and secure path to transmit data. However, the adversaries attempt to get the rights of routing during this phase ,then the networks can easily be paralyzed during the data transmission phase. During the routing discovery phase, finding a good path is already a challenge and verifying the security of the established path without revealing any privacy of the nodes adds a new dimension to the problem. In this paper, we present SRDPV, an approach that helps the source find the benign destination dynamically and conducts privacy-preserving verification of the path. Our approach first finds the benign destination. Then, it spreads the verification tasks across multiple nodes and verifies the log entries without revealing private data of the nodes. Unlike the traditional debugging system to detect the faults or misbehaviors of the nodes after the attacks, SRDPV can guarantee the source to avoid transmitting data through malicious nodes at the beginning and perform the verification without introducing a third party. We demonstrate the effectiveness of the approach by applying SRDPV in two scenarios: resisting the collaborative black-hole attack of the AODV protocol and detecting injected malicious intermediated routers which commit active and passive attacks in MANETs. We compared our approach with the existing secure routing algorithms and the results show that our approach can detect the malicious nodes, and the overhead of SRDPV is moderate.

     

Secure Remote User Mutual Authentication Scheme with Key Agreement for Cloud Environment

Authentication schemes are widely used mechanisms to thwart unauthorized access of resources over insecure networks. Several smart card based password authentication schemes have been proposed in the literature. In this paper, we demonstrate the security limitations of a recently proposed password based authentication scheme, and show that their scheme is still vulnerable to forgery and offline password guessing attacks and it is also unable to provide user anonymity, forward secrecy and mutual authentication. With the intention of fixing the weaknesses of that scheme, we present a secure authentication scheme. We show that the proposed scheme is invulnerable to various attacks together with attacks observed in the analyzed scheme through both rigorous formal and informal security analysis. Furthermore, the security analysis using the widely-accepted Real-Or-Random (ROR) model ensures that the proposed scheme provides the session key (SK) security. Finally, we carry out the performance evaluation of the proposed scheme and other related schemes, and the result favors that the proposed scheme provides better trade-off among security and performance as compared to other existing related schemes.

     

Machine Learning Based Intrusion Detection Systems for IoT Applications

Internet of Things (IoT) and its applications are the most popular research areas at present. The characteristics of IoT on one side make it easily applicable to real-life applications, whereas on the other side expose it to cyber threats. Denial of Service (DoS) is one of the most catastrophic attacks against IoT. In this paper, we investigate the prospects of using machine learning classification algorithms for securing IoT against DoS attacks. A comprehensive study is carried on the classifiers which can advance the development of anomaly-based intrusion detection systems (IDSs). Performance assessment of classifiers is done in terms of prominent metrics and validation methods. Popular datasets CIDDS-001, UNSW-NB15, and NSL-KDD are used for benchmarking classifiers. Friedman and Nemenyi tests are employed to analyze the significant differences among classifiers statistically. In addition, Raspberry Pi is used to evaluate the response time of classifiers on IoT specific hardware. We also discuss a methodology for selecting the best classifier as per application requirements. The main goals of this study are to motivate IoT security researchers for developing IDSs using ensemble learning, and suggesting appropriate methods for statistical assessment of classifier’s performance.

     

An efficient and secure 3‐factor user‐authentication protocol for multiserver environment

In the last decade, the number of web‐based applications is increasing rapidly, which leads to high demand for user authentication protocol for multiserver environment. Many user‐authentication protocols have been proposed for different applications. Unfortunately, most of them either have some security weaknesses or suffer from unsatisfactory performance. Recently, Ali and Pal proposed a three‐factor user‐authentication protocol for multiserver environment. They claimed that their protocol can provide mutual authentication and is secure against many kinds of attacks. However, we find that Ali and Pal's protocol cannot provide user anonymity and is vulnerable to 4 kinds of attacks. To enhance security, we propose a new user‐authentication protocol for multiserver environment. Then, we provide a formal security analysis and a security discussion, which indicate our protocol is provably secure and can withstand various attacks. Besides, we present a performance analysis to show that our protocol is efficient and practical for real industrial environment.     

