IoT Authentication in Cryptography

A special issue of Cryptography (ISSN 2410-387X).

Deadline for manuscript submissions: closed (30 June 2019) | Viewed by 21970

Special Issue Editors


E-Mail Website
Guest Editor
Faculty of Science, School of Computer Science, Queensland University of Technology, Brisbane, QLD 4000, Australia
Interests: cryptology; cryptanalysis; cryptography; symmetric ciphers; stream ciphers; authenticated encryption
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
School of Mathematical Sciences, Queensland University of Technology, Brisbane, QLD 4000, Australia
Interests: symmetric ciphers; stream ciphers; authenticated encryption; pseudorandom sequences

Special Issue Information

Dear Colleagues,

Secure communications require authentication of communicating entities; assuring each party of the identity of other communicating parties, to avoid manipulation by malicious actors. Achieving this goal for small devices in the Internet of Things (IoT) is extremely challenging, not only because of inherently limited computing power, but also because of the widespread use of vendor specific communication applications and special purpose, rather than general purpose, computing components. Given this situation, the task of authenticating multiple communicating devices based on different hardware, firmware and software and equipped with limited resources represents a major challenge. Solutions that are generalisable, suitable for use with little or no human intervention, and efficient enough for implementation in very resource constrained devices, are needed.

In this Special Issue, we will focus on cryptographic algorithms for providing authentication of devices in the future IoT. Aspects of interest include, but are not limited to:

  1. new generalisable lightweight cryptographic authentication algorithms,
  2. algorithms providing additional security services, such as Authenticated Encryption (AE) and Authenticated Encryption with Associated Data (AEAD)
  3. security analysis of existing authentication algorithms and algorithm implementations
  4. efficiency analysis of existing authentication algorithms
  5. tradeoffs between security and efficiency in algorithm design and implementation

Dr. Leonie Simpson
Dr. Harry Bartlett
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Cryptography is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Internet of Things (IoT)
  • Authentication
  • Authenticated encryption (AE)
  • Cryptanalysis
  • Efficient implementation

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (3 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

22 pages, 3541 KiB  
Article
Efficient and Flexible Multi-Factor Authentication Protocol Based on Fuzzy Extractor of Administrator’s Fingerprint and Smart Mobile Device
by Alzahraa J. Mohammed and Ali A. Yassin
Cryptography 2019, 3(3), 24; https://doi.org/10.3390/cryptography3030024 - 9 Sep 2019
Cited by 13 | Viewed by 6879
Abstract
In an era of tremendous development in information technology and the Internet of Things (IoT), security plays a key role in safety devices connected with the Internet. Authentication is vital in the security field, and to achieve a strong authentication scheme, there are [...] Read more.
In an era of tremendous development in information technology and the Internet of Things (IoT), security plays a key role in safety devices connected with the Internet. Authentication is vital in the security field, and to achieve a strong authentication scheme, there are several systems using a Multi-Factor Authentication (MFA) scheme based on a smart card, token, and biometric. However, these schemes have suffered from the extra cost; lost, stolen or broken factor, and malicious attacks. In this paper, we design an MFA protocol to be the authenticated administrator of IoT’s devices. The main components of our protocol are a smart mobile device and the fuzzy extractor of the administrator’s fingerprint. The information of the authenticated user is stored in an anomalous manner in mobile devices and servers to resist well-known attacks, and, as a result, the attacker fails to authenticate the system when they obtain a mobile device or password. Our work overcomes the above-mentioned issues and does not require extra cost for a fingerprint device. By using the AVISPA tool to analysis protocol security, the results are good and safe against known attacks. Full article
(This article belongs to the Special Issue IoT Authentication in Cryptography)
Show Figures

Figure 1

12 pages, 269 KiB  
Article
New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT
by Sitalakshmi Venkatraman and Anthony Overmars
Cryptography 2019, 3(3), 20; https://doi.org/10.3390/cryptography3030020 - 15 Aug 2019
Cited by 9 | Viewed by 7110
Abstract
The potential benefits of the Internet of Things (IoT) are hampered by malicious interventions of attackers when the fundamental security requirements such as authentication and authorization are not sufficiently met and existing measures are unable to protect the IoT environment from data breaches. [...] Read more.
The potential benefits of the Internet of Things (IoT) are hampered by malicious interventions of attackers when the fundamental security requirements such as authentication and authorization are not sufficiently met and existing measures are unable to protect the IoT environment from data breaches. With the spectrum of IoT application domains increasing to include mobile health, smart homes and smart cities in everyday life, the consequences of an attack in the IoT network connecting billions of devices will become critical. Due to the challenges in applying existing cryptographic standards to resource constrained IoT devices, new security solutions being proposed come with a tradeoff between security and performance. While much research has focused on developing lightweight cryptographic solutions that predominantly adopt RSA (Rivest–Shamir–Adleman) authentication methods, there is a need to identify the limitations in the usage of such measures. This research paper discusses the importance of a better understanding of RSA-based lightweight cryptography and the associated vulnerabilities of the cryptographic keys that are generated using semi-primes. In this paper, we employ mathematical operations on the sum of four squares to obtain one of the prime factors of a semi-prime that could lead to the attack of the RSA keys. We consider the even sum of squares and show how a modified binary greatest common divisor (GCD) can be used to quickly recover one of the factors of a semi-prime. The method presented in this paper only uses binary arithmetic shifts that are more suitable for the resource-constrained IoT landscape. This is a further improvement on previous work based on Euler’s method which is demonstrated using an illustration that allows for the faster testing of multiple sums of squares solutions more quickly. Full article
(This article belongs to the Special Issue IoT Authentication in Cryptography)
18 pages, 356 KiB  
Article
New Authentication Algorithm Based on Verifiable Encryption with Digital Identity
by Maki Kihara and Satoshi Iriyama
Cryptography 2019, 3(3), 19; https://doi.org/10.3390/cryptography3030019 - 29 Jul 2019
Cited by 3 | Viewed by 6468
Abstract
We propose a new authentication algorithm for small internet of things (IoT) devices without key distribution and secure servers. Encrypted private data are stored on the cloud server in the registration step and compared with incoming encrypted data without decryption in the verification [...] Read more.
We propose a new authentication algorithm for small internet of things (IoT) devices without key distribution and secure servers. Encrypted private data are stored on the cloud server in the registration step and compared with incoming encrypted data without decryption in the verification step. We call a set of encryptions that can verify two encrypted data items without decryption a verifiable encryption (VE). In this paper, we define VE, and claim that several cryptosystems belong to the VE class. Moreover, we introduce an authentication algorithm based on VE, and show an example of the algorithm and discuss its performance and security. As the algorithm neither shares any secret keys nor decrypts, its computation time becomes very small. Full article
(This article belongs to the Special Issue IoT Authentication in Cryptography)
Show Figures

Figure 1

Back to TopTop