Lightweight Sensor Authentication Scheme for Energy Efficiency in Ubiquitous Computing Environments
Abstract
:1. Introduction
2. Related Work
2.1. Internet of Things
2.2. Smart Dust
2.3. Previous Sensor Technologies
2.3.1. Blundo Scheme
2.3.2. Blom Scheme
2.3.3. PCGR
2.3.4. SLIMCAST
2.4. Previous Crypto Technology
3. Proposed Scheme
3.1. Initial Authentication Process
- Step 1.
- The smart node that received an advertisement message generates M0 and H0 for self-verification and sends them to the gateway.
- Step 2.
- The gateway that received M0 and H0 generates M1 and H1 and sends them to the CA manufacturer.
- Step 3.
- The CA that received information from the gateway obtains two random numbers through decoding and verifies H0 and H1 through searched PW. It generates M2 and M3 and sends them to the gateway.
- Step 4.
- The gateway that received M2 and M2 gains R1 from decoding M3 and checks for any error in the received value through a hash function. It saves 3 × n-bit information generated by two random numbers for verification and then sends M2 to the smart node.
- Step 5.
- The smart node that received M2 gains R2 and verifies the sent value through a hash function. If the verification is finished, the node saves 3 × n-bit information, as above.
- Step 6.
- The smart node generates random number C1 to perform the verification step and sends it by bit. At this point, the time check for preventing relay attacks begins.
- Step 7.
- The gateway that received bits from the smart node sends the ith bit of R0 if C1 = 0 in response, and sends the ith bit of R1 to the smart node if the response is 1.
- Step 8.
- The smart node generates Ricn based on the c sent to the gateway and compares it to Ricn, which is the gathered value of the cluster head’s response to verify whether the data was sent from the correct node. After “time off,” it guesses the distance through time measurement and stops communication if this is greater than a specified time.
- Step 9.
- The smart node that verified the gateway sends the received Ricn values using the f() function to the gateway.
- Step 10.
- The smart node that received a certification value from the gateway generates a certification value in same way and compares it to the value received from the cluster head to verify the smart node.
- Step 11.
- The smart node and the gateway generate a session key using the left n bit and a random number from the 3 × n-bits and ends the verification.
3.2. Smart Device Registration
- Step 1.
- A user who tries to control the smart node through a smart device generates a random number and M4 and Hs, and then sends M4, IDsd, Hs, and TS to the gateway.
- Step 2.
- The gateway that received this decodes M4 and verifies Hs. After that, it searches the session key with the smart nodes and sends the encrypted Rs and IDs.
- Step 3.
- The smart node generates session keys through Rs; after it generates R3, it sends the encrypted session key with the gateway. The gateway sends them through the key with the smart node after decoding.
- Step 4.
- The smart device generates a session key with two random numbers and ends the procedure after verifying them through the certification value that uses the smart node and serial number.
3.3. Smart Device Key Updating Process
- Step 1.
- After completing certification sensor group formation and session key distribution, the sensor node carries out the group key distribution and renewal process as follows. Using the polynomial distribution of PCGR, it makes MN do most of the calculation, distributes pieces of the specific value through the f(y) function, and verifies whether the node is contaminated or needs to be withdrawn.
- Step 2.
- The group’s representative node, MN, defines and generates polynomials g(x) and f(y) for group distribution and node verification. After that, it generates verification values S and Dn. Next, it generates P1 for transmitting to nodes and deletes g(x) and e(x) to prevent them from being exposed by an attacker.
- Step 3.
- The sensor node that received P1 decodes this, and obtains the group key and secret piece. It then informs MN that the group key was successfully received.
- Step 4.
- After a certain period of time, MN transmits a message for updating the group key to the nodes within the group. Nodes that receive the key-update message send MN an encrypted secret piece with the session key in response, and MN checks the validity of the received value through a Lagrangian polynomial and sends a “success” message. If the value differs, it informs specific nodes of contamination.
- Step 5.
- Nodes that received the message from MN send nodes around Pn for updating the key through Equation (2):
- Step 6.
- After the key is updated, it finishes the verification process with nodes through the group key. The whole process of Smart Device Key Updating is shown in Figure 6.
