A Distributed Approach for Secure M2M Communications

2017

A key establishment solution for heterogeneous Machine to Machine (M2M) communications is proposed. Decentralization in M2M environment leads to situations where highly resource-constrained nodes have to establish end-to-end secured contexts with powerful remote servers, which would normally be impossible because of the technological gap between these classes of devices. This paper proposes a novel collaborative session key exchange method, wherein a highly resourceconstrained node obtains assistance from its more powerful neighbors when handling costly cryptographic operations. Formal security analysis and performance evaluation of this method are provided; they confirm the safety and efficiency of the proposed solution. M2M; key establishment; resource constraints; energy efficiency; formal security analysis; AVISPA

Computer Standards & Interfaces, 2016

M2M (Machine-to-Machine) communication for the Internet of Things (IoTs) system is considered to be one of the major issues in future networks. Considering the characteristics of M2M networks in IoTs systems, traditional security solutions are not able to be applied to E2E (End-to-End) M2M networks because the M2M network itself is vulnerable to various attacks. We consider security aspects for M2M communications and then propose a security gateway application (SGA) including the lightweight symmetric key cryptographic negotiation function, secure E2E M2M key exchange generation function and secure E2E M2M messages delivery function. The proposal of the SGA is newly suggested to improve the gateway application (GA) of the ITU-T M2M service layer in the IoTs reference model. We prove that it could prevent various attacks via the theoretical security analyses. Therefore, it could meet the basic security requirements of the M2M service layer.

IEEE Vehicular Technology Magazine, 2009

achine-to-machine (M2M) communication is viewed as one of the next frontiers in wireless communications. Freed from the traditional constraint of wireless devices that require manning or human intervention, communication using M2M equipment (M2ME) is expected to open up exciting new use cases, services, and applications, with benefits for the general masses and market opportunities for various stakeholders such as manufacturers of M2ME and components, service providers, and communication network operators. Considering the large number of M2MEs expected to be deployed in highly distributed networks and because of the requirements for low-cost devices and implementations, global enforcement of security will not be practical. As the conventional centralized IT network security model, protected by a firewall, becomes challenged by the need for a dispersed model, decentralized methods for establishing security are being explored. The growing

Computer Networks, 2014

This work addresses new security issues in the Internet of Things (IoT). The heterogeneous nature of IoT communications and imbalance in resource capabilities between IoT entities make it challenging to provide the required end-to-end secured connections. Clarifying how existing security protocols can be adapted to fulfill these new challenges still has to be improved. A direct use of existing key exchange schemes between two IoT entities may be unfeasible unless both entities be able to run the resource consuming cryptographic primitives required to bootstrap them -thus leaving aside a whole class of resource-constrained devices. In this paper, we revisit existing end-to-end security standards and key establishment schemes and discuss their limitations considering the specific scenarios of the IoT. Later, we propose novel collaborative approaches for key establishment designed to reduce the requirements of these existing security protocols. A constrained device may delegate its heavy cryptographic load to less constrained nodes in neighborhood exploiting the spatial heterogeneity of IoT environment. We demonstrate through a performance analysis that our collaborative key establishment solution allows for a reduction in energy consumption at the constrained device by up to 80% in comparison with existing key establishment schemes.

International Journal of Communication Systems, 2020

SummaryInternet of Things (IoT) is a newly emerged paradigm where multiple embedded devices, known as things, are connected via the Internet to collect, share, and analyze data from the environment. In order to overcome the limited storage and processing capacity constraint of IoT devices, it is now possible to integrate them with cloud servers as large resource pools. Such integration, though bringing applicability of IoT in many domains, raises concerns regarding the authentication of these devices while establishing secure communications to cloud servers. Recently, Kumari et al proposed an authentication scheme based on elliptic curve cryptography (ECC) for IoT and cloud servers and claimed that it satisfies all security requirements and is secure against various attacks. In this paper, we first prove that the scheme of Kumari et al is susceptible to various attacks, including the replay attack and stolen‐verifier attack. We then propose a lightweight authentication protocol for ...

