New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT
Abstract
:1. Introduction
- Power and energy consumption.
- Communication bandwidth.
- Memory capacity (e.g., RAM (Random-access memory), Flash).
- Size and complexity (e.g., display, storage, gate count, I/O (Input/output) pin count).
- Lack of user interface.
- Short device lifetime.
2. RSA-Based Authentication Schemes for the IoT
3. IoT Authentication Issues and Attacks
4. Proposed Semi-Prime Factorisation Method Using Illustrations
4.1. Proposed Factorisation Implementation Using Binary Greatest Common Divisor (GCD)
1. Test least significant bit (LSB) | ||||
2. Shift right until LSB set | ||||
3. Shift right until LSB set | ||||
4. Sum squares | ||||
5. Division | ||||
4.2. Mathematical Proof for Efficiency
5. Conclusions and Future Work
Author Contributions
Funding
Conflicts of Interest
References
- Rajakumari, S.; Azhagumeena, S.; Devi, A.B.; Ananthi, M. Upgraded living think-IoT and big data. In Proceedings of the 2017 2nd International Conference on Computing and Communications Technologies (ICCCT), Chennai, India, 23–24 February 2017. [Google Scholar]
- Dineshkumar, P.; SenthilKumar, R.; Sujatha, K.; Ponmagal, R.; Rajavarman, V. Big data analytics of IoT based Health care monitoring system. In Proceedings of the 2016 IEEE Uttar Pradesh Section International Conference on Electrical, Computer and Electronics Engineering (UPCON), Varanasi, India, 9–11 December 2016. [Google Scholar]
- Liu, R.; Wang, J. Internet of Things: Application and Prospect. In MATEC Web of Conferences; Zhao, L., Xavior, A., Cai, J., You, L., Eds.; EDP Sciences France: Les Ulis, France, 2017; Volume 100, p. 02034. [Google Scholar]
- Sen, S.; Koo, J.; Bagchi, S. TRIFECTA: Security, Energy Efficiency, and Communication Capacity Comparison for Wireless IoT Devices. IEEE Internet Comput. 2018, 22, 74–81. [Google Scholar] [CrossRef] [Green Version]
- McAfee. McAfee Labs Threats Report; Technical Report; McAfee: Santa Clara, CA, USA, 2017. [Google Scholar]
- Wu, M.; Lu, T.J.; Ling, F.Y.; Sun, J.; Du, H.Y. Research on the architecture of Internet of Things. In Proceedings of the 2010 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE), Chengdu, China, 20–22 August 2010. [Google Scholar]
- Nastase, L. Security in the Internet of Things: A Survey on Application Layer Protocols. In Proceedings of the 21st International Conference on Control Systems and Computer Science (CSCS), Bucharest, Romania, 29–31 May 2017; pp. 659–666. [Google Scholar]
- Hern, A. Hacking Risk Leads to Recall of 500,000 Pacemakers due to Patient Death Fears. The Guardian. 31 August 2017. Available online: https://www.google.com.hk/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&ved=2ahUKEwjxjfnGs4TkAhWCfXAKHYvMAmIQFjACegQIARAB&url=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2017%2Faug%2F31%2Fhacking-risk-recall-pacemakers-patient-death-fears-fda-firmware-update&usg=AOvVaw1iTl1YppU9tgAM6Ex9rfHO (accessed on 14 August 2019).
