A lightweight signcryption scheme for defense against fragment duplication attack in the 6LoWPAN networks

The Internet of Things (IoT) presents a new paradigm of the future Internet that intends to provide interactive communication between various processing objects via heterogeneous networks. The IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) is an IPv6 adaptation sub-layer and provides the requirements of IP connectivity between resource-constrained devices in lossy, low power networks. Since the size of a packet in the IPv6 is larger than the size of a frame in the IEEE 802.15.4, the 6LoWPAN adaptation layer performs packet fragmentation. In this paper, first, the 6LoWPAN fragmentation mechanism in terms of security issues is analyzed and then, fragment duplication attack which an attacker can selectively disrupt the reassembly of fragments of a particular packet at a receiver node is identified. Next, signcryption, which is a high performance cryptographic primitive, is discussed. Finally, a lightweight Offline-Online SignCryption (OOSC) scheme is proposed to counter fragment duplication attack. The evaluation shows that the proposed scheme is secure in the random oracle model and in terms of computational cost, and energy consumption efficiently counters with this attack.

[1]  Kyung-Ah Shim,et al.  EIBAS: An efficient identity-based broadcast authentication scheme in wireless sensor networks , 2013, Ad Hoc Networks.

[2]  Yi Mu,et al.  Identity-Based On-Line/Off-Line Signcryption , 2008, 2008 IFIP International Conference on Network and Parallel Computing.

[3]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[4]  Tal Rabin,et al.  On the Security of Joint Signature and Encryption , 2002, EUROCRYPT.

[5]  Paulo S. L. M. Barreto,et al.  Efficient and Provably-Secure Identity-Based Signatures and Signcryption from Bilinear Maps , 2005, ASIACRYPT.

[6]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[7]  Kyung-Ah Shim,et al.  ${\cal CPAS}$: An Efficient Conditional Privacy-Preserving Authentication Scheme for Vehicular Sensor Networks , 2012, IEEE Transactions on Vehicular Technology.

[8]  Naveen K. Chilamkurti,et al.  On the security of a certificateless online/offline signcryption for Internet of Things , 2014, Peer-to-Peer Networking and Applications.

[9]  Jung Hee Cheon,et al.  An Identity-Based Signature from Gap Diffie-Hellman Groups , 2003, Public Key Cryptography.

[10]  Thomas Henry Ptacek,et al.  Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection , 1998 .

[11]  Jacques Stern,et al.  Security Arguments for Digital Signatures and Blind Signatures , 2015, Journal of Cryptology.

[12]  Luther Martin,et al.  Introduction to Identity-Based Encryption , 2008 .

[13]  Chunhua Jin,et al.  Certificateless online/offline signcryption for the Internet of Things , 2015, Wireless Networks.

[14]  D. Robinson A Course in the Theory of Groups , 1982 .

[15]  Rodrigo Roman,et al.  On the features and challenges of security and privacy in distributed internet of things , 2013, Comput. Networks.

[16]  Chih-Chun Chang,et al.  Measurement of Energy Costs of Security in Wireless Sensor Nodes , 2007, 2007 16th International Conference on Computer Communications and Networks.

[17]  Hanno Wirtz,et al.  6LoWPAN fragmentation attacks and mitigation mechanisms , 2013, WiSec '13.

[18]  Fagen Li,et al.  Practical Secure Communication for Integrating Wireless Sensor Networks Into the Internet of Things , 2013, IEEE Sensors Journal.

[19]  Kyung-Ah Shim,et al.  S2DRP: Secure implementations of distributed reprogramming protocol for wireless sensor networks , 2014, Ad Hoc Networks.

[20]  Xavier Boyen,et al.  Multipurpose Identity-Based Signcryption (A Swiss Army Knife for Identity-Based Cryptography) , 2003, CRYPTO.

[21]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[22]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[23]  Peilin Hong,et al.  Distributed access control with adaptive privacy preserving property for wireless sensor networks , 2014, Secur. Commun. Networks.

[24]  Zinaida Benenson,et al.  Tampering with Motes: Real-World Physical Attacks on Wireless Sensor Networks , 2006, SPC.

[25]  Yuliang Zheng,et al.  Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption) , 1997, CRYPTO.

[26]  Bin Zhao,et al.  IMBAS: Identity-based multi-user broadcast authentication in wireless sensor networks , 2008, Comput. Commun..

[27]  Ivan Martinovic,et al.  Short paper: reactive jamming in wireless networks: how realistic is the threat? , 2011, WiSec '11.

[28]  Jianfeng Xu,et al.  A security communication model based on certificateless online/offline signcryption for Internet of Things , 2014, Secur. Commun. Networks.

[29]  Jingjing Zhao,et al.  Certificateless online/offline signcryption scheme , 2015, Secur. Commun. Networks.

[30]  Chunhua Jin,et al.  Secure and efficient data transmission in the Internet of Things , 2015, Telecommunication Systems.

[31]  Ilango Paramasivam,et al.  Secure authentication and integrity techniques for randomized secured routing in WSN , 2015, Wirel. Networks.

[32]  Guanzhong Dai,et al.  An Efficient Online/Offline Signcryption Scheme for MANET , 2007, 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07).

[33]  HyunGon Kim,et al.  Protection Against Packet Fragmentation Attacks at 6LoWPAN Adaptation Layer , 2008, 2008 International Conference on Convergence and Hybrid Information Technology.

[34]  Klaus Wehrle,et al.  Security Challenges in the IP-based Internet of Things , 2011, Wirel. Pers. Commun..

[35]  Fagen Li,et al.  Identity-based online/offline signcryption for low power devices , 2012, J. Netw. Comput. Appl..

[36]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[37]  Xiaofeng Chen,et al.  Efficient online/offline signcryption without key exposure , 2013, Int. J. Grid Util. Comput..

[38]  Dong Hoon Lee,et al.  Efficient Privacy-Preserving Authentication in Wireless Mobile Networks , 2014, IEEE Transactions on Mobile Computing.

[39]  Jean-Jacques Quisquater,et al.  A new identity based signcryption scheme from pairings , 2003, Proceedings 2003 IEEE Information Theory Workshop (Cat. No.03EX674).

[40]  Athanasios V. Vasilakos,et al.  Future Internet of Things: open issues and challenges , 2014, Wireless Networks.

[41]  Athanasios V. Vasilakos,et al.  Security of the Internet of Things: perspectives and challenges , 2014, Wireless Networks.