Security and privacy concerns have emerged as critical challenges in the Internet-of-Things (IoT) era. These issues need to be carefully addressed due to the sensitive data within IoT systems. However, some IoT devices have various limitations in terms of energy, memory capacity, and computational resources, which makes them extremely vulnerable to security attacks. Data integrity with source authentication are essential security services for protecting IoT data value and utility. Existing message authentication algorithms (MAAs), which are either based on block ciphers or keyed hash functions, require multiple rounds and complex operations, which leads to unacceptable overhead for resource-limited devices and delay-sensitive applications. Moreover, the high number of IoT connected devices generates a huge amount of data, which challenges even the capacity of powerful network devices to handle the security of such Big Data. As such, the protection of such amounts of generated data calls for lightweight security solutions. In this paper, we propose a lightweight MAA that provides data integrity and source authentication. The proposed solution is based on a dynamic key structure with a single round and simple operations. The used cryptographic primitives (substitution and permutation tables) are dynamic and get updated for each new input message by using specific update primitives. The dynamic structure of the proposed MAA allows for decreasing the required number of rounds to just one, while maintaining a high degree of security. The security tests results show that the proposed keyed hash functions (1) achieve the desired cryptographic properties, (2) are immune against existing attacks and (3) require low overhead in terms of computational and storage resources.
This is a preview of subscription content, access via your institution.
Buy single article
Instant access to the full article PDF.
Tax calculation will be finalised during checkout.
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
Tax calculation will be finalised during checkout.
AbdAllah EG, Hassanein HS, Zulkernine M (2015) A survey of security attacks in information-centric networking. IEEE Commun Surv Tutor 17(3):1441–1454
Akhavan A, Samsudin A, Akhshani A (2013) A novel parallel hash function based on 3d chaotic map. EURASIP J Adv Signal Process 2013(1):1–12
Amigó JM, Kocarev L, Szczepanski J (2007) Theory and practice of chaotic cryptography. Phys Lett A 366(3):211–216
Amin M, Faragallah OS, Abd El-Latif AA (2009) Chaos-based hash function (cbhf) for cryptographic applications. Chaos Solitons Fract 42(2):767–772
Arshad S, Azam MA, Rehmani MH, Loo J (2018) Recent advances in information-centric networking-based internet of things (ICN-IoT). IEEE Internet Things J 6(2):2128–2158
Aumasson J-P, Henzen L, Meier W, Raphael C-W (2010) Phan. Sha-3 proposal blake. Submission to NIST (Round 3). http://www.131002.net/blake/blake.pdf. Accessed July 2020
Beaulieu R, Shors D, Smith J, Treatman-Clark S, Weeks B, Wingers L (2015) Simon and speck: block ciphers for the internet of things. IACR Cryptol ePrint Arch 2015:585
Bertoni G, Daemen J, Peeters M, Van Assche G (2011) The keccak reference. Submission to NIST (Round 3). http://www.keccak.noekeon.org/Keccak-reference-3.0.pdf. Accessed July 2020
Bilal M, Pack S (2019) Secure distribution of protected content in information-centric networking. IEEE Syst J 14:1921–1932
Daemen J, Rijmen V (2013) The design of Rijndael: AES-the advanced encryption standard. Springer Science & Business Media, Berlin
Damgård I (1990) A design principle for hash functions. In: Proceedings of the 9th annual international cryptology conference on advances in cryptology, CRYPTO ’89. UK. Springe, London, UK, pp 416–427. ISBN: 3-540-97317-6
Ferguson N, Lucks S, Schneier B, Whiting D, Mihir B, Jon C, Jesse W (2010) The Skein hash function family. Submission to NIST (round 3) 7(7.5)
Fotiou N, Polyzos GC (2016) Securing content sharing over icn. In: Proceedings of the 3rd ACM conference on information-centric networking. ACM, pp 176–185
Gauravaram P, Knudsen LR, Matusiewicz K, Mendel F, Rechberger C, Schläffer M, Thomsen SS (2009) Grøstl—a sha-3 candidate. In: Helena H, Stefan L, Bart P, Phillip R (eds) Symmetric cryptography, number 09031 in Dagstuhl seminar Proceedings, Dagstuhl, Germany, Schloss Dagstuhl—Leibniz-Zentrum fuer Informatik, Germany. http://www.drops.dagstuhl.de/opus/volltexte/2009/1955. Accessed July 2020
Guesmi R, Farah MAB, Kachouri A, Samet M (2016) A novel chaos-based image encryption using dna sequence operation and secure hash algorithm sha-2. Nonlinear Dyn 83(3):1123–1136
Kanso A, Ghebleh M (2015) A structure-based chaotic hashing scheme. Nonlinear Dyn 81(1–2):27–40
Krawczyk H, Bellare M, Canetti R (1997) Keyed-hashing for message authentication, Hmac
Li B, Huang D, Wang Z, Zhu Y (2016) Attribute-based access control for ICN naming scheme. IEEE Trans Depend Secure Comput 15(2):194–206
Masuda N, Jakimoski G, Aihara K, Kocarev L (2006) Chaotic block ciphers: from theory to practical algorithms. Circuits Syst I Regula Pap IEEE Trans 53(6):1341–1352
