Visible to the public Secure authentication on the Internet of Things

TitleSecure authentication on the Internet of Things
Publication TypeConference Paper
Year of Publication2017
AuthorsGriffin, P. H.
Conference NameSoutheastCon 2017
ISBN Number978-1-5386-1539-3
Keywordsauthentication, biometric authenticated key exchange protocol, biometric-based cryptographic techniques, biometrics, biometrics (access control), Ciphers, code size, Computer crime, confidential communications, cryptographic protocols, cryptography, Human Behavior, human factor, human factors, Internet of Things, lightweight cryptographic algorithms, man-in-the-middle attacks, memory requirements, Metrics, multifactor authentication, mutual multifactor authentication, phishing, Protocols, pubcrawl, resilience, Resiliency, resource constrained environments, Servers, universal access, user credential protection

This paper describes biometric-based cryptographic techniques for providing confidential communications and strong, mutual and multifactor authentication on the Internet of Things. The described security techniques support the goals of universal access when users are allowed to select from multiple choice alternatives to authenticate their identities. By using a Biometric Authenticated Key Exchange (BAKE) protocol, user credentials are protected against phishing and Man-in-the-Middle attacks. Forward secrecy is achieved using a Diffie-Hellman key establishment scheme with fresh random values each time the BAKE protocol is operated. Confidentiality is achieved using lightweight cryptographic algorithms that are well suited for implementation in resource constrained environments, those limited by processing speed, limited memory and power availability. Lightweight cryptography can offer strong confidentiality solutions that are practical to implement in Internet of Things systems, where efficient execution, and small memory requirements and code size are required.

Citation Keygriffin_secure_2017