An official website of the United States government
The Internet of Things (IoT) harbors a large number of resource-limited devices (e.g., sensors) that continuously generate and offload sensitive information (e.g., financial, health, personal). It is imperative the ensure the trustworthiness of this data with efficient cryptographic mechanisms. Digital signatures can offer scalable authentication with public verifiability and nonrepudiation. However, the state-of-the-art digital signatures do not offer the desired efficiency and are not scalable for the connected resource-limited IoT devices. This is without considering long term security features such as post-quantum security and forward security. In this paper, we summarize the main challenges to an energy-aware and efficient signature scheme. Then, we propose new scheme design improvements that uniquely embed different emerging technologies such as Mutli-Party Computation (MPC) and secure enclaves (e.g., Intel SGX) in order to secret-share confidential keys of low-end IoT devices across multiple cloud servers. We also envision building signature schemes with Fully Homomorphic Encryption (FHE) to enable verifiers to compute expensive commitments under encryption. We provide evaluation metrics that showcase the feasibility and efficiency of our designs for potential deployment on embedded devices in IoT.
more »
« less
Evaluation of Physical Layer Secret Key Generation for IoT Devices
As aspects of our daily lives become more interconnected with the emergence of the Internet of Things (IoT), it is imperative that our devices are reliable and secure from threats. Vulnerabilities of Wi-Fi Protected Access (WPA/WPA2) have been exposed in the past, motivating the use of multiple security techniques, even with the release of WPA3. Physical layer security leverages existing components of communication systems to enable methods of protecting devices that are well-suited for IoT applications. In this work, we provide a low-complexity technique for generating secret keys at the Physical layer to enable improved IoT security. We leverage the existing carrier frequency offset (CFO) and channel estimation components of Orthogonal Frequency Division Multiplexing (OFDM) receivers for an efficient approach. The key generation algorithm we propose focuses on the unique CFO and channel experienced between a pair of desired nodes, and to the best of our understanding, the combination of the features has not been examined previously for the purpose of secret key generation. Our techniques are appropriate for IoT devices, as they do not require extensive processing capabilities and are based on second order statistics. We obtain experimental results using USRP N210 software defined radios and analyze the performance of our methods in post-processing. Our techniques improve the capability of desired nodes to establish matching secret keys, while hindering the threat of an eavesdropper, and are useful for protecting future IoT devices.
more »
« less
- PAR ID:
- 10118765
- Date Published:
- Journal Name:
- 2019 IEEE 20th Wireless and Microwave Technology Conference (WAMICON)
- Page Range / eLocation ID:
- 1 to 6
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
A secret key generation scheme is proposed for generating keys to be used for one-time pad encryption. This type of encryption is suitable for e.g., short packet communication in distributed inference in IoT. The scheme exploits the phase of the channel fading coefficient in a Rayleigh fading channel to extract highly correlated key bits at two legitimate parties. Compared to other existing methods, the proposed scheme trades off higher bit error probabilities in the keys for lower error correction communication requirements. The bit error of generated keys is characterized via an approximate upper bound, which is shown to be fairly tight for reasonable signal-to-noise ratios.more » « less
-
Sahula, Vineet; Mohanty, Saraju (Ed.)This paper proposes a new controlled Physical Unclonable Function (PUF), Veda-PUF, which uses an algorithm for pre-processing and post-processing the input and output of PUF to increase the security of the keys generated in Internet-of-Things (IoT) devices. The key size of the PUF can be increased using the proposed protocol without compromising the integrity of the keys generated. The uniqueness of the generated keys was 50 % and the reliability of the keys generated is 99.9 % which are close to the ideal values. The proposed control algorithm also increases the uniqueness and reliability of the PUF keys after processing. This increases the number of PUF keys that can be used for various applications.more » « less
-
Our everyday lives are impacted by the widespread adoption of wireless communication systems integral to residential, industrial, and commercial settings. Devices must be secure and reliable to support the emergence of large scale heterogeneous networks. Higher layer encryption techniques such as Wi-Fi Protected Access (WPA/WPA2) are vulnerable to threats, including even the latest WPA3 release. Physical layer security leverages existing components of the physical or PHY layer to provide a low-complexity solution appropriate for wireless devices. This work presents a PHY layer encryption technique based on frequency induction for Orthogonal Frequency Division Multiplexing (OFDM) signals to increase security against eavesdroppers. The secure transceiver consists of a key to frequency shift mapper, encryption module, and modified synchronizer for decryption. The system has been implemented on a Virtex-7 FPGA. The additional hardware overhead incurred on the Virtex-7 for both the transmitter and the receiver is low. Both simulation and hardware evaluation results demonstrate that the proposed system is capable of providing secure communication from an eavesdropper with no decrease in performance as compared with the baseline case of a standard OFDM transceiver. The techniques developed in this paper provide greater security to OFDM-based wireless communication systems.more » « less
-
Pervasive IoT applications enable us to perceive, analyze, control, and optimize the traditional physical systems. Recently, security breaches in many IoT applications have indicated that IoT applications may put the physical systems at risk. Severe resource constraints and insufficient security design are two major causes of many security problems in IoT applications. As an extension of the cloud, the emerging edge computing with rich resources provides us a new venue to design and deploy novel security solutions for IoT applications. Although there are some research efforts in this area, edge-based security designs for IoT applications are still in its infancy. This paper aims to present a comprehensive survey of existing IoT security solutions at the edge layer as well as to inspire more edge-based IoT security designs. We first present an edge-centric IoT architecture. Then, we extensively review the edge-based IoT security research efforts in the context of security architecture designs, firewalls, intrusion detection systems, authentication and authorization protocols, and privacy-preserving mechanisms. Finally, we propose our insight into future research directions and open research issues.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1109/WAMICON.2019.8765465
