To see the other types of publications on this topic, follow the link: Lightweight protocol.
Dissertations / Theses on the topic 'Lightweight protocol'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Lightweight protocol.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Vidal, Allan. "libfluid: a lightweight OpenFlow framework." Universidade Federal de São Carlos, 2015. https://repositorio.ufscar.br/handle/ufscar/639.
Full textAbstract:
Made available in DSpace on 2016-06-02T19:07:11Z (GMT). No. of bitstreams: 1
VIDAL_Allan_2015.pdf: 1070441 bytes, checksum: fc9fafb0854ce0973a039837066393af (MD5)
Previous issue date: 2015-04-08Redes-definidas por software (SDN) introduzem um paradigma de controle de redes que é centralizado em um software controlador, que se comunica com dispositivos de rede através de protocolos padronizados para configurar suas políticas de encaminhamento. Implementações existentes de protocolos SDN (como OpenFlow) são geralmente construídas para uma plataforma de controlador ou dispositivo de rede e restringem escolhas como linguagem de programação, versões do protocolo a serem usadas e características suportadas. Uma arquitetura de software que permita controladores e dispositivos de rede usarem o protocolo OpenFlow (em versões existentes e futuras) pode beneficiar desenvolvedores de aplicações de redes e fabricantes, reduzindo o esforço de de desenvolvimento. Para este fim, apresentamos libfluid: um arcabouço leve (simples e minimalista) para adicionar suporte a OpenFlow onde ele for necessário. Construímos uma única base de código para implementar suporte ao protocolo de maneira portável, rápida e fácil de usar, um desafio que envolve escolhas de tecnologia, decisões arquiteturais e a definição de uma API mínimalística. A implementação foi testada com sucesso em todos os cenários propostos e contribui com o estado da arte através de alguns novos paradigmas para arcabouços OpenFlow.
Software-defined networking (SDN) introduces a network control paradigm that is centered in controller software that communicates with networking devices via standardized protocols in order to configure their forwarding behavior. Current SDN control protocol implementations (such as OpenFlow) are usually built for one controller or networking device platform, and restrict choices regarding programming languages, protocol versions and feature. A single software architecture that enables controllers and networking devices to use the OpenFlow protocol (for existing and future protocol versions) can benefit network application developers and manufacturers, reducing development effort. Towards this goal, we present libfluid: a lightweight (simple and minimalistic) framework for adding OpenFlow support wherever it is needed. We built a single code base for implementing protocol support in a portable, fast and easy to use manner, a challenge that involved technology choices, architectural decisions and the definition of a minimal API. The implementation was shown to work in all proposed scenarios and contributes to the state-of-the-art with a few novel paradigms for OpenFlow frameworks.
2
Wang, Yingzhuo. "PDF shopping system with the lightweight currency protocol." CSUSB ScholarWorks, 2005. https://scholarworks.lib.csusb.edu/etd-project/2820.
Full textAbstract:
This project is a web application for two types of bookstores an E-Bookstore and a PDF-Bookstore. Both are document sellers, however, The E-Bookstore is not a currency user. The PDF-Bookstore sells PDF documents and issues a lightweight currency called Scart. Customers can sell their PDF documents to earn Scart currency and buy PDF documents by paying with Scart.
3
Wang, Jun. "Vidi: a Lightweight Protocol Between Visualization Systems and Digital Libraries." Thesis, Virginia Tech, 2002. http://hdl.handle.net/10919/33845.
Full textAbstract:
Achieving interoperability between digital libraries and visualization tools is a difficult
problem. To solve this problem, a version of the Open Archives Initiative (OAI) Protocol
for Metadata Harvesting called VIDI is proposed. It is a lightweight protocol, which
contains only 5 request verbs -- Identify, ListMetadataFormats, ListVisdataFormats,
ListTransformers, and RequestResultSet. It is extended from the OAI protocol, which
enables its simplicity and wider acceptability. It is flexible, which avoids a rigid
architecture in implementation. It is general, so it can apply to all kinds of Visualization
Systems and Digital Libraries. But most importantly, it reaches our goal of enabling
operability between Visualization Systems and Digital Libraries. The protocol design
and implementation details are given. Two prototype systems are implemented to
demonstrate the above features. Implementation details are given about ENVISION-ODL
and ENVISION-MARIAN. Analysis, evaluation, and conclusions reinforce the
discussion of the benefits of VIDI.Master of Science
4
Ferrari, Nico. "Context-Based Authentication and Lightweight Group Key Establishment Protocol for IoT Devices." Thesis, Mittuniversitetet, Institutionen för informationssystem och –teknologi, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-36975.
Full textAbstract:
The concept of the Internet of Things is driven by advancements of the Internet with the interconnection of heterogeneous smart objects using different networking and communication technologies. With the rapidly increasing number of interconnected devices present in the life of a person, providing authentication and secure communication between them is considered a key challenge. The integration of Wireless Sensor Networks in the Internet of Things creates new obstacles due to the necessity of finding a balance between the resources utilization and the applied security solutions. In multicast group communications, the energy consumption, bandwidth and processing overhead at the nodes are minimized in comparison to a point-to-point communication system. To securely transmit a message in order to maintain confidentiality of the data and the user’s privacy, usually involves human interaction or the pre-agreement upon some key, the latter unknown to an external attacker. In this thesis, the author proposed an authentication protocol based on the similar context between the correct devices and lightweight computationally secure group-key establishment, avoiding any kind of human involvement. The goal is achieved by having the devices calculate a fingerprint from their ambient context and through a fuzzy commitment scheme generating a commitment respectively opening value which is used to generate a common secret key between them. The tests are effected on real world data accumulated from different environments. The proposed scheme is based on elliptic curve cryptography and cryptographic one-way accumulators. Its feasibility is analyzed by implementing the group key establishment phase in the Contiki operating system and by simulating it with the Cooja simulator. Furthermore, the applicability of the protocol is analyzed and justified by an analysis of the storage overhead, communication overhead, and energy consumption. The simulator shows an energy consumption of only 112 mJ per node for group key establishment. The results obtained in this thesis demonstrate the feasibility of the scheme, it’s computational, and communication costs are further comparable to other similar approaches.
5
Israr, Junaid. "Design of Lightweight Alternatives to Secure Border Gateway Protocol and Mitigate against Control and Data Plane Attacks." Thèse, Université d'Ottawa / University of Ottawa, 2012. http://hdl.handle.net/10393/22812.
Full textAbstract:
Border Gateway Protocol (BGP) is the backbone of routing infrastructure in the Internet. In its current form, it is an insecure protocol with potential for propagation of bogus routing information. There have been several high-profiles Internet outages linked to BGP in recent times. Several BGP security proposals have been presented in the literature; however, none has been adopted so far and, as a result, securing BGP remains an unsolved problem to this day. Among existing BGP security proposals, Secure BGP (S-BGP) is considered most comprehensive. However, it presents significant challenges in terms of number of signature verifications and deployment considerations. For it to provide comprehensive security guarantees, it requires that all Autonomous Systems (ASes) in the Internet to adopt the scheme and participate in signature additions and verifications in BGP messages. Among others, these challenges have prevented S-BGP from being deployed today. In this thesis, we present two novel lightweight security protocols, called Credible BGP (C-BGP) and Hybrid Cryptosystem BGP (HC-BGP), which rely on security mechanisms in S-BGP but are designed to address signature verification overhead and deployment challenges associated with S-BGP. We develop original and detailed analytical and simulation models to study performance of our proposals and demonstrate that the proposed schemes promise significant savings in terms of computational overhead and security performance in presence of malicious ASes in the network. We also study the impact of IP prefix hijacking on control plane as well as data plane. Specifically, we analyze the impact of bogus routing information on Inter-Domain Packet Filters and propose novel and simple extensions to existing BGP route selection algorithm to combat bogus routing information.
6
Evans, B. J. "The construction of a virtual multicomputer based on heterogeneous processors by use of a lightweight multicast protocol." Thesis, University of Reading, 1993. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.357126.
Full text
7
Edelev, Sviatoslav [Verfasser], Dieter [Akademischer Betreuer] Hogrefe, and Xiaoming [Akademischer Betreuer] Fu. "Towards a Lightweight, Secure, and Untraceable RFID Authentication Protocol / Sviatoslav Edelev. Gutachter: Dieter Hogrefe ; Xiaoming Fu. Betreuer: Dieter Hogrefe." Göttingen : Niedersächsische Staats- und Universitätsbibliothek Göttingen, 2015. http://d-nb.info/1076673597/34.
Full text
8
Porambage, P. (Pawani). "Lightweight authentication and key management of wireless sensor networks for Internet of things." Doctoral thesis, Oulun yliopisto, 2018. http://urn.fi/urn:isbn:9789526219950.
