Secret sharing-based authentication and key agreement protocol for machine-type communications

Lopes, Ana Paula Golembiouski; Hilgert, Lucas O.; Gondim, Paulo Roberto de Lira; Lloret, Jaime

doi:10.1177/1550147719841003

Cited by 6 publications

(5 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• weak/broken or inadequate authentication (e.g., single-factor authentication method using a username and password) [8,23,26,37,38]; • broken access control [23]; • Evolved Packet System Authentication and Key Agreement (EPS-AKA) protocol is vulnerable to several well-known attacks, such as man-in-the-middle (MITM) and denial of service (DoS), and suffers from the disclosure of user identity on first access to the network [39]; • 5G-AKA allows for replay attacks since authentication and synchronization failure messages are sent to the device in plain text [40]; • other messages, such as RRC (Radio Resource Control) and NAS (Non-access stratum), are sent to the device in plain text, which can generate DoS and other attacks that compromise the confidentiality, as already happens with 4G [40]; • lack of attestation to know if a device is compromised [13];…”

Section: Processmentioning

confidence: 99%

“…The greater the size, the greater the number of research papers identified. The solutions addressing different threats focused on design, implementation, security analysis, and security assurance frameworks [13,24,32,50,67,[80][81][82][83][84]; systems for security assurance [47], intrusion detection [29] and security incident management [85]; approaches/mechanisms for security [7,25,28,40,41,43,45,48,[86][87][88][89][90][91] and remote diagnostics [92]; schemes for security assurance [72,73,[93][94][95]; protocols for security assurance [8,16,39,53,62,63,[96][97][98][99][100][101]; algorithms for security assurance [102]; models/algorithms for securi...…”

Section: Proposed Solutionsmentioning

confidence: 99%

“…Besides, some solutions consider specific vertical applications smart health [31,32,45,64,66], Industrial IoT [29,35,82,91,105,106,119,120], smart cities [25,57,84,101], smart agriculture [108], public services [87], and smart transportation [27,121]. The remaining solutions do not address specific vertical applications, only focusing on IoT [3,8,13,24,39,43,50,51,58,63,74,83,85,86,99,109,112,116,117,[122][123][124][125] or 5G-IoT [16,21,40,41,…”

Section: Proposed Solutionsmentioning

confidence: 99%

“…Secure protocol for constrained environments. Lopes et al [39] Security in the context of MTC and IoT. Improve security.…”

Section: Detection Of Aptmentioning

confidence: 99%

See 3 more Smart Citations

Systematic Literature Review on 5G-IoT Security Aspects

Valadares,

Will,

Sobrinho

et al. 2023

Preprint

View full text Add to dashboard Cite

The 5G technology brings many benefits already known: large connection capacity, great transmission velocities, and low latencies with high reliability. One of its core services, the massive Machine Type Communication (mMTC), theoretically allows up to one million devices connected simultaneously in a square kilometer. As the Internet of Things (IoT) devices often have very restricted resources, hampering the adoption of robust security mechanisms, they can be targets for attackers aiming to explore vulnerabilities and gain access to the 5G infrastructure. Given this concern, it is essential to know existent vulnerabilities and possible threats and solutions related to 5G-IoT, the scenarios considering IoT devices connected to 5G infrastructures. For this reason, we carried out a systematic literature review, extracting and analyzing data from 142 selected papers from conferences and journals. As the main results, we present lists with known vulnerabilities, possible threats and solutions, and some recommendations.

show abstract

Section: Processmentioning

confidence: 99%

Section: Proposed Solutionsmentioning

confidence: 99%

Section: Proposed Solutionsmentioning

confidence: 99%

“…Secure protocol for constrained environments. Lopes et al [39] Security in the context of MTC and IoT. Improve security.…”

Section: Detection Of Aptmentioning

confidence: 99%

See 2 more Smart Citations

Systematic Literature Review on 5G-IoT Security Aspects

Valadares,

Will,

Sobrinho

et al. 2023

Preprint

View full text Add to dashboard Cite

show abstract

“…III. 3GPP NETWORK ARCHITECTURE The physical entities involved in the 3GPP network architecture, as in [18], [19], are sub-grouped into the following 3 domains as mentioned below in Figure 1:…”

Section: Existing Authentication and Key Agreement Protocolsmentioning

confidence: 99%

A Secure and light-weighted Group based Authentication and Key Agreement Protocol involving ECDH for Machine Type Communications in 3GPP Networks

Kakarla¹,

Singamsetty²

2020

INDJCSE

View full text Add to dashboard Cite

Machine-Type Communications (MTC) is one of the primary aspects of Internet of Things (IoT) which has gained vast markets and application scenarios. In the recent times, an enormous surge in the number of low cost and low-powered Machine Type Communicating Devices (MTCDs) is observed that tend to connect and cause severe congestions, at times, in the network thus bringing down network's quality of service drastically. Conditionally, all the MTCDs must be mutually authenticated successfully for the corresponding application to be reliable. In the process of authentication and key agreement, the participating MTCDs, high or low configured, need to exchange several control messages with the other participating entities and the servers of the network, leading to overburden and ineffective service delivery. As most of the MTCDs are the constrained devices, lightweight computations are desirable for them without any compromise in its security aspect. In our paper, we have proposed the Secure and Lightweight Group Based Authentication and Key Agreement (SL-Grp-AKA) protocol based on Elliptic-Curve Diffie-Hellman cryptography, where the group of such MTCDs is authenticated simultaneously by the authorized Home Subscriber Server (HSS), also responsible for authentication in the wireless networks. Also, the independent session keys are established with the individual MTCD, to be used for further data transmission securely in our protocol. SL-Grp-AKA guarantees the efficient usage of bandwidth by reducing the congestions caused by the exchange of the control signals. The formal analysis is also performed on SL-Grp-AKA using the well-known AVISPA tool and achieved desirable results and enlisted. The cryptanalysis is performed for establishing its strength as well as the performance evaluation for its computational speed and bandwidth consumption. Towards the end of the paper, we have explored and presented the future scope in this direction. Keywords-group authentication, key agreement, machine type communications, subscriber server, mobile management entity, Elliptic-curve Diffie-Hellman (ECDH), AVISPA I. INTRODUCTION In the recent years, Internet of Things (IoT) has garnered much momentum and playing key role in digital transformation of several businesses, public sectors, health-care industry, and entertainment services and in our day-today lives. IoT is visualized as a web of several low cost, resource constrained miscellaneous objects/machines which are connected to the internet and can communicate with each other thus reducing the human intervention and erroneous handling to give the best possible results. The communications that happen among the smart objects are called Machine Type Communications and the machines involved in these communications are termed as Machine Type Communication Devices (MTCDs). However, unlike the traditional Human-to-Human (H2H) communications, thousands of objects would generate a great deal of signaling, consumption and data process information under different environments, resulting in an...

show abstract