Integrating authentication among IoT Devices having Perfect Forward Secrecy

Khan, Md. Rahat Anwar; Zakaria, H.M.

dc.contributor.author	Khan, Md. Rahat Anwar
dc.contributor.author	Zakaria, H.M.
dc.date.accessioned	2020-10-28T09:45:05Z
dc.date.available	2020-10-28T09:45:05Z
dc.date.issued	2019-11-15
dc.identifier.citation	[1] Abdullah-Al-Tariq et al. "Forward-Secrecy and Group Membership Verification using Behavioral Patterns of Heterogeneous IoT Devices.", Masters Thesis work, Department of Computer Science & Engineering, Islamic University of Technology [2] A. Mosenia and N. K. Jha, ―A comprehensive study of security of internet-of-things,‖ IEEE Transactions on Emerging Topics in Computing, vol. 5, pp. 586–602, Oct.-Dec. 2017. [3] CISCO, The Internet of Things reference model, 2014. Available at http://cdn.iotwf.com/resources/71/IoT_Reference_Model_White_Paper_June_4_2014.pdf. [4] S. H. J. Schmidhuber, ―Long short-term memory,‖ Neural Computation, vol. 9, pp. 1735–1780, Nov. 1997. [5] A. Al-Tariq, A. R. M. Kamal, et al., ―A scalable framework for protecting user identity and access pattern in untrusted web server using forward secrecy, public key encryption and bloom filter,‖ Concurrency and Computation: Practice and Experience, vol. 29, no. 23, 2017. [6] D. M. Mendez, I. Papapanagiotou, and B. Yang, ―Internet of things: Survey on security and privacy,‖ arXiv preprint arXiv: 1707.01879, 2017. [7] A. Brandt and J. Buron, Home automation routing requirements in low-power and lossy networks. [Online] Available: https://tools.ietf.org/html/rfc5826 [8] P. Dusart and S. Traor´e, ―Lightweight authentication protocol for low-cost rfid tags,‖ in IFIP International Workshop on Information Security Theory and Practices, pp. 129–144, Springer, 2013. [9] S. Satpathy, S. Mathew, V. Suresh and R. Krishnamurthy, "Ultra-low energy security circuits for IoT applications," 2016 IEEE 34th International Conference on Computer Design (ICCD), Scottsdale, AZ, 2016, pp. 682-685. 45 \| P a g e [10] M. Ye, N. Jiang, H. Yang and Q. Yan, "Security analysis of Internet-of-Things: A case study of august smart lock," 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Atlanta, GA, 2017, pp. 499-504. [11] Maes R. (2013), ―Physically Unclonable Functions: Properties‖, Springer, Berlin, Heidelberg. [12] Roel Maes, ―PUF-Based Key Generation‖. Chapter 6, Physically Unclonable Functions: Constructions, Properties and Applications, 2012. [13] M. Al-Haidary and Q. Nasir, "Physically Unclonable Functions (PUFs): A Systematic Literature Review," 2019 Advances in Science and Engineering Technology International Conferences (ASET), Dubai, United Arab Emirates, 2019, pp. 1-6. [14] Maes R., Van Herrewege A., Verbauwhede I. (2012) PUFKY: A Fully Functional PUF-Based Cryptographic Key Generator. In: Prouff E., Schaumont P. (eds) Cryptographic Hardware and Embedded Systems – CHES 2012. CHES 2012. Lecture Notes in Computer Science, vol 7428. Springer, Berlin, Heidelberg [15] Paral, Zdenek & Devadas, Srinivas. (2011). Reliable and efficient PUF-based key generation using pattern matching. 2011 IEEE International Symposium on Hardware-Oriented Security and Trust, HOST 2011. 128-133. 