Comparison of Authentication Methods in Internet of Things Technology
Authors: Hafizah Che Hasan, Fateen Nazwa Yusof, Maslina Daud
Abstract:
Internet of Things (IoT) is a powerful industry system, which end-devices are interconnected and automated, allowing the devices to analyze data and execute actions based on the analysis. The IoT technology leverages the technology of Radio-Frequency Identification (RFID) and Wireless Sensor Network (WSN), including mobile and sensor. These technologies contribute to the evolution of IoT. However, due to more devices are connected each other in the Internet, and data from various sources exchanged between things, confidentiality of the data becomes a major concern. This paper focuses on one of the major challenges in IoT; authentication, in order to preserve data integrity and confidentiality are in place. A few solutions are reviewed based on papers from the last few years. One of the proposed solutions is securing the communication between IoT devices and cloud servers with Elliptic Curve Cryptograhpy (ECC) based mutual authentication protocol. This solution focuses on Hyper Text Transfer Protocol (HTTP) cookies as security parameter. Next proposed solution is using keyed-hash scheme protocol to enable IoT devices to authenticate each other without the presence of a central control server. Another proposed solution uses Physical Unclonable Function (PUF) based mutual authentication protocol. It emphasizes on tamper resistant and resource-efficient technology, which equals a 3-way handshake security protocol.
Keywords: Internet of Things, authentication, PUF ECC, keyed hash scheme protocol.
Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1317050
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1800References:
[1] Mete Akgün, M. Ufuk Çaglayan, Providing destructive privacy and scalability in RFID systems using PUFs. Ad Hoc Networks 32 (2015) 32–42
[2] Sheetal Kalra, Sandeep K. Sood. Secure authentication scheme for IoT and cloud servers. Pervasive and Mobile Computing 24 (2015) 210–223
[3] SS kumar, J guajardo, Rmaes, GJ schrijen and P tuyls, The Butterfly PUF: Protecting IP on Every FPGA, in: Proceedings of the IEEE international workshop on hardware-oriented security and trust, 2008, pp. 67–70
[4] R. Aggarwal, M.L. Das, RFID security in the context of internet of things, in: Proceedings of the First International Conference on Security of Internet of Things, SecurIT ’12, ACM, New York, NY, USA, 2012, pp. 51–56.
[5] Vandana M.R., Neeli R.P. and Ramjee P. (2011). A Cooperative Internet of Thing (IoT) for Rural Healthcare Monitoring and Control, (Aalborg University Denmark).
[6] Zheng Yan., Peng Zhang, Athanasios V. Vasilakos. (2014). A Survey on Trust Management for Internet of Things, pp. 120-134.
[7] Tuhin Borgohain, Amardeep Borgohain, Uday Kumar, Sugata Sanyal. Authentication Systems in Internet of Things. ] R. Aggarwal, M.L. Das, RFID security in the context of internet of things, in: Proceedings of the First International Conference on Security of Internet of Things, SecurIT ’12, ACM, New York, NY, USA, 2012, pp. 51–56.
[8] Muhammad N. Aman, Kee Chaing Chua, Biplab Sikdar, Physical Unclonable Function for IoT Security, in: IoTPTS 2016 Proceedings of the 2nd ACM International Workshop on IoT Privacy, Trust, and Security, pp. 10.13 http://dx.doi.org/10.1145/2899007.2899013
[9] P.S. Ravikanth, Physical One-Way Functions, Ph.D. thesis, Massachusetts Institute of Technology, 2001.
[10] F. Armknecht, R. Maes, A. Sadeghi, O.-X. Standaert, C. Wachsmann, A formalization of the security features of physical functions, in: 2011 IEEE Symposium on Security and Privacy (SP), 2011, pp. 397–412. http://dx.doi.org/10.1109/SP.2011.10.
[11] K. Imamoto, K. Sakurai, Design and analysis of Diffie–Hellman based key exchange using one-time ID by SVO logic, Electron. Notes Theor. Comput. Sci. 135 (2005) pp. 79–94.
[12] Sunggyun Jang, Ducsun Lim, Jinyeong Kang, Inwhee, An efficient device authentication protocol without Certification Authority for Internet of Things, in: Wireless Pers Commun, 2016, DOI 10.1007/s11277-016-3355-0.
[13] Sanaz Rahimi Moosavi, Tuan Nguyen Gia, Amir-Mohammad Rahmani, Ethiopia Nigussie, Seppo Virtanen, Jouni Isoaho, Hannu Tenhunen, SEA: A Secure and Efficient Authentication and Authorization architecture for IoT-based healthcare using smart gateways, in: Procedia Computer Science 52 (2015) 452 – 459, http://dx.doi.org/10.1016/j.procs.2015.05.013