• Title/Summary/Keyword: Pre-shared Key

Search Result 36, Processing Time 0.022 seconds

Secure Configuration Scheme of Pre-shared Key for Lightweight Devices in Internet of Things (사물인터넷의 경량화 장치를 위한 안전한 Pre-shared Key 설정 기술)

  • Kim, Jeongin;Kang, Namhi
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.15 no.3
    • /
    • pp.1-6
    • /
    • 2015
  • The IoT(Internet of things) technology enable objects around user to be connected with each other for sharing information. To support security is the mandatory requirement in IoT because it is related to the disclosure of private information but also directly related to the human safety. However, it is difficult to apply traditional security mechanism into lightweight devices. This is owing to the fact that many IoT devices are generally resource constrained and powered by battery. PSK(Pre-Shared Key) based approach, which share secret key in advance between communication entities thereafter operate security functions, is suitable for light-weight device. That is because PSK is costly efficient than a session key establishment approach based on public key algorithm. However, how to safely set a PSK of the lightweight device in advance is a difficult issue because input/output interfaces such as keyboard or display are constrained in general lightweight devices. To solve the problem, we propose and develop a secure PSK configuration scheme for resource constrained devices in IoT.

Efficient key generation leveraging wireless channel reciprocity and discrete cosine transform

  • Zhan, Furui;Yao, Nianmin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.5
    • /
    • pp.2701-2722
    • /
    • 2017
  • Key generation is essential for protecting wireless networks. Based on wireless channel reciprocity, transceivers can generate shared secret keys by measuring their communicating channels. However, due to non-simultaneous measurements, asymmetric noises and other interferences, channel measurements collected by different transceivers are highly correlated but not identical and thus might have some discrepancies. Further, these discrepancies might lead to mismatches of bit sequences after quantization. The referred mismatches significantly affect the efficiency of key generation. In this paper, an efficient key generation scheme leveraging wireless channel reciprocity is proposed. To reduce the bit mismatch rate and enhance the efficiency of key generation, the involved transceivers separately apply discrete cosine transform (DCT) and inverse discrete cosine transform (IDCT) to pre-process their measurements. Then, the outputs of IDCT are quantified and encoded to establish the bit sequence. With the implementations of information reconciliation and privacy amplification, the shared secret key can be generated. Several experiments in real environments are conducted to evaluate the proposed scheme. During each experiment, the shared key is established from the received signal strength (RSS) of heterogeneous devices. The results of experiments demonstrate that the proposed scheme can efficiently generate shared secret keys between transceivers.

Quorum based Peer to Peer Key Sharing Protocol over Wireless Sensor Networks

  • Yang, Soong-Yeal;Won, Nam-Sik;Kim, Hyun-Sung;Lee, Sung-Woon
    • Proceedings of the Korea Society for Industrial Systems Conference
    • /
    • 2008.10b
    • /
    • pp.445-448
    • /
    • 2008
  • The key establishment between nodes is one of the most important issues to secure the communication in wireless sensor networks. Some researcher used the probabilistic key sharing scheme with a pre-shared key pool to reduce the number of keys and the key disclosure possibility. However, there is a potential possibility that some nodes do not have a common share in the key pool. The purpose of this paper is to devise a peer to peer key sharing protocol (PPKP) based on Quorum system and Diffie-Hellman key exchange scheme (DHS). The PPKP establishes a session key by creating a shared key using the DHS and then scrambles it based on Quorum system to secure that. The protocol reduces the number of necessary keys than the previous schemes and could solve the non-common key sharing possibility problem in the probabilistic schemes.