- Husamuddin, M.; Qayyum, M. Internet of Things: A study on security and privacy threats. In Proceedings of the 2017 2nd International Conferenceon Anti-CyberCrimes (ICACC), Abha, Saudi Arabia, 26–27 March 2017. [Google Scholar]
- El Mouaatamid, O.; Lahmer, M.; Belkasmi, M. Internet of Things Security: Layered classification of attacks and possible Countermeasures. Electron. J. Inf. Technol. 2016, 9, 24–37. [Google Scholar]
- Trappe, W.; Howard, R.; Moore, R.S. Low-energy security: Limits and opportunities in the Internet of things. IEEE Secur. Privacy 2015, 13, 14–21. [Google Scholar] [CrossRef]
- Suárez-Albela, M.; Fraga-Lamas, P.; Fernández-Caramés, T.M. A Practical Evaluation on RSA and ECC-Based Cipher Suites for IoT High-Security Energy-Efficient Fog and Mist Computing Devices. Sensors 2018, 18, 3868. [Google Scholar] [CrossRef] [PubMed]
- Gope, P.; Hwang, T. A Realistic Lightweight Anonymous Authentication Protocol for Securing Real-Time Application Data Access in Wireless Sensor Networks. IEEE Trans. Ind. Electron. 2016, 63, 7124–7132. [Google Scholar] [CrossRef]
- Rivest, R.L.; Shamir, A.; Adleman, L. A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 1978, 21, 120–126. [Google Scholar] [CrossRef]
- Sun, H.M.; Wu, M.E.; Ting, W.C.; Hinek, M.J. Dual RSA and its Security Analysis. IEEE Trans. Inf. Theory 2007, 53, 2922–2933. [Google Scholar]
- Zhou, L.; Li, X.; Yeh, K.H.; Su, C.; Chiu, W. Lightweight IoT-based authentication scheme in cloud computing circumstance. Future Gen. Comput. Syst. 2019, 91, 244–251. [Google Scholar]
- Pammu, A.A.; Chong, K.S.; Ho, W.G.; Gwee, B.H. Interceptive side channel attack on AES-128 wireless communications for IoT applications. In Proceedings of the 2016 IEEE Asia Pacific Conference on Circuits and Systems (APCCAS), Jeju, Korea, 25–28 October 2016. [Google Scholar]
- Choi, J.; Kim, Y. An improved LEA block encryption algorithm to prevent side-channel attack in the IoT system. In Proceedings of the 2016 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA), Jeju, Korea, 13–16 December 2016. [Google Scholar]
- El-hajj, M.; Fadlallah, A.; Chamoun, M.; Serhrouchni, A. A Survey of Internet of Things (IoT) Authentication Schemes. Sensors 2019, 19, 1141. [Google Scholar] [CrossRef]
- Abomhara, M.; Koien, G.M. Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks. J. Cyber Secur. Mobil. 2015, 4, 65–88. [Google Scholar] [CrossRef]
- Wen, Q.; Dong, X.; Zhang, R. Application of dynamic variable cipher security certificate in Internet of Things. In Proceedings of the 2012 IEEE 2nd International Conference on Cloud Computing and Intelligence Systems, Hangzhou, China, 30 October–1 November 2012. [Google Scholar]
- Ye, N.; Zhu, Y.; Wang, R.C.; Malekian, R.; Qiao-min, L. An Efficient Authentication and Access Control Scheme for Perception Layer of Internet of Things. Appl. Math. Inf. Sci. 2014, 8, 1617–1624. [Google Scholar] [CrossRef] [Green Version]
- Aboud, S.J. An efficient method for attack RSA scheme. In Proceedings of the ICADIWT 2nd International Conference, London, UK, 4–6 August 2009; pp. 587–591. [Google Scholar]
- Cekerevac, Z.; Dvorak, Z.; Prigoda, L.; Cekerevac, P. Man in the Middle Attacks and the Internet of Things—Security and economic risks. FBIM Trans. 2017, 5, 25–35. [Google Scholar] [CrossRef]
- Haddad, Z.J.; Taha, S.; Saroit, I.A. Anonymous authentication and location privacy preserving schemes for LTE-A networks. Egypt. Inform. J. 2017, 18, 193–203. [Google Scholar] [CrossRef]
- Schneier, B. Applied Cryptography, 2nd ed.; John Wiley & Sons, Inc.: New York, NY, USA, 1996. [Google Scholar]
- Da Silva, J.C.L. Factoring Semi primes and Possible Implications. In Proceedings of the 26th IEEE Convention in Israel, Eliat, Israel, 17–20 November 2010; pp. 182–183. [Google Scholar]
- Raza, S.; Voigt, T.; Jutvik, V. Lightweight ikev2: A key management solution for both the compressed IPsec and the IEEE 802.15. 4 security. In Proceedings of the IETF Workshop on Smart Object Security, Paris, France, 23 March 2012. [Google Scholar]
- Raza, S.; Shafagh, H.; Hewage, K.; Hummen, R.; Voigt, T. Lithe: Lightweight secure CoAP for the internet of things. IEEE Sens. J. 2013, 13, 3711–3720. [Google Scholar] [CrossRef]
- Barker, E. Recommendation for Key Management —Part 1: General, NIST Special Publication 800-57: Part 1 (Revision 4). January 2016. Available online: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf (accessed on 14 August 2019).
