Novel one round message authentication scheme for constrained IoT devices

Abstract

Security and privacy concerns have emerged as critical challenges in the Internet-of-Things (IoT) era. These issues need to be carefully addressed due to the sensitive data within IoT systems. However, some IoT devices have various limitations in terms of energy, memory capacity, and computational resources, which makes them extremely vulnerable to security attacks. Data integrity with source authentication are essential security services for protecting IoT data value and utility. Existing message authentication algorithms (MAAs), which are either based on block ciphers or keyed hash functions, require multiple rounds and complex operations, which leads to unacceptable overhead for resource-limited devices and delay-sensitive applications. Moreover, the high number of IoT connected devices generates a huge amount of data, which challenges even the capacity of powerful network devices to handle the security of such Big Data. As such, the protection of such amounts of generated data calls for lightweight security solutions. In this paper, we propose a lightweight MAA that provides data integrity and source authentication. The proposed solution is based on a dynamic key structure with a single round and simple operations. The used cryptographic primitives (substitution and permutation tables) are dynamic and get updated for each new input message by using specific update primitives. The dynamic structure of the proposed MAA allows for decreasing the required number of rounds to just one, while maintaining a high degree of security. The security tests results show that the proposed keyed hash functions (1) achieve the desired cryptographic properties, (2) are immune against existing attacks and (3) require low overhead in terms of computational and storage resources.

References

1. AbdAllah EG, Hassanein HS, Zulkernine M (2015) A survey of security attacks in information-centric networking. IEEE Commun Surv Tutor 17(3):1441–1454

2. Akhavan A, Samsudin A, Akhshani A (2013) A novel parallel hash function based on 3d chaotic map. EURASIP J Adv Signal Process 2013(1):1–12

3. Amigó JM, Kocarev L, Szczepanski J (2007) Theory and practice of chaotic cryptography. Phys Lett A 366(3):211–216

4. Amin M, Faragallah OS, Abd El-Latif AA (2009) Chaos-based hash function (cbhf) for cryptographic applications. Chaos Solitons Fract 42(2):767–772

5. Arshad S, Azam MA, Rehmani MH, Loo J (2018) Recent advances in information-centric networking-based internet of things (ICN-IoT). IEEE Internet Things J 6(2):2128–2158

6. Aumasson J-P, Henzen L, Meier W, Raphael C-W (2010) Phan. Sha-3 proposal blake. Submission to NIST (Round 3). http://www.131002.net/blake/blake.pdf. Accessed July 2020

7. Beaulieu R, Shors D, Smith J, Treatman-Clark S, Weeks B, Wingers L (2015) Simon and speck: block ciphers for the internet of things. IACR Cryptol ePrint Arch 2015:585

8. Bertoni G, Daemen J, Peeters M, Van Assche G (2011) The keccak reference. Submission to NIST (Round 3). http://www.keccak.noekeon.org/Keccak-reference-3.0.pdf. Accessed July 2020

9. Bilal M, Pack S (2019) Secure distribution of protected content in information-centric networking. IEEE Syst J 14:1921–1932

10. Daemen J, Rijmen V (2013) The design of Rijndael: AES-the advanced encryption standard. Springer Science & Business Media, Berlin

11. Damgård I (1990) A design principle for hash functions. In: Proceedings of the 9th annual international cryptology conference on advances in cryptology, CRYPTO ’89. UK. Springe, London, UK, pp 416–427. ISBN: 3-540-97317-6

12. Ferguson N, Lucks S, Schneier B, Whiting D, Mihir B, Jon C, Jesse W (2010) The Skein hash function family. Submission to NIST (round 3) 7(7.5)

13. Fotiou N, Polyzos GC (2016) Securing content sharing over icn. In: Proceedings of the 3rd ACM conference on information-centric networking. ACM, pp 176–185

14. Gauravaram P, Knudsen LR, Matusiewicz K, Mendel F, Rechberger C, Schläffer M, Thomsen SS (2009) Grøstl—a sha-3 candidate. In: Helena H, Stefan L, Bart P, Phillip R (eds) Symmetric cryptography, number 09031 in Dagstuhl seminar Proceedings, Dagstuhl, Germany, Schloss Dagstuhl—Leibniz-Zentrum fuer Informatik, Germany. http://www.drops.dagstuhl.de/opus/volltexte/2009/1955. Accessed July 2020

15. Guesmi R, Farah MAB, Kachouri A, Samet M (2016) A novel chaos-based image encryption using dna sequence operation and secure hash algorithm sha-2. Nonlinear Dyn 83(3):1123–1136

16. Kanso A, Ghebleh M (2015) A structure-based chaotic hashing scheme. Nonlinear Dyn 81(1–2):27–40

17. Krawczyk H, Bellare M, Canetti R (1997) Keyed-hashing for message authentication, Hmac

18. Li B, Huang D, Wang Z, Zhu Y (2016) Attribute-based access control for ICN naming scheme. IEEE Trans Depend Secure Comput 15(2):194–206

19. Masuda N, Jakimoski G, Aihara K, Kocarev L (2006) Chaotic block ciphers: from theory to practical algorithms. Circuits Syst I Regula Pap IEEE Trans 53(6):1341–1352

