Advertisement

A lightweight signcryption scheme for defense against fragment duplication attack in the 6LoWPAN networks

  • Mohammad Nikravan
  • Ali Movaghar
  • Mehdi Hosseinzadeh
Article
  • 69 Downloads

Abstract

The Internet of Things (IoT) presents a new paradigm of the future Internet that intends to provide interactive communication between various processing objects via heterogeneous networks. The IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) is an IPv6 adaptation sub-layer and provides the requirements of IP connectivity between resource-constrained devices in lossy, low power networks. Since the size of a packet in the IPv6 is larger than the size of a frame in the IEEE 802.15.4, the 6LoWPAN adaptation layer performs packet fragmentation. In this paper, first, the 6LoWPAN fragmentation mechanism in terms of security issues is analyzed and then, fragment duplication attack which an attacker can selectively disrupt the reassembly of fragments of a particular packet at a receiver node is identified. Next, signcryption, which is a high performance cryptographic primitive, is discussed. Finally, a lightweight Offline-Online SignCryption (OOSC) scheme is proposed to counter fragment duplication attack. The evaluation shows that the proposed scheme is secure in the random oracle model and in terms of computational cost, and energy consumption efficiently counters with this attack.

Keywords

Internet of things Security Signcryption 6LoWPAN Fragment duplication attack 

References

  1. 1.
    Tsai CW, Lai CF, Vasilakos AV (2014) Future internet of things: open issues and challenges. J Wireless Networks 20(8):2201–2217CrossRefGoogle Scholar
  2. 2.
    Roman R, Zhou J, Lopez J (2013) On the features and challenges of security and privacy in distributed internet of things. J Computer Networks 57(10):2266–2279CrossRefGoogle Scholar
  3. 3.
    Jing Q, Vasilakos AV, Wan J, Lu J, Qiu D (2014) Security of the internet of things: perspectives and challenges. J Wireless Networks 20(8):2481–2501CrossRefGoogle Scholar
  4. 4.
    Kim E, Kaspar D, Vasseur J (2012) Design and application spaces for IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs). https://tools.ietf.org/html/rfc6568. Accessed April 2012
  5. 5.
    IEEE. Part 15.4: wireless medium access control (MAC) and physical layer (PHY) specifications for low-rate wireless personal area networks (WPANs) (2006). IEEE 802.15.4, IEEE Computer Society, 2006Google Scholar
  6. 6.
    Zheng Y (1977) Digital signcryption or how to achieve cost (signature & encryption) < cost (signature) + cost (encryption). Adv Cryptol Lect Notes Comput Sci 1294:165–179CrossRefzbMATHGoogle Scholar
  7. 7.
    Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. Adv Cryptol, Lect Notes Comput Sci 2139:213–229MathSciNetCrossRefzbMATHGoogle Scholar
  8. 8.
    Kim H (2007) Protection against packet fragmentation attacks at 6LoWPAN adaptation layer. In: Convergence and Hybrid Information Technology, 2008. In: Proceedings. 2008 IEEE International Conference on, pp 796–801Google Scholar
  9. 9.
    Montenegro G, Kushalnagar N, Hui J, Culler D (2007) Transmission of IPv6 packets over IEEE 802.15.4 networks. https://tools.ietf.org/html/rfc4944, Accessed September 2007
  10. 10.
    Ziemba G, Reed D,Traina P (1995) Security considerations for IP fragment filtering. https://tools.ietf.org/html/rfc1858.html, Accessed October 1995
  11. 11.
    Ptacek T, Newsham T (1998) Insertion, evasion, and denial of service: eluding network intrusion detection. Eluding network intrusion detection. SECURE NETWORKS INC CALGARY ALBERTAGoogle Scholar
  12. 12.
    Hummen R, Hiller J, Wirtz H, Henze M, Shafagh H, Wehrle K (2013) 6LoWPAN fragmentation attacks and mitigation mechanisms. In: security and privacy in wireless and mobile networks, 2013. WiSec’13. In: Proceedings. 2013 6th ACM conference on, pp 55-66Google Scholar