10.1109/HST.2011.5955010. [16] J. Delvaux, D. Gu, D. Schellekens and I. Verbauwhede, "Helper Data Algorithms for PUF-Based Key Generation: Overview and Analysis," in IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 34, no. 6, pp. 889-902, June 2015. [17] C. Labrado and H. Thapliyal, "Design of a Piezoelectric-Based Physically Unclonable Function for IoT Security," in IEEE Internet of Things Journal, vol. 6, no. 2, pp. 2770-2777, April 2019. [18] A. R. Korenda, F. Afghah, B. Cambou and C. Philabaum, "A Proof of Concept SRAM-based Physically Unclonable Function (PUF) Key Generation Mechanism 46 \| P a g e for IoT Devices," 2019 16th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON), Boston, MA, USA, 2019, pp. 1-8. [19] A. Mohsen Nia, S. Sur-Kolay, A. Raghunathan and N. K. Jha, "Physiological Information Leakage: A New Frontier in Health Information Security," in IEEE Transactions on Emerging Topics in Computing, vol. 4, no. 3, pp. 321-334, July-Sept. 2016. [20] D. Thatmann, S. Zickau, A. Förster and A. Küpper, "Applying Attribute-Based Encryption on Publish Subscribe Messaging Patterns for the Internet of Things," 2015 IEEE International Conference on Data Science and Data Intensive Systems, Sydney, NSW, 2015, pp. 556-563. [21] U. Guin, P. Cui and A. Skjellum, "Ensuring Proof-of-Authenticity of IoT Edge Devices Using Blockchain Technology," 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Halifax, NS, Canada, 2018, pp. 1042-1049. [22] Kirkpatrick, Michael S., Elisa Bertino and Sam Kerr. ―PUF ROKs: generating read-once keys from physically unclonable functions.‖ CSIIRW (2010). [23] M. Dammak, O. R. M. Boudia, M. A. Messous, S. M. Senouci and C. Gransart, "Token-Based Lightweight Authentication to Secure IoT Networks," 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 2019, pp. 1-4. [24] G. E. Suh and S. Devadas, "Physical Unclonable Functions for Device Authentication and Secret Key Generation," 2007 44th ACM/IEEE Design Automation Conference, San Diego, CA, 2007, pp. 9-14. [25] M. Barbareschi, P. Bagnasco and A. Mazzeo, "Authenticating IoT Devices with Physically Unclonable Functions Models," 2015 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), Krakow, 2015, pp. 563-567.	en_US
dc.identifier.uri	http://hdl.handle.net/123456789/616
dc.description	Supervised by Mr. Md. Sakhawat Hossen Assistant Professor Department of Computer Science & Engineering Islamic University of Technology	en_US
dc.description.abstract	Internet of Things (IoT), also referred to as the Internet of Objects, is envisioned as a transformative approach for providing numerous services. Compact smart devices constitute an essential part of IoT. They range widely in use, size, energy capacity, and computation power. However, the integration of these smart things into the standard Internet introduces several security challenges because the majority of Internet technologies and communication protocols were not designed to support IoT. Moreover, commercialization of IoT has led to public security concerns, including personal privacy issues, threat of cyberattacks, and organized crime. Security measurements must be taken into serious consideration for the IoT Infrastructure to prevent all kinds of nuisance. Most of the encryption protocols of IoT devices depend on long term secret .It is a major concern for the IOT infrastructure because somehow if the long term secret is compromised, then the intruder can easily decrypt session data. To avoid this adversity, perfect forward secrecy along with private key can make the encryption protocol much more strong. Then even after attaining perfect forward secrecy, the devices are not safe because of no authentication measure. Due to the absence of authentication step the devices can be cloned and replaced inside the infrastructure without admin’s knowledge. So to mitigate this calamity we have tried to integrate an authentication extension inside an existing secret key communication protocol among IoT devices.	en_US
dc.language.iso	en	en_US
dc.publisher	Department of Computer Science and Engineering, Islamic University of Technology, Gazipur, Bangladesh	en_US
dc.title	Integrating authentication among IoT Devices having Perfect Forward Secrecy	en_US
dc.type	Thesis	en_US