4. Performance Evaluation
4.1. Securiy Analysis
4.1.1. Mutual Authentication
4.1.2. Replay and Relay Attacks
4.1.3. Message Manipulation Attacks
4.1.4. Snooping
4.1.5. Spoofing
4.1.6. Side Channel Attack
4.1.7. Forward Security and Error Detection
4.2. Overhead Analysys
4.3. Analysis of Energy Eefficiency
5. Conclusions
Acknowledgments
Author Contributions
Conflicts of Interest
Abbreviations
IoT | Internet of Things |
WSN | Wireless Sensor Network |
USN | Ubiquitous Sensor Network |
M2M | Machine to Machine |
IoE | Internet of Everything |
CPS | Cyber Physical Systems |
LWIG | Light-Weight Implementation Guidance |
IETF | Internet Engineering Task Force |
LLN | Low Power Lossy Network |
CoAP | Constrained Application Protocol |
DTLS | Datagram Transport Layer Security |
ECC | Elliptic Curve Cryptosystem |
ECM | Elliptic Curve Method |
References
- Gubbi, J.; Buyya, R.; Marusic, S.; Palaniswami, M. Internet of Things (IoT): A vision, architectural elements, and future directions. Future Gener. Comput. Syst. 2013, 29, 1645–1660. [Google Scholar] [CrossRef]
- Jun, Z.; Simplot-Ryl, D.; Bisdikian, C.; Mouftah, H.T. The internet of things. IEEE Commun. Mag. 2011, 49, 30–31. [Google Scholar]
- Qian, Z.; Wang, Y. IoT technology and application. Acta Electron. Sin. 2012, 40, 1023–1028. [Google Scholar]
- Peng, K. A secure network for mobile wireless service. J. Inf. Process. Syst. 2013, 9, 247–258. [Google Scholar] [CrossRef]
- Kim, H.W.; Kim, D.K. IoT technology and security. Korea Inst. Inf. Secur. Cryptol. 2012, 22, 7–13. [Google Scholar]
- Chang, C.C.; Le, H.D. A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Trans. Wirel. Commun. 2016, 15, 357–366. [Google Scholar] [CrossRef]
- Bayram, I.S.; Papapanagiotou, I. A survey on communication technologies and requirements for internet of electric vehicles. EURASIP J. Wirel. Commun. Netw. 2014, 2014, 223. [Google Scholar] [CrossRef]
- Cheng, H.; Su, Z.; Xiong, N.; Xiao, Y. Energy-efficient node scheduling algorithms for wireless sensor networks using Markov Random Field model. Inf. Sci. 2016, 329, 461–477. [Google Scholar] [CrossRef]
- Zhang, H.; Zhu, L. Internet of Things: Key technology, architecture and challenging problems. In Proceedings of the 2011 IEEE International Conference on Computer Science and Automation Engineering (CSAE), Shanghai, China, 10–12 June 2011; Volume 4, pp. 507–512.
- Ko, J.; Hong, S.; Lee, B.B.; Kim, N.S. Trends of converging smart devices with IoT technology. Electron. Telecommun. Trends 2013, 28, 79–85. [Google Scholar]
- Ishaq, I.; Carels, D.; Teklemariam, G.K.; Hoebeke, J.; Abeele, F.V.D.; Poorter, E.D.; Demeester, P. IETF standardization in the field of the internet of things (IoT): A survey. J. Sens. Actuator Netw. 2013, 2, 235–287. [Google Scholar] [CrossRef] [Green Version]
- Molisch, A.F.; Balakrishnan, K.; Chong, C.C.; Emami, S.; Fort, A.; Karedal, J.; Siwiak, K. IEEE 802.15. 4a Channel Model-Final Report. Available online: http://www.ieee802.org/15/pub/04/15-04-0662-02-004a-channel-model-final-report-r1.pdf (accessed on 1 September 2016).
- Bormann, C.; Castellani, A.P.; Shelby, Z. Coap: An application protocol for billions of tiny internet nodes. IEEE Internet Comput. 2012, 16, 62. [Google Scholar] [CrossRef]
- Kovatsch, M.; Duquennoy, S.; Dunkels, A. A low-power CoAP for Contiki. In Proceedings of the 2011 IEEE Eighth International Conference on Mobile Ad-Hoc and Sensor Systems, Valencia, Spain, 17–22 October 2011; pp. 855–860.
