IoT Security : Advances in Authentication.

Cover -- Title Page -- Copyright -- Contents -- About the Editors -- List of Contributors -- Preface -- Acknowledgments -- Part I IoT Overview -- Chapter 1 Introduction to IoT -- 1.1 Introduction -- 1.1.1 Evolution of IoT -- 1.2 IoT Architecture and Taxonomy -- 1.3 Standardization Efforts -- 1.4 IoT Applications -- 1.4.1 Smart Home -- 1.4.2 Smart City -- 1.4.3 Smart Energy -- 1.4.4 Healthcare -- 1.4.5 IoT Automotive -- 1.4.6 Gaming, AR and VR -- 1.4.7 Retail -- 1.4.8 Wearable -- 1.4.9 Smart Agriculture -- 1.4.10 Industrial Internet -- 1.4.11 Tactile Internet -- 1.4.12 Conclusion -- Acknowledgement -- References -- Chapter 2 Abstract -- 2.1 Introduction -- 2.2 Attacks and Countermeasures -- 2.2.1 Perception Layer -- 2.2.1.1 Perception Nodes -- 2.2.1.2 Sensor Nodes -- 2.2.1.3 Gateways -- 2.2.2 Network Layer -- 2.2.2.1 Mobile Communication -- 2.2.2.2 Cloud Computing -- 2.2.2.3 Internet -- 2.2.3 Application Layer -- 2.2.3.1 Smart Utilities - Smart Grids and Smart Metering -- 2.2.3.2 Consumer Wearable IoT (WIoT) Devices for Healthcare and Telemedicine -- 2.2.3.3 Intelligent Transportation -- 2.2.3.4 Smart Agriculture -- 2.2.3.5 Industrial IoT (IIoT) -- 2.2.3.6 Smart Buildings, Environments, and Cities -- 2.3 Authentication and Authorization -- 2.3.1 Authentication -- 2.3.2 Authorization -- 2.3.3 Authentication at IoT Layers -- 2.3.3.1 Perception Layer -- 2.3.3.2 Network Layer -- 2.3.3.3 Application Layer -- 2.4 Other Security Features and Related Issues -- 2.4.1 The Simplified Layer Structure -- 2.4.2 The Idea of Middleware -- 2.4.3 Cross‐Layer Security Problem -- 2.4.4 Privacy -- 2.4.5 Risk Mitigation -- 2.5 Discussion -- 2.6 Future Research Directions -- 2.6.1 Blockchain -- 2.6.2 5G -- 2.6.3 Fog and Edge Computing -- 2.6.4 Quantum Security, AI, and Predictive Data Analytics -- 2.6.5 Network Slicing -- 2.7 Conclusions -- References.

Part II IoT Network and Communication Authentication -- Chapter 3 Symmetric Key‐Based Authentication with an Application to Wireless Sensor Networks -- 3.1 Introduction -- 3.2 Related Work -- 3.3 System Model and Assumptions -- 3.3.1 Design Goals -- 3.3.2 Setting -- 3.3.3 Notations -- 3.3.4 Attack Model -- 3.4 Scheme in Normal Mode -- 3.4.1 Installation Phase -- 3.4.1.1 Installation of CH -- 3.4.1.2 Installation of CN -- 3.4.2 Group Node Key -- 3.4.3 Individual Cluster Key -- 3.4.3.1 CN to CH -- 3.4.3.2 CH to CN -- 3.4.4 Pairwise Key Derivation -- 3.4.5 Multicast Key -- 3.4.5.1 Initiation by CH -- 3.4.5.2 Derivation by CNs -- 3.4.6 Group Cluster Key -- 3.5 Authentication -- 3.5.1 Authentication by CN -- 3.5.2 Authenticated Broadcast by the CH -- 3.5.3 Authenticated Broadcast by the BS -- 3.6 Scheme in Change Mode -- 3.6.1 Capture of CN -- 3.6.2 Capture of CH -- 3.6.3 Changes for Honest Nodes -- 3.6.3.1 Key Update for Honest Node Replacement -- 3.6.3.2 Node Removal and Addition -- 3.7 Security Analysis -- 3.7.1 Resistance Against Impersonation Attack -- 3.7.2 Resistance Against Node Capture -- 3.7.3 Resistance Against Replay Attacks -- 3.8 Efficiency -- 3.8.1 Number of Communication Phases -- 3.8.2 Storage Requirements -- 3.8.3 Packet Fragmentation -- 3.9 Conclusions -- Acknowledgement -- References -- Chapter 4 Public Key Based Protocols - EC Crypto -- 4.1 Introduction to ECC -- 4.1.1 Notations -- 4.1.2 ECC for Authentication and Key Management -- 4.2 ECC Based Implicit Certificates -- 4.2.1 Authentication and Key Management Using ECC Implicit Certificates -- 4.2.1.1 Phase 1: Registration and Certificate Acquisition -- 4.2.1.2 Phase 2: Authentication and Key Establishment -- 4.3 ECC‐Based Signcryption -- 4.3.1 Security Features -- 4.3.2 Scheme -- 4.3.2.1 Key Generation -- 4.3.2.2 Signcryption -- 4.3.2.3 Unsigncryption.

