Hardware Secured, Password-based Authentication for Smart Sensors for the Industrial Internet of Things

  • Thomas W. PieberEmail author
  • Thomas Ulz
  • Christian Steger
  • Rainer Matischek
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10394)


Sensors are a vital component for the Internet of Things. These sensors gather information about their environment and pass this information to control algorithms and/or actuators. To operate as effective as possible the sensors need to be reconfigurable, which allows the operators to optimize the sensing activities. In this work we focus on the mechanisms of such reconfiguration possibilities. As the reconfiguration can also be used to manipulate the sensors (and their attached systems) in a subtle way, the security of the reconfiguration interface is of utmost importance. Within this work we test a lightweight authentication method for use on a smart sensor and describe a possible implementations of the authentication mechanism on a hardware security module.



This project has received funding from the Electronic Component Systems for European Leadership Joint Undertaking under grant agreement No 692480. This Joint Undertaking receives support from the European Unions Horizon 2020 research and innovation programme and Germany, Netherlands, Spain, Austria, Belgium, Slovakia.


  1. 1.
    Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Peyravian, M., Zunic, N.: Methods for protecting password transmission. Comput. Secur. 19(5), 466–469 (2000)CrossRefGoogle Scholar
  3. 3.
    Liao, I.E., Lee, C.C., Hwang, M.S.: A password authentication scheme over insecure networks. J. Comput. Syst. Sci. 72(4), 727–740 (2006)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: IEEE Computer Society Symposium on Proceedings of Research in Security and Privacy, 1992, pp. 72–84. IEEE (1992)Google Scholar
  5. 5.
    Halevi, S., Krawczyk, H.: Public-key cryptography and password protocols. ACM Trans. Inf. Syst. Secur. (TISSEC) 2(3), 230–268 (1999)CrossRefGoogle Scholar
  6. 6.
    Abdalla, M., Pointcheval, D.: Simple password-based encrypted key exchange protocols. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191–208. Springer, Heidelberg (2005). doi: 10.1007/978-3-540-30574-3_14 CrossRefGoogle Scholar
  7. 7.
    Bellare, M., Rogaway, P.: The autha protocol for password-based authenticated key exchange. Technical report, IEEE (2000)Google Scholar
  8. 8.
    Kobara, K., Imai, H.: Pretty-simple password-authenticated key-exchange under standard assumptions. iacr eprint archieve (2003)Google Scholar
  9. 9.
    Krawczyk, H.: SIGMA: the ‘SIGn-and-MAc’ approach to authenticated diffie-hellman and its use in the IKE protocols. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 400–425. Springer, Heidelberg (2003). doi: 10.1007/978-3-540-45146-4_24 CrossRefGoogle Scholar
  10. 10.
    Gennaro, R., Lindell, Y.: A framework for password-based authenticated key exchange. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 524–543. Springer, Heidelberg (2003). doi: 10.1007/3-540-39200-9_33 CrossRefGoogle Scholar
  11. 11.
    Abdalla, M.: Password-based authenticated key exchange: an overview. In: Chow, S.S.M., Liu, J.K., Hui, L.C.K., Yiu, S.M. (eds.) ProvSec 2014. LNCS, vol. 8782, pp. 1–9. Springer, Cham (2014). doi: 10.1007/978-3-319-12475-9_1 Google Scholar
  12. 12.
    Druml, N., Menghin, M., Kuleta, A., Steger, C., Weiss, R., Bock, H., Haid, J.: A flexible and lightweight ecc-based authentication solution for resource constrained systems. In: 2014 17th Euromicro Conference on Digital System Design (DSD), pp. 372–378. IEEE (2014)Google Scholar
  13. 13.
    Ulz, T., Pieber, T., Steger, C., Haas, S., Bock, H., Matischek, R.: Bring your own key for the industrial internet of things. In: 2017 IEEE International Conference on Industrial Technology (ICIT), pp. 1430–1435. IEEE (2017)Google Scholar
  14. 14.
    Google: Google Weave - uWeave (2016).

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Thomas W. Pieber
    • 1
    Email author
  • Thomas Ulz
    • 1
  • Christian Steger
    • 1
  • Rainer Matischek
    • 2
  1. 1.Institute for Technical InformaticsGraz University of TechnologyGrazAustria
  2. 2.Infineon Technologies Austria AGGrazAustria

Personalised recommendations