More Web Proxy on the site http://driver.im/

research-article

Towards Continuous Authentication in Internet of Things Based on Secret Sharing Scheme

Authors:

Omaimah Omar Bamasag,

Kamal Youcef-ToumiAuthors Info & Claims

WESS'15: Proceedings of the WESS'15: Workshop on Embedded Systems Security

Article No.: 1, Pages 1 - 8

https://doi.org/10.1145/2818362.2818363

Published: 04 October 2015 Publication History

Abstract

In this paper, we propose a novel continuous authentication protocol for the Internet of Things based on secret sharing scheme. This protocol provides secure and efficient authentication for frequent message transmissions in short session time intervals. The protocol introduces a novel use of secret sharing scheme, that is, the secret is used as an authenticator and the shares are used as authenticator tokens. Each token is an outcome of a function of time that binds the secret share to a specific point in time during the session such that the share can only be revealed in that specific time. The share can be linked back to the secret and, hence, the message source can be authenticated. Security evaluation of the protocol shows that it fulfills the stated security requirements and addresses the listed attacks. Performance evaluation of the protocol shows that it is lightweight in terms of computation and communication costs, thus addressing the resource-constrained IoT endpoints.

References

[1]

Yao, X., Han, X., X., Du, X. 2013. A Lightweight Multicast Authentication Mechanism for Small Scale IoT Applications. IEEE Sensors Journal, vol. 13, no. 10, 3693--3701.

[2]

Dlodlo, N. 2012. Adopting the internet of things technologies in environmental management in South Africa. In Proceedings of the 2nd International Conference on Environment Science and Engineering, 45--55.

[3]

Li, J., Wu, X., and Chen, H. 2011. Research on mobile digital health system based on internet of things, Electrical Power Systems and Computers (Lecture Notes in Electrical Engineering), vol. 99, Springer-Verlag, 495--502.

[4]

Wang, Z. 2014. Smart Home System Design Based on Internet of Things. Applied Mechanics and Materials, vols. 602-605, 3808--3812.

[5]

Roman, R., Zhou, J., Lopez, J. 2013. On the features and challenges of security and privacy in distributed internet of things, Computer Networks, vol. 57, 2266--2279.

Digital Library

[6]

Sicari, S., Rizzardi, A., Grieco, L. A., Coen-Porisini, A. 2015. Security, Privacy and Trust in Internet of Things: The Road Ahead. Computer Networks, vol. 76, 146--164.

Digital Library

[7]

Wang, K., Bao, J., Wu, M., and Lu, W. 2010. Research on Security Management for Internet of Things. In Proceedings of 2010 International Conference on Computer Application and System Modeling, 133--137.

[8]

Sarma, A. and Girao, J. 2009. Identities in the future Internet of Things. Wireless Personal Communications, vol. 49, no. 3, 353--363.

Digital Library

[9]

Turkanovic, M., Brumen, B., Holbl, M. 2014. A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Networks, vol. 20, 96--112.

[10]

Xu, D. and Chen, Y. 2013. A Safe RFID Authentication Protocol for Internet of Things. Journal of Theoretical and Applied Information Technology, vol. 48, no. 1, 359--364.

[11]

Ye, N., Zhu, Y., Wang, R., Malekian, R., Qiao-min, L. 2014. An Efficient Authentication and Access Control Scheme for Perception Layer on Internet of Things, Applied Mathematics & Information Sciences, vol. 8, no. 4, 1617--1624.

[12]

Hernandez-Goya, M. C., and Caballero-Gill, P. 2013. Analysis of Lightweight Cryptographic Solutions for Authentication in IoT, In Proceedings of EUROCAST 2013, Part II, LNCS 8112, 373--380.

[13]

Xiao, J. and Chen, C. 2012. Authentication and Access Control in the Internet of Things. In Proceedings of 32nd International Conference on Distributed Computing Systems Workshops, 588--592.

Digital Library

[14]

Mahalle, N., Prasad, N., Prasad, R. 2013. Novel Threshold Cryptography-based Group Authentication (TCGA) Scheme for the Internet of Things (IoT). In Proceedings of the Seventh IEEE International Conference on Advanced Networks and Telecommunication Systems (ANTS).

[15]

Ndibanje, B., Lee, H., Lee, S. 2014. Security Analysis and Improvements of Authentication and Access Control in the Internet of Things. Sensors, vol. 14, 14786--14805.

[16]

Roman, R. Zhou, J., Lopez, J. 2013. On the features and challenges of security and privacy in distributed internet of things, Computer Networks, vol. 57, 2266--2279.