Full textAbstract:
Abstract The concept of the Internet of Things (IoT) is driven by advancements of the Internet with the interconnection of heterogeneous smart objects using different networking and communication technologies. Among many underlying networking technologies for the IoT, Wireless Sensor Network (WSN) technology has become an integral building block. IoT enabled sensor networks provide a wide range of application areas such as smart homes, connected healthcare, smart cities and various solutions for the manufacturing industry. The integration of WSNs in IoT will also create new security challenges for establishing secure channels between low power sensor nodes and Internet hosts. This will lead to many challenges in designing new key establishment and authentication protocols and redefining the existing ones. This dissertation addresses how to integrate lightweight key management and authentication solutions in the resource constrained sensor networks deployed in IoT domains. Firstly, this thesis elaborates how to exploit the implicit certificates to initiate secure End-to-End (E2E) communication channels between the resource constrained sensor nodes in IoT networks. Implicit certificates are used for authentication and key establishment purposes. The compliance of the security schemes is proven through performance evaluations and by discussing the security properties. Secondly, this dissertation presents the design of two lightweight group key establishment protocols for securing group communications between resource-constrained IoT devices. Finally, the thesis explores promising approaches on how to tailor the existing security protocols in accordance with IoT device and network characteristics. In particular, variants of Host Identity Protocol (HIP) are adopted for constructing dynamic and secure E2E connections between the heterogeneous network devices with imbalanced resource profiles and less or no previous knowledge about each other. A solutions called Collaborative HIP (CHIP) is proposed with an efficient key establishment component for the high resource-constrained devices on the IoT. The applicability of the keying mechanism is demonstrated with the implementation and the performance measurements resultsTiivistelmä Esineiden internet (IoT) on viime aikoina yleistynyt konsepti älykkäiden objektien (smart objects) liittämiseksi internetiin käyttämällä erilaisia verkko- ja kommunikaatioteknologioita. Olennaisimpia esineiden internetin pohjalla toimivia teknologioita ovat langattomat sensoriverkot (WSN), jotka ovat esineiden internetin perusrakennuspalikoita. Esineiden internetiin kytketyt langattomat sensoriverkot mahdollistavat laajan joukon erilaisia sovelluksia, kuten älykodit, etäterveydenhuollon, älykkäät kaupungit sekä älykkäät teollisuuden sovellukset. Langattomien sensoriverkkojen ja esineiden internetin yhdistäminen tuo mukanaan myös tietoturvaan liittyviä haasteita, sillä laskentateholtaan yleensä heikot anturit ja toimilaitteet eivät kykene kovin vaativiin tietoturvaoperaatioihin, joihin lukeutuvat mm. tietoturva-avaimen muodostus ja käyttäjäntunnistus. Tässä väitöskirjassa pyritään vastaamaan haasteeseen käyttämällä kevyitä avaimenmuodostus- ja käyttäjäntunnistusratkaisuja esineiden internetiin kytketyissä resurssirajoitetuissa sensoriverkoissa. Väitöstutkimuksessa keskitytään aluksi implisiittisten sertifikaattien käyttöön tietoturvallisten end-to-end-kommunikaatiokanavien alustamisessa resurssirajoitettujen sensori- ja muiden IoT-laitteiden välillä. Implisiittisiä sertifikaatteja käytetään käyttäjäntunnistuksessa sekä avaimenmuodostuksessa. Kehitettyjen ratkaisujen soveltuvuus tarkoitukseen osoitetaan suorituskykymittauksilla sekä vertaamalla niiden tietoturvaomi- naisuuksia. Seuraavaksi väitöskirjassa esitellään kaksi kevyttä ryhmäavaimenmuodostus- protokollaa tietoturvalliseen ryhmäkommunikaatioon resurssirajoitettujen IoT-laitteiden välillä. Lopuksi väitöskirjassa tarkastellaan lupaavia lähestymistapoja olemassa olevien tietoturvaprotokollien räätäläintiin IoT-laitteiden ja -verkkojen ominaisuuksille sopiviksi. Erityistä huomiota kiinnitetään Host Identity -protokollan (HIP) eri versioiden käyttöön dynaamisten ja tietoturvallisten end-to-end-yhteyksien luomiseen toisilleen ennestään tuntemattomien erityyppisten IoT-laitteiden välillä, joiden laitteistoresurssiprofiilit voivat olla hyvin erilaiset. Väitöskirjan keskeinen tulos on väitöskirjatyössä kehitetty Colla- borative HIP (CHIP) -protokolla, joka on resurssitehokas avaimenmuodostusteknologia resurssirajoitetuille IoT-laitteille. Kehitetyn teknologian soveltuvuutta tarkoitukseensa demonstroidaan prototyyppitoteutuksella tehtyjen suorituskykymittausten avulla
9
Dvorský, Petr. "Datový koncentrátor." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2021. http://www.nusl.cz/ntk/nusl-442455.
Full textAbstract:
The topic of this thesis is the design and realization of a modular Data concentrator for various types of measurements in diverse conditions. The device conception, basic principles, design and functionality are described herein. Also, the lightweight protocol design for radio communication, standardized XML format for data storage and cloud usage are described. The electrical design of the device as well as the design of the printed circuit board was made using the Eagle Autodesk electronic design automation software (Eagle Autodesk EDA). The control software written in C/C++ for a target microcontroller (ESP32-WROOM-32) is based on a FreeRTOS platform and ESP-IDF framework. An IDE for managing this software is Visual Studio Code with PlatformIO extension. Selected and used Cloud Platform is ThingSpeak from Mathworks, which uses certain components from Matlab platform.
10
Cherif, Amina. "Sécurité des RFIDs actifs et applications." Thesis, Limoges, 2021. http://www.theses.fr/2021LIMO0015.
Full textAbstract:
Au cours des 30 dernières années, les dispositifs RFID actifs sont passés de simples dispositifs d’identification (tags) à des noeuds autonomes qui, en prime, collectent (à partir de l’environnement ou d’autres sources) et échangent des données. En conséquence, le spectre de leurs applications s’est largement étendu, passant de la simple identification à la surveillance et à la localisation en temps réel. Ces dernières années, grâce à leurs avantages, l’utilisation de noeuds RFID actifs pour la collecte de données mobiles a suscité une attention particulière. En effet, dans la plupart des scénarios, ces noeuds sont déployés dans des environnements adverses. Les données doivent donc être stockées et transmises de manière sécurisée pour empêcher toute attaque par des adversaires actifs : même si les noeuds sont capturés, la confidentialité des données doit être assurée. Toutefois, en raison des ressources limitées des noeuds en termes d’énergie, de stockage et/ou de calcul, la solution de sécurité utilisée doit être légère. Cette thèse est divisée en deux parties. Dans la première, nous étudierons en détail l’évolution des noeuds RFID actifs et leur sécurité. Nous présenterons ensuite, dans la seconde partie, un nouveau protocole sans serveur permettant à des MDC (collecteurs de données mobiles), par exemple des drones, de collecter en toute sécurité des données provenant de noeuds RFID actifs mobiles et statiques afin de les transmettre ultérieurement à un tiers autorisé. L’ensemble de la solution proposée garantit la confidentialité des données à chaque étape (de la phase de mesure, avant la collecte des données par le MDC, une fois les données collectées par le MDC et lors de la livraison finale), tout en satisfaisant les exigences de faible consommation des ressources (calcul, mémoire, etc.) des entités impliquées. Pour évaluer l’adéquation du protocole aux exigences de performance, nous l’implémenterons sur les dispositifs de sécurité les plus limités en ressources c’est-à-dire à base de processeur de cartes à puce pour prouver qu’il est efficace même dans les pires conditions. De plus, pour prouver que le protocole satisfait aux exigences de sécurité, nous l’analyserons à l’aide de jeux de sécurité et également d’outils de vérification formelle : AVISPA et ProVerifOver the 30 last years, active RFID devices have evolved from nodes dedicated to identification to autonomous nodes that, in addition, sense (from environment or other sources) and exchange data. Consequently, the range of their applications has rapidly grown from identification only to monitoring and real time localisation. In recent years, thanks to their advantages, the use of active RFID nodes for mobile data collection has attracted significant attention. However, in most scenarios, these nodes are unattended in an adverse environments, so data must be securely stored and transmitted to prevent attack by active adversaries: even if the nodes are captured, data confidentiality must be ensured. Furthermore, due to the scarce resources available to nodes in terms of energy, storage and/or computation, the used security solution has to be lightweight. This thesis is divided in two parts. In the first, we will study in details the evolution of active RFID nodes and their security. We will then, present, in the second part, a new serverless protocol to enable MDCs (Mobile Data Collectors), such as drones, to collect data from mobile and static Active RFID nodes and then deliver them later to an authorized third party. The whole solution ensures data confidentiality at each step (from the sensing phase, before data collection by the MDC, once data have been collected by MDC, and during final delivery) while fulfilling the lightweight requirements for the resource-limited entities involved. To assess the suitability of the protocol against the performance requirements, we will implement it on the most resource-constrained secure devices to prove its efficiency even in the worst conditions. In addition, to prove the protocol fulfills the security requirements, we will analyze it using security games and we will also formally verify it using the AVISPA and ProVerif tools
11
Anglés, Tafalla Carles. "Lightweight and Privacy-Preserving Access Protocols for Low Emission Zones." Doctoral thesis, Universitat Rovira i Virgili, 2020. http://hdl.handle.net/10803/670492.
Full textAbstract:
Les Zones de Baixes Emissions (ZBE), és a dir, àrees on s'apliquen certes restriccions o recàrrecs als seus usuaris d'acord amb les emissions dels seus vehicles, s'han convertit en un dels mecanismes més populars per abordar la congestió viària i el seu conseqüent impacte en la contaminació mediambiental a les grans ciutats. Tot i que les ZBE han demostrat ser una mesura efectiva contra aquesta problemàtica, també han estat motiu de crítica en la literatura actual ja que representen una amenaça per a la privacitat dels usuaris. Els sistemes actualment desplegats per fer complir les restriccions imposades per les ZBEs depenen en gran mesura de l'ús indiscriminat de xarxes de càmeres per verificar la ubicació real dels usuaris, requerint d’un gran nombre d'infraestructures dificulten el seu desplegament en escenaris reals. A més a més, tots aquests sistemes presenten una forta dependència cap a entitats centralitzades per a la verificació d'accés de vehicles i el càlcul de tarifes, introduint un "Single Point of Failure" que representa una amenaça per a la seguretat i l'estabilitat d’aquests sistemes.
L'objectiu d'aquesta tesi és contribuir amb nous protocols pel control d'accés a ZBE que abordin els problemes d'implementació i centralització presents en els treballs de la literatura actual, proporcionant mesures efectives contra el frau que preservin la privacitat dels usuaris que actuïn honestament. Sota aquestes premisses, en la nostra primera contribució proposem un sistema de control d'accés per ZBE suficientment lleuger computacionalment com per ser utilitzat en infraestructures de baix cost. Pel que fa a la nostra segona i tercera contribució, es proposen dos protocols de control d'accés per ZBE amb l'objectiu de posar fi a la centralització que ostenten algunes terceres parts en els processos de registre d'accés de vehicles i còmput de tarifes en favor del paradigma descentralitzat que confereix el Blockchain.Las Zonas de Bajas Emisiones (ZBE), es decir, áreas donde se aplican ciertas restricciones o recargos a sus usuarios de acuerdo con las emisiones de sus vehículos, se han convertido en uno de los mecanismos más populares para abordar la congestión vial y la contaminación medioambiental en las grandes ciudades. Aunque las ZBE han demostrado ser efectivas contra esta problemática, también han sido motivo de crítica en la literatura actual debido a la amenaza que representan para la privacidad de sus usuarios. Los sistemas desplegados actualmente para hacer cumplir las restricciones que implementan las ZBEs dependen del uso indiscriminado de redes de cámaras para determinar la ubicación de los usuarios, requiriendo un gran número de infraestructuras dificultando su despliegue en escenarios reales. Además, todos estos sistemas revelan una fuerte dependencia hacia entidades centralizadas en la verificación de acceso de vehículos y el cobro de tarifas, introduciendo un “Single Point of Failure” que representa una amenaza para la seguridad y estabilidad de dichos sistemas. El objetivo de esta tesis es contribuir con nuevos protocolos para el control de acceso en ZBE con el fin de abordar los problemas de implementación y centralización presentes en los trabajos de la literatura actual, proporcionando medidas efectivas contra el fraude que preserven la privacidad de los usuarios honestos. Bajo estas premisas, en nuestra primera contribución proponemos un sistema de control de acceso para ZBE lo suficientemente ligero computacionalmente como para ser utilizado en infraestructuras de bajo coste. En lo que respecta a nuestra segunda y tercera contribución, se proponen dos protocolos de control de acceso para ZBE con el objetivo de poner fin a la centralización que ostentan algunas terceras partes en los procesos de registro del acceso de vehículos y cómputo de tarifas en favor del paradigma descentralizado que confiere el Blockchain.
