Novel one round message authentication scheme for constrained IoT devices

Abstract

Security and privacy concerns have emerged as critical challenges in the Internet-of-Things (IoT) era. These issues need to be carefully addressed due to the sensitive data within IoT systems. However, some IoT devices have various limitations in terms of energy, memory capacity, and computational resources, which makes them extremely vulnerable to security attacks. Data integrity with source authentication are essential security services for protecting IoT data value and utility. Existing message authentication algorithms (MAAs), which are either based on block ciphers or keyed hash functions, require multiple rounds and complex operations, which leads to unacceptable overhead for resource-limited devices and delay-sensitive applications. Moreover, the high number of IoT connected devices generates a huge amount of data, which challenges even the capacity of powerful network devices to handle the security of such Big Data. As such, the protection of such amounts of generated data calls for lightweight security solutions. In this paper, we propose a lightweight MAA that provides data integrity and source authentication. The proposed solution is based on a dynamic key structure with a single round and simple operations. The used cryptographic primitives (substitution and permutation tables) are dynamic and get updated for each new input message by using specific update primitives. The dynamic structure of the proposed MAA allows for decreasing the required number of rounds to just one, while maintaining a high degree of security. The security tests results show that the proposed keyed hash functions (1) achieve the desired cryptographic properties, (2) are immune against existing attacks and (3) require low overhead in terms of computational and storage resources.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

References

  1. AbdAllah EG, Hassanein HS, Zulkernine M (2015) A survey of security attacks in information-centric networking. IEEE Commun Surv Tutor 17(3):1441–1454

    Article  Google Scholar 

  2. Akhavan A, Samsudin A, Akhshani A (2013) A novel parallel hash function based on 3d chaotic map. EURASIP J Adv Signal Process 2013(1):1–12

    Article  Google Scholar 

  3. Amigó JM, Kocarev L, Szczepanski J (2007) Theory and practice of chaotic cryptography. Phys Lett A 366(3):211–216

    Article  Google Scholar 

  4. Amin M, Faragallah OS, Abd El-Latif AA (2009) Chaos-based hash function (cbhf) for cryptographic applications. Chaos Solitons Fract 42(2):767–772

    Article  Google Scholar 

  5. Arshad S, Azam MA, Rehmani MH, Loo J (2018) Recent advances in information-centric networking-based internet of things (ICN-IoT). IEEE Internet Things J 6(2):2128–2158

    Article  Google Scholar 

  6. Aumasson J-P, Henzen L, Meier W, Raphael C-W (2010) Phan. Sha-3 proposal blake. Submission to NIST (Round 3). http://www.131002.net/blake/blake.pdf. Accessed July 2020

  7. Beaulieu R, Shors D, Smith J, Treatman-Clark S, Weeks B, Wingers L (2015) Simon and speck: block ciphers for the internet of things. IACR Cryptol ePrint Arch 2015:585

    MATH  Google Scholar 

  8. Bertoni G, Daemen J, Peeters M, Van Assche G (2011) The keccak reference. Submission to NIST (Round 3). http://www.keccak.noekeon.org/Keccak-reference-3.0.pdf. Accessed July 2020

  9. Bilal M, Pack S (2019) Secure distribution of protected content in information-centric networking. IEEE Syst J 14:1921–1932

    Article  Google Scholar 

  10. Daemen J, Rijmen V (2013) The design of Rijndael: AES-the advanced encryption standard. Springer Science & Business Media, Berlin

    Google Scholar 

  11. Damgård I (1990) A design principle for hash functions. In: Proceedings of the 9th annual international cryptology conference on advances in cryptology, CRYPTO ’89. UK. Springe, London, UK, pp 416–427. ISBN: 3-540-97317-6

  12. Ferguson N, Lucks S, Schneier B, Whiting D, Mihir B, Jon C, Jesse W (2010) The Skein hash function family. Submission to NIST (round 3) 7(7.5)