Digital Library

[17]

Shamir, A. 1979. How to Share a Secret, Communications of the ACM, vol. 22, no. 11, 612--613.

Digital Library

[18]

NIST, 2008. (FIPS 180-3) Secure Hash Standard (shs).

[19]

ISO/IEC 9797. "Information technology -- security techniques -- Message Authentication Code (MACs). Part 1: Mechanisms using a block cipher", 1999, "Part 2: Mechanisms using a dedicated hash-function", 2002.

[20]

Yavuz, A. A. 2014. An efficient real-time broadcast authentication scheme for command and control messages', IEEE Transactions on Information Forensic and Security, vol. 9, no. 10, 1733--1742.

Digital Library

[21]

Bonetto, R., Bui, N., Lakkaundi, V., Olivereau, A., Serbanati, A., Rossi, M. 2012. Secure Communication for Smart IoT Objects: protocol STACKS, Use Cases and Practical Examples, In Proceedings of IEEE International Symposium on a world of wireless, mobile and multimedia networks (WoWMoM), 1--7.

[22]

Liu, Y., Qin, X., Wang, C., Li, B. 2013.A lightweight RFID authentication protocol based one elliptic curve cryptography, Journal of Computers, vol. 8, no. 11, 2880--2887.

[23]

Lee, J-Y., Lin, W-C., Huang, Y-H. 2014. A lightweight authentication protocol for internet of things. In Proceedings of 2014 International Symposium on Next- Generation Electronics ISNE, 1--2.

[24]

Braun, M., Hess, E., Meyer, B. 2008. Using Elliptic Curves on RFID Tags, IJCSNS International Journal of Computer Science and Network Security, vol. 8, no. 2, 1--9.

[25]

Ahamed, S. Rahman, F., Hoque, E. 2008. ERAP: ECC based RFID Authentication Protocol, In Proceedings of 12th IEEE International Workshop on Future Trends of Distributed Computing Systems, 219--225.

Digital Library

[26]

Zhao, G., Si, X., Wang, J., Long, X. M and Hu, T. 2011. A Novel Mutual Authentication Scheme for Internet of Things, In Proceedings of 2011 IEEE International Conference on Modeling, Identification and Control (ICMIC), 563--566.

[27]

Park, N., Kim, M., Bang, H. 2015. Symmetric Key-Based Authentication and the Session Key Agreement Scheme in IoT Environment, Computer Science and its Applications, Lecture Notes in Electrical Engineering, Vol. 330, 379--384.

[28]

Gao, D., Guo, Y. G., Cui, J. Q., Hao, H. G., Shi, H. 2012. A Communication Protocol of RFID Systems in Internet of Things, International Journal of Security and its Applications, vol. 6, no. 2, 91--102.

[29]

Kothmayr, T., Schmitt, C., Hu, W., Brunig, M., Carle, G. 2013. DTLS based Security and Two-Way Authentication for the Internet of Things, Ad Hoc Networks, vol. 11, no. 8, 2710--2723.

Digital Library

[30]

Datagram Transport Layer Seurity (DTLS) 1.2 profile for Internet o Things', available at https://tools.ietf.org/html/draft-ietf-dice-profile-06.

[31]

Potlapally, N., Ravi, S., Raghunathan, A., Jha, N. 2003. Analyzing the Energy Consumption of Security Protocols. In Proceedings of the 2003 International Symposium on Low Power Electronics and Design ISLPED' 03.

Digital Library

Cited By

Zhang BYang SZheng XWang X(2024)STCA: Stacked Token-based Continuous Authentication Protocol for Zero Trust IoT2024 IEEE Wireless Communications and Networking Conference (WCNC)10.1109/WCNC57260.2024.10571244(1-6)Online publication date: 21-Apr-2024
https://doi.org/10.1109/WCNC57260.2024.10571244
Srinivasan AMorewood GSimmons-Massey KLi Y(2024)SAFE-CARE: Reversible Privacy-preserving Physician Feedback Framework to Improve Patient Care Quality2024 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC)10.1109/CyberC62439.2024.00032(131-138)Online publication date: 24-Oct-2024
https://doi.org/10.1109/CyberC62439.2024.00032
Ram CSathyadevan S(2024)Authentication Framework for an IoT EcosystemData Science and Communication10.1007/978-981-99-5435-3_14(201-220)Online publication date: 3-Jan-2024
https://doi.org/10.1007/978-981-99-5435-3_14
Show More Cited By

Index Terms

Towards Continuous Authentication in Internet of Things Based on Secret Sharing Scheme
1. Hardware
  1. Communication hardware, interfaces and storage
2. Networks