In the last years, Low Emission Zones (LEZ), i.e. areas where some restrictions and surcharges are applied to polluting vehicles, have emerged as one of the most popular mechanisms to tackle urban traffic congestion and environmental pollution. The rapid proliferation of LEZs through all Europe is clear example of this increasing trend. Even though LEZs have proven to be an effective measure against those issues, they have also been criticized in the literature due to the relevant privacy threat that they pose to the drivers passing by. In particular, current deployed systems used to enforce LEZs strongly depend on the indiscriminate use of camera networks to track the drivers' whereabouts, requiring infrastructures that can hinder their deployment in real scenarios. Moreover, these solutions also reveal a strong dependence on centralized entities to manage the vehicles' access acknowledgment, fare ascertaining and fee payment. The inherent reliance on those entities poses a single point of failure, jeopardizing the system's security and stability. The aim of this thesis is to contribute with novel privacy-preserving protocols for LEZ Access Control schemes which tackle the deployability and centralization issues found in the current literature works, while providing effective anti-fraud measures to preserve the privacy of the drivers who behave honestly. Under these premises, in the first contribution, we propose an access control system for LEZs lightweight enough to be used in low-cost infrastructures, whose cornerstone is its deployability in real scenarios. Regarding our second and third contributions, two access control protocols for LEZs are proposed in order to shed the centralized position that third parties, responsible of registering vehicle accesses and charging fees, hold in favor of the blockchain decentralized paradigm. The privacy-preserving mechanisms used in those works address the user's privacy requirements that a public ledger like blockchain demands.
12
Mtita, Collins. "Lightweight serverless protocols for the internet of things." Thesis, Evry, Institut national des télécommunications, 2016. http://www.theses.fr/2016TELE0010/document.
Full textAbstract:
Les avancées technologiques permettent d'intégrer des capteurs et des modules de communication dans les objets du quotidien pour les rendre intelligents et faciliter leur intégration sur l'Internet. L'Internet du futur sera sans nul doute celui des objets connectés. Les objets connectés génèrent, collectent, stockent et partagent des informations entre eux et aussi avec les serveurs d'authentification centralisés. La plupart des informations collectées doivent être protégées pendant le stockage et le transfert. Par le passé, divers protocoles assurant une sécurité robuste basés sur la cryptographie asymétrique et d’autres sur la cryptographie symétrique ont été proposés dans la littérature. Du fait que les objets connectés possèdent de faibles capacités de calcul, de mémoire et d'énergie, et que l'accès au medium radio est très consommateur en ressources, les protocoles cryptographiques traditionnels ne sont pas adaptés aux objets connectés. Il y a lieu donc d'adapter ou de concevoir des protocoles propres et conformes à leurs exigences. Dans cette thèse, nous abordons les défis de sécurité et de vie privée pertinents aux systèmes pervasifs avec des contraintes de ressources strictes. Nous regardons les protocoles d'authentification serverless, qui sont des mécanismes d'authentification qui ne nécessitent pas la présence du serveur central au cours de la phase d'authentification entre deux objets connectés. Tout d'abord, nous fournissons les caractéristiques et les besoins pour les protocoles serverless. Grâce à ces besoins et caractéristiques, nous avons fait des recherches, des analyses complètes et des comparaisons des protocoles serverless existants en termes de sécurité, de vie privée et de performances. Nous examinons leurs capacités à résister à diverses attaques et leurs aptitudes à minimiser l’usage des ressources. Après quoi, notre objectif est de proposer des protocoles de sécurité serverless permettant aux objets de s’authentifier tout en garantissant efficacité, passage à l’échelle et efficacité énergétique, l'énergie étant une ressource très critique qui a une influence directe sur la durée de vie d’un objet connecté. Trois nouvelles contributions sont proposées dans cette thèse. Notre première contribution est un protocole léger serverless d'authentification mutuelle pour les objets connectés hétérogènes. La première contribution fournit trois avantages par rapport aux protocoles existants. Cette contribution répond aux exigences des systèmes pervasifs. La validation de notre proposition a été faite en utilisant l'outil AVISPA et la validation informelle en utilisant sécurité et de vie privée des jeux. Notre deuxième contribution comprend deux protocoles complémentaires dans le domaine des technologies RFID. Le premier protocole vise à l'authentification de masse entre un lecteur RFID et un groupe d'étiquettes tandis que le deuxième protocole effectue une recherche sécurisée pour une étiquette cible parmi un groupe d'étiquettes dans le voisinage du lecteur. Les deux protocoles proposés tiennent compte des contraintes de ressources des étiquettes RFID. Après une étude approfondie des protocoles serverless, nous avons proposé une troisième contribution, un guide pour la conception des protocoles serverless sécurisé et efficaces pour les systèmes pervasifs. Le guide contient six principes et six meilleures pratiques en vue d'élaborer des protocoles serverless. Le guide est destiné à aider à la conception de protocoles serverless efficaces, sécurisés et simples en évitant des erreurs couramment faites dans les protocoles existantsThis thesis addresses the security and privacy challenges relevant to the resource constrained devices in the era of pervasive computing. Pervasive computing, a term coined by Schechter to describe the idea of computing services available anytime, anywhere and on demand, is characterized by seamless interactions between heterogeneous players in the Internet. This phenomenon allows intelligent chips, sensors or microcontrollers to be embedded into everyday objects to enable them generate, communicate and share information. Pervasive computing accelerates technological evolution by integrating small and resource constrained devices to the Internet arena, eventually opening doors to new services requiring seamless interactions and integrations with the existing technologies, infrastructures and services. The nature of the information generated, stored and shared by resource constrained devices may require proper security and privacy guarantees. Towards that end, the classical security solutions are not ideal candidates to solve the security and privacy challenges in pervasive systems for two reasons. First, classical security protocols require a lot of resources from the host devices while most of the pervasive devices have very strict resource constraints. Second, most classical security solutions work in a connected mode, which requires constant communication between devices and centralized servers for authentication and authorization purposes. However, pervasive devices may be working in isolated areas with intermittent network coverage and connectivity. Thus, it is ideal to come up with alternative solutions suitable for heterogeneous pervasive devices to smoothly interact, authenticate and securely share information. One of the suitable alternative solutions is the serverless protocols. The term “serverless protocol” refers to the mechanism of enabling centrally controlled devices to autonomously authenticate one another, or other heterogeneous devices, without an active participation of the centralized authentication or authorization servers. Serverless protocols prioritize on securing proximity communication between heterogeneous devices while optimizing on the little resources available. In this thesis, we tackle the challenges of pervasive systems by proposing lightweight and efficient serverless protocols for authenticating heterogeneous pervasive devices during proximity communication. Our proposed protocols derive their originality from the fact that they do not require the communicating parties to have prior relationships with each other, nor to have any previously shared authentication information with each other. Moreover, our proposed solutions incorporate context information to enforce automatic parameter expiry. This property is not supported by most of the earlier versions of the serverless protocol schemes, hence making them vulnerable to different attacks. Three novel contributions are proposed in this thesis. First, we propose a serverless lightweight mutual authentication protocol for heterogeneous devices. The first contribution includes a formal validation using the AVISPA tool. Second, we propose two complementing protocols using RFID (Radio-Frequency Identification) as a core technology. The first protocol performs mass authentication between an RFID reader and a group of tags and the second protocol performs a secure search for a target tag among a group of tags. The second contribution includes two formal validations; one is done using the AVISPA tool and the other is done using the CryptoVerif tool. After a thorough study of serverless protocols, we propose our third contribution, a concise guide on how to develop secure and efficient serverless protocols relevant to the pervasive systems
13
Pinto, Carol Suman. "Optimization of Physical Unclonable Function Protocols for Lightweight Processing." Thesis, Virginia Tech, 2016. http://hdl.handle.net/10919/72868.
Full textAbstract:
Physically unclonable functions are increasingly used as security primitives for device identification and anti-counterfeiting. However, PUFs are associated with noise and bias which in turn affects its property of reliability and predictability. The noise is corrected using fuzzy extractors, but the helper data generated during the process may cause leakage in min-entropy due to the bias observed in the response. This thesis offers two optimization techniques for PUF based protocols. The first part talks about the construction of a secure enrollment solution for PUFs on a low-end resource-constrained device using a microcontroller and a secure networked architecture. The second part deals with the combined optimization of min-entropy and error-rate using symbol clustering techniques to improve the reliability of SRAM PUFs. The results indicate an increase in min-entropy without much effect on the error rate but at the expense of PUF size.Master of Science
14
McGinnis, Jarred P. "On the mutability of protocols." Thesis, University of Edinburgh, 2006. http://hdl.handle.net/1842/1403.
Full textAbstract:
The task of developing a framework for which agents can communicate reliably and flexibly in open systems is not trivial. This thesis addresses the dichotomy between reliable communication and facilitation of the autonomy of agents to create more flexible and emergent interactions. By the introduction of adaptations to a distributed protocol language, agents benefit from the ability to communicate interaction protocols to elucidate the social norms (thus creating more reliable communication). Yet, this approach also provides the functionality for the agent to unilaterally introduce new paths for the conversation to explore unforeseen opportunities and options (thus restoring more autonomy than possible with static protocols). The foundation of this work is Lightweight Coordination Calculus (LCC). LCC is a distributed protocol language and framework in which agents coordinate their own interactions by their message passing activities. In order to ensure that adaptations to the protocols are done in a reasonable way, we examine the use of two models of communication to guide any transformations to the protocols. We describe the use of FIPA's ACL and ultimately its unsuitability for this approach as well as the more fecund task of implementing dialogue games, an model of argumentation, as dynamic protocols. The existing attempts to develop a model that can encompass the gulf between reliability and autonomy in communication have had varying degrees of success. It is the purpose and the result of the research described in this thesis to develop an alloy of the various models, by the introduction of dynamic and distributed protocols, to develop a framework stronger than its constituents. Though this is successful, the derivations of the protocols can be dificult to reconstruct. To this end, this thesis also describes a method of protocol synthesis inspired by models of human communication that can express the dialogues created by the previous approaches but also have a fully accountable path of construction. Not only does this thesis explore a unique and novel approach to agent communication, it is tested through a practical implementation.
15
Gebremichael, Teklay. "Lightweight Cryptographic Group Key Management Protocols for the Internet of Things." Licentiate thesis, Mittuniversitetet, Institutionen för informationssystem och –teknologi, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-35607.
