M. M. Rathore, Sushil S. Chaurasia, Dhirendra Shukla, Elmahdi Bentafat
{"title":"使用基于身份的密码系统保护智能家庭通信的一种简单有效的方法","authors":"M. M. Rathore, Sushil S. Chaurasia, Dhirendra Shukla, Elmahdi Bentafat","doi":"10.23919/FRUCT56874.2022.9953822","DOIUrl":null,"url":null,"abstract":"With the growing practical implementation of smart home, the attacks on smart homes are proportionally increasing. Residents can only be benefited from smart home technology if they and their home-assets are secured against cyber-attacks. A number of PKI-based communication security models have been proposed for data authentication and confidentiality in smart homes. However, it is not convenient for a home device with the limited capacity to store, verify, and manage public keys (certificates) of all other devices. Identity-based cryptography (IBC) is one of the asymmetric cryptographic solutions that does not require certificates. However, due to the central storage of the secret at the key generation center (KGC), the security fully relies on the KGC in IBC environment. Thus, to resolve these issues while providing the security to smart homes, in this paper, we proposed a straightforward and light-weight security model based on IBC, wheel pairing, and elliptic curves. The proposed model performs distributed key generation where the main secret is generated by all participating home devices, instead of a central KGC. We designed a complete protocol, which illuminates the fundamental steps of new device enrollment, distributed key generation, device to device encryption, data integrity, and entity authentication. Moreover, the commitment procedure is introduced that ensures no party can change its partial-secret after he has committed to it. The elliptic curve cryptography (ECC) based Diffie-Hellman (DH) model is deployed for session key generation for device to device data encryption, whereas IBC-based private key is used for signatures. Finally, the feasibility of the model is evaluated by implementing the system on various numbers of IoT machines, while considering them as home devices. Also, the security of the proposed model is verified technically and formally by a software verification tool called Automated Validation of Internet Security Protocols and Applications (AVISPA) against popular known attacks.","PeriodicalId":274664,"journal":{"name":"2022 32nd Conference of Open Innovations Association (FRUCT)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Straightforward and Efficient Approach to Secure Smart Home Communication using Identify-Based Cryptosystems\",\"authors\":\"M. M. Rathore, Sushil S. Chaurasia, Dhirendra Shukla, Elmahdi Bentafat\",\"doi\":\"10.23919/FRUCT56874.2022.9953822\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the growing practical implementation of smart home, the attacks on smart homes are proportionally increasing. Residents can only be benefited from smart home technology if they and their home-assets are secured against cyber-attacks. A number of PKI-based communication security models have been proposed for data authentication and confidentiality in smart homes. However, it is not convenient for a home device with the limited capacity to store, verify, and manage public keys (certificates) of all other devices. Identity-based cryptography (IBC) is one of the asymmetric cryptographic solutions that does not require certificates. However, due to the central storage of the secret at the key generation center (KGC), the security fully relies on the KGC in IBC environment. Thus, to resolve these issues while providing the security to smart homes, in this paper, we proposed a straightforward and light-weight security model based on IBC, wheel pairing, and elliptic curves. The proposed model performs distributed key generation where the main secret is generated by all participating home devices, instead of a central KGC. We designed a complete protocol, which illuminates the fundamental steps of new device enrollment, distributed key generation, device to device encryption, data integrity, and entity authentication. Moreover, the commitment procedure is introduced that ensures no party can change its partial-secret after he has committed to it. The elliptic curve cryptography (ECC) based Diffie-Hellman (DH) model is deployed for session key generation for device to device data encryption, whereas IBC-based private key is used for signatures. Finally, the feasibility of the model is evaluated by implementing the system on various numbers of IoT machines, while considering them as home devices. Also, the security of the proposed model is verified technically and formally by a software verification tool called Automated Validation of Internet Security Protocols and Applications (AVISPA) against popular known attacks.\",\"PeriodicalId\":274664,\"journal\":{\"name\":\"2022 32nd Conference of Open Innovations Association (FRUCT)\",\"volume\":\"40 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-11-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 32nd Conference of Open Innovations Association (FRUCT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/FRUCT56874.2022.9953822\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 32nd Conference of Open Innovations Association (FRUCT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/FRUCT56874.2022.9953822","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Straightforward and Efficient Approach to Secure Smart Home Communication using Identify-Based Cryptosystems
With the growing practical implementation of smart home, the attacks on smart homes are proportionally increasing. Residents can only be benefited from smart home technology if they and their home-assets are secured against cyber-attacks. A number of PKI-based communication security models have been proposed for data authentication and confidentiality in smart homes. However, it is not convenient for a home device with the limited capacity to store, verify, and manage public keys (certificates) of all other devices. Identity-based cryptography (IBC) is one of the asymmetric cryptographic solutions that does not require certificates. However, due to the central storage of the secret at the key generation center (KGC), the security fully relies on the KGC in IBC environment. Thus, to resolve these issues while providing the security to smart homes, in this paper, we proposed a straightforward and light-weight security model based on IBC, wheel pairing, and elliptic curves. The proposed model performs distributed key generation where the main secret is generated by all participating home devices, instead of a central KGC. We designed a complete protocol, which illuminates the fundamental steps of new device enrollment, distributed key generation, device to device encryption, data integrity, and entity authentication. Moreover, the commitment procedure is introduced that ensures no party can change its partial-secret after he has committed to it. The elliptic curve cryptography (ECC) based Diffie-Hellman (DH) model is deployed for session key generation for device to device data encryption, whereas IBC-based private key is used for signatures. Finally, the feasibility of the model is evaluated by implementing the system on various numbers of IoT machines, while considering them as home devices. Also, the security of the proposed model is verified technically and formally by a software verification tool called Automated Validation of Internet Security Protocols and Applications (AVISPA) against popular known attacks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
