China
Africa
Explore chapters and articles related to this topic
Interoperable system with authentication and authorization for IoT
Published in Shin-ya Nishizaki, Masayuki Numao, Jaime Caro, Merlin Teodosia Suarez, Theory and Practice of Computation, 2019
J.E.P. Avenido, F.J.R. Caldejon, J.M.D. Ortaliz, G.G. Cu
Before a node can be considered part of the IoT network, it must first go through an authentication handshake with the server. The handshake is a series of packet exchanges between a client and the server wherein encrypted information is sent to one another in order to develop a secure connection between the two. The handshake is composed of four phases. The handshake design and sequence is loosely based on the Datagram Transport Layer Security (DTLS) handshake. To prevent denial of service (DoS) attacks, DTLS implements a stateless cookie exchange wherein when the client sends a ClientHello message to the server, the server responds with a HelloVerifyRequest message containing a generated stateless cookie. The client must retransmit the ClientHello message with the received cookie added4. As shown in Fig. 2, the handshake sequence is as follows:
Security with IoT
Published in Rebecca Lee Hammons, Ronald J. Kovac, Fundamentals of Internet of Things for Non-Engineers, 2019
TCP stands for Transmission Control Protocol and relates to the rules used to govern the successful transmission of data over the internet. Features of the protocol include handshakes to set up communications, error correction, and retransmission on failures. In DDoS, the TCP protocol is often used as part of a SYN flood attack. There is a three-way handshake that is part of the protocol where a client sends a SYN (synchronize) request to a server. The server responds with a SYN ACK (acknowledged), and the client sends its own ACK to establish communication. The attacker sends the SYN with a spoofed IP, the victim server sends the ACK to an IP that didn’t make the request, so it is ignored, and before this handshake times out, another SYN is sent again. These half-open connections, happening on every port on a server, will eventually cause it to become unresponsive.
A Quick Perspective on the Current State of IoT Security
Published in Mahmoud Elkhodr, Qusay F. Hassan, Seyed Shahrestani, Networks of the Future, 2017
Musa G. Samaila, João B. F. Sequeiros, Acácio F. P. P. Correia, Mário M. Freire, Pedro R. M. Inácio
TLS is the successor of Secure Sockets Layer (SSL), a cryptographic protocol for providing secure Internet connection between a client and a server using TCP transport. The key difference between the two is that TLS supports newer cipher suites and provides message authentication. TLS is used to provide end-to-end secure communication for applications that require TCP as the underlying transport protocol, such as MQTT. TLS employs a handshake mechanism to negotiate different parameters to establish a secure connection between the client and the server. The protocol is made up of two layers: a record protocol for providing a secure connection and a handshake protocol for ensuring authentication between devices and negotiating the type of encryption algorithms to be used and cryptographic keys before data exchange.
Secured Model for Internet of Things (IoT) to Monitor Smart Field Data with Integrated Real-Time Cloud Using Lightweight Cryptography
Published in IETE Journal of Research, 2021
Public Key Cryptography-RSA algorithm is ideal for multi-casting and transmitting, connectivity, storage and processing overhead make it inappropriate for resources-restricted software and network applications. There is a need to enhance the security application of wireless technology [5]. Aghapour et al. suggested a new, evidence-based, one-way hash authentication scheme [6] that would not only be able to survive future current attacks but would also significantly minimize storage and computing costs. Certificate-based systems have exceptionally high overheads. The handshake authentication has been proposed in IoT applications based on Datagram Transport Layer Security (DTLS) [7]. The proposed elliptical curve cryptography (ECC) based solution is planned to address high energy utilization by cause of RSA encryption and public key scheme in Szczechowiak et al. [8].