Secure Authentication and Credential Establishment in Narrowband IoT and 5G

Sánchez-Gómez, Jesús; García-Carrillo, Dan; Marin-Perez, Rafael; Skarmeta, Antonio F.

doi:10.3390/s20030882

Cited by 25 publications

(8 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Topic 6 corresponds to research on the development of user mutual authentication protocols for social IoT, IoTbased Long-Term Evolution (LTE), LTE-advanced networks, WSNs, and NFC (near-field communication) payment systems [144,[208][209][210][211][212][213][214][215][216][217][218]. In addition, the verification of authentication protocols using software tools, such as BAN and AVISPA, has gained popularity [213,214,217,[219][220][221].…”

Section: Identification Of Topics In Iot Securitymentioning

confidence: 99%

Current Research Trends in IoT Security: A Systematic Mapping Study

Lee

2021

Mobile Information Systems

View full text Add to dashboard Cite

The smart mobile Internet-of-things (IoT) network lays the foundation of the fourth industrial revolution, the era of hyperconnectivity, hyperintelligence, and hyperconvergence. As this revolution gains momentum, the security of smart mobile IoT networks becomes an essential research topic. This study aimed to provide comprehensive insights on IoT security. To this end, we conducted a systematic mapping study of the literature to identify evolving trends in IoT security and determine research subjects. We reviewed the literature from January 2009 to August 2020 to identify influential researchers and trends of keywords. We additionally performed structural topic modeling to identify current research topics and the most promising ones via topic trend estimation. We synthesized and interpreted the results of the systematic mapping study to devise future research directions. The results obtained from this study are useful to understand current trends in IoT security and provide insights into research and development of IoT security.

show abstract

Section: Identification Of Topics In Iot Securitymentioning

confidence: 99%

Current Research Trends in IoT Security: A Systematic Mapping Study

Lee

2021

Mobile Information Systems

View full text Add to dashboard Cite

show abstract

“…This shows the importance of a secure activation mechanism, both in the network initialization phase and in the phase of updating the firmware or the keying material. A lightweight bootstrapping protocol for authentication and establishing credentials for 4G/5G and Narrow-Band IoT (NB-IoT) networks is presented in [38]. The proposal finds LO-CoAP-EAP as a feasible and efficient solution for NB-IoT and 5G networks.…”

Section: Previous and Related Workmentioning

confidence: 99%

Design, Analysis, and Experimental Evaluation of a New Secure Rejoin Mechanism for LoRaWAN Using Elliptic-Curve Cryptography

Milani

Chatzigiannakis

2021

JSAN

View full text Add to dashboard Cite

LoRaWAN (Long Range Wide Area Network) is a Low-Power Wide Area Networks (LPWAN) technology with very rapid uptake during the previous years, developed by the LoRa (Long Range) Alliance as an open standard operating over the unlicensed band. Current LoRaWAN architecture foresees specific techniques for bootstrapping end-to-end encryption during network initialization. In particular, this work focuses on the Over-The-Air Activation (OTAA) method, which uses two keys (Network key (NwkKey) and Application key (AppKey)) that are hard-coded into the device and do not change throughout the entire lifetime of the deployment. The inability to refresh these two keys is as a weak point in terms of the overall security of the network especially when considering deployments that are expected to operate for at least 10–15 years. In this paper, the security issues of OTAA are presented in detail highlighting the vulnerabilities against the specific type of attacks. A new scheme for network activation is proposed that builds upon the current LoRaWAN architecture in a way that maintains backwards compatibility while resolving certain vulnerabilities. Under the new mechanism, the devices periodically negotiate new keys securely based on elliptic-curve cryptography. The security properties of the proposed mechanism are analyzed against a specific type of attacks. The analysis indicates that the new secure rejoin mechanism guarantees (i) computational key secrecy, (ii) decisional key secrecy, and (iii) key independence, forward and backward, for both root keys thus properly addressing the considered security vulnerabilities of LoRaWAN. Moreover, the method is implemented in software using the RIOT-OS, a hardware-independent operating system that supports many different architectures for 8 bit, 16 bit, 32 bit and 64 bit processors. The resulting software is evaluated on the FIT IoT-Lab real-world experimentation facility under a diverse set of ARM Cortex-M* devices targeting a broad range of IoT applications, ranging from advanced wearable devices to interactive entertainment devices, home automation and industrial cyber-physical systems. The experiments indicate that the overall overhead incurred in terms of energy and time by the proposed rejoin mechanism is acceptable given the low frequency of execution and the improvements to the overall security of the LoRaWAN1.1 OTAA method.

show abstract

“…In the Long-Term Evolution-Advanced (LTE-A) networks, many protocols are formulated for access security issues [19][20][21][22][23][24][25][26][27]. In addition, many researchers are paying attention to security of IoT deployment under the 5G network or some other advanced architecture [28][29][30][31]. According to the research findings, the current research on a large number of equipment access authentication process in the network, and these schemes are mainly categorized into the following two types.…”

Section: Related Workmentioning

confidence: 99%

Efficient Authentication for Internet of Things Devices in Information Management Systems

Ren

et al. 2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

With the rapid development of the Internet of Things (IoT) technology, it has been widely used in various fields. IoT device as an information collection unit can be built into an information management system with an information processing and storage unit composed of multiple servers. However, a large amount of sensitive data contained in IoT devices is transmitted in the system under the actual wireless network environment will cause a series of security issues and will become inefficient in the scenario where a large number of devices are concurrently accessed. If each device is individually authenticated, the authentication overhead is huge, and the network burden is excessive. Aiming at these problems, we propose a protocol that is efficient authentication for Internet of Things devices in information management systems. In the proposed scheme, aggregated certificateless signcryption is used to complete mutual authentication and encrypted transmission of data, and a cloud server is introduced to ensure service continuity and stability. This scheme is suitable for scenarios where large-scale IoT terminal devices are simultaneously connected to the information management system. It not only reduces the authentication overhead but also ensures the user privacy and data integrity. Through the experimental results and security analysis, it is indicated that the proposed scheme is suitable for information management systems.

show abstract

Secure Authentication and Credential Establishment in Narrowband IoT and 5G

Cited by 25 publications

References 27 publications

Current Research Trends in IoT Security: A Systematic Mapping Study

Current Research Trends in IoT Security: A Systematic Mapping Study

Design, Analysis, and Experimental Evaluation of a New Secure Rejoin Mechanism for LoRaWAN Using Elliptic-Curve Cryptography

Efficient Authentication for Internet of Things Devices in Information Management Systems

Contact Info

Product

Resources

About