IIIT Hyderabad Publications |
|||||||||
|
Design and Analysis of Authenticated Key Agreement Schemes for Future IoT ApplicationsAuthor: C. Sravani Date: 2017-07-18 Report no: IIIT/TH/2017/67 Advisor:Ashok Kumar Das AbstractThe ability to convey information quickly, accurately, and efficiently is one of the primary aims of human innovation. With the invention of the electronic numerical integrator and computer, an interaction between informatics and telecommunication began which added faster data processing to distant communication. The conventional circuit switching was soon replaced by packet switching, and the TCP/IP protocol suite, facilitating communication between computers/heterogeneous machines, ultimately leading to the birth of the Internet. The advent of the Internet has resulted in the redefining of traditional modes of communication like radio, television and paper mail giving rise to services such as email, digital newspapers, Internet telephony and video streaming. With networks growing exponentially, modern communication methods have become the driving force of social evolution. The ever increasing amount of information being generated presents new challenges in terms of storage, transfer and security. Since computers can range from stand-alone to networked devices, various avenues of attacks are available to compromise information security. Ensuring confidentiality of information being transmitted and stored is therefore essential. Also known as access control, this can be achieved through authentication. Authentication is the process of verifying a claimed identity. The validation method can involve multiple factors with the level of security being proportional to the number and type of factors involved. Mutual authentication is where the involved parties simultaneously authenticate each other to establish a connection. It is most often implemented machine-to-machine through digital certificates where there is a chance of the user not realizing when the remote authentication fails. Challenge-response based mechanisms help mitigate this problem by detecting false end-points. In this thesis, we study the importance of authentication and key agreement in two different network applications – Internet of Things (IoT) and Session Initiation Protocol (SIP). The first study presents a new Elliptic Curve Cryptography (ECC) signaturebased authenticated key establishment scheme for applications in IoT environment. The proposed scheme accommodates password and biometric update as well as stolen/lost smartcard revocation phases. The proposed scheme has been proved to be secure using the widely-used Burrows-Abadi-Needham logic (BAN logic), informal security analysis, and also a formal security verification using the broadly-accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The practical demonstration of the scheme is evaluated using the widely-accepted NS2 simulator for various network performance parameters. Finally, it is shown that the scheme provides more functionality features, and its computational and communication costs are also comparable with other existing approaches. In the next study, we focus on authentication in Session Initiation Protocol for Voice over IP environments. In this work, we present an efficient ECC based three-factor authentication and session key agreement scheme for SIP, which uses the identity, pass- word and personal biometrics of a user as three factors. The proposed scheme resolves the shortcomings in existing SIP authentication protocols. The proposed scheme also supports password and biometric update phase without involving the server and the user mobile device revocation phase in case the mobile device is lost/stolen. Formal security analysis under the Real-Or-Random (ROR) model and the broadly-accepted BAN logic ensures that the proposed scheme can withstand several known security attacks. The proposed scheme has also been analyzed informally to show that it can also withstand other known attacks. Simulation for formal security verification using the widely-known AVISPA tool shows that the scheme is secure against replay and man-in-the-middle attacks. Finally, high security, and low communication and computation costs make the proposed scheme more suitable for practical application as compared to other existing related ECC-based schemes for SIP authentication. Keywords: Full thesis: pdf Centre for Security, Theory and Algorithms |
||||||||
Copyright © 2009 - IIIT Hyderabad. All Rights Reserved. |