- Mahmood, K.; Chaudhry, S.A.; Naqvi, H.; Shon, T.; Ahmad, H.F. A lightweight message authentication scheme for Smart Grid communications in power sector. Comput. Electr. Eng. 2016, 52, 114–124. [Google Scholar] [CrossRef]
- Chim, T.W.; Yiu, S.M.; Li, V.O.; Hui, L.C.; Zhong, J. PRGA: Privacy-preserving recording & gateway-assisted authentication of power usage information for smart grid. IEEE Trans. Dependable Secur. Comput. 2015, 12, 85–97. [Google Scholar]
- Li, Q.; Cao, G. Multicast Authentication in the Smart Grid with One-Time Signature. IEEE Trans. Smart Grid 2011, 2, 686–696. [Google Scholar] [CrossRef]
- Kothmayr, T.; Schmitt, C.; Hu, W.; Brünig, M.; Carle, G. DTLS based security and two-way authentication for the Internet of Things. Ad Hoc Netw. 2013, 11, 2710–2723. [Google Scholar] [CrossRef]
- Huth, C.; Zibuschka, J.; Duplys, P.; Guneysu, T. Securing systems on the Internet of Things via physical properties of devices and communications. In Proceedings of the 2015 Annual IEEE Systems Conference (SysCon) Proceedings, Vancouver, BC, Canada, 13–16 April 2015. [Google Scholar]
- Schmitt, C.; Noack, M.; Stiller, B. TinyTO: Two-way authentication for constrained devices in the Internet of Things. Internet of Things; Elsevier: Amsterdam, The Netherlands, 2016; pp. 239–258. [Google Scholar]
- Hong, N. A Security Framework for the Internet of Things Based on Public Key Infrastructure. Adv. Mater. Res. 2013, 671–674, 3223–3226. [Google Scholar] [CrossRef]
- Zhao, Y.L. Research on Data Security Technology in Internet of Things. Appl. Mech. Mater. 2013, 433–435, 1752–1755. [Google Scholar] [CrossRef]
- Armando, A.; Basin, D.; Boichut, Y.; Chevalier, Y.; Compagna, L.; Cuellar, J.; Drielsma, P.H.; Heám, P.C.; Kouchnarenko, O.; Mantovani, J.; et al. The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In Computer Aided Verification; Etessami, K., Rajamani, S.K., Eds.; Springer: Berlin/Heidelberg, Germany, 2005; pp. 281–285. [Google Scholar] [Green Version]
- Tangade, S.; Manvi, S.S. Scalable and privacy-preserving authentication protocol for secure vehicular communications. In Proceedings of the 2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), Bangalore, India, 6–9 November 2016. [Google Scholar]
- Chung, Y.; Choi, S.; Lee, Y.; Park, N.; Won, D. An Enhanced Lightweight Anonymous Authentication Scheme for a Scalable Localization Roaming Service in Wireless Sensor Networks. Sensors 2016, 16, 1653. [Google Scholar] [CrossRef] [PubMed]
- Ahmed, M.E.; Kim, H. DDoS Attack Mitigation in Internet of Things Using Software Defined Networking. In Proceedings of the 2017 IEEE Third International Conference on Big Data Computing Service and Applications (BigDataService), San Francisco, CA, USA, 6–9 April 2017. [Google Scholar]
- Na, S.; Hwang, D.; Shin, W.; Kim, K.H. Scenario and countermeasure for replay attack using join request messages in LoRaWAN. In Proceedings of the 2017 International Conference on Information Networking (ICOIN), Da Nang, Vietnam, 11–13 January 2017. [Google Scholar]
- Anirudh, M.; Thileeban, S.A.; Nallathambi, D.J. Use of honeypots for mitigating DoS attacks targeted on IoT networks. In Proceedings of the 2017 International Conference on Computer, Communication and Signal Processing (ICCCSP), Chennai, India, 10–11 January 2017. [Google Scholar]