Full textAbstract:
The Internet of Things (IoT) is increasingly becoming an integral component of many applications in consumer, industrial and other areas. Notions such as smart industry, smart transport, and smart world are, in large part, enabled by IoT. At its core, the IoT is underpinned by a group of devices, such as sensors and actuators, working collaboratively to provide a required service. One of the important requirements most IoT applications are expected to satisfy is ensuring the security and privacy of users. Security is an umbrella term that encompasses notions such as confidentiality, integrity and privacy, that are typically achieved using cryptographic encryption techniques. A special form of communication common in many IoT applications is group communication, where there are two or more recipients of a given message. In or-der to encrypt a message broadcast to a group, it is required that the participating parties agree on a group key a priori. Establishing and managing a group key in IoT environments, where devices are resources-constrained and groups are dynamic, is a non-trivial problem. The problem presents unique challenges with regard to con-structing protocols from lightweight and secure primitives commensurate with the resource-constrained nature of devices and maintaining security as devices dynamically leave or join a group. This thesis presents lightweight group key management protocols proposed to address the aforementioned problem, in a widely adopted model of a generic IoT network consisting of a gateway with reasonable computational power and a set of resource-constrained nodes. The aim of the group key management protocols is to enable the gateway and the set of resource-constrained devices to establish and manage a group key, which is then used to encrypt group messages. The main problems the protocols attempt to solve are establishing a group key among participating IoT devices in a secure and computationally feasible manner; enabling additionor removal of a device to the group in a security preserving manner; and enabling generation of a group session key in an efficient manner without re-running the protocol from scratch. The main challenge in designing such protocols is ensuring that the computations that a given IoT device performs as part of participating in the protocol are computationally feasible during initial group establishment, group keyupdate, and adding or removing a node from the group. The work presented in this thesis shows that the challenge can be overcome by designing protocols from lightweight cryptographic primitives. Specifically, protocols that exploit the lightweight nature of crypto-systems based on elliptic curves and the perfect secrecy of the One Time Pad (OTP) are presented. The protocols are designed in such a way that a resource-constrained member node performs a constant number of computationally easy computations during all stages of the group key management process. To demonstrate that the protocols are practically feasible, implementation resultof one of the protocols is also presented, showing that the protocol outperforms similar state-of-the-art protocols with regard to energy consumption, execution time, memory usage and number of messages generated.Vid tidpunkten för framläggningen av avhandlingen var följande delarbete opublicerat: delarbete 3 (manuskript).
At the time of the defence the following paper was unpublished: paper 3 (manuscript).
SMART (Smarta system och tjänster för ett effektivt och innovativt samhälle)
16
Kulseng, Lars Skaar. "Lightweight mutual authentication, owner transfer, and secure search protocols for RFID systems." [Ames, Iowa : Iowa State University], 2009.
Find full text
17
Nguyen, Kim Thuat. "Lightweight security protocols for IP-based Wireless Sensor Networks and the Internet of Things." Thesis, Evry, Institut national des télécommunications, 2016. http://www.theses.fr/2016TELE0025/document.
Full textAbstract:
L'Internet des Objets (IdO) permet à des milliards de dispositifs informatiques embarqués de se connecter les uns aux autres. Les objets concernés couvrent la plupart de nos appareils de la vie quotidienne, tels que les thermostats, les réfrigérateurs, les fours, les machines à laver et les téléviseurs. Il est facile d'imaginer l'ampleur du danger, si ces dispositifs venaient à nous espionner et révélaient nos données personnelles. La situation serait encore pire si les applications critiques IdO, par exemple, le système de contrôle des réacteurs nucléaires, le système de sécurité du véhicule ou les dispositifs médicaux, étaient compromis. Afin de garantir la sécurité et lutter contre des menaces de sécurité dans l'IdO, des solutions de sécurité robustes doivent être considérées. Cependant, les appareils pour l’IdO sont limités en mémoire, capacités de calcul et énergie, et disposent de moyens de communication peu fiables, ce qui les rend vulnérables à des attaques variées. Dans ce contexte, nous nous concentrons sur deux défis majeurs, à savoir des protocoles de sécurité légers en termes de calculs et d’infrastructure, et des mécanismes d'établissement de clés légers, les solutions existantes actuellement étant beaucoup trop coûteuses pour les dispositifs IdO. En réponse au premier défi, nous avons, d'une part, proposé ECKSS - un nouveau schéma de signcryption léger qui évite l'utilisation de PKI. Cette proposition permet de chiffrer et signer simultanément des messages en garantissant la confidentialité et la non-falsification du canal de communication. De plus, les échanges de message sont authentifiés sans recourir à des certificats. Par ailleurs, nous avons aussi proposé OEABE qui est un mécanisme de délégation pour le chiffrement à base d’attributs CP-ABE (Ciphertext-Policy Attribute-Based Encryption). CP-ABE est un schéma de chiffrement par attributs qui permet aux utilisateurs de préciser au moment du chiffrement qui pourra déchiffrer leurs données. Notre solution, OEABE, permet à un dispositif contraint en ressources de générer rapidement un chiffré CP-ABE tout en précisant les droits d’accès à ses données. Cette solution est d’autant plus utile que le volume de données générées par les dispositifs IdO est en augmentation exponentielle chaque année. Quant au deuxième défi, nous avons proposé tout d'abord deux modes de distribution de clés pour le protocole standard de gestion de clés MIKEY. Ils s’appuient sur notre schéma de signcryption ECKSS et héritent ainsi de la légèreté d'ECKSS à la fois en termes de calculs et de dispensent d'utilisation de PKI. Les résultats expérimentaux, obtenus à partir d’une plateforme de capteurs Openmote, ont prouvé l'efficacité de nos solutions comparativement aux autres méthodes de MIKEY. Nous avons aussi proposé un schéma d'échange de clés, appelé AKAPR qui est très adapté dans le cas où les deux parties qui participent à la négociation de clés sont très contraintes en ressourcesThe Internet of Things (IoT) enables billions of embedded computing devices to connect to each other. The smart things cover our everyday friendly devices, such as, thermostats, fridges, ovens, washing machines, and TV sets. It is easy to imagine how bad it would be, if these devices were spying on us and revealing our personal information. It would be even worse if critical IoT applications, for instance, the control system in nuclear reactors, the vehicle safety system or the connected medical devices in health-care, were compromised. To counteract these security threats in the IoT, robust security solutions must be considered. However, IoT devices are limited in terms of memory, computation and energy capacities, in addition to the lack of communication reliability. All these inconvenients make them vulnerable to various attacks, as they become the weakest links of our information system. In this context, we seek for effective security mechanisms in order to establish secure communications between unknown IoT devices, while taking into account the security requirements and the resource constraints of these devices. To do so, we focus on two major challenges, namely, lightweight security protocols in terms of processing and infrastructure and lightweight key establishment mechanisms, as existing solutions are too much resource consuming. To address this first challenge, we first propose ECKSS - a new lightweight signcryption scheme which does not rely on a PKI. This proposal enables to encrypt and sign messages simultaneously while ensuring the confidentiality and unforgeability of the communication channels. In addition, the message exchanges are authenticated without relying on certificates. Moreover, we also propose OEABE which is a delegation-based mechanism for the encryption of the Ciphertext-Policy Attribute-Based Encryption (CP-ABE). CP-ABE is anattribute-based public key encryption scheme that gives users the flexibility to determine who can decrypt their data at runtime. Our solution enables a resource-constrained device to generate rapidly a CP-ABE ciphertext with authorization access rights to its data. This solution is particularly useful as the volume of data issued from IoT devices grows exponentially every year. To solve the second challenge, we first propose two new key distribution modes for the standard key management protocol MIKEY, based on our signcryption scheme ECKSS. These modes inherit the lightness of ECKSS and avoid the use of PKI. The experimental results, conducted in the Openmote sensor platform, have proven the efficiency of our solutions compared with other existing methods of MIKEY. Then, we propose a new key agreement scheme, named AKAPR. In case the two communicating parties are involved in the key negotiation procedure, AKAPR is very suitable in the context of IoT. As such, it can operate even if the two communicating parties are highly resource-constrained
18
Gimelli, Gabriele. "Studio e valutazione sperimentale di tecniche di sincronizzazione per reti di sensori 6LoWPAN." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2018. http://amslaurea.unibo.it/15434/.
Full textAbstract:
I recenti progressi nella tecnologia applicata alla produzione dei system-on-a-chip hanno permesso lo sviluppo di piccoli dispositivi per il rilevamento a basso costo, a bassa potenza e multifunzione, che sono in grado di svolgere attività quali il rilevamento, l'elaborazione dati e la comunicazione.
Una rete di sensori wireless (WSN) è una rete distribuita che consiste, in generale, di un gran numero di nodi di sensori, densamente distribuiti su un'ampia area geografica per tracciare un determinato fenomeno fisico.
Le reti di sensori wireless sono oggigiorno utilizzate in un'ampia gamma di applicazioni come quelle mediche, industriali, militari, ambientali, scientifiche e in reti domestiche.
In tutte queste applicazioni, la sincronizzazione temporale è un componente molto importante di una rete di sensori wireless, come del resto in ogni sistema distribuito.
Questa tesi ha come scopo principale lo studio dei protocolli esistenti che consentono di risolvere il problema della sincronizzazione tra i nodi di una rete wireless, analizzando in particolare le tecniche TPSN e FTSP. Queste tecniche sono poi state implementate all'interno di una rete wireless di sensori 6LoWPAN già esistente, osservandone poi le performance tramite una serie di test effettuati tramite l'utilizzo della rete all'interno di un ambiente reale.
19
Hsiao, Chih-Wen, David Turner, and Keith Ross. "A secure lightweight currency service provider." CSUSB ScholarWorks, 2004. https://scholarworks.lib.csusb.edu/etd-project/2594.
Full textAbstract:
The main purpose of this project is to build a bank system that offers a friendly and simple interface to let users easily manage their lightweight currencies. The Lightweight Currency Protocol (LCP) was originally proposed to solve the problem of fairness in resource cooperatives. However, there are other possible applications of the protocol, including the control of spam and as a general purpose medium of exchange for low value transactions. This project investigates the implementation issues of the LCP, and also investigates LCP bank services to provide human interface to currency operations.
20
Hitchcock, Yvonne Roslyn. "Elliptic Curve Cryptography for Lightweight Applications." Queensland University of Technology, 2003. http://eprints.qut.edu.au/15838/.
Full textAbstract:
Elliptic curves were first proposed as a basis for public key cryptography in the mid 1980's. They provide public key cryptosystems based on the difficulty of the elliptic curve discrete logarithm problem (ECDLP) , which is so called because of its similarity to the discrete logarithm problem (DLP) over the integers modulo a large prime. One benefit of elliptic curve cryptosystems (ECCs) is that they can use a much shorter key length than other public key cryptosystems to provide an equivalent level of security. For example, 160 bit ECCs are believed to provide about the same level of security as 1024 bit RSA. Also, the level of security provided by an ECC increases faster with key size than for integer based discrete logarithm (dl) or RSA cryptosystems. ECCs can also provide a faster implementation than RSA or dl systems, and use less bandwidth and power. These issues can be crucial in lightweight applications such as smart cards. In the last few years, ECCs have been included or proposed for inclusion in internationally recognized standards. Thus elliptic curve cryptography is set to become an integral part of lightweight applications in the immediate future. This thesis presents an analysis of several important issues for ECCs on lightweight devices. It begins with an introduction to elliptic curves and the algorithms required to implement an ECC. It then gives an analysis of the speed, code size and memory usage of various possible implementation options. Enough details are presented to enable an implementer to choose for implementation those algorithms which give the greatest speed whilst conforming to the code size and ram restrictions of a particular lightweight device. Recommendations are made for new functions to be included on coprocessors for lightweight devices to support ECC implementations Another issue of concern for implementers is the side-channel attacks that have recently been proposed. They obtain information about the cryptosystem by measuring side-channel information such as power consumption and processing time and the information is then used to break implementations that have not incorporated appropriate defences. A new method of defence to protect an implementation from the simple power analysis (spa) method of attack is presented in this thesis. It requires 44% fewer additions and 11% more doublings than the commonly recommended defence of performing a point addition in every loop of the binary scalar multiplication algorithm. The algorithm forms a contribution to the current range of possible spa defences which has a good speed but low memory usage. Another topic of paramount importance to ECCs for lightweight applications is whether the security of fixed curves is equivalent to that of random curves. Because of the inability of lightweight devices to generate secure random curves, fixed curves are used in such devices. These curves provide the additional advantage of requiring less bandwidth, code size and processing time. However, it is intuitively obvious that a large precomputation to aid in the breaking of the elliptic curve discrete logarithm problem (ECDLP) can be made for a fixed curve which would be unavailable for a random curve. Therefore, it would appear that fixed curves are less secure than random curves, but quantifying the loss of security is much more difficult. The thesis performs an examination of fixed curve security taking this observation into account, and includes a definition of equivalent security and an analysis of a variation of Pollard's rho method where computations from solutions of previous ECDLPs can be used to solve subsequent ECDLPs on the same curve. A lower bound on the expected time to solve such ECDLPs using this method is presented, as well as an approximation of the expected time remaining to solve an ECDLP when a given size of precomputation is available. It is concluded that adding a total of 11 bits to the size of a fixed curve provides an equivalent level of security compared to random curves. The final part of the thesis deals with proofs of security of key exchange protocols in the Canetti-Krawczyk proof model. This model has been used since it offers the advantage of a modular proof with reusable components. Firstly a password-based authentication mechanism and its security proof are discussed, followed by an analysis of the use of the authentication mechanism in key exchange protocols. The Canetti-Krawczyk model is then used to examine secure tripartite (three party) key exchange protocols. Tripartite key exchange protocols are particularly suited to ECCs because of the availability of bilinear mappings on elliptic curves, which allow more efficient tripartite key exchange protocols.
21
Schaller, André [Verfasser], Stefan [Akademischer Betreuer] Katzenbeisser, and Jakub [Akademischer Betreuer] Szefer. "Lightweight Protocols and Applications for Memory-Based Intrinsic Physically Unclonable Functions on Commercial Off-The-Shelve Devices / André Schaller ; Stefan Katzenbeisser, Jakub Szefer." Darmstadt : Universitäts- und Landesbibliothek Darmstadt, 2017. http://d-nb.info/1148650253/34.
Full text
22
Ahmad, Kassem. "Protocoles, gestion et transmission sécurisée par chaos des clés secrètesPplications aux standards TCP/IP via DVB-S, UMTS, EPS." Nantes, 2013. http://archive.bu.univ-nantes.fr/pollux/show.action?id=819becae-9749-4a1d-80df-3cc673b27901.
Full textAbstract:
IP Multicast est supporté dans la nouvelle génération des systèmes satellitaires implémentant DVB-S (Digital Video Broadcasting via satellite). Dans ce type de communication, la sécurité, la commutation, et l’évolutivité sont les principaux défis. A ce propos, nous proposons un nouveau système de sécurité multicast basé sur : une méthode d’encapsulation améliorée du standard ULE qui peut opérer avec les approches de commutation ‘label ou self-switching’ afin d’assurer : un transfert efficace d’IP multicast, un mécanisme de sécurité très performant, et un système évolutif de gestion de clés à deux couches LKH (Logical Key Hierarchy). L’utilisation du chaos est proposée pour la génération de nouvelles clés et le chiffrement des données. L’analyse du système proposé montre qu’il peut gérer un très grand nombre des membres d’une manière sécurisée et efficace avec une consommation minimale de bande passante. La sécurité dans les réseaux mobiles de 4ème génération EPS est considérée comme très robuste. Mais, des failles héritées de l’UMTS et d’autres identifiées dans la littérature spécialisée restent sans traitement efficace. Ces vulnérabilités affectent précisément le protocole d’authentification et d’établissement des clés, l’EPS-AKA. Plusieurs protocoles ont été proposés pour résoudre ces problèmes mais sans réussite significative. Dans cette optique, nous proposons un nouveau protocole appelé FP-AKA qui assure une forte protection contre les différentes attaques avec un coût minimal. La comparaison de FP-AKA avec les meilleurs protocoles existants dans la littérature (SE-AKA, EC-AKA,. . ) montre la supériorité de FP-AKA au niveau de plusieurs paramètres (sécurité, coût, délai,. . )IP multicast is supported in the next generation of satellite systems implementing DVB-S (Digital Video Broadcasting via Satellite). In this type of communication, security, switching and scalability are the main challenges. In this context, we propose a new multicast security system based on: an enhanced ULE encapsulation standard, method which can operate with the switching approaches ‘label or selfswitching’ to ensure efficient filtering and multicast forwarding, a highly flexible security mechanism, and a scalable key management scheme with two LKH (Logical Key Hierarchy) layers. The usage of chaos is proposed for the new keys generation and data encryption. The analysis of the proposed system shows that it can handle a large number of members in a secure and efficient manner with minimal bandwidth consumption. Security in the 4th generation of mobile networks EPS is considered very robust. However, weaknesses inherited from UMTS and others identified in the specialized literature remain without effective treatment. These vulnerabilities affect precisely the authentication and key agreement protocol, EPS-AKA. Several protocols have been proposed to resolve these problems but without a significant success. In this context, we propose a new protocol called FP-AKA which provides a strong protection against the different attacks with minimal cost. The comparison of FP-AKA with the best existing protocols in the literature (SE-AKA, ECAKA,. . ) shows the superiority of FP-AKA in several parameters (security, cost, delay,. . )
23
Chiang, Sheng-Yu, and 蔣昇佑. "A Lightweight Buyer-Seller Watermarking Protocol." Thesis, 2003. http://ndltd.ncl.edu.tw/handle/45577444099306851014.
Full textAbstract:
碩士國立臺灣大學
電機工程學研究所
91
Digital watermark has been used to protect the copyright and deter unauthorized duplication and dissemination of multimedia content. The seller can insert a unique watermark into a copy of the document before sells it. Then the seller can discover the original buyer of the unauthorized copy by using the corresponding watermarking extraction or detection algorithm. One problem is that the accused buyer can claim that the unauthorized copy is not distributed by him but from the seller because the watermark is embedded solely by the seller. In this paper, we propos a watermarking protocol that prevents the seller from framing the buyer and lets a cheating buyer to admit of guilty. In compared with previous solutions, the proposed scheme is more lightweight because it can work without trust third party and still guarantee the fairness of transaction. That is the advantage to make this protocol easily implemented.
24
Yeh, Wen-Tien, and 葉文典. "A Lightweight Routing Protocol for MobiA Lightweight Routing Protocol for Mobile Target Detectionle in Wireless Sensor Networks." Thesis, 2009. http://ndltd.ncl.edu.tw/handle/10396600554652966797.
Full textAbstract:
碩士東吳大學
資訊管理學系
97
Sensor nodes are low-cost and small size. They are deployed in a poor condition or an inaccessible region to perform the target detection. Each sensor node sends data about the target to the sink node through the efficiently protocol. It will effectively extend the survival time of the sensor node. AODV routing protocol, which is simple and efficient, is often used in the wireless sensor network to transmit data. However, AODV routing protocol constructs the path from the source node that detects the target to the sink node. Whenever the target moves, the path will be reconstructed. The localization repair routing protocol [8] set up a reconstruction area and restricted the RREQ packet to be broadcasted in it to avoid the broadcast storm. However, this method could not reconstruct the path once the target moves out of the reconstruction area. In this paper, we propose a lightweight routing protocol for mobile target detection. When the path is broken caused by the movement of the target, nodes can repair the path effectively through the presented routing information to save the energy and the cost.
25
Li, Jia-Hong, and 李佳鴻. "Lightweight Mobile RFID Authentication Protocol for Location Privacy." Thesis, 2008. http://ndltd.ncl.edu.tw/handle/53656290650698755245.
Full textAbstract:
碩士中原大學
資訊工程研究所
96
Radio Frequency Identification(RFID) systems is used in various fields such as supply chain management, inventory control, medical management, indoor access control, and so forth. Recently, it is expanding to become the mobile RFID systems for more convenience. Through RFID reader chip is installed to mobile terminal like PDA or cellular phone, which can provide purchasing, verifying and paying for the product directly. However, mobile reader and tag using RF signals to communicate with each other, and low-cost tag can’t provide enough security protection. The malicious attacker can pretend as mobile reader to cause security and privacy problems such as tag’s information leakage and owner traceability. In this paper, we propose a PIN-test Set based scheme suitable to mobile RFID systems and conforming to EPC Class-1 Generation-2 standards. Our scheme is forward-secure and prevent from threats such as reply attack, DOS attack, man-in-the-middle attack, and tag counterfeit.
26
Lin, PingChung, and 林品仲. "A Lightweight RFID Authentication Protocol with Privacy protection." Thesis, 2011. http://ndltd.ncl.edu.tw/handle/68018444803958751584.
Full textAbstract:
碩士長榮大學
資訊管理學系碩士班
99
Recently, many aspects of the security in RFID systems has become a subject of prime attention. RFID technology has been applied heavily for its small size, low cost, and ability to stores large amounts of data. However, the features in RFID technology, such as unique identification and out-of-sight readability, can also bring about some security concerns. In this thesis, we address the tracking issue of RFID tags and propose a protocol to perform authentication while preserving the privacy of its user.
27
Lee, Cheng-Chung, and 李政仲. "A Lightweight Fair Payment Protocol for Mobile Devices." Thesis, 2008. http://ndltd.ncl.edu.tw/handle/70464408373187647227.
Full textAbstract:
碩士國立交通大學
資訊科學與工程研究所
96
Most payment protocols use public key cryptosystems to encrypt and sign messages for non-repudiation and fairness. Due to low computational power and limited memory, mobile devices cannot work well with public key cryptosystems or complex operations, such as exponential operations. A lightweight scheme is desirable for both encryption and signature, to achieve non-repudiation and fairness for mobile devices. In this paper, we propose a lightweight fair payment protocol for mobile devices. The proposed protocol is able to attain the important properties, namely fairness, non-repudiation, product validation, and merchant authentication. In our scheme, a trusted third party is needed to initialize the payment protocol, and resolve disputation automatically.
28
CHEN, WEI-CHING, and 陳薇晴. "A new lightweight IoT devices remote authentication protocol." Thesis, 2019. http://ndltd.ncl.edu.tw/handle/w8d5at.
Full textAbstract:
碩士中國文化大學
資訊管理學系
107
In recent years, the technology of the Internet of Things (IoT) develops rapidly. By combining radio frequency identification (RFID) and wireless sensing networks with cloud computing, the Internet of Things can be used to build smart environments such as intelligent health and transportation system, etc. On the other hand, cosidering the limited computing capability of IoT devices, it is essential to provide a lightweight and secure IoT remote authentication scheme to satisfy the security requirement. Many scholars have proposed the research results of the IoT authentication mecha-nism. In 2018, Amin et al. pointed out that the authentication scheme proposed by Xue et al. and Chuang et al. has weaknesses such as user anonymity and internal at-tacks, and proposes an improved scheme. In the same year, Li et al. pointed out the Jiang et al.’s scheme, which has the weakness of being unable to detect unauthorized login and the vulnerability of the session key and also proposes a new mechanism. However, we find the schemes of Amin et al. still has internal attacks and user ano-nymity, and Li et al. have similar problems. Therefore, this study proposes an en-hanced lightweight IoT authentication mechanism based on the results of the security analysis of previous schemes and proves the proposed scheme provides the security requirements of IoT authentication through security and efficient analysis and will be more suitable for the real world.
29
Yang, Chih Yao, and 楊智堯. "A Lightweight Authentication Protocol for MIFARE Classic System." Thesis, 2010. http://ndltd.ncl.edu.tw/handle/97292997444882796422.
Full textAbstract:
碩士長庚大學
資訊管理學系
98
The MIFARE Classic is a contactless smartcard that uses technology of RFID (Radio Frequency Identification) and is widely used in human daily life, such as the security control of the office buildings, the payment systems for the public transportation and the other applications. Several academic researchers have been able to crack its authentication mechanism. The method is to focus on the card hardware of MIFARE Classic. Researchers proceed with the reverse-engineering to uncover the CRYPTO1 stream cipher, which is used for 3 Pass Authentication and data encryption/decryption. After reverse-engineering decrypts the CRYPTO1, researchers discover the weaknesses of CRYPTO1 to recover the secret keys. Therefore, how to ensure the security of 3 Pass Authentication of the MIFARE Classic is a very important topic. In this paper, we focused on the security mechanisms, including mutual authentication, symmetric encryption, stream cipher, initialization state, etc. Based on the ISO 14443A standard, we proposed a lightweight authentication protocol for the MIFARE Classic system to prevent the current attacks to the MIFARE Classic. The current attacks include keystream recovery attack, replay attack, nested authentication, etc.
30
Jiang, Chi-Huan, and 姜其瓛. "Lightweight Intelligent Authentication Protocol for Wireless Sensor Networks Research." Thesis, 2011. http://ndltd.ncl.edu.tw/handle/04260224054621501089.
Full textAbstract:
碩士義守大學
電子工程學系碩士班
99
Due to the rapid development of communication and transmission technology, wireless communication and transmission have recently replaced the original form of traditional cable transmission. Wireless Sensor Networks (WSN) consists of many autonomous sensor nodes that are placed in different locations to collect data. The information collected will be sent back to the base station for further analysis and processing. Because wireless sensor network itself is sending messages through a wireless communication media, the attacker can easily access through an anonymous connection and make the transmission data vulnerable to be intercepted or tampered. Thus, it becomes very important issue to protect the confidentiality and privacy of data. In this paper, we proposed a mutual authentication protocol for WSN applications. The functionality of the proposed protocol is verified using Altera Quartus II software, and implemented in Altera Cyclone II DE2-70 FPGA development module. The output signals from the FPGA are measured in 16702A logic analysis system to complete functional verification. The logic (gate-level) circuit of the proposed architecture is synthesized using Synopsys Design Vision software. The power consumption analysis of different systems architecture is also simulated. Finally Cadence SOC Encounter software is applied to complete the layout of the verified circuit design. The proposed WSN mutual authentication system is a lightweight authentication protocol architecture concept. The XOR operation is applied to achieve the purposes of data protection.
31
Edelev, Sviatoslav. "Towards a Lightweight, Secure, and Untraceable RFID Authentication Protocol." Doctoral thesis, 2015. http://hdl.handle.net/11858/00-1735-0000-0023-9618-D.
Full text
32
陳培郁. "A Study on ECC-Based RFID Lightweight Authentication Protocol." Thesis, 2010. http://ndltd.ncl.edu.tw/handle/63612131090957109939.
Full textAbstract:
碩士國立清華大學
資訊工程學系
98
RFID technology has become popular in many applications, but it also raised security and privacy concerns. Many people worry about the disadvantages which brought by RFID technology, such as leaking their location privacy and confidentiality of private information. However, most of the RFID products lack security related functionality due to the hardware limitation of the low-cost RFID tags. In 2009, Chien and Laih proposed an RFID authentication protocol based on error correction codes (ECC) to secure the RFID systems with untraceability, which is one of the most critical privacy issues in RFID. But we found that this protocol is still vulnerable to tracing attacks, and two variant attacks are presented to break Chien’s protocol. In this thesis, we propose an ECC-based mutual uthentication protocol for RFID. Our protocol requires only lightweight operations that can be mounted on the low-cost tags. With an ECC-based filtering mechanism applied, the computational load on the RFID reader can be reduced. Therefore, our protocol is appropriate for the real-world applications. Further analysis shows that the protocol is secure against the common security threats of RFID systems.
33
WU, KUAN-LIANG, and 吳冠良. "The Research of RFID Lightweight Authentication Protocol for VANETs." Thesis, 2016. http://ndltd.ncl.edu.tw/handle/42297940033975624068.
Full textAbstract:
碩士中華大學
資訊工程學系
104
With the advancement of technology, Radio Frequency Identification (RFID) system for the convenience in our life have been deeply affected. In the case of daily life, almost everyone has some RFID proximity cards, but there are some important personal privacy or information security issues. Because of the RFID tag is to transmit signal to the reader by using wireless channel, it is likely to suffer malicious user to track, eavesdrop, replay or denial of service attacks, etc.. To solve the above security issues, many scholars have proposed different RFID authentication protocols. In 2012, Caballero-Gil et al. presented CG authentication protocol to solve replay attack and track attacks, but their protocol cannot resist the problem of brute force and de-synchronization attacks. Fereidoun Moradi et al. proposed CG+ authentication protocol to solve the de-synchronization problem in CG authentication protocol. But we found that CG+ authentication protocol may still allow the attacker through denial of service attack to cause de-synchronization attack between by database and tag. Therefore, an improved method will be analyzed and submitted in this research. At the same time, our method can effectively reduce the tag and database computation overheads and it comply EPCglobal Class1 Generation2 standard. We expect our research results can be applied to VANETs(Vehicular Ad Hoc Networks) in the future.
34
Tang, Ssu-Wei, and 唐偲瑋. "A Lightweight Continuous Authentication Protocol for Internet of Things." Thesis, 2016. http://ndltd.ncl.edu.tw/handle/86750452826656055396.
Full textAbstract:
碩士國立臺灣科技大學
資訊管理系
104
In recent years, Information Technology (IT) has been developing rapidly. Smart phones, wearable devices, sensors, and wireless network technologies are getting more and more well-developed. As a consequence, we have come to the era of Internet of Things (IoT). The IoT will bring a more convenient and comfortable life. However, the sensors are deployed in unguarded surroundings, in which these devices are easily attacked. In order to ensure the availability and authenticity of information, it is important to establish secure authentication between IoT devices. There are some related approaches have been proposed. In addition, the devices need to regularly transmit sensed data to other devices in a short time period. According to the existing approach, the sensors need to frequently authentication in the beginning of each data transmission session. The resource-limited devices cost respectable resources and time in the course of such authentication. Hence, an effective and lightweight authentication protocol is vital to IoT environment. In this thesis, we propose a device-based lightweight continuous authentication protocol for IoT environment to address the issues mentioned above. We introduce time-bounded concept in our protocol. We utilize token and the dynamic factor of IoT device to quickly authenticate communicating parties in each session. The security analysis proves that the proposal protocol satisfies security requirements. Hence, the proposed protocol is favorable and effective between devices for IoT environments.
35
Lin, Che-Cheng, and 林哲正. "Lightweight, Distributed Key Agreement Protocol for Wireless Sensor Networks." Thesis, 2006. http://ndltd.ncl.edu.tw/handle/36379924969165108401.
Full textAbstract:
碩士國立交通大學
資訊科學與工程研究所
94
Wireless Sensor Network (WSN) has been drawing more and more attention in recent years. WSN offers practical solutions for a variety of applications, such as security monitoring, wildlife tracking, and military detection. For practical and economical considerations, small low-cost wireless networked devices are deployed to construct the sensor networks. Secure key establishment is a fundamental security service in wireless sensor networks. It enables sensor nodes to secure their communications from malicious eavesdropping or tampering. However, due to restricted computing power and limited memory space, traditional public key cryptosystems are not applicable to sensor hardware. To address this problem, we propose a lightweight distributed key agreement protocol, which enables each sensor node to establish shared secret keys efficiently with its neighboring nodes without the computation of modular exponentiation. Our protocol utilizes one-way hash function and bit-wise comparison operations, which are efficient and feasible for sensor hardware. Our approach provides better secure connectivity with less redundant storage cost than existing schemes.
36
Tu, Chieh-Shain, and 涂介賢. "RFID Security — Distance-Bounding Protocol, Server-Reader Lightweight Authentication Protocol and Mifare Ultralight Case Study." Thesis, 2009. http://ndltd.ncl.edu.tw/handle/89787580611507508212.
Full textAbstract:
碩士國立暨南國際大學
資訊管理學系
97
Nowadays, RFID technologies are widely deployed in applications and systems, but due to the technology is not mature yet and the security has not been defined well. Thus, there are security problems on RFIDs that we should pay great attention. This paper consists of three RFID related topics. The first topic is “Distance-bounding protocol”. Distance-bounding protocol is one that can authenticate the distance of two equipments. A secure distance-bounding protocol should resist to the following three real-time distance fraud attacks - distance fraud attack, mafia fraud attack and terrorist fraud attack. In this section, we reviewed the related work on seceral distance-bounding protocols in wireless sensor networks and in RFIDs, and analysed the security properites. Finally, we propose a new RFID distance-bounding protocol to avoiding distance fraud attacks and providing mutual authentication. The second topic is “Server-Reader Lightweight Authentication Protocol”. Recently, Lo et al.’s had addressed that building a light-weight secure communication is necessary for reader-to-server channel in RFID systems, because resource-limited mobile readers are becoming more and more popular. Therefore, Lo et al. proposed an elliptic curve cryptography (ECC) - based lightweight authentication protocol for reader-server channel. However, we find that their scheme has few security weaknesses: (1) the trusted third party’s private key would be disclosed such that the whole system would be broken and (2) there is no authentication of the keying materials. To conquer while preserving the light-weight property, we propose a new authentication protocol for reader-server channel using ID-based cryptography from elliptic curves. The final topic is a case study in Mifare Ultralight. The Dutch transport ticketing system, which is called OV-chipkaart, based on NXP semiconductors Mifare technology. The Mifare Classic 4K cards are used as regular cards - personal and anonymous while the cheaper Mifare Ultralight cards are applied as temporary passes. Unlike Mifare Classic 4K cards which have keys, crypto algorithm and provide authentication process, the Mifare Ultralight cards do not employ encryption or keys. Thus, the Mifare Ultralight cards can be read or written by anyone. The report from University of Amsterdam revealed that irregular usage behaviors disclose three vulnerabilities of OV-chipkaart: (1) failure of defense mechanism, (2) repeated check-out and (3) free travel. We suggest that the security of the OV-chipkaart system should improve the designe of memory configuration and the software semantics.
