Novel one round message authentication scheme for constrained IoT devices

Security and privacy concerns have emerged as critical challenges in the Internet-of-Things (IoT) era. These issues need to be carefully addressed due to the sensitive data within IoT systems. However, some IoT devices have various limitations in terms of energy, memory capacity, and computational resources, which makes them extremely vulnerable to security attacks. Data integrity with source authentication are essential security services for protecting IoT data value and utility. Existing message authentication algorithms (MAAs), which are either based on block ciphers or keyed hash functions, require multiple rounds and complex operations, which leads to unacceptable overhead for resource-limited devices and delay-sensitive applications. Moreover, the high number of IoT connected devices generates a huge amount of data, which challenges even the capacity of powerful network devices to handle the security of such Big Data. As such, the protection of such amounts of generated data calls for lightweight security solutions. In this paper, we propose a lightweight MAA that provides data integrity and source authentication. The proposed solution is based on a dynamic key structure with a single round and simple operations. The used cryptographic primitives (substitution and permutation tables) are dynamic and get updated for each new input message by using specific update primitives. The dynamic structure of the proposed MAA allows for decreasing the required number of rounds to just one, while maintaining a high degree of security. The security tests results show that the proposed keyed hash functions (1) achieve the desired cryptographic properties, (2) are immune against existing attacks and (3) require low overhead in terms of computational and storage resources.

[1]  Bruce Schneier,et al.  Applied cryptography : protocols, algorithms, and source codein C , 1996 .

[2]  Ali Chehab,et al.  A new efficient lightweight and secure image cipher scheme , 2017, Multimedia Tools and Applications.

[3]  Raphaël Couturier,et al.  Efficient & secure cipher scheme with dynamic key-dependent mode of operation , 2019, Signal Process. Image Commun..

[4]  Satyajayant Misra,et al.  AccConF: An Access Control Framework for Leveraging In-Network Cached Data in the ICN-Enabled Wireless Edge , 2019, IEEE Transactions on Dependable and Secure Computing.

[5]  Willi Meier,et al.  SHA-3 proposal BLAKE , 2009 .

[6]  Tang Ming . Wei Lian. Si Tuo Lin Si,et al.  Cryptography and Network Security - Principles and Practice , 2015 .

[7]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[8]  Nikos Fotiou,et al.  Securing Content Sharing over ICN , 2016, ICN.

[9]  Elias Yaacoub,et al.  Securing internet of medical things systems: Limitations, issues and recommendations , 2020, Future Gener. Comput. Syst..

[10]  Bo Yang,et al.  Hash function construction based on coupled map lattice for communication security , 2009, 2009 Global Mobile Congress.

[11]  Zhiyong Zhang,et al.  One-Way Hash Function based on Cascade Chaos , 2015 .

[12]  Ali Chehab,et al.  Lightweight, dynamic and efficient image encryption scheme , 2018, Multimedia Tools and Applications.

[13]  Florian Mendel,et al.  Symmetric Cryptography , 2009 .

[14]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[15]  Jason Smith,et al.  SIMON and SPECK: Block Ciphers for the Internet of Things , 2015, IACR Cryptol. ePrint Arch..

[16]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[17]  Amir Akhavan,et al.  Parallel chaotic hash function based on the shuffle-exchange network , 2015 .

[18]  Adlen Ksentini,et al.  Coexistence of ICN and IP Networks: An NFV as a Service Approach , 2019, 2019 IEEE Global Communications Conference (GLOBECOM).

[19]  Sangheon Pack,et al.  Secure Distribution of Protected Content in Information-Centric Networking , 2019, IEEE Systems Journal.

[20]  Xiaoyun Wang,et al.  How to Break MD5 and Other Hash Functions , 2005, EUROCRYPT.

[21]  Stefan Lucks,et al.  The Skein Hash Function Family , 2009 .

[22]  Keshab K. Parhi,et al.  Semiblind frequency-domain timing synchronization and channel estimation for OFDM systems , 2013, EURASIP J. Adv. Signal Process..

[23]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[24]  Ali Chehab,et al.  Preserving data security in distributed fog computing , 2019, Ad Hoc Networks.

[25]  John Viega,et al.  The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH , 2006, RFC.

[26]  Hassan N. Noura,et al.  Security analysis of drones systems: Attacks, limitations, and recommendations , 2020, Internet of Things.

[27]  Ali Chehab,et al.  Efficient and secure cipher scheme for multimedia contents , 2018, Multimedia Tools and Applications.

[28]  Mohammad Ghebleh,et al.  A structure-based chaotic hashing scheme , 2015, Nonlinear Dynamics.

[29]  Ljupco Kocarev,et al.  Chaotic block ciphers: from theory to practical algorithms , 2006, IEEE Transactions on Circuits and Systems I: Regular Papers.

[30]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[31]  Abdennaceur Kachouri,et al.  A novel chaos-based image encryption using DNA sequence operation and Secure Hash Algorithm SHA-2 , 2015, Nonlinear Dynamics.

[32]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[33]  Qi Wu,et al.  A Chaos-Based Hash Function , 2015, 2015 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery.

[34]  Dijiang Huang,et al.  Attribute-based Access Control for ICN Naming Scheme , 2018, IEEE Trans. Dependable Secur. Comput..

[35]  Feng Wu,et al.  SEAF: A Secure, Efficient and Accountable Access Control Framework for Information Centric Networking , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[36]  Ljupco Kocarev,et al.  Theory and practice of chaotic cryptography , 2007 .

[37]  Hossam S. Hassanein,et al.  A Survey of Security Attacks in Information-Centric Networking , 2015, IEEE Communications Surveys & Tutorials.

[38]  Raphaël Couturier,et al.  Lightweight Stream Cipher Scheme for Resource-Constrained IoT Devices , 2019, 2019 International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[39]  Amir Akhavan,et al.  A novel parallel hash function based on 3D chaotic map , 2013, EURASIP Journal on Advances in Signal Processing.

[40]  Jonathan Loo,et al.  Recent Advances in Information-Centric Networking-Based Internet of Things (ICN-IoT) , 2017, IEEE Internet of Things Journal.

[41]  Brian A. Carter,et al.  Advanced Encryption Standard , 2007 .

[42]  Henk C. A. van Tilborg,et al.  Encyclopedia of Cryptography and Security, 2nd Ed , 2005 .

[43]  Ahmed A. Abd El-Latif,et al.  Chaos-based hash function (CBHF) for cryptographic applications , 2009 .

[44]  Ali Chehab,et al.  One round cipher algorithm for multimedia IoT devices , 2018, Multimedia Tools and Applications.