In the context of the Internet of Things (IoT), the proliferation of identity spoofing threats has led to the need for the constant entity verification of devices. Recently, a formal framework has been proposed to study resistance to impersonation attacks for One-Message Unilateral Entity Authentication (OM-UEA) schemes, in which the prover continuously authenticates itself through the use of a sequence of authentication messages. Given the limited computing power of the parties (particularly the prover) and the often limited bandwidth channel, in the IoT scenario it is desirable to design unilateral entity authentication schemes that require the use of a single message per session and light computations. In this paper, we first show that OM-UEA schemes can be implemented through digital signatures and that a weak form of unforgeability is sufficient to achieve security against active adversaries. We then apply the signature scheme proposed by Yang et al. in ASIACCS 2020 to our framework, resulting in an OM-UEA scheme that requires minimal computational effort and low storage requirements for the prover. Inspired by this last construction, we propose an OM-UEA scheme based on the hardness of the discrete logarithm problem, which further improves the computational performance for the prover. Our findings offer feasible options for implementing secure continuous entity authentication in IoT applications.

Continuous Entity Authentication in the Internet of Things Scenario

De Santis, Alfredo;Flores, Manuela;Masucci, Barbara
2023-01-01

Abstract

In the context of the Internet of Things (IoT), the proliferation of identity spoofing threats has led to the need for the constant entity verification of devices. Recently, a formal framework has been proposed to study resistance to impersonation attacks for One-Message Unilateral Entity Authentication (OM-UEA) schemes, in which the prover continuously authenticates itself through the use of a sequence of authentication messages. Given the limited computing power of the parties (particularly the prover) and the often limited bandwidth channel, in the IoT scenario it is desirable to design unilateral entity authentication schemes that require the use of a single message per session and light computations. In this paper, we first show that OM-UEA schemes can be implemented through digital signatures and that a weak form of unforgeability is sufficient to achieve security against active adversaries. We then apply the signature scheme proposed by Yang et al. in ASIACCS 2020 to our framework, resulting in an OM-UEA scheme that requires minimal computational effort and low storage requirements for the prover. Inspired by this last construction, we propose an OM-UEA scheme based on the hardness of the discrete logarithm problem, which further improves the computational performance for the prover. Our findings offer feasible options for implementing secure continuous entity authentication in IoT applications.
2023
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11386/4826833
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? 1
social impact