Recommendations

New Features of Authentication Scheme for the IoT: A Survey
IoT S&P'19: Proceedings of the 2nd International ACM Workshop on Security and Privacy for the Internet-of-Things

With the development of cloud computing and artificial intelligence, the Internet of Things (IoT) products are gradually entering every corner of our lives and changing the way we live. Yet traditional computer authentication protocol cannot be used ...
An information security analysis method of Internet of things based on balanced double SVM
Special section: Recent trends, Challenges and Applications in Cognitive Computing for Intelligent Systems

With the continuous progress of social science and technology, the development of the Internet of things is growing. With the development of Internet of things, security problems emerge in endlessly. During the period of COVID-19, the Internet of Things ...
Cryptanalysis on a Secret-Sharing Based Conditional Proxy Re-Encryption Scheme

Condition proxy re-encryption is a promising security primitive for pervasive data sharing in such settings as cloud-based social networks and collaborations. However, it is challenging to create a secure condition proxy re-encryption scheme that is ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

WESS'15: Proceedings of the WESS'15: Workshop on Embedded Systems Security

October 2015

73 pages

ISBN:9781450336673

DOI:10.1145/2818362

Program Chairs:
Stavros Koubias
University of Patras
,
Thilo Sauter
Donau University Krems

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 October 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ESWEEK'15

Sponsor:

ESWEEK'15: ELEVENTH EMBEDDED SYSTEM WEEK

October 4 - 9, 2015

Amsterdam, Netherlands

Acceptance Rates

Overall Acceptance Rate 8 of 21 submissions, 38%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

33
Total Citations
View Citations
732
Total Downloads

Downloads (Last 12 months)31
Downloads (Last 6 weeks)5

Reflects downloads up to 14 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zhang BYang SZheng XWang X(2024)STCA: Stacked Token-based Continuous Authentication Protocol for Zero Trust IoT2024 IEEE Wireless Communications and Networking Conference (WCNC)10.1109/WCNC57260.2024.10571244(1-6)Online publication date: 21-Apr-2024
https://doi.org/10.1109/WCNC57260.2024.10571244
Srinivasan AMorewood GSimmons-Massey KLi Y(2024)SAFE-CARE: Reversible Privacy-preserving Physician Feedback Framework to Improve Patient Care Quality2024 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC)10.1109/CyberC62439.2024.00032(131-138)Online publication date: 24-Oct-2024
https://doi.org/10.1109/CyberC62439.2024.00032
Ram CSathyadevan S(2024)Authentication Framework for an IoT EcosystemData Science and Communication10.1007/978-981-99-5435-3_14(201-220)Online publication date: 3-Jan-2024
https://doi.org/10.1007/978-981-99-5435-3_14
Verma U(2024)A Review of Authentication Schemes in Internet of ThingsMachine Learning, Image Processing, Network Security and Data Sciences10.1007/978-3-031-62217-5_26(309-322)Online publication date: 11-Jun-2024
https://doi.org/10.1007/978-3-031-62217-5_26
De Santis AFerrara AFlores MMasucci B(2023)Continuous Entity Authentication in the Internet of Things ScenarioApplied Sciences10.3390/app1310594513:10(5945)Online publication date: 11-May-2023
https://doi.org/10.3390/app13105945
Raju Kumar R(2023)Improving IoT Security Through Machine Learning2023 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS)10.1109/ICCCIS60361.2023.10425059(926-932)Online publication date: 3-Nov-2023
https://doi.org/10.1109/ICCCIS60361.2023.10425059
Saha SChattopadhyay ABarman ANag ANandi S(2023)Secret Image Sharing Schemes: A Comprehensive SurveyIEEE Access10.1109/ACCESS.2023.330405511(98333-98361)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3304055
Chen ITsai JChen YLee C(2022)Lightweight Mutual Authentication for Healthcare IoTSustainability10.3390/su14201341114:20(13411)Online publication date: 18-Oct-2022
https://doi.org/10.3390/su142013411
Aqeel MAli FIqbal MRana TArif MAuwul M(2022)A Review of Security and Privacy Concerns in the Internet of Things (IoT)Journal of Sensors10.1155/2022/57241682022(1-20)Online publication date: 29-Sep-2022
https://doi.org/10.1155/2022/5724168
Almajali SHamad T(2022)A Cost-Effective Multilayer Authentication Framework for Large-Scale IoT Deployments2022 International Conference on Engineering and Emerging Technologies (ICEET)10.1109/ICEET56468.2022.10007309(1-6)Online publication date: 27-Oct-2022
https://doi.org/10.1109/ICEET56468.2022.10007309
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents