ECC based inter-device authentication and authorization scheme using MQTT for IoT networks

Lohachab, Ankur; Karambir,

doi:10.1016/j.jisa.2019.02.005

Cited by 57 publications

(51 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In Lohachab, 28 the focus is on SD registration and authentication mechanism with user authentication using symmetric and asymmetric key cryptography. This mechanism is based on Message Queuing Telemetry tTansport (MQTT) protocol and suffers from computation, communication, and storage overheads.…”

Section: Related Workmentioning

confidence: 99%

“…In Kim and Heo, 16 the protocol does not ensure security against masquerade, replay, DoS, secret value guessing, and node compromised attack. In Kumar et al and Lohachab, 20,28 the mechanisms are vulnerable to Sybil, secret value guessing, and node compromised attack. It does not ensure forward and backward secrecy.…”

Section: Comparative Studymentioning

confidence: 99%

“…In Hossain and Hasan, 25 X.509 digital certificates are used along with ECC, AES encryption/decryption, hash (SHA‐1) and CBC‐MAC. In Lohachab, 28 the authentication mechanism uses symmetric key cryptography, asymmetric key cryptography (ECC), hash function, and concatenation operation. In our proposed protocol, we use mainly one‐way hash function, exclusive OR (XOR) “⊕”, concatenation “||” operations and symmetric encryption/decryption for registration and authentication of the SDs securely.…”

Section: Performance Evaluationmentioning

confidence: 99%

See 2 more Smart Citations

Simple and secure device authentication mechanism for smart environments using Internet of things devices

Hussain

Jain

2020

Int J Communication

View full text Add to dashboard Cite

Enormous growth in digital electronics technology has paved path for the development of advanced networks, and smart environment is one among them. Smart environment is a network of smart devices connected to provide comfort, security, remote access and many more to end-users. Devices in smart environments usually collect very sensitive data of the end-users and disseminate it as required. The privacy of the end-user has to be ensured in these applications, and security becomes a prime concern. The security system in smart environments has to ensure privacy and need to be more resource-aware. An efficient authentication mechanism can ensure the privacy of end users and secrecy of the sensitive data; it may avoid unauthorized access of data and resources, ensuring privacy and security. In this paper, we proposed a mechanism for device authentication which enables smart devices to mutually authenticate each other. The proposed mechanism enables smart devices to acquire security credentials from the server and use these credentials to authenticate each other. The mechanism used exclusive OR (XOR), concatenation, one-way hash, and symmetric key encryption techniques. The security analysis of the mechanism is done and proved that the mechanism is secure. The performance analysis proved that the computational and communications overheads are 8% less than existing mechanisms and storage overhead is also least.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Comparative Studymentioning

confidence: 99%

Section: Performance Evaluationmentioning

confidence: 99%

See 1 more Smart Citation

Simple and secure device authentication mechanism for smart environments using Internet of things devices

Hussain

Jain

2020

Int J Communication

View full text Add to dashboard Cite

show abstract

“…In [39], the authors present above all a method of authorization using Elliptical Curve Cryptography (ECC). However, they also implement an authorization scheme using capabilities.…”

Section: Related Workmentioning

confidence: 99%

Access Controls for IoT Networks

2019

View full text Add to dashboard Cite

The message queuing telemetry transport (MQTT) protocol is becoming the main protocol for the internet of things (IoT). In this paper, we define a highly expressive attribute-based access control (ABAC) security model for the MQTT protocol. Our model allows us to regulate not only publications and subscriptions, but also distribution of messages to subscribers. We can express various types of contextual security rules (temporal security rules, content-based security rules, rules based on the frequency of events, etc.).

show abstract

“…An anomaly was created because the microservices behave differently at various times that leads to deviations in normal behavior. A. Lohachab, [16] tackled the vulnerabilities associated with security challenges by presenting a light-weight authorization and authentication framework using MQTT and Elliptical Curve Cryptography (ECC). Authorization of devices were approved by using the Usage Control (UCON) based access control, whereas the access control policies were defined for users by developing a Capability Based Access Control (Cap-BAC) model.…”

Section: Literature Reviewmentioning

confidence: 99%

Authentication and Access control Mechanism using Elliptical Curve Cryptography with Message Authentication Code

Fathima

2019

IJEAT

View full text Add to dashboard Cite

Nowadays, Internet of Things (IoT) provided smart and inter-connected devices, which are ranging from tiny sensors to complex nodes of Fog and Cloud, communication protocols and several networking technologies. IoT plays a significant role in various application areas such as e-commerce, healthcare, research, governance and so on, and these application easily accessible for end users. Although the IoT has many benefits, there are some security challenges associated with the vulnerabilities presents in this area. This research work introduced a new authentication and access control model using Message Authentication code (MAC) with Elliptical Curve Cryptography (ECC) to address the security issues in Message Queuing Telemetry Transport (MQTT). In cryptography, a message can be authenticated by MAC (i.e. to verify that whether the message came from authenticate sender and the content of the message is changed or not). If any changes occur to the message content, the verifier can able to detect those changes using MAC values, which preserves the authenticity as well as data integrity. The validated results stated that the proposed ECC-MAC-MQTT shows better performance when compared with existing techniques in terms of accuracy, precision, recall and f-measure.

show abstract

ECC based inter-device authentication and authorization scheme using MQTT for IoT networks

Cited by 57 publications

References 20 publications

Simple and secure device authentication mechanism for smart environments using Internet of things devices

Simple and secure device authentication mechanism for smart environments using Internet of things devices

Access Controls for IoT Networks

Authentication and Access control Mechanism using Elliptical Curve Cryptography with Message Authentication Code

Contact Info

Product

Resources

About