Advertisement

Securing Internet-of-Things

  • Guang GongEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11358)

Abstract

In this survey, we first present some vulnerabilities and attacks on IoT systems, and classification of IoT devices, we then show the evolution of the development of lightweight cryptography for securing IoT, the metrics for the design of lightweight cryptography, and the applications in privacy preserving authentication protocols. We use examples including the development of Simon, Simeck, and sLiSCP/sLiSCP-Light lightweight ciphers to demonstrate those approaches.

Keywords

Internet-of-Things (IoT) Security and privacy Lightweight cryptography 

References

  1. 1.
    Zigbee smart energy profile specification (sep) 1.2, revision 4. ZigBee Alliance, December 2014Google Scholar
  2. 2.
    CPS PWG draft cyber-physical systems (CPS) framework. National Institute of Standards and Technology (NIST), September 2015. https://pages.nist.gov/cpspwg/
  3. 3.
    EPC radio frequency identity protocols class-1 generation-2 UHF RFID protocol for communications at 860mhz-960mhz version 2. EPCglobal Inc., Specification documents, April 2015. https://www.gs1.org/sites/default/files/docs/epc/Gen2_Protocol_Standard.pdf
  4. 4.
    5G-PPP: Deliverable d2.7 security architecture (final) - 5G-Ensure, August 2018. www.5gensure.eu/sites/default/files/5G-ENSURE_D2.7_SecurityArchitectureFinal.pdf
  5. 5.
    AlTawy, R., Gong, G.: \(Mesh\): a supply chain solution with locally private transactions. In: Privacy Enhancing Technologies, pending revisions (2018)Google Scholar
  6. 6.
    AlTawy, R., Rohit, R., He, M., Mandal, K., Yang, G., Gong, G.: sLiSCP-light: towards lighter sponge-specific cryptographic permutations. ACM Trans. Embed. Comput. Syst. 17, 1–26 (2018)CrossRefGoogle Scholar
  7. 7.
    AlTawy, R., Rohit, R., He, M., Mandal, K., Yang, G., Gong, G.: Towards a cryptographic minimal design: the sLiSCP family of permutations. IEEE Trans. Comput. 67, 1341–1358 (2018)MathSciNetCrossRefGoogle Scholar
  8. 8.
    Armknecht, F., Hamann, M., Mikhalev, V.: Lightweight authentication protocols on ultra-constrained RFIDs - myths and facts. In: Saxena, N., Sadeghi, A.-R. (eds.) RFIDSec 2014. LNCS, vol. 8651, pp. 1–18. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-13066-8_1CrossRefGoogle Scholar
  9. 9.
    Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. Cryptology ePrint Archive, Report 2013/404 (2013). http://eprint.iacr.org/2013/404
  10. 10.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Permutation-based encryption, authentication and authenticated encryption. In: DIAC (2012)Google Scholar
  11. 11.
    Bogdanov, A., Shibutani, K.: Generalized feistel networks revisited. Des. Codes Crypt. 66(1), 75–97 (2013)MathSciNetCrossRefGoogle Scholar
  12. 12.
    Chai, Q., Gong, G.: BUPLE: securing passive RFID communication through physical layer enhancements. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 127–146. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-25286-0_9CrossRefGoogle Scholar
  13. 13.
    Chen, L.: Lightweight cryptography standards developed in ISO/IEC SC27 (2016). https://www.nist.gov/sites/default/files/documents/2016/10/17/chen-presentation-lwc2016.pdf
  14. 14.
    Columbus, L.: A roundup of 2018 enterprise Internet of Things forecasts and market estimates (2018)Google Scholar
  15. 15.
    Engels, D., Fan, X., Gong, G., Hu, H., Smith, E.M.: Hummingbird: ultra-lightweight cryptography for resource-constrained devices. In: Sion, R., et al. (eds.) FC 2010. LNCS, vol. 6054, pp. 3–18. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14992-4_2CrossRefGoogle Scholar
  16. 16.
    Fan, X., Gong, G.: Securing NFC with elliptic curve cryptography - challenges and solutions. In: RFIDSec Asia 2013, vol. 11, pp. 97–106 (2013)Google Scholar
  17. 17.
    Hopper, N.J., Blum, M.: Secure human identification protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 52–66. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-45682-1_4CrossRefGoogle Scholar
  18. 18.
    Juels, A.: RFID security and privacy: a research survey. IEEE J. Sel. Areas Commun. 24, 381–394 (2006)CrossRefGoogle Scholar
  19. 19.
    Juels, A., Weis, S.A.: Authenticating pervasive devices with human protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005).  https://doi.org/10.1007/11535218_18CrossRefGoogle Scholar
  20. 20.
    Knežević, M., Nikov, V., Rombouts, P.: Low-latency encryption – is “Lightweight = Light + Wait”? In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 426–446. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-33027-8_25CrossRefGoogle Scholar
  21. 21.
    de Koning Gans, G., Hoepman, J.-H., Garcia, F.D.: A practical attack on the MIFARE classic. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 267–282. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85893-5_20CrossRefGoogle Scholar
  22. 22.
    Krebs, B.: Hacked cameras, DVRs powered todays massive internet outage, October 2016. https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/
  23. 23.
    Li, Z., Gong, G., Qin, Z.: Secure and efficient LCMQ entity authentication protocol. IEEE Trans. Inf. Theory 59(6), 4042–4054 (2013)MathSciNetCrossRefGoogle Scholar
  24. 24.
    McKay, K., Bassham, L., Sönmez Turan, M., Mouha, N.: Report on lightweight cryptography (NISTIR8114) (2017). http://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8114.pdf
  25. 25.
    Nyberg, K.: Generalized Feistel networks. In: Kim, K., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 91–104. Springer, Heidelberg (1996).  https://doi.org/10.1007/BFb0034838CrossRefGoogle Scholar
  26. 26.
    Perera, C., Liu, C., Jayawardena, S.: The emerging Internet of Things marketplace from an industrial perspective: a survey. IEEE Trans. Emerg. Top. Comput. 3, 585–598 (2005)CrossRefGoogle Scholar
  27. 27.
    Ronen, E., Shamir, A., Weingarten, A., O’Flynn, C.: IoT goes nuclear: creating a ZigBee chain reaction. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 195–212, May 2017Google Scholar
  28. 28.
    Vanhoef, M., Piessens, F.: Key reinstallation attacks: forcing nonce reuse in WPA2. In: CCS 2017, October 2017Google Scholar
  29. 29.
    Wu, T., Gong, G.: The weakness of integrity protection for LTE. In: Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2013), Budapest, 17–19 April 2013, pp. 79–88 (2013)Google Scholar
  30. 30.
    Yang, G., Zhu, B., Suder, V., Aagaard, M.D., Gong, G.: The Simeck family of lightweight block ciphers. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 307–329. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48324-4_16CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Department of Electrical and Computer EngineeringUniversity of WaterlooWaterlooCanada

Personalised recommendations