论文信息 - A payload-based mutual authentication scheme for Internet of Things

A payload-based mutual authentication scheme for Internet of Things

Abstract The Internet of Things (IoT) is a vision that broadens the scope of the Internet by incorporating physical objects to identify themselves to the participating entities. This innovative concept enables a physical object to represent itself in the digital world. There have been a lot of speculations and future forecasts about these physical objects connected with the Internet, however, most of them lack secure features and are vulnerable to a wide range of attacks. Miniature sensor nodes, embedded in these physical objects, limit the support for computationally complex and resource-consuming secured algorithms. In this paper, we propose a lightweight mutual authentication scheme for the real-world physical objects of an IoT environment. It is a payload-based encryption scheme which uses a simple four-way handshake mechanism to verify the identities of the participating objects. The real-world objects communicate with each other using the client–server interaction model. Our proposed scheme uses the lightweight features of Constrained Application Protocol (CoAP) to enable the clients to observe resources residing on the server, in an energy-efficient manner. We use Advanced Encryption Standard (AES), with a key length of 128 bits, to establish a secured session for resource observation. We evaluate our scheme for a real-world scenario using NetDuino Plus 2 boards. Our scheme is computationally efficient, incurs less connection overhead and at the same time, provides a robust defence against various attacks such as, resource exhaustion, Denial-of-Service, replay and physical tampering.

[1] Eric Rescorla,et al. The Transport Layer Security (TLS) Protocol Version 1.3 , 2018, RFC.

[2] Jo Woon Chong,et al. A time synchronization technique for coap-based home automation systems , 2016, IEEE Transactions on Consumer Electronics.

[3] Jorge Sá Silva,et al. On the feasibility of secure application-layer communications on the Web of Things , 2012, 37th Annual IEEE Conference on Local Computer Networks.

[4] Mari Carmen Domingo,et al. An overview of the internet of underwater things , 2012, J. Netw. Comput. Appl..

[5] Wade Trappe,et al. Low-Energy Security: Limits and Opportunities in the Internet of Things , 2015, IEEE Security & Privacy.

[6] Ivan Livaja,et al. EXTENSIBLE MESSAGING AND PRESENCE PROTOCOL (XMPP) , 2018 .

[7] BottaAlessio,et al. Integration of Cloud computing and Internet of Things , 2016 .

[8] Andrea Zanella,et al. Long-range communications in unlicensed bands: the rising stars in the IoT and smart city scenarios , 2015, IEEE Wireless Communications.

[9] Randy Bush,et al. Serial Number Arithmetic , 1996, RFC.

[10] Scott F. Midkiff,et al. Denial-of-Service in Wireless Sensor Networks: Attacks and Defenses , 2008, IEEE Pervasive Computing.

[11] Antonio Pescapè,et al. Integration of Cloud computing and Internet of Things: A survey , 2016, Future Gener. Comput. Syst..

[12] Peter Saint-Andre,et al. Extensible Messaging and Presence Protocol (XMPP): Address Format , 2011, RFC.

[13] Jorge Sá Silva,et al. On the Effectiveness of End-to-End Security for Internet-Integrated Sensing Applications , 2012, 2012 IEEE International Conference on Green Computing and Communications.

[14] Ping Luo,et al. A distributed expansible authentication model based on Kerberos , 2008, J. Netw. Comput. Appl..

[15] Jaeho Kim,et al. M2M Service Platforms: Survey, Issues, and Enabling Technologies , 2014, IEEE Communications Surveys & Tutorials.

[16] K. Kuladinithi,et al. Implementation of CoAP and its Application in Transport Logistics , 2011 .

[17] Mohsen Guizani,et al. Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[18] Pete Chown,et al. Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS) , 2002, RFC.

[19] Ludwig Seitz,et al. Design Considerations for Security Protocols in Constrained Environments , 2014 .

[20] Jorge Sá Silva,et al. Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues , 2015, IEEE Communications Surveys & Tutorials.

[21] Srikanth V. Krishnamurthy,et al. Denial of Service Attacks in Wireless Networks: The Case of Jammers , 2011, IEEE Communications Surveys & Tutorials.

[22] Tim Dierks,et al. The Transport Layer Security (TLS) Protocol Version 1.2 , 2008 .

[23] Deepak Choudhary,et al. Internet of things: A survey on enabling technologies, application and standardization , 2018 .

[24] Anna Calveras Augé,et al. TinyCoAP: A Novel Constrained Application Protocol (CoAP) Implementation for Embedding RESTful Web Services in Wireless Sensor Networks Based on TinyOS , 2013, J. Sens. Actuator Networks.

[25] Xiangjian He,et al. A Robust Authentication Scheme for Observing Resources in the Internet of Things Environment , 2014, 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications.

[26] Klaus Hartke,et al. Observing Resources in the Constrained Application Protocol (CoAP) , 2015, RFC.

[27] Roy T. Fielding,et al. Principled design of the modern Web architecture , 2000, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium.

[28] Jari Arkko,et al. CoAP Security Architecture , 2011 .

[29] Eric Rescorla,et al. Guidelines for Writing RFC Text on Security Considerations , 2003, RFC.

[30] Thiemo Voigt,et al. INDIGO: Secure CoAP for Smartphones Enabling E2E Secure Communication in the 6IoT , 2013 .

[31] Soma Bandyopadhyay,et al. Lightweight mutual authentication for CoAP (WIP) , 2014 .

[32] Xiaoping Ma,et al. Performance evaluation of MQTT and CoAP via a common middleware , 2014, 2014 IEEE Ninth International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP).

[33] G. G. Stokes. "J." , 1890, The New Yale Book of Quotations.

[34] Klaus Hartke,et al. Practical Issues with Datagram Transport Layer Security in Constrained Environments , 2014 .

[35] Kuldip Singh,et al. A secure dynamic identity based authentication protocol for multi-server architecture , 2011, J. Netw. Comput. Appl..

[36] Carsten Bormann,et al. The Constrained Application Protocol (CoAP) , 2014, RFC.

[37] Eric Rescorla,et al. Datagram Transport Layer Security Version 1.2 , 2012, RFC.

[38] Ludwig Seitz,et al. S3K: Scalable Security With Symmetric Keys—DTLS Key Establishment for the Internet of Things , 2016, IEEE Transactions on Automation Science and Engineering.

[39] Georg Carle,et al. DTLS based security and two-way authentication for the Internet of Things , 2013, Ad Hoc Networks.