Visible to the public Biblio

Filters: Keyword is lightweight authentication  [Clear All Filters]
2020-01-20
Bauer, Sergei, Brunner, Martin, Schartner, Peter.  2019.  Lightweight Authentication for Low-End Control Units with Hardware Based Individual Keys. 2019 Third IEEE International Conference on Robotic Computing (IRC). :425–426.

In autonomous driving, security issues from robotic and automotive applications are converging toward each other. A novel approach for deriving secret keys using a lightweight cipher in the firmware of low-end control units is introduced. By evaluating the method on a typical low-end automotive platform, we demonstrate the reusability of the cipher for message authentication. The proposed solution counteracts a known security issue in the robotics and automotive domain.

2019-12-02
Chi, Po-Wen, Wang, Ming-Hung.  2018.  A Lightweight Compound Defense Framework Against Injection Attacks in IIoT. 2018 IEEE Conference on Dependable and Secure Computing (DSC). :1–8.
Industrial Internet of Things (IIoT) is a trend of the smart industry. By collecting field data from sensors, the industry can make decisions dynamically in time for better performance. In most cases, IIoT is built on private networks and cannot be reached from the Internet. Currently, data transmission in most of IIoT network protocols is in plaintext without encryption protection. Once an attacker breaks into the field, the attacker can intercept data and injects malicious commands to field agents. In this paper, we propose a compound approach for defending command injection attacks in IIOT. First, we leverage the power of Software Defined Networking (SDN) to detect the injection attack. When the injection attack event is detected, the system owner is alarmed that someone tries to pretend a controller or a field agent to deceive the other entity. Second, we develop a lightweight authentication scheme to ensure the identity of the command sender. Command receiver can verify commands first before processing commands.
2019-01-31
Tewari, A., Gupta, B. B..  2018.  A Robust Anonymity Preserving Authentication Protocol for IoT Devices. 2018 IEEE International Conference on Consumer Electronics (ICCE). :1–5.

In spite of being a promising technology which will make our lives a lot easier we cannot be oblivious to the fact IoT is not safe from online threat and attacks. Thus, along with the growth of IoT we also need to work on its aspects. Taking into account the limited resources that these devices have it is important that the security mechanisms should also be less complex and do not hinder the actual functionality of the device. In this paper, we propose an ECC based lightweight authentication for IoT devices which deploy RFID tags at the physical layer. ECC is a very efficient public key cryptography mechanism as it provides privacy and security with lesser computation overhead. We also present a security and performance analysis to verify the strength of our proposed approach.

Mahboubi, A., Camtepe, S., Morarji, H..  2018.  Reducing USB Attack Surface: A Lightweight Authentication and Delegation Protocol. 2018 International Conference on Smart Computing and Electronic Enterprise (ICSCEE). :1–7.

A privately owned smart device connected to a corporate network using a USB connection creates a potential channel for malware infection and its subsequent spread. For example, air-gapped (a.k.a. isolated) systems are considered to be the most secure and safest places for storing critical datasets. However, unlike network communications, USB connection streams have no authentication and filtering. Consequently, intentional or unintentional piggybacking of a malware infected USB storage or a mobile device through the air-gap is sufficient to spread infection into such systems. Our findings show that the contact rate has an exceptional impact on malware spread and destabilizing free malware equilibrium. This work proposes a USB authentication and delegation protocol based on radiofrequency identification (RFID) in order to stabilize the free malware equilibrium in air-gapped networks. The proposed protocol is modelled using Coloured Petri nets (CPN) and the model is verified and validated through CPN tools.

2018-09-12
Boureanu, Ioana, Gérault, David, Lafourcade, Pascal, Onete, Cristina.  2017.  Breaking and Fixing the HB+DB Protocol. Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks. :241–246.

HB+ is a lightweight authentication scheme, which is secure against passive attacks if the Learning Parity with Noise Problem (LPN) is hard. However, HB+ is vulnerable to a key-recovery, man-in-the-middle (MiM) attack dubbed GRS. The HB+DB protocol added a distance-bounding dimension to HB+, and was experimentally proven to resist the GRS attack. We exhibit several security flaws in HB+DB. First, we refine the GRS strategy to induce a different key-recovery MiM attack, not deterred by HB+DB's distancebounding. Second, we prove HB+DB impractical as a secure distance-bounding (DB) protocol, as its DB security-levels scale poorly compared to other DB protocols. Third, we refute that HB+DB's security against passive attackers relies on the hardness of LPN; moreover, (erroneously) requiring such hardness lowers HB+DB's efficiency and security. We also propose anew distance-bounding protocol called BLOG. It retains parts of HB+DB, yet BLOG is provably secure and enjoys better (asymptotical) security.

2017-05-17
Huang, Jheng-Jia, Juang, Wen-Shenq, Fan, Chun-I, Tseng, Yi-Fan, Kikuchi, Hiroaki.  2016.  Lightweight Authentication Scheme with Dynamic Group Members in IoT Environments. Adjunct Proceedings of the 13th International Conference on Mobile and Ubiquitous Systems: Computing Networking and Services. :88–93.

In IoT environments, the user may have many devices to connect each other and share the data. Also, the device will not have the powerful computation and storage ability. Many studies have focused on the lightweight authentication between the cloud server and the client in this environment. They can use the cloud server to help sensors or proxies to finish the authentication. But in the client side, how to create the group session key without the cloud capability is the most important issue in IoT environments. The most popular application network of IoT environments is the wireless body area network (WBAN). In WBAN, the proxy usually needs to control and monitor user's health data transmitted from the sensors. In this situation, the group authentication and group session key generation is needed. In this paper, in order to provide an efficient and robust group authentication and group session key generation in the client side of IoT environments, we propose a lightweight authentication scheme with dynamic group members in IoT environments. Our proposed scheme can satisfy the properties including the flexible generation of shared group keys, the dynamic participation, the active revocation, the low communication and computation cost, and no time synchronization problem. Also our scheme can achieve the security requirements including the mutual authentication, the group session key agreement, and prevent all various well-known attacks.

2017-03-08
Litian, D., Fu, D., Zizhong, W. J..  2015.  A Mixed and Batching Authentication Protocol for Grouped Tags in Mobile RFID System. 2015 IEEE International Conference on Data Science and Data Intensive Systems. :75–80.

Mobile radio frequency identification (RFID) systems are being employed in many applications such as supply chain management. Since the communications between RFID-reader and server, RFID-tag and RFID-reader are all wireless, security and privacy attracts more attentions, reflected in the research on authentication protocols. But most of the existing authentications only care about the front end (reader to tag) and ignore the back end (reader to server), which could not satisfy the security demands in the mobile RFID systems. Moreover, the tags have to be grouped when the population is large enough, but the existing authentication protocols are inapplicable in this scenario. In this paper, we propose a mixed authentication protocol composed of hash-based authentication for readers and lightweight authentication for low-cost tags to fit the mobile RFID system with grouping tags. Analysis demonstrates that the proposed authentication protocol could efficiently counteract the impersonation attack, reply attack and tracking attack.