- Bamasag, O.O.; Youcef-Toumi, K. Towards continuous authentication in Internet of things based on secret sharing scheme. In Proceedings of the WESS’15: Workshop on Embedded Systems Security, Amsterdam, The Netherlands, 4–9 October 2015. [Google Scholar]
- Neto, A.L.M.; Souza, A.L.F.; Cunha, I.; Nogueira, M.; Nunes, I.O.; Cotta, L.; Gentille, N.; Loureiro, A.A.F.; Aranha, D.F.; Patil, H.K.; et al. AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle. In Proceedings of the 14th ACM Conference on Embedded Network Sensor Systems CD-ROM (ACM SenSys 2016), New York, NY, USA, 14–16 November 2016; pp. 1–15. [Google Scholar]
- Wiener, M. Cryptanalysis of short RSA secret exponents. IEEE Trans. Inf. Theory 1990, 160, 553–558. [Google Scholar] [CrossRef]
- Weisstein, E.W. Semiprime; Wolfram Research, Inc.: Champaign, IL, USA, 2003. [Google Scholar]
- Kaddoura, I.; Abdul-Nabi, S.; Al-Akhrass, K. New Formulas for Semi-Primes. Testing, Counting and Identification of the nth and next Semi-Primes. arXiv 2016, arXiv:1608.05405. [Google Scholar]
- Kostopoulos, G. An Original Numerical Factorization Algorithm. J. Inf. Assur. Cyber Secur. 2016, 2016, 775081. [Google Scholar] [CrossRef]
- Pollard, J. Theorems on factorization and primality testing. Proc. Camb. Philos. Soc. 1974, 76, 521–528. [Google Scholar] [CrossRef]
- Overmars, A.; Venkatraman, S. A Fast Factorisation of Semi-Primes Using Sum of Squares. Math. Comput. Appl. 2019, 24, 62. [Google Scholar] [CrossRef]
- Stein, J. Computational problems associated with Racah algebra. J. Comput. Phys. 1967, 1, 397–405. [Google Scholar] [CrossRef]
- Ambedkar, B.R.; Bedi, S.S. A New Factorization Method to Factorize RSA Public Key Encryption. Int. J. Comput. Sci. Issues (IJCSI) 2011, 8, 242–247. [Google Scholar]
- Yan, S.Y. Factoring Based Cryptography. In Cyber Cryptography: Applicable Cryptography for Cyberspace Security; Springer: Berlin/Heidelberg, Germany, 2018; pp. 217–286. [Google Scholar]
- Overmars, A.; Ntogramatzidis, L.; Venkatraman, S. A new approach to generate all Pythagorean triples. AIMS Math. 2019, 4, 242–253. [Google Scholar] [CrossRef]
- Karatsuba, A. The complexity of computations. Proc. Steklov Inst. Math. 1995, 211, 169–183. [Google Scholar]
- Traversa, F.L.; di Ventra, M. Polynomial-time solution of prime factorization and NP-complete problems with digital memcomputing machines. Chaos Interdiscip. J. Nonlinear Sci. 2017, 27, 023107. [Google Scholar] [CrossRef] [PubMed] [Green Version]
© 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Venkatraman, S.; Overmars, A. New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT. Cryptography 2019, 3, 20. https://doi.org/10.3390/cryptography3030020
Venkatraman S, Overmars A. New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT. Cryptography. 2019; 3(3):20. https://doi.org/10.3390/cryptography3030020
Chicago/Turabian StyleVenkatraman, Sitalakshmi, and Anthony Overmars. 2019. "New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT" Cryptography 3, no. 3: 20. https://doi.org/10.3390/cryptography3030020