Telecommunication Systems, 2018

Embedded Machine-to-Machine (M2M) is one of the hottest research topics in recent industrial Internet of Things. In order to serve the communication to effectively transfer data and messages between machines, the system must incorporate a file transfer protocol, known as Trivial File Transfer Protocol (TFTP). However, the main constraint is lack of security mechanism during TFTP Client-Server communication whereby its reliability is questionable as the protocol does not support any authentication or encryption methods, also provide no access control and zero protection from Man-In-The-Middle. Hence, in order to enhance the protocol security, hybrid security approach combining Diffie Hellman Key Exchange (DHKE) scheme and Advanced Encryption Standard symmetric encryption algorithm are proposed to be integrated into TFTP packet header. In this work, we present a performance comparison of three different protocols: the original TFTP protocol, TFTP protocol with single security extension, and our proposed TFTP protocol integrated with hybrid security approach to analyse the effectiveness of the method. The finding demonstrates that our proposed secure TFTP protocol generates comparable execution time as when implementing single encryption option, also more reliable to be used in the commercial system especially for low-cost M2M embedded infrastructure.

2019 16th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC)

Machine to machine (M2M) communication, which is also known as machine type communication (MTC), is one of the fascinating parts of mobile communication technology and also an important practical application of the Internet of Things. The main objective of this type of communication is handling massive heterogeneous devices with low network overheads and high security guarantees. Hence, various protocols and schemes were proposed to achieve security requirements in M2M communication and reduce computational and communication costs. In this paper, we propose the group-based secure, lightweight handover authentication (GSLHA) protocol for M2M communication in LTE and future 5G networks. The proposed protocol mutually authenticates a group of MTC devices (MTCDs) and a new eNodeB (eNB) when these simultaneously enter the coverage of the eNB with considering all the cellular network requirements. The security analysis and formal verification by using the AVISPA tool show that the proposed protocol has been able to achieve all the security goals and overcome various attacks. In addition, the comparative performance analysis of the handover authentication protocols shows that the proposed GSLHA protocol has the best computational and communication overheads.

Wirel. Pers. Commun., 2021

The fast evolution in microelectronics and the emergence of wireless communication technologies, have allowed the appearance of the promising field of Internet of Things (IoT). The latter is more and more present in the human life, that is why it becomes essential to secure the communications done with the connected objects. Almost all communicating systems attach great importance to security, consequently, on the cryptographic key management. The existing key management schemes for conventional networks are relatively resource-intensive, that is why they are not adequate for resource-constrained networks like IoT, especially since the nodes’ capabilities are heterogeneous. In this paper, we focus on exchanging and updating of cryptographic keys among the IoT objects often limited in resources, where we propose a new form of key exchange based on the mechanism of concealing encryption keys, while exploiting the misused spaces in the header fields of the exchanged packets by the comm...

Information security has been one of the most important aspects in today’s technology driven world. By encrypting information we can secure information from unauthorized access, even in case where use has information he/she can not make out meaning of message unless they have a key to decrypt information. We review different techniques to exchange keys between different computers and try to find best suitable technique for mobile computers which have limited processing power and battery capacity while efficiently working on wireless network.

International Journal of Distributed Sensor Networks

One of the main challenges for the development of the Internet of Things is the authentication of large numbers of devices/sensors, commonly served by massive machine-type communications, which jointly with long-term evolution has been considered one of the main foundations for the continued growth of Internet of Things connectivity and an important issue to be treated in the development of 5G networks. This article describes some protocols for the group-based authentication of devices/sensors in Internet of Things and presents a new group authentication protocol based on Shamir's secret and Lagrange interpolation formula. The new protocol protects privacy, avoids unauthorized access to information, and assists in the prevention of attacks, as replay, distributed denial of service, and man-in-the-middle. A security analysis and comparisons among the 3GPP evolved packet system authentication and key agreement standard protocol and other recent group authentication protocols were performed toward proving the efficiency of the proposed protocol. The comparisons regard security properties and computational and communication costs. The safety of the protocol was formally verified through simulations conducted by automated validation of internet security protocols and applications.