  13. Fotiou N, Polyzos GC (2016) Securing content sharing over icn. In: Proceedings of the 3rd ACM conference on information-centric networking. ACM, pp 176–185

  14. Gauravaram P, Knudsen LR, Matusiewicz K, Mendel F, Rechberger C, Schläffer M, Thomsen SS (2009) Grøstl—a sha-3 candidate. In: Helena H, Stefan L, Bart P, Phillip R (eds) Symmetric cryptography, number 09031 in Dagstuhl seminar Proceedings, Dagstuhl, Germany, Schloss Dagstuhl—Leibniz-Zentrum fuer Informatik, Germany. http://www.drops.dagstuhl.de/opus/volltexte/2009/1955. Accessed July 2020

  15. Guesmi R, Farah MAB, Kachouri A, Samet M (2016) A novel chaos-based image encryption using dna sequence operation and secure hash algorithm sha-2. Nonlinear Dyn 83(3):1123–1136

    MathSciNet  Article  Google Scholar 

  16. Kanso A, Ghebleh M (2015) A structure-based chaotic hashing scheme. Nonlinear Dyn 81(1–2):27–40

    MathSciNet  Article  Google Scholar 

  17. Krawczyk H, Bellare M, Canetti R (1997) Keyed-hashing for message authentication, Hmac

  18. Li B, Huang D, Wang Z, Zhu Y (2016) Attribute-based access control for ICN naming scheme. IEEE Trans Depend Secure Comput 15(2):194–206

    Article  Google Scholar 

  19. Masuda N, Jakimoski G, Aihara K, Kocarev L (2006) Chaotic block ciphers: from theory to practical algorithms. Circuits Syst I Regula Pap IEEE Trans 53(6):1341–1352

    MathSciNet  Article  Google Scholar 

  20. McGrew D, Viega J (2006) The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH. RFC 4543 (Proposed Standard)

  21. Menezes AJ, Vanstone SA, Van Oorschot PC (1996) Handbook of applied cryptography, 1st edn. CRC Press Inc, Boca Raton, p 0849385237

    Google Scholar 

  22. Merkle RC (1989) A certified digital signature. In: Proceedings on advances in cryptology, CRYPTO ’89, New York, NY, USA. Springer New York, Inc, pp 218–238. ISBN 0-387-97317-6. http://www.dl.acm.org/citation.cfm?id=118209.118230

  23. Miller FP, Vandome AF, McBrewster J (2009) Advanced encryption standard. Alpha Press, Lagos (ISBN 6130268297, 9786130268299)

    Google Scholar 

  24. Misra S, Reza T, Frank N, Travis M, Majd NE, Huang H (2017) Accconf: an access control framework for leveraging in-network cached data in the icn-enabled wireless edge. IEEE Trans Depend Secure Comput 16(1):5–17

    Article  Google Scholar 

  25. Noura H (2012) Design and simulation of efficient chaos based generators, crypto-systems and hash functions. Universite de Nantes, Theses

  26. Noura H, Courousse D (2016) Method of encryption with dynamic diffusion and confusion layers, 9 June 2016. WO Patent App. PCT/EP2015/078,372. https://www.google.com/patents/WO2016087520A1?cl=en

  27. Noura H, Sleem L, Noura M, Mansour MM, Chehab A, Couturier R (2017) A new efficient lightweight and secure image cipher scheme. Multimed Tools Appl. ISSN 1573-7721

  28. Noura H, Chehab A, Sleem L, Noura M, Couturier R, Mansour MM (2018) One round cipher algorithm for multimedia IoT devices. Multimed Tools Appl 77(14):18383–18413

    Article  Google Scholar 

  29. Noura H, Noura M, Chehab A, Mansour MM, Couturier R (2018b) Efficient and secure cipher scheme for multimedia contents. In: Multimedia tools and applications, pp 1–30

  30. Noura H, Chehab A, Noura M, Couturier R, Mansour MM (2019) Lightweight, dynamic and efficient image encryption scheme. Multimed Tools Appl 78(12):16527–16561