4.4 ECC‐Based Group Communication -- 4.4.1 Background and Assumptions -- 4.4.2 Scheme -- 4.5 Implementation Aspects -- 4.6 Discussion -- References -- Chapter 5 Lattice‐Based Cryptography and Internet of Things -- 5.1 Introduction -- 5.1.1 Organization -- 5.2 Lattice‐Based Cryptography -- 5.2.1 Notations -- 5.2.2 Preliminaries -- 5.2.2.1 Lattices -- 5.2.2.2 Integer Lattices -- 5.2.2.3 Discrete Gaussians -- 5.2.2.4 The Gram‐Schmidt Norm of a Basis -- 5.2.3 Computational Problems -- 5.2.4 State‐of‐the‐Art -- 5.3 Lattice‐Based Primitives -- 5.3.1 One‐Way and Collision‐Resistant Hash Functions -- 5.3.2 Passively Secure Encryption -- 5.3.3 Actively Secure Encryption -- 5.3.4 Trapdoor Functions -- 5.3.5 Gadget Trapdoor -- 5.3.6 Digital Signatures without Trapdoors -- 5.3.6.1 Rejection Sampling -- 5.3.7 Pseudorandom Functions (PRF) -- 5.3.8 Homomorphic Encryption -- 5.3.9 Identity‐Based Encryption (IBE) -- 5.3.10 Attribute‐Based Encryption -- 5.4 Lattice‐Based Cryptography for IoT -- 5.5 Conclusion -- References -- Part III IoT User Level Authentication -- Chapter 6 Abstract -- 6.1 Introduction -- 6.2 Related Work -- 6.3 Network Model and Adversary Model -- 6.3.1 Network Model -- 6.3.2 Adversary Model -- 6.4 Proposed Scheme -- 6.4.1 System Setup for the Edge Nodes Registration at the Registration Center -- 6.4.2 User Registration Phase -- 6.4.3 Login and User Authentication Phase -- 6.4.4 Password Update Phase -- 6.5 Security and Performance Evaluation -- 6.5.1 Informal Security Analysis -- 6.5.1.1 Mutual Authentication -- 6.5.1.2 Session Key Establishment -- 6.5.1.3 User Anonymity -- 6.5.1.4 Replay Attacks -- 6.5.1.5 User Impersonation Attacks -- 6.5.1.6 Gateway Impersonation Attacks -- 6.5.1.7 Insider Attacks -- 6.5.1.8 Man‐in‐the‐Middle Attacks -- 6.5.1.9 Offline‐Password Guessing Attacks -- 6.5.2 Performance Analysis -- 6.6 Conclusion -- References.