McGrew D, Viega J (2006) The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH. RFC 4543 (Proposed Standard)
Menezes AJ, Vanstone SA, Van Oorschot PC (1996) Handbook of applied cryptography, 1st edn. CRC Press Inc, Boca Raton, p 0849385237
Merkle RC (1989) A certified digital signature. In: Proceedings on advances in cryptology, CRYPTO ’89, New York, NY, USA. Springer New York, Inc, pp 218–238. ISBN 0-387-97317-6. http://www.dl.acm.org/citation.cfm?id=118209.118230
Miller FP, Vandome AF, McBrewster J (2009) Advanced encryption standard. Alpha Press, Lagos (ISBN 6130268297, 9786130268299)
Misra S, Reza T, Frank N, Travis M, Majd NE, Huang H (2017) Accconf: an access control framework for leveraging in-network cached data in the icn-enabled wireless edge. IEEE Trans Depend Secure Comput 16(1):5–17
Noura H (2012) Design and simulation of efficient chaos based generators, crypto-systems and hash functions. Universite de Nantes, Theses
Noura H, Courousse D (2016) Method of encryption with dynamic diffusion and confusion layers, 9 June 2016. WO Patent App. PCT/EP2015/078,372. https://www.google.com/patents/WO2016087520A1?cl=en
Noura H, Sleem L, Noura M, Mansour MM, Chehab A, Couturier R (2017) A new efficient lightweight and secure image cipher scheme. Multimed Tools Appl. ISSN 1573-7721
Noura H, Chehab A, Sleem L, Noura M, Couturier R, Mansour MM (2018) One round cipher algorithm for multimedia IoT devices. Multimed Tools Appl 77(14):18383–18413
Noura H, Noura M, Chehab A, Mansour MM, Couturier R (2018b) Efficient and secure cipher scheme for multimedia contents. In: Multimedia tools and applications, pp 1–30
Noura H, Chehab A, Noura M, Couturier R, Mansour MM (2019) Lightweight, dynamic and efficient image encryption scheme. Multimed Tools Appl 78(12):16527–16561
Noura H, Raphaël C, Congduc P, Ali C (2019b) Lightweight stream cipher scheme for resource-constrained iot devices. In: 2019 international conference on wireless and mobile computing, networking and communications (WiMob). IEEE, pp 1–8
Noura H, Salman O, Chehab A, Couturier R (2019) Preserving data security in distributed fog computing. Ad Hoc Netw 94:101937. https://doi.org/10.1016/j.adhoc.2019.101937
Noura HN, Chehab A, Couturier RÃ (2019) Efficient and secure cipher scheme with dynamic key-dependent mode of operation. Signal Process Image Commun 78:448–464
Patrizio A (2018) Idc: expect 175 zettabytes of data worldwide by 2025 | network world. https://www.networkworld.com/article/3325397/idc-expect-175-zettabytes-of-data-worldwide-by-2025.html. Accessed July 2020
Schneier B (2007) Applied cryptography: protocols, algorithms, and source code in C. Wiley, New York
Song JH, Poovendran R, Lee J, Iwata T (2006) RFC 4493 (Informational), June
Stallings W (2017) Cryptography and network security: principles and practice. Pearson, Upper Saddle River
Teh JS, Samsudin A, Akhavan A (2015) Parallel chaotic hash function based on the shuffle-exchange network. Nonlinear Dyn 81(3):1067–1079
van Tilborg HCA, Jajodia S (eds) (2011) Encyclopedia of cryptography and security, 2nd edn. Springer, Germany. https://doi.org/10.1007/978-1-4419-5906-5
Wang X, Hongbo Y (2005) How to break md5 and other hash functions. In: EUROCRYPT. Springer
Wu Q (2015) A chaos-based hash function. In: 2015 international conference on cyber-enabled distributed computing and knowledge discovery (CyberC). IEEE, pp 1–4
Xiang F, Zhao C, Wang J, Zhang Z (2015) One-way hash function based on cascade chaos. Open Cybern Syst J 9(1):573–580
Xue K, Zhang X, Xia Q, Wei DSL, Yue H, Wu F (2018) SEAF: a secure, efficient and accountable access control framework for information centric networking. In: IEEE INFOCOM 2018-IEEE conference on computer communications. IEEE, pp 2213–2221
Yaacoub J-P, Salman O, Noura HN, Chehab A (2020a) Security analysis of drones systems: attacks, limitations, and recommendations. In: Internet of Things, p 100218
Yaacoub J-PA, Noura M, Noura HN, Salman O, Yaacoub E, Couturier R, Chehab A (2020b) Securing internet of medical things systems: limitations, issues and recommendations. Future Gener Comput Syst 105:581–606
Yang B, Li Z, Zheng S, Yang Y (2009) Hash function construction based on coupled map lattice for communication security. In: Global mobile congress, 2009, pp 1–7
This research was partially supported by funds from the Maroun Semaan Faculty of Engineering and Architecture at the American University of Beirut and by the EIPHI Graduate School (contract “ANR-17-EURE-0002”).
Conflict of interest
The authors declare that they have no conflict of interest.
This article does not contain any studies with human participants or animals performed by any of the authors.
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
About this article
Cite this article
Noura, H.N., Salman, O., Couturier, R. et al. Novel one round message authentication scheme for constrained IoT devices. J Ambient Intell Human Comput (2021). https://doi.org/10.1007/s12652-021-02913-7
- Lightweight message authentication algorithm
- Dynamic key-dependent cryptography
- Security and performance analysis