Formal Security Analysis and Improvement Based on LonTalk Authentication Protocol

Tao, Feng; Wu, Yi Bo

doi:10.1155/2022/8104884

Cited by 5 publications

(2 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The proposed scheme also follows the same architecture. Figure 1 The proposed protocol follows the Dolev-Yao threat model [42] [43]. It assumes that the communication takes place using an open (public) network and an adversary may gain the control of the network.…”

Section: Wban Test Bedmentioning

confidence: 99%

An efficient and secure mutual authentication protocol in wireless body area network

Kumar

Hussain

2023

EAI Endorsed Trans Perv Health Tech

View full text Add to dashboard Cite

Wireless Body Area Network (WBAN) is an emerging field which is gaining a lot of attention in healthcare sector. It facilitates remote monitoring by gathering health related data using wearable bio-sensors based on IOT. This technological advancement would significantly improve the tracking of fitness, health care delivery, medical diagnostics, early disease prediction, and associated medical dealings of any individual. Several challenges persist in WBAN due to its openness and mobility. The medical data is extremely sensitive and personal in nature therefore it must be protected at any cost while being communicated between nodes. Highly resource constrained tiny sized bio-sensors restrict the usage of energy seeking traditional cryptographic techniques and hence require new methods to be evolved to secure the communication. The current study proposes a lightweight mutual authentication based key agreement scheme which is dependent on XOR operations and cryptographic hash functions. BAN logic is used for formal verification and automatic security verification tool Scyther is used for the analysis of security protocol. Proposed scheme is compared with other related works on 15 key security parameters which are identified on the basis of literature survey. The results indicate that the proposed scheme follows all the security parameters and performs better in terms of computation cost, energy consumption, communication cost and storage requirement as compared with other schemes.

show abstract

Section: Wban Test Bedmentioning

confidence: 99%

An efficient and secure mutual authentication protocol in wireless body area network

Kumar

Hussain

2023

EAI Endorsed Trans Perv Health Tech

View full text Add to dashboard Cite

show abstract

“…Therefore, there are forward and backward security flaws. In addition, in the LonTalk [6] protocol, the sender and receiver authenticate their identities through pre-shared keys, but the two parties do not conduct key negotiation in advance, and there is a risk of authentication defects and key leakage.…”

Section: Introductionmentioning

confidence: 99%

Security Evaluation and Improvement of the Extended Protocol EIBsec for KNX/EIB

Feng,

Zhang

2023

Information

Self Cite

View full text Add to dashboard Cite

The European Installation Bus(EIB) protocol, also known as KNX/EIB, is widely used in building and home automation. An extension of the KNX/EIB protocol, EIBsec, is primarily designed to meet the requirements for data transmission security in distributed building automation systems. However, this protocol has some security issues in the request, key distribution, and identity authentication processes. This paper employs a formal analysis method that combines Colored Petri Net (CPN) theory with the Dolev-Yao attack model to evaluate and enhance the EIBsec protocol. It utilizes the CPN Tools to conduct CPN modeling analysis on the protocol and introduces a security assessment model to carry out intrusion detection and security assessment. Through this analysis, vulnerabilities in the protocol, such as tampering and replay attacks, are identified. To address these security concerns, we introduce hash verification and timestamp judgment methods into the original protocol to enhance its security. Subsequently, based on the improved protocol, we conduct CPN modeling and verify the security of the new scheme. Finally, through a comparison and analysis of the performance and security between the original protocol and the improved scheme, it is found that the improved scheme has higher security.

show abstract

Security assessment and improvement of building ethernet KNXnet/IP protocol

Feng,

Zhang,

Liu

et al. 2024

Discov Appl Sci

View full text Add to dashboard Cite

KNXnet/IP is a KNX-building automation protocol that communicates through an IP network. It is mainly used in the field of smart home and building automation control, allowing remote access to KNX devices through an IP network, so that building functions can be managed and controlled anywhere through an Internet connection. However, with the development of smart homes and building automation, such physical devices based on IP communication are more and more frequently in contact with the Internet, resulting in more and more security issues for home devices and buildings exposed to the Internet. This paper uses the formal analysis method-colored Petri net (CPN) combined with the CPN Tools to model the KNXnet/IP protocol and analyze the protocol interaction process. Based on the Dolev-Yao attacker model, the security of the KNXnet/IP protocol is evaluated and tested, and it is verified whether there are three types of attackable vulnerabilities in the protocol: replay, tampering, and spoofing. After CPN modeling analysis and verification, it is found that tampering and replay vulnerabilities in the original protocol. Therefore, we introduce timestamp and hash to strengthen the security mechanism of the protocol, which ensures the integrity, confidentiality, and freshness of the security mechanism of the protocol. After the final analysis and verification, the improvement scheme proposed in this paper can effectively improve the security performance of the protocol.

show abstract

Formal Security Analysis and Improvement Based on LonTalk Authentication Protocol

Cited by 5 publications

References 23 publications

An efficient and secure mutual authentication protocol in wireless body area network

An efficient and secure mutual authentication protocol in wireless body area network

Security Evaluation and Improvement of the Extended Protocol EIBsec for KNX/EIB

Security assessment and improvement of building ethernet KNXnet/IP protocol

Contact Info

Product

Resources

About