Chapter 7 Abstract -- 7.1 Introduction -- 7.2 Related Work -- 7.3 Network Model, Threat Model and Security Requirements -- 7.3.1 Network Model -- 7.3.2 Threat Model -- 7.3.3 Security Goals -- 7.4 Proposed Access Control Model in IIoT -- 7.4.1 System Setup -- 7.4.2 Authentication and Key Establishment -- 7.5 Security and Performance Evaluations -- 7.5.1 Informal Security Analysis -- 7.5.1.1 Save Against Masquerade Attack -- 7.5.1.2 Safe Against Man‐in‐the‐Middle (MITM) Attack -- 7.5.1.3 Safe Against Denial‐of‐Service Attack -- 7.5.1.4 Safe Against Replay Attack -- 7.5.2 Performance Analysis -- 7.6 Conclusions -- References -- Chapter 8 Gadget Free Authentication -- 8.1 Introduction to Gadget‐Free World -- 8.2 Introduction to Biometrics -- 8.3 Gadget‐Free Authentication -- 8.4 Preliminary Aspects -- 8.4.1 Security Requirements -- 8.4.2 Setting -- 8.4.3 Notations -- 8.5 The System -- 8.5.1 Registration Phase -- 8.5.2 Installation Phase -- 8.5.3 Request Phase -- 8.5.4 Answer Phase -- 8.5.5 Update Phase -- 8.6 Security Analysis -- 8.6.1 Accountability -- 8.6.2 Replay Attacks -- 8.6.3 Insider Attacks -- 8.6.3.1 Compromised AP -- 8.6.3.2 Compromised End Node -- 8.6.4 HW/SW Attacks -- 8.6.5 Identity Privacy -- 8.7 Performance Analysis -- 8.7.1 Timing for Cryptographic/Computational Operation -- 8.7.2 Communication Cost -- 8.8 Conclusions -- Acknowledgement -- References -- Chapter 9 Abstract -- 9.1 Introduction -- 9.2 IoT‐Related Concerns -- 9.3 Design Decisions -- 9.4 WebMaDa's History -- 9.5 WebMaDa 2.1 -- 9.5.1 Email Notifications -- 9.5.1.1 Access Request Handling to WebMaDa -- 9.5.1.2 Access Request Handling to Foreign Networks -- 9.5.1.3 Password Reset -- 9.5.2 Data Control Support -- 9.5.2.1 Privacy Support -- 9.5.2.2 Transparency Support -- 9.6 Implementation -- 9.6.1 Mailing Functionality -- 9.6.2 Logging Functionality.

9.6.3 Filtering Functionality -- 9.7 Proof of Operability -- 9.7.1 Automated Request Handling -- 9.7.1.1 Example for Automated Handling Access Request for WebMaDa -- 9.7.1.2 Example for Automated Handling Access Request to Foreign Network -- 9.7.2 Filtering Functionality Using Logging Solution -- 9.8 Summary and Conclusions -- References -- Part IV IoT Device Level Authentication -- Chapter 10 PUF‐Based Authentication and Key Exchange for Internet of Things -- 10.1 Introduction -- 10.2 Related Work -- 10.2.1 Key Agreement from IoT Device to Server -- 10.2.2 Key Agreement between Two IoT Devices -- 10.3 Preliminaries -- 10.3.1 System Architecture -- 10.3.2 Assumptions -- 10.3.3 Attack Model -- 10.3.4 Cryptographic Operations -- 10.3.4.1 PUFs -- 10.3.4.2 Public Key‐Related Operations -- 10.3.4.3 Other Operations -- 10.4 Proposed System -- 10.4.1 Registration Phase -- 10.4.2 Security Association Phase -- 10.4.3 Authentication and Key Agreement Phase -- 10.5 Security Evaluation -- 10.6 Performance -- 10.6.1 Computational Cost -- 10.6.2 Communication Cost -- 10.7 Conclusions -- References -- Chapter 11 Hardware‐Based Encryption via Generalized Synchronization of Complex Networks -- 11.1 Introduction -- 11.2 System Scheme: Synchronization without Correlation -- 11.2.1 The Delay‐Filter‐Permute Block -- 11.2.2 Steady‐State Dynamics of the DFP -- 11.2.3 DFP‐Bitstream Generation -- 11.2.4 Sensitivity to Changes in the Permutation Table -- 11.3 The Chaotic Followers -- 11.3.1 The Permute‐Filter Block -- 11.3.2 Brute Force Attack -- 11.3.3 PF‐Bitstream Generation -- 11.4 The Complete System -- 11.4.1 Image Encryption Example -- 11.4.2 Usage for Authentication -- 11.5 Conclusions and Outlook -- Acknowledgements -- Author Contributions Statement -- Additional Information -- References -- Part V IoT Use Cases and Implementations.

Chapter 12 IoT Use Cases and Implementations: Healthcare.

Description based on publisher supplied metadata and other sources.

Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.