  13. 13.
    Libert B, Quisquater JJ (2003) A new identity based signcryption schemes from pairings. In: Proceedings of the 2003 IEEE workshop on information theory, pp 155–158Google Scholar
  14. 14.
    Boyen X (2003) Multipurpose identity-based signcryption: a swiss army knife for identity-based cryptography. Adv Cryptol Lect Notes Comput Sci 2729:383–399MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Barreto PSLM, Libert B, McCullagh N, Quisquater JJ (2005) Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. Adv Cryptol Lect Notes Comput Sci 3788:515–532MathSciNetCrossRefzbMATHGoogle Scholar
  16. 16.
    Jo HJ, Paik JH, Lee DH (2014) Efficient privacy preserving authentication in wireless mobile networks. Trans Mobile Comput IEEE 13(7):1469–1481CrossRefGoogle Scholar
  17. 17.
    An JH, Dodis Y, Rabin T (2002) On the security of joint signature and encryption. Advances in cryptology, Eurocrypt 2002, lecture notes in computer science 2332: 83–107Google Scholar
  18. 18.
    Xu Z, Dai G, Yang D (2007) An efficient online/offline signcryption scheme for MANET. In: proceedings of the 2007 workshop on advanced information networking and applications, pp 171–176Google Scholar
  19. 19.
    Yan F, Chen X, Zhang Y (2013) Efficient online/offline signcryption without key exposure. J Grid Util Comput 4(1):85–93CrossRefGoogle Scholar
  20. 20.
    Sun D, Huang X, Mu Y, Susilo W (2008) Identity-based on-line/off-line signcryption. In: network and parallel computing, 2008. In: proceedings. 2008 IFIP international conference on, pp 34–41Google Scholar
  21. 21.
    Liu JK, Baek J, Zhou J (2011) Online/offline identity based signcryption re-visited. In: information security and cryptology, Inscrypt 2010, lecture notes in computer science 6584: 36–51Google Scholar
  22. 22.
    Li F, Khan MK, Alghathbar K, Takagi T (2012) Identity-based online/offline signcryption for low power devices. J Network Comput Appl 35(1):340–347CrossRefGoogle Scholar
  23. 23.
    Li F, Xiong P (2013) Practical secure communication for integrating wireless sensor networks into the internet of things. J IEEE Sensors 13(10):3677–3684CrossRefGoogle Scholar
  24. 24.
    Senthil kumaran U, Ilango P (2015) Secure authentication and integrity techniques for randomized secured routing in WSN. J Wireless Networks 21(2):443–451CrossRefGoogle Scholar
  25. 25.
    Li F, Zheng Z, Jin C (2016) Secure and efficient data transmission in the internet of things. J Telecommun Syst 62(1):111–122CrossRefGoogle Scholar
  26. 26.
    Bormann C (2012) Guidance for light-weight implementations of the internet protocol suite. https://tools.ietf.org/html/draft-bormann-lwig-guidance-01, Accessed 24 January 2012
  27. 27.
    Wilhelm M, Martinovic I, Schmitt JB, Lenders V (2011) reactive jamming in wireless networks: how realistic is the threat?. In: wireless network security, 2011. WiSec’11. In: Proceedings. 2011 4th ACM conference on, pp 47–52Google Scholar
  28. 28.
    Becher A, Benenson Z, Dornseif M (2006) Tampering with motes: real-world physical attacks on wireless sensor networks. In: security in pervasive computing, 2006. SPC’06. In: Proceedings. 2006 3rd international conference on, pp 104–118Google Scholar
  29. 29.
    Heer T, Garcia-Morchon O, Hummen R, Keoh S, Kumar S, Wehrle K (2011) Security challenges in the IP-based internet of things. J. Wirel Pers Commun 61(3):527–542CrossRefGoogle Scholar
  30. 30.
    Daemen J, Rijmen V (2002) The design of Rijndael: AES the advanced encryption standard. Springer, BerlinCrossRefzbMATHGoogle Scholar
  31. 31.
    Secure Hash Standard (1995) Nat’l Inst. of standards and technology (NIST), Fed. Inf Process Stand Publ 180(1)Google Scholar