    Article  Google Scholar 

  31. Noura H, Raphaël C, Congduc P, Ali C (2019b) Lightweight stream cipher scheme for resource-constrained iot devices. In: 2019 international conference on wireless and mobile computing, networking and communications (WiMob). IEEE, pp 1–8

  32. Noura H, Salman O, Chehab A, Couturier R (2019) Preserving data security in distributed fog computing. Ad Hoc Netw 94:101937. https://doi.org/10.1016/j.adhoc.2019.101937

    Article  Google Scholar 

  33. Noura HN, Chehab A, Couturier RÃ (2019) Efficient and secure cipher scheme with dynamic key-dependent mode of operation. Signal Process Image Commun 78:448–464

    Article  Google Scholar 

  34. Patrizio A (2018) Idc: expect 175 zettabytes of data worldwide by 2025 | network world. https://www.networkworld.com/article/3325397/idc-expect-175-zettabytes-of-data-worldwide-by-2025.html. Accessed July 2020

  35. Schneier B (2007) Applied cryptography: protocols, algorithms, and source code in C. Wiley, New York

    Google Scholar 

  36. Song JH, Poovendran R, Lee J, Iwata T (2006) RFC 4493 (Informational), June

  37. Stallings W (2017) Cryptography and network security: principles and practice. Pearson, Upper Saddle River

    Google Scholar 

  38. Teh JS, Samsudin A, Akhavan A (2015) Parallel chaotic hash function based on the shuffle-exchange network. Nonlinear Dyn 81(3):1067–1079

    Article  Google Scholar 

  39. van Tilborg HCA, Jajodia S (eds) (2011) Encyclopedia of cryptography and security, 2nd edn. Springer, Germany. https://doi.org/10.1007/978-1-4419-5906-5

    Google Scholar 

  40. Wang X, Hongbo Y (2005) How to break md5 and other hash functions. In: EUROCRYPT. Springer

  41. Wu Q (2015) A chaos-based hash function. In: 2015 international conference on cyber-enabled distributed computing and knowledge discovery (CyberC). IEEE, pp 1–4

  42. Xiang F, Zhao C, Wang J, Zhang Z (2015) One-way hash function based on cascade chaos. Open Cybern Syst J 9(1):573–580

    Article  Google Scholar 

  43. Xue K, Zhang X, Xia Q, Wei DSL, Yue H, Wu F (2018) SEAF: a secure, efficient and accountable access control framework for information centric networking. In: IEEE INFOCOM 2018-IEEE conference on computer communications. IEEE, pp 2213–2221

  44. Yaacoub J-P, Salman O, Noura HN, Chehab A (2020a) Security analysis of drones systems: attacks, limitations, and recommendations. In: Internet of Things, p 100218

  45. Yaacoub J-PA, Noura M, Noura HN, Salman O, Yaacoub E, Couturier R, Chehab A (2020b) Securing internet of medical things systems: limitations, issues and recommendations. Future Gener Comput Syst 105:581–606

    Article  Google Scholar 

  46. Yang B, Li Z, Zheng S, Yang Y (2009) Hash function construction based on coupled map lattice for communication security. In: Global mobile congress, 2009, pp 1–7

Download references

Funding

This research was partially supported by funds from the Maroun Semaan Faculty of Engineering and Architecture at the American University of Beirut and by the EIPHI Graduate School (contract “ANR-17-EURE-0002”).

Author information

Affiliations

Authors

Corresponding author

Correspondence to Ola Salman.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Noura, H.N., Salman, O., Couturier, R. et al. Novel one round message authentication scheme for constrained IoT devices. J Ambient Intell Human Comput (2021). https://doi.org/10.1007/s12652-021-02913-7

Download citation

Keywords

  • Lightweight message authentication algorithm
  • Dynamic key-dependent cryptography
  • Security and performance analysis