20. McGrew D, Viega J (2006) The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH. RFC 4543 (Proposed Standard)

21. Menezes AJ, Vanstone SA, Van Oorschot PC (1996) Handbook of applied cryptography, 1st edn. CRC Press Inc, Boca Raton, p 0849385237

22. Merkle RC (1989) A certified digital signature. In: Proceedings on advances in cryptology, CRYPTO ’89, New York, NY, USA. Springer New York, Inc, pp 218–238. ISBN 0-387-97317-6. http://www.dl.acm.org/citation.cfm?id=118209.118230

23. Miller FP, Vandome AF, McBrewster J (2009) Advanced encryption standard. Alpha Press, Lagos (ISBN 6130268297, 9786130268299)

24. Misra S, Reza T, Frank N, Travis M, Majd NE, Huang H (2017) Accconf: an access control framework for leveraging in-network cached data in the icn-enabled wireless edge. IEEE Trans Depend Secure Comput 16(1):5–17

25. Noura H (2012) Design and simulation of efficient chaos based generators, crypto-systems and hash functions. Universite de Nantes, Theses

26. Noura H, Courousse D (2016) Method of encryption with dynamic diffusion and confusion layers, 9 June 2016. WO Patent App. PCT/EP2015/078,372. https://www.google.com/patents/WO2016087520A1?cl=en

27. Noura H, Sleem L, Noura M, Mansour MM, Chehab A, Couturier R (2017) A new efficient lightweight and secure image cipher scheme. Multimed Tools Appl. ISSN 1573-7721

28. Noura H, Chehab A, Sleem L, Noura M, Couturier R, Mansour MM (2018) One round cipher algorithm for multimedia IoT devices. Multimed Tools Appl 77(14):18383–18413

29. Noura H, Noura M, Chehab A, Mansour MM, Couturier R (2018b) Efficient and secure cipher scheme for multimedia contents. In: Multimedia tools and applications, pp 1–30

30. Noura H, Chehab A, Noura M, Couturier R, Mansour MM (2019) Lightweight, dynamic and efficient image encryption scheme. Multimed Tools Appl 78(12):16527–16561

31. Noura H, Raphaël C, Congduc P, Ali C (2019b) Lightweight stream cipher scheme for resource-constrained iot devices. In: 2019 international conference on wireless and mobile computing, networking and communications (WiMob). IEEE, pp 1–8

32. Noura H, Salman O, Chehab A, Couturier R (2019) Preserving data security in distributed fog computing. Ad Hoc Netw 94:101937. https://doi.org/10.1016/j.adhoc.2019.101937

33. Noura HN, Chehab A, Couturier RÃ (2019) Efficient and secure cipher scheme with dynamic key-dependent mode of operation. Signal Process Image Commun 78:448–464

34. Patrizio A (2018) Idc: expect 175 zettabytes of data worldwide by 2025 | network world. https://www.networkworld.com/article/3325397/idc-expect-175-zettabytes-of-data-worldwide-by-2025.html. Accessed July 2020

35. Schneier B (2007) Applied cryptography: protocols, algorithms, and source code in C. Wiley, New York

36. Song JH, Poovendran R, Lee J, Iwata T (2006) RFC 4493 (Informational), June

37. Stallings W (2017) Cryptography and network security: principles and practice. Pearson, Upper Saddle River

38. Teh JS, Samsudin A, Akhavan A (2015) Parallel chaotic hash function based on the shuffle-exchange network. Nonlinear Dyn 81(3):1067–1079

39. van Tilborg HCA, Jajodia S (eds) (2011) Encyclopedia of cryptography and security, 2nd edn. Springer, Germany. https://doi.org/10.1007/978-1-4419-5906-5

40. Wang X, Hongbo Y (2005) How to break md5 and other hash functions. In: EUROCRYPT. Springer

41. Wu Q (2015) A chaos-based hash function. In: 2015 international conference on cyber-enabled distributed computing and knowledge discovery (CyberC). IEEE, pp 1–4

42. Xiang F, Zhao C, Wang J, Zhang Z (2015) One-way hash function based on cascade chaos. Open Cybern Syst J 9(1):573–580

43. Xue K, Zhang X, Xia Q, Wei DSL, Yue H, Wu F (2018) SEAF: a secure, efficient and accountable access control framework for information centric networking. In: IEEE INFOCOM 2018-IEEE conference on computer communications. IEEE, pp 2213–2221

44. Yaacoub J-P, Salman O, Noura HN, Chehab A (2020a) Security analysis of drones systems: attacks, limitations, and recommendations. In: Internet of Things, p 100218

45. Yaacoub J-PA, Noura M, Noura HN, Salman O, Yaacoub E, Couturier R, Chehab A (2020b) Securing internet of medical things systems: limitations, issues and recommendations. Future Gener Comput Syst 105:581–606

46. Yang B, Li Z, Zheng S, Yang Y (2009) Hash function construction based on coupled map lattice for communication security. In: Global mobile congress, 2009, pp 1–7