- Raza, S.; Trabalza, D.; Voigt, T. 6LoWPAN compressed DTLS for CoAP. In Proceedings of the 2012 IEEE 8th International Conference on Distributed Computing in Sensor Systems, Hangzhou, China, 18–20 May 2012; pp. 287–289.
- Kothmayr, T.; Schmitt, C.; Hu, W.; Brünig, M.; Carle, G. A DTLS based end-to-end security architecture for the Internet of Things with two-way authentication. In Proceedings of the 2012 IEEE 37th Conference on Local Computer Networks Workshops (LCN Workshops), Clearwater, FL, USA, 22–25 October 2012; pp. 956–963.
- Bandyopadhyay, S.; Bhattacharyya, A. Lightweight Internet protocols for web enablement of sensors using constrained gateway devices. In Proceedings of the IEEE 2013 International Conference on Computing, Networking and Communications (ICNC), San Diego, CA, USA, 28–31 January 2013; pp. 334–340.
- Kahn, J.M.; Katz, R.H.; Pister, K.S. Next century challenges: Mobile networking for “Smart Dust”. In Proceedings of the 5th Annual ACM/IEEE International Conference on Mobile Computing and Networking, Seattle, WA, USA, 15–19 August 1999; pp. 271–278.
- Vermesan, O.; Friess, P. Internet of Things-Global Technological and Societal Trends from Smart Environments and Spaces to Green ICT; River Publishers: Delft, The Netherlands, 2011. [Google Scholar]
- Warneke, B.; Last, M.; Liebowitz, B.; Pister, K.S. Smart dust: Communicating with a cubic-millimeter computer. Computer 2011, 34, 44–51. [Google Scholar] [CrossRef]
- Madakam, S. Internet of Things: Smart Things. Int. J. Future Comput. Commun. 2015, 4, 250. [Google Scholar] [CrossRef]
- Chi, Q.; Yan, H.; Zhang, C.; Pang, Z.; Da Xu, L. A reconfigurable smart sensor interface for industrial WSN in IoT environment. IEEE Trans. Ind. Inf. 2014, 10, 1417–1425. [Google Scholar]
- Perera, C.; Zaslavsky, A.; Christen, P.; Georgakopoulos, D. Sensing as a service model for smart cities supported by internet of things. Trans. Emerg. Telecommun. Technol. 2014, 25, 81–93. [Google Scholar] [CrossRef]
- Blundo, C.; De Santis, A.; Herzberg, A.; Kutten, S.; Vaccaro, U.; Yung, M. Perfectly secure key distribution for dynamic conferences. Inf. Comput. 1998, 146, 1–23. [Google Scholar] [CrossRef]
- Blom, R. An optimal class of symmetric key generation systems. In Workshop on the Theory and Application of Cryptographic Techniques; Springer: Berlin/Heidelberg, Germany, 1984; pp. 335–338. [Google Scholar]
- Zhang, W.; Zhu, S.; Cao, G. Predistribution and local collaboration-based group rekeying for wireless sensor networks. Ad Hoc Netw. 2009, 7, 1229–1242. [Google Scholar] [CrossRef]
- Huang, J.H.; Buckingham, J.; Han, R. A Level Key Infrastructure for Secure and Efficient Group Communication in Wireless Sensor Network. In Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks, Berlin, Germany, 30 May–1 June 2005; pp. 249–260.
- Barrett, P. Implementing the Rivest Shamir and Adleman public key encryption algorithm on a standard digital signal processor. In Conference on the Theory and Application of Cryptographic Techniques; Springer: Berlin/Heidelberg, Germany, 1986; pp. 311–323. [Google Scholar]
- Koblitz, N. Elliptic curve cryptosystems. Math. Comput. 1987, 48, 203–209. [Google Scholar] [CrossRef]
- Liang, X.Q.; Da Xing, L.I. Elliptic Curve Cryptosystems. Available online: http://en.cnki.com.cn/Article_en/CJFDTOTAL-JFYZ199911000.htm (accessed on 1 September 2016).