37
Lee, Jun-Ya, and 李俊曄. "The Design of Lightweight Authentication Protocol for Internet of Things." Thesis, 2014. http://ndltd.ncl.edu.tw/handle/12375942824303911299.
Full textAbstract:
碩士義守大學
電機工程學系
102
Internet of Things (IoT) refers to uniquely identifiable objects (things) which can interact with other objects through the global infrastructure of wireless/wired internet. The communication technique among a large number of resource-constrained devices that generate large volumes of data has an impact on the security and privacy of the involved objects. In order to provide a speedy and highly security communication network over IoT, in this thesis, a novel, low computational complexity PADgen function which based on XOR operation has been developed as the core of authentication protocol design. Cooperating with the techniques of finite state machine (FSM) and pipelining, three types of lightweight authentication protocols, single-object mutual authentication protocol, single-object broadcasting authentication protocol and multi-object authentication protocol, are designed and simulated. Through the efforts of Altera Quartus II software simulation, compare to the traditional EPCglobal Class-1 Gen-2 authentication protocol, the proposed single-object mutual authentication protocol may increase 9.4% authentication time, 15.4% LEs and 26.3% power dissipation but with highly security. single-object broadcasting authentication protocol with pipelining may reduce 8.7% authentication time but increase 37.4% LEs and 25.5% power dissipation.
38
Ruan, Shiou-Huei, and 阮綉惠. "Ownership Transfer Protocol for RFID Objects Using Lightweight Computing Operators." Thesis, 2011. http://ndltd.ncl.edu.tw/handle/bnw359.
Full textAbstract:
碩士國立臺灣科技大學
資訊管理系
99
Radio Frequency Identification (RFID) is a contactless automatic identification technology. With the low-cost and advancement of technology, RFID has been applied in various fields, including supply chain, access control, medical care and so on. Nevertheless, owing to the cost of RFID tags are decreasing, it will be anywhere in our life. In recent year, RFID is applied to E-commerce transactions; moreover, the ownership transfer issue for RFID tags is extended during the process of transaction. Through the ownership transfer protocol, we can change the owner of the tag which is attached on objects so as to achieve complete transactions. In previous studies, the proposed protocols were challenged with their security threats, privacy violation problems and heavy computation. Therefore, we proposed a novel secure and efficient ownership transfer protocol for RFID tags using lightweight computing operators and also achieve the security requirements and safely change the owner of tags. Detailed analyses show that our proposed protocol can achieve security on messages passing and higher performance.
39
Putera, Christian Antonia Lusiarta, and 安東尼亞. "Incorporating OMA Lightweight M2M Protocol in IoT/M2M Standard Architecture." Thesis, 2015. http://ndltd.ncl.edu.tw/handle/67865369011128888576.
Full textAbstract:
碩士國立交通大學
電機資訊國際學程
103
IoT/M2M aims to integrate a large number of heterogeneous devices which are constantly required to be discovered and reconfigured in order to bring them up to date or to recover their failures. The device management protocol is needed to reduce the amount of time to configure and to manage those IoT/M2M devices, especially for the M2M devices located in the remote area. The device management protocol enables abstraction of an IoT/M2M device as a managed object to ease the management of device; to do this for IoT/M2M devices, this abstraction has to be concise and lightweight. The IoT/M2M international standard organizations, such as ETSI and OneM2M, proposed the use of lightweight device management protocol called Open Mobile Alliance Lightweight M2M (OMA LWM2M) protocol to manage and to configure the IoT/M2M devices from IoT/M2M platform. By incorporating device management in the IoT/M2M platform, we can establish device management sessions that allow an IoT/M2M application to manage IoT/M2M devices remotely from the IoT/M2M service platform. For example, by manipulating resource trees in the cyber space from the IoT/M2M platform we gain access and control to the corresponding sensors/devices in the physical world. However, how to perform resource mapping of OMA LWM2M in the IoT/M2M standard architecture platform is not well addressed by the standard. In this research, we examine how to incorporate the OMA LWM2M in the M2M standard architecture and we analyze how the M2M standard architecture can collaborate and communicate with OMA LWM2M protocol to establish device management sessions. For the experimental process, we analyze the resource mapping of OMA LWM2M objects and resources into the ETSI M2M resource tree by analyzing the processes of (1) Bootstrapping, (2) Registration, and (3) Management and Service Enablement Session. 1. The bootstrapping process is used to provision the OMA LWM2M objects to the IoT/M2M platform for device management session. 2. The registration process is used to register the OMA LWM2M Client and its Objects in the OMA LWM2M Server. This process is analyzed during the device triggering session. 3. The Device Management and Service Enablement Session is a procedure of accessing Object or Resource of the OMA LWM2M Client by an M2M application using OMA LWM2M Server. In order to proceed with our implementation and analysis, we develop Remote Entity Management (REM) Service Capability on top of the OpenMTC, an ETSI M2M standard compliant system from Fraunhofer FOKUS. We also utilize Eclipse Leshan and Wakaama that are the OMA LWM2M open-source reference implementations to implement the REM Capability. To proceed with the analysis, we build an IoT/M2M application and do features testing on it. The feature testing includes the manipulation of the device objects and resources using RESTful commands, the simulation of firmware update mechanism, and the simulation of the remote reboot mechanism for fault management.
40
Cai, Jhong-Heng, and 蔡仲恆. "The Research of Lightweight Mutual Authentication Protocol for Mobile Payment." Thesis, 2016. http://ndltd.ncl.edu.tw/handle/76084473635154181926.
Full textAbstract:
碩士義守大學
電機工程學系
104
Instead of paying with cash, check, or credit cards, a consumer can use a mobile phone to pay for a wide range of services and digital or hard goods. Although the concept of using non-coin-based currency systems has a long history, it is only recently that the technology to support such systems has become widely available. NFC is used mostly in paying for purchases made in physical stores or transportation services. Most transactions do not require authentication, but some require authentication using PIN, before transaction is completed. Mobile payment method via NFC faces significant challenges for wide and fast adoption, due to lack of supporting infrastructure, complex ecosystem of stakeholders, and standards. Due to the need of a safer NFC mobile payment system with low computational complexity, an XOR-based mutual authentication protocol is developed in this thesis. In order to demonstrate the superiority on computational complexity and security of proposed protocol, four other authentication protocols have been surveyed and numerical experiments have also been conducted to provide the performance comparison. EPCglobal Class-1 Gen-2 need other method to improve its encryption process, and it is not a mutual authentication protocol. Tag-Reader Mutual Authentication need a lot of input parameters to support its encryption process. IOT lightweight authentication protocol will expose all its parameters and messages during message exchange. ECMA-386 do many Complex calculations during encryption process. All of those are the purpose of published this thesis.
41
Li, Po-Chi, and 黎柏琦. "A Lightweight Secure Data Aggregation Protocol for Wireless Sensor Networks." Thesis, 2007. http://ndltd.ncl.edu.tw/handle/93616230501460079126.
Full textAbstract:
碩士國立清華大學
資訊工程學系
96
Wireless sensor networks are widely utilized in many areas nowadays. Sensor nodes have limited computation ability, memory and energy and so on. In addition, the energy consumption of communication is much more than computation for wireless sensor nodes. For the reason, data aggregation is a widely used technique in wireless sensor networks to reduce communication cost. Nevertheless, data aggregation brings some side effects and suffers from some attacks. Firstly, data aggregation exploits fewer messages to represent a great deal sensing readings. Therefore, the aggregated values just present some results. Nevertheless, the base station is unable to be aware of the distribution of these original sensing values. In other words, the base station can not recover to original messages from aggregated value to perform further analysis. Secondly, in wireless sensor networks, internal nodes are able to alter messages when it aggregates receiving messages. The altered messages will result in a deviation of final result. Consequently, the false result could cause a wrong decision. Hence, it is significant to protect these messages from an attacker altering them when internal nodes aggregate these data. However, less of them can indeed guarantee data integrity and resist dropping attack and so on. An attacker can simply forge data to affect the decision of base station by compromised nodes. This thesis, therefore, proposes a lightweight secure data aggregation protocol to solve above side effects and attack models. In the meanwhile, this thesis also provides detailed security analyses to verify the security of our scheme. Finally, we compare our scheme with other precious methods in terms of security, memory cost, communication cost, computation cost, and application environment etc.
42
Yang, Shun-Miao, and 楊舜淼. "A Lightweight RFID Authentication Protocol with Collision-Free Based on CDMA." Thesis, 2010. http://ndltd.ncl.edu.tw/handle/74417138417627611086.
Full textAbstract:
碩士雲林科技大學
資訊工程研究所
98
Radio Frequency IDentification(RFID) is an automatic identification system, it’s said that a RFID reader can identify a large number of tags simultaneously. For commercial products, however, a RFID reader identifies tags one by one. This is because collisions occur when several tags send their data at the same time. The RFID authentication protocols[7][8][9] put heavy computational overhead on low-cost tags, which don’t have the ability to perform complex operations. To overcome the collision and computation overhead problems, we propose a lightweight RFID mutual authentication protocol with collision-free based on CDMA. By CDMA Technology, the scheme allows many tags to send their data simultaneously without collision. The proposed scheme requires a tag to perform 2~4 hash operations during authentication phase and has the following secure properties: tag anonymity, indistinguishability, robustness, forward secrecy and mutual authentication. In addition, the scheme can also resist the following attacks: eavesdropping, replay attack, forgery attack, tracking attack and de-synchronization attack.
43
Shie, Huei-sz, and 謝慧思. "A Design of RFID Mutual Authentication Protocol Using Lightweight Bitwise Operations." Thesis, 2008. http://ndltd.ncl.edu.tw/handle/22534334098018982802.
Full textAbstract:
碩士國立臺灣科技大學
資訊管理系
96
Radio frequency identification (RFID) has widely applied to many applications including supply chain, logistics management, personnel identification and patient care management. With the increasing usage of a RFID system, information security and end-user privacy have become a critical concern. In terms of security schemes, most of previous RFID authentication researches are too sophisticated for a low-cost RFID system. Factors such as resource-constrained tag, cheaper reader implementation and efficient information search on backend database should all be considered along with the security and privacy protection schemes for low cost RFID systems. In this thesis, we present a mutual authentication protocol which uses the lightweight bitwise logic and arithmetic operations on a low-cost RFID tag to defend against many malicious attacks and achieve security requirements for a RFID system. In our scheme, we use simple and low-cost operations as encryption tools. In order to guarantee communication security, after the reader is successfully verified by a tag, the tag transmits the enciphered ID information to a reader to avoid attacker getting ID information by eavesdropping and to increase the cost of password guessing attack. Our scheme can achieve privacy protection and comply with security requirements to provide secure properties such as anonymity, data confidentiality, anti-cloning, availability, and forward security.
