ABSTRACT
The main contribution in this paper is to improve the weakness of cookies exchange in the handshake process in order to counter DoS attacks. The enhanced protocol is performed on Cooja simulator in Contiki operating system for the Internet of Things, and compared with the original DTLS. The simulation results lead to better performance of the proposed protocol in terms of handshake time processing, and energy consumption. The proposed enhanced DTLS protocol is analyzed through the AVISPA tool. The formal modelling analysis using the AVISPA tool has validated the security of the proposed DTLS authentication model against external attacks such as DoS, and ensures the important properties related to a communication security protocol, which is the authentication integrity, confidentiality.
- A. Kotsev, F. Pantisano, S. Schade and S. Jirka, "Architecture of a Service Enabled Sensing Platform for the Environment", MDPI Sensors Journal, volume 15, pp. 4470-4495;, February 2015Google ScholarCross Ref
- C. Paquet, "Network Security Concepts and Policies", Cisco Press, February 2013.Google Scholar
- L. Atzoria Author Vitae, A. IeraAuthor Vitae, G. Morabito "The Internet of Things: A survey", Elsevier Computer Networks Journal, volume 54, Issue 15, pp. 2787--2805, October 2010 Google ScholarDigital Library
- A. Armando, D. Basin, Y. Boichut, Y. Chevalier, L. Compagna, J. Cuellar, P. Hankes Drielsma, P.C. Heám, O. Kouchnarenko, J. Mantovani, S. Mödersheim, D. von Oheimb, M. Rusinowitch, J. Santiago, M. Turuani, L. Viganò, et L. Vigneron, "The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications", Computer Aided Verification Book, Springer, volume 3576/2005, pp. 281--285, July, 2005, Google ScholarDigital Library
- Y. Glouche, T. Genet. "SPAN -- A Security Protocol ANimator for AVISPA -- User Manual", http://www.irisa.fr/lande/genet/span/, IRISA / University of Rennes 1, 2006.Google Scholar
- Y. Chevalier, L. Compagna, J. Cuellar, P. Hankes Drielsma, J. Mantovani, S. Mödersheim, L. Vigneron, "A High Level Protocol Specification Language for Industrial Security-Sensitive Protocols", Proceedings of Workshop on Specification and Automated Processing of Security Requirements (SAPS), Linz, Austria, Oesterreichische Computer Gesellschaft (Austrian Computer Society), 2004.Google Scholar
- T. Dierks, and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2. RFC5246". Internet Engineering Task Force, August 2008.Google ScholarCross Ref
- J.F Vasseur, A. Dunkels, "Interconnecting Smart Objects with IP", Book chapter 8 -- Security for Smart Objects, Elsevier, pp. 81--89, 2010Google Scholar
- Gupta V, Wurm M, Zhu, "Sizzle: A standards-based end-to-end security architecture for the embedded internet", Pervasive Mobile Comput Journal, pp. 425--445, December 2005. Google ScholarDigital Library
- Oliveira L, Kansal A, Priyantha B, Goraczko M, Zhao, "Secure-TWS: Authenticating node to multiuser communication in shared sensor networks", In: Proceedings of the 2009 International Conference on Information Processing in Sensor Networks, pp. 289--300, 2009. Google ScholarDigital Library
- E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.3. Internet-Draft draft-ietftls-tls1307.txt", IETF Secretariat, July 2015.Google Scholar
- A. Wood and J. Stankovic, "Denial of service in sensor networks," Computer, vol. 35, no. 10, pp. 54--62, 2002. Google ScholarDigital Library
- R. Cragie, Y. Ohba, R. Moskowitz, Z. Cao, and B. Sarikaya, "Security bootstrapping solution for resource-constrained devices" IETF, Nov. 2010.Google Scholar
- Prabhakaran Kasinathan, Claudio Pastrone, Maurizio A. Spirito Mark Vinkovits Denial-of-Service detection in 6LoWPAN based Internet of Things", 5th International Conference on the Internet of Things (IOT), pp. 30--36, 2013Google Scholar
- A.t Arış, S. F. Oktuğ, S. Berna Örs Yalçın, "Internet-of-Things security: Denial of service attacks", 23nd Signal Processing and Communications Applications Conference (SIU), pp. 903--906, 2015.Google Scholar
- K. Bhargavan, A. Delignat-Lavaud, C. Fournet, A. Pironti and P. Strub "Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS", IEEE Symposium on Security and Privacy, pp. 98--113, 10.1109/SP.2014.14, 2015. Google ScholarDigital Library
- M. Tiloca, C. Gehrmann, L. Seitz, "On improving resistance to Denial of Service and key provisioning scalability of the DTLS handshake", International Journal of Information Security, March 2016.Google Scholar
- D. Eastlake, "RFC 6066: Transport Layer Security (TLS) Extensions: Extension Definitions", January 2011.Google Scholar
- H. Krawczyk, M. Bellare, R. Canetti, RFC 2104, "HMAC: Keyed-Hashing for Message Authentication", Internet Engineering Task Force, 1997. Google ScholarDigital Library
- D. Basin, Sebastian Modersheim, Luca Vigano, "OFMC: A symbolic model checker for security protocols", International Journal of Information Security, December 2004. Google ScholarDigital Library
- M. Turuani, "The CL-Atse Protocol Analyser", Lecture Notes in Computer Science, pp. 277--286, Google ScholarDigital Library
- A. Armando, R. Carbone, L. Compagna, ≪ SATMC: A SAT-Based Model Checker for Security-Critical Systems", In the Proceedings of the 20th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2014), pp. 31--45, Springer, France, April 2014Google ScholarCross Ref
- L. Viganò, Automated Security Protocol Analysis with the AVISPA Tool. Proceedings of the XXI Mathematical Foundations of Programming Semantics (MFPS'05), ENTCS, pp. 61--86, Elsevier, 2005 Google ScholarDigital Library
Recommendations
DTLS for Lightweight Secure Data Streaming in the Internet of Things
3PGCIC '14: Proceedings of the 2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet ComputingThe huge number of sensors envisioned to be deployed within Internet of Things applications will result in large amounts of likely confidential data that will be required to traverse the open Internet. This confidential data could range from the current ...
Internet of Things: information security challenges and solutions
Keeping up with the burgeoning Internet of Things (IoT) requires staying up to date on the latest network attack trends in dynamic and complicated cyberspace, and take them into account while developing holistic information security (IS) approaches for ...
Full Post-Quantum Datagram TLS Handshake in the Internet of Things
Codes, Cryptology and Information SecurityAbstractQuantum computers are a threat to the current standards for secure communication. The Datagram Transport Layer Security (DTLS) protocol is a common protocol used by Internet of Things (IoT) devices that will be broken by such computers. Although ...
Comments