- Saeki, M. Elliptic Curve Cryptosystems. Ph.D. Thesis, McGill University, Montreal, QC, Canada, 1997. [Google Scholar]
- Neuman, B.C.; Ts’o, T. Kerberos: An authentication service for computer networks. IEEE Commun. Mag. 1994, 32, 33–38. [Google Scholar] [CrossRef]
- Downnard, I. Public-key cryptography extensions into Kerberos. IEEE Potentials 2002, 21, 30–34. [Google Scholar] [CrossRef]
- Elgamal, T.; Hickman, K.E. Secure Socket Layer Application Program Apparatus and Method. U.S. Patent 5,657,390, 12 August 1997. [Google Scholar]
- Boneh, D. The decision diffie-hellman problem. In International Algorithmic Number Theory Symposium; Springer: Berlin/Heidelberg, Germany, 1998; pp. 48–63. [Google Scholar]
- Kocher, P.C. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In Annual International Cryptology Conference; Springer: Berlin/Heidelberg, Germany, 1996; pp. 104–113. [Google Scholar]
- Heinzelman, W.R.; Chandrakasan, A.; Balakrishnan, H. Energy-efficient communication protocol for wireless microsensor networks. In Proceedings of the 33rd Annual Hawaii International Conference on System Sciences, Maui, HI, USA, 4–7 January 2000.
- Lee, J.S.; Lee, A.; Jun, M.S. Sensor Authentication and Key Exchange Protocol for Energy Efficiency in Sensor Network Environment. In Proceedings of the 2016 World Congress on Information Technology Applications and Services, Jeju, Korea, 17 February 2016.
- Qin, D.; Jia, S.; Yang, S.; Wang, E.; Ding, Q. A Lightweight Authentication and Key Management Scheme for Wireless Sensor Networks. J. Sens. 2016. [Google Scholar] [CrossRef]
- Hayajneh, T.; Mohd, B.J.; Imran, M.; Almashaqbeh, G.; Vasilakos, A.V. Secure Authentication for Remote Patient Monitoring with Wireless Medical Sensor Networks. Sensors 2016, 16, 424. [Google Scholar] [CrossRef] [PubMed]
Notation | Meaning |
---|---|
Nv, Np | Nonce |
MN | Middle Node |
CA | Certificate Authority |
ID | Node ID |
Cid | Middle Node ID |
Ri°, Ri1, Ri2 | 3n Bit Divided Value |
Sk | Session Key |
Nk | f() Function Shared Key |
Ni | After distance bounding remaining bits |
Ci | Random bit |
g(x) | Group Key Polynomial |
e(x, y) | Group Key Encryption Polynomial |
g’(x) | Encrypted Polynomial to e(x, y) |
E(), D() | Encryption, Decryption |
Initial Set Value for Simulation | |
---|---|
Number of sensor node | 10~200 |
Placement area of the sensor | 20 m × 20 m |
Position of the gateway | x = 25 m, y = 10 m |
Node initial energy | 1.0 |
ETX, ERX | 25 nanoJ |
Eamp | 50 picoJ |
EDC | 5 nanoJ |
Packet size | 2500 bit |
Compressibility | 0.05 |
© 2016 by the authors; licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC-BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Lee, J.; Sung, Y.; Park, J.H. Lightweight Sensor Authentication Scheme for Energy Efficiency in Ubiquitous Computing Environments. Sensors 2016, 16, 2044. https://doi.org/10.3390/s16122044
Lee J, Sung Y, Park JH. Lightweight Sensor Authentication Scheme for Energy Efficiency in Ubiquitous Computing Environments. Sensors. 2016; 16(12):2044. https://doi.org/10.3390/s16122044
Chicago/Turabian StyleLee, Jaeseung, Yunsick Sung, and Jong Hyuk Park. 2016. "Lightweight Sensor Authentication Scheme for Energy Efficiency in Ubiquitous Computing Environments" Sensors 16, no. 12: 2044. https://doi.org/10.3390/s16122044
APA StyleLee, J., Sung, Y., & Park, J. H. (2016). Lightweight Sensor Authentication Scheme for Energy Efficiency in Ubiquitous Computing Environments. Sensors, 16(12), 2044. https://doi.org/10.3390/s16122044