44
Wu, Shu-Min, and 吳舒旻. "A New Ultra-lightweight Authentication Protocol Resisting De-synchronization and Disclosure Attacks." Thesis, 2013. http://ndltd.ncl.edu.tw/handle/sv7mr9.
Full textAbstract:
碩士國立交通大學
電控工程研究所
101
Radio frequency identification (RFID) is an automatic identification technology to store and retrieve data wirelessly. Nowadays, RFID is one of the main technologies used to build ubiquitous systems. Security and privacy problems of a RFID system attract a great quality of attentions since ultra-lightweight tags have very limited capabilities, in which protocols can only use bitwise operations. The existing protocols can not resist many attacks such as DoS, traceability, de-synchronization and disclosure attacks. De-synchronization and disclosure attacks are two important threats among these attacks. Therefore, we propose a new ultra-lightweight authentication protocol resisting de-synchronization and disclosure attacks. The proposed protocol is inspired by the RAPP protocol. We use a random number as an index of permutation operation in the mutual authentication phase to defend disclosure attacks.In the IDS/Keys update phase, we design a random approach to randomly update the shared secrets between a reader and a tag to reduce the success probability of de-synchronization attacks. We discuss security analysis and show how de-synchronization and disclosure attacks work on our and the existing ultra-lightweight authentication protocols. The results show that our protocol can decrease the success probability of disclosure (bits) attacks to 0.98% and reduce the success probability of de-synchronization (handshaking) attacks from 100% to 25%.
45
Yeh, Po-Chun, and 葉柏均. "A Distributed Measurement System under Precision Time Protocol and Lightweight Fast Broadcast Synchronization." Thesis, 2007. http://ndltd.ncl.edu.tw/handle/84207137543253588131.
Full textAbstract:
碩士國立成功大學
資訊工程學系碩博士班
95
Time synchronization is an important issue for the distributed system. A newly field, wireless sensor network, attracted many researchers during the past decade and each sensor node can work independently which has its own MCU, memory, oscillator, and DSP. So, these nodes can be seen as a kind of the distributed system. Moreover, time is an important aspect for the many applications and protocols used in wireless network such as TDMA (Time Division Multiple Access). It needs to synchronize with each other and then can allocate time slot by clock value it own. This mechanism is used to avoid the network collision. Time synchronization is a critical issue in wireless sensor network. In this thesis, we point out why the traditional synchronous algorithms are improper for the WSN and analyze the improper factors in sender-receiver. The sender-receiver is the traditional method and has been used in wireless and wired synchronization algorithms, widely. We provide a mechanism of time synchronization, named as Lightweight Fast Broadcast Synchronization (LFBS) for the wireless sensor network. This algorithm reduces a large amount of power consumption which is an important issue for resource limited wireless sensor network because of decreasing the unnecessary data exchanging and the synchronous time in RBS. Finally, we simulate a measurement system based on the synchronous algorithm we propose in this thesis.
46
Poernomo, Michael, and Michael Poernomo. "Design of Two-Stage Authentication to Achieve a Lightweight Precision Time Protocol for IoT." Thesis, 2019. http://ndltd.ncl.edu.tw/handle/jrbm22.
Full textAbstract:
碩士國立臺灣科技大學
資訊工程系
107
The current enhancements in the Internet of Things (IoT) standardize a method to precisely synchronize computers or devices over the network. The precision time protocol (PTP) described in IEEE 1588 in a hierarchical masterslave architecture meets the necessity for higher accurate time synchronization. For achieving higher accuracy, security and resource issues arise. To mitigate these issues, a lightweight authenticated PTP using the digital signature and polynomials is proposed in this thesis. The proposed scheme is evaluated through the SimPy simulator and the simulation results show that the proposed scheme outperforms the closely related schemes in the literature in terms of time and storage complexity.
47
Shao-ChengHuang and 黃少呈. "Design of Ultra-lightweight Mutual Authentication Protocol and Its Application on Industrial Control Systems." Thesis, 2019. http://ndltd.ncl.edu.tw/handle/6p53vx.
Full textAbstract:
碩士國立成功大學
資訊工程學系
107
In operational technology, Industrial Control Systems (ICSs) are computing systems used to operate the critical infrastructures at the national level, including power plant and water supply network, public transportation, manufacturing, and so on. Therefore, the cybersecurity of ICSs has a certain relevance to homeland security. Different from the traditional information technology systems, the development of ICSs is considering additional environmental requirements such as hard real-time interactions, resource-constrained devices, and high availability systems. Consequently, the improvement of ICS’s security mechanism is essential to meet these requirements. Much research has successively proposed security solutions for ICSs in recent years. However, these solutions may either require over-priced cryptographic methods or incomprehensible security mechanisms. Dedicated to the ultra-lightweight mutual authentication protocol, this thesis delves into its cybersecurity issues, indicated in previous research, and further applies it to ICSs. Firstly, this thesis points out that Tewari and Gupta’s protocol suffers from the disclosure attack, the de-synchronization attack, and the man-in-the-middle attack. Secondly, an improved protocol proposed by Wang et al. being susceptible to the disclosure attack is also demonstrated. Finally, a new ARX-based ultra-lightweight mutual authentication protocol is proposed that overcomes the environmental limitations of ICSs and solves its present cybersecurity issues.
48
Pancev, I. Gede Darko, and 易英戈. "Design and Implementation of a Lightweight Wireless Embedded Internet Platform With the Constrained Application Protocol." Thesis, 2016. http://ndltd.ncl.edu.tw/handle/44919609580770400143.
Full textAbstract:
碩士國立臺灣科技大學
自動化及控制研究所
104
The Internet has been a great success over the past 20 years, growing from small academic networks into global networks used regularly by over 1.4 billion people. Another Internet revolution, known as Internet of Things (IoT), has been going on with the maturing of the net communication in routers, servers and personal computers. The vision behind the IoT is that embedded devices are universally becoming IP (Internet Protocol) enabled and an integral part of Internet. The scale of the IoT has already been estimated to be immense, with the potential of trillion of devices becoming IP-enabled. The impact of IoT will be significant with the promise of better environment monitoring, energy saving, smart grids, more efficient factories, better logistic, better healthcare systems, and smart homes. However, one of the greatest potential growth of IoT comes from low power embedded devices that until now have not been IP-enabled. A new paradigm, known as Wireless Embedded Internet, is needed to enable low-power wireless devices with limited processing capabilities to participate in the IoT. Until now only powerful embedded devices and networks are able to natively participate in the Internet. Direct communication with traditional IP networks requires many Internet protocols, and an operating system to deal with complexity and maintainability. These requirements have in practice limited the IoT linking to devices with a powerful processor, an operating system with a full TCP/IP stack, and an IP-capable communication link. The main contribution of this study is to investigate a reliable way of future IoT networking by designing and implementing a lightweight wireless embedded platform, which equips with the characteristics of low power consumption, memory-constrained, small size, low cost IP-enabled wireless embedded device and the constrained application protocol. As a result, the embedded device with Low Power Wireless Connectivity, called “Lowvy,” was born, and a newest version of IP standard called IPv6 was successfully enabled on Lowvy wireless embedded devices with low-power consumption, thus enabling end-to-end IP networking, and wide range of wireless embedded IoT applications. Internet integration of Lowvy wireless embedded platform has been tested by creating an online environment-monitoring system which periodically published the measurement results of environment-monitoring applications (e.g., temperature, humidity, air quality, and ambient light) to Ubidots Cloud service. Therefore, by the designed system, we are able to access the applications from anywhere in the world through Internet connectivity.
49
Lee, Wei-Chen, and 李維貞. "Role-based Access Control Systems Using Lightweight Directory Access Protocol and Attribute Certificates for Intranet Security." Thesis, 2002. http://ndltd.ncl.edu.tw/handle/62458382543023385408.
Full textAbstract:
碩士東海大學
資訊工程與科學系碩士在職專班
90
Lightweight Directory Access Protocol (LDAP) is popularly used on the Internet, because it runs over TCP/IP and lightweight clients do not need to handle the multitude of other encoding and data types required by X.500. Moreover, the directory is a tree-like structure, and can be built from bottom up to form a virtual organization. Some information can be stored in the directory information tree for authentication and authorization. In this thesis, we apply the role-based access control (RBAC) models on the directory to provide administrators an easy and efficient way to manage application servers in an intranet environment. In our role-based access control framework, the user profile, organizational role hierarchy, and global access control rules are centralized and managed in a LDAP directory. Users do not need to remember several accounts in several servers, and administrators can absolutely and easily control user profile. The global access control rules define that organizational roles are allowed to access which servers, which are used to dynamically generate role attribute certificates to users and automatically generate local roles to each application server. Consequently, a LDAP server is a session CA to issue attribute certificates to end-entities. An attribute certificate conveys an end-entity’s roles, the qualifications and the authorized severs. Therefore, a role attribute certificate is like a entry visa to make an end-entity get its local permissions from diverse application servers. Each server is allowed to define granular role-based access control rules, which are assigned local permissions to local roles. For the interoperability, eXtensible Markup Language (XML) is a good solution to communicate with diverse platforms and databases, and an XML document is a nested structure, which is suitable for representing a role hierarchy. Therefore, we make use of XML documents to express role hierarchies and role-based access control lists. In addition, public key infrastructure (PKI) is combined with a LDAP server. We adopt certificate-based authentication based on SSL as the identity consideration. Public key certificates are also stored in the user entries of a LDAP directory to be aid of authentication, and the LDAP server does not need to check CRL.
50
Ou, Hsiang Yun, and 歐享昀. "A Study on a Lightweight RFID Protocol with Privacy and Security Protection for Low-cost Tags." Thesis, 2009. http://ndltd.ncl.edu.tw/handle/27078207545704838497.
Full textAbstract:
碩士長庚大學
資訊管理學研究所
97
Radio Frequency Identification (RFID) is an example of the most promising technology. The RFID technology is believed to change our lifestyle and habits, and very likely triggers a revolution in the supply chain environment. Although the prospects of the RFID are brightening, but low-cost hardware tags have great limitations in computing power. Traditional cryptographic algorithms like AES and RSA cannot be used in low-cost RFID tags. For widespread application, the potential security and privacy issues must be addressed. This thesis proposes a lightweight authentication protocol by using some basic operations, such as XOR, mod, bit rotation etc. These operations are all affordable in low-cost RFID tags. The requirements of security and privacy are achieved by the following two designs. First, pseudonyms are used to effectively prevent the tracking problems. It is important that, when the backend database stores the large number of tags, the proposed design still can efficiently search for necessary information with which to communicate with tags. Besides, pseudonym can alleviate the burden on searching the backend database. The second design is that our proposed method uses secret keys to protect supply chain partners’ secrets, which will not be changed, in order to achieve security in copyright transfer.