  32. 32.
    Pointcheval D, Stern J (2000) Security arguments for digital signatures and blind signatures. J Cryptology 13(3):361–396CrossRefzbMATHGoogle Scholar
  33. 33.
    Boneh D, Boyen X (2004) Short signatures without random oracles. In: advances in cryptology. Lect Notes Comput Sci 3027:56–73CrossRefzbMATHGoogle Scholar
  34. 34.
    Cha JC, Cheon JH (2003) An identity-based signature from gap Diffie-Hellman groups. Public Key Cryptogr, Lect Notes Comput Scie 2567:18–30MathSciNetCrossRefzbMATHGoogle Scholar
  35. 35.
    Li J, Zhao J, Zhang Y (2015) Certificateless online/offline signcryption scheme. J Secur Commun Netw 8(11):1979–1990CrossRefGoogle Scholar
  36. 36.
    Li F, Han Y, Jin C (2017) Certificateless online/offline signcryption for the internet of things. J. Wirel Netw 23(1):145–158CrossRefGoogle Scholar
  37. 37.
    Luo M, Tu M, Xu J (2014) A security communication model based on certificateless online/offline signcryption for internet of things. J Sec Commun Netw 7(10):1560–1569Google Scholar
  38. 38.
    Shi W, Kumar N, Gong P, Chilamkurti N, Chang H (2015) On the security of a certificateless online/offline signcryption for internet of things. J Peer-to-Peer Network Appl 8(5):881–885CrossRefGoogle Scholar
  39. 39.
    Shim KA (2012) CPAS: an efficient conditional privacy preserving authentication scheme for vehicular sensor networks. Trans Veh Technol IEEE 61(4):1874–1883CrossRefGoogle Scholar
  40. 40.
    Shim KA, Lee YR, Park CM (2013) EIBAS: an efficient identity-based broadcast authentication scheme in wireless sensor networks. J Ad Hoc Netw 11(1):182–189CrossRefGoogle Scholar
  41. 41.
    Gura N, Patel A, Wander A, Eberle H, Shantz SC (2004) Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In: international workshop on cryptographic hardware and embedded systems, 2004. CHES’04. Lect Notes Comput Sci 3156:119–132CrossRefzbMATHGoogle Scholar
  42. 42.
    Cao X, Kou W, Dang L, Zhao B (2008) IMBAS: Identitybased multi-user broadcast authentication in wireless sensor networks. J. Comput Commun 31(4):659–667CrossRefGoogle Scholar
  43. 43.
    Ma C, Xue K, Hong P (2014) Distributed access control with adaptive privacy preserving property for wireless sensor networks. J Secur Commun Netw 7(4):759–773CrossRefGoogle Scholar
  44. 44.
    Shim KA (2014) S2DRP: secure implementations of distributed reprogramming protocol forwireless sensor networks. J. Ad Hoc Netw 19:1–8CrossRefGoogle Scholar
  45. 45.
    Chang C, Muftic S (2007) Measurement of energy costs of security in wireless sensor nodes. In: computer communications and networks, 2007. ICCCN’07. In: proceedings. 2007 IEEE 16th international conference on, pp 95–102Google Scholar
  46. 46.
    Prasithsangaree P, Krishnamurthy P (2003) Analysis of energy consumption of Rc4 and AES algorithms in wireless Lans. In: Global telecommunications, 2003. GLOBECOM'03. 2003 IEEE Conference on 3: 1445–1449Google Scholar
  47. 47.
    Robinson DJS (1996) A course in the theory of groups. Springer, HeidelbergCrossRefGoogle Scholar
  48. 48.
    Martin L (2008) Introduction to identity-based encryption. Artech House, Boston, London, EnglandzbMATHGoogle Scholar
  49. 49.
    Rescorla E, Modadugu N (2012) Datagram transport layer security, http://www.rfc-editor.org/rfc/rfc6347.txt. Accessed January 2012

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018
corrected publication June/2018

Authors and Affiliations

  1. 1.Faculty of Electrical and Computer EngineeringIslamic Azad University, Science and Research BranchTehranIran
  2. 2.Department of Computer EngineeringSharif University of TechnologyTehranIran
  3. 3.Iran University of Medical SciencesTehranIran
  4. 4.Computer ScienceUniversity of Human DevelopmentSulaimaniyahIraq

Personalised recommendations