Sparse power equalization placement for limiting jamming attack propagation in transparent optical networks

The latest advances in Wavelength Division Multiplexing (WDM) technology are making it possible to build all-optical transparent WDM networks, which are expected to be able to satisfy the rapid growth of today’s capacity demand. However, the transparency of such networks makes them highly vulnerable to deliberate attacks, specifically targeting the physical layer. Physical-layer attacks, such as high-power jamming, can cause severe service disruption or even service denial, enhanced by their capability to propagate through a transparent optical network. Several attack-aware routing and wavelength assignment algorithms have been proposed to reduce the possible disruption caused by high-power jamming attacks. However, even with network planning approaches which take network security, specifically physical-layer attacks, into account, resilience to deliberate attacks in such scenarios remains an issue.In this paper, we propose the use of wavelength-selective attenuators as power equalizers inside network nodes to limit the propagation of high-power jamming attacks. Due to the increased cost of optical switching nodes associated with the addition of power equalizers, we aim at minimizing their number through sparse power equalization placement. We developed a set of greedy algorithms to solve what we call the Power Equalization Placement (PEP) problem with the objective of minimizing the number of power equalizers needed to reduce, to a desired level, the propagation of high-power jamming attacks for a given routing scheme. We further improved upon these results by proposing a GRASP (Greedy Randomized Adaptive Search Procedure) heuristic with a somewhat longer execution time, but with significantly superior results. The performance evaluation results indicate that the proposed GRASP heuristic can achieve the same attack propagation reduction as can be obtained by equipping all nodes with power equalizers by placing them at less than 50% of the nodes on average, potentially yielding significant cost savings.     

An Autonomous Host-Based Intrusion Detection System for Android Mobile Devices

Intrusion Detection System (IDS) is crucial to protect smartphones from imminent security breaches and ensure user privacy. Android is the most popular mobile Operating System (OS), holding above 85% market share. The traffic generated by smartphones is expected to exceed the one generated by personal computers by 2021. Consequently, this prevalent mobile OS will stay one of the most attractive targets for potential attacks on fifth generation mobile networks (5G). Although Android malware detection has received considerable attention, offered solutions mostly rely on performing resource intensive analysis on a server, assuming a continuous connection between the device and the server, or on employing supervised Machine Learning (ML) algorithms for profiling the malware’s behaviour, which essentially require a training dataset consisting of thousands of examples from both benign and malicious profiles. However, in practice, collecting malicious examples is tedious since it entails infecting the device and collecting thousands of samples in order to characterise the malware’s behaviour and the labelling has to be done manually. In this paper, we propose a novel Host-based IDS (HIDS) incorporating statistical and semi-supervised ML algorithms. The advantage of our proposed IDS is two folds. First, it is wholly autonomous and runs on the mobile device, without needing any connection to a server. Second, it requires only benign examples for tuning, with potentially a few malicious ones. The evaluation results show that the proposed IDS achieves a very promising accuracy of above 0.9983, reaching up to 1.

     

Security analysis of an ultra‐lightweight RFID authentication protocol for m‐commerce

Nowadays, many people perform their commercial activities, such as electronic payment and electronic banking, through their mobile phones. Mobile commerce (m‐commerce) refers to manipulating electronic commerce (e‐commerce) by using mobile devices and wireless networks. Radio‐frequency identification (RFID) is a technology which can be employed to complete payment functions on m‐commerce. As an RFID subsystem is applied in m‐commerce and supply chains, the related security concerns are very important. Recently, Fan et al. have proposed an ultra‐lightweight RFID authentication scheme for m‐commerce (ULRAS) and claimed that their protocol is efficient enough and provides a high level of security. In this paper, we show that their protocol is vulnerable to secret disclosure and reader impersonation attacks. Finally, we improve it to a protocol that is resistant to the attacks presented in this paper and the other known attacks in the context of RFID authentication. We further analyze the security of the improved protocol through the Burrows–Abadi–Needham logic (BAN‐logic). Moreover, our proposed improvement does not impose any additional workload on the RFID tag.