  • PDF

Secure IEEE 802.15.4 Join Protocol for 6LoWPAN (6LowPAN 환경에서의 안전한 IEEE 802.15.4 가입 프로토콜)

  • Ahn, Seung-Hyun;Park, Chang-Seop;Yeon, Han-Beol
    • Convergence Security Journal
    • /
    • v.15 no.7
    • /
    • pp.103-110
    • /
    • 2015
  • The security of the data exchanged between sensor nodes in IoT (Internet of Things) environment becomes increasing. In the conventional IEEE 802.15.4, the key for secure communication between the sensor node and the sensor node and the PAN Coordinator or the sensor node is assumed to be pre-shared in advance. Especially, there is another problem in that sensor node authentication is not considered during the association process. In this paper, we propose a security scheme that solves the problems of previously proposed protocols with the pre-shared key for all devices.

A Key Pre-distribution Scheme Using Double Hash Chain for Strong Security Strength of Wireless Sensor Node (무선 센서 노드의 강한 보안 강도를 위해 이중 해쉬 체인을 적용한 키 사전 분배 기법)

  • Jeong, Yoon-Su;Kim, Yong-Tae;Park, Gil-Cheol;Lee, Sang-Ho
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.33 no.8C
    • /
    • pp.633-641
    • /
    • 2008
  • Since WSNs encounter attacks, such as jamming or eavesdropping without physical access occurs, security is one of the important requirements for WSNs. The key pre-distribution scheme that was recently researched for advance of security in WSNs distributes the keys and probability with the use of q-composite random key pre-distribution method, but there is a high probability that no key shared between sensor nodes, and it takes a lot of time and energy to find out the shared key. Therefore, it is not suitable for WSNs. In order to enhance stability of a node that plays a role of gateway without depending on probabilistic key, this paper proposesa key pre-distribution scheme combined with random key pre-distribution scheme and double hash chain. Since the proposed scheme can maintain a small storage place and strong security strengths, it is more efficient than the existing schemes with the same security strengths. In addition, since it uses a small size of key generation key set, it can reduce a great deal of storage overhead.

Key Pre-distribution using the Quorum System in Wireless Sensor Networks (센서 네트워크에서의 쿼럼 시스템을 이용한 키 사전 분배)

  • Kang Ji-Myung;Lee Sung-Ryeoll;Cho Seong-Ho;Kim Chong-Kwon;Ahn Joung-Chul
    • Journal of KIISE:Information Networking
    • /
    • v.33 no.3
    • /
    • pp.193-200
    • /
    • 2006
  • The security feature is essential in wireless sensor network such as intrusion detection or obstacle observation. Sensor nodes must have shared secret between nodes to support security such as privacy. Many methods which provide key pre-distribution need too many keys or support poor security. To solve this problem, probabilistic key pre-distribution is proposed. This method needs a few keys and use probabilistic method to share keys. However, this method does not guarantee key sharing between nodes, and neighbor nodes nay not communicate each other. It leads to waste of network resource such as inefficient routing, extra routing protocol. In this paper, we propose new key distribution method using quorum system which needs a few keys and guarantee key sharing between nodes. We also propose extension of the method which needs fewer keys and guarantee key sharing when node deployment knowledge is well known.

Secure Data Forwarding based on Source Routing in Mobile Ad Hoc Networks (소스 라우팅 기반의 이동 Ad-hoc 네트워크에서 안전한 데이터 전송 방법)

  • Roh, Hyo-Sun;Jung, Sou-Hwan
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.32 no.12C
    • /
    • pp.1188-1193
    • /
    • 2007
  • This paper proposes a secure data forwarding scheme on source routing-based ad-hoc networks. The scheme uses two hash-key chains generated from a trusted third party to generate Message Authentication Codes for data integrity The selected MAC keys are delivered to the ad-hoc node using a pre-shared secret between the trusted third party and a node. The proposed scheme does not require the PKI, or the provisioning of the pre-shared secrets among the ad-hoc nodes.

Quorum-based Key Management Scheme in Wireless Sensor Networks

  • Wuu, Lih-Chyau;Hung, Chi-Hsiang;Chang, Chia-Ming
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.6 no.9
    • /
    • pp.2442-2454
    • /
    • 2012
  • To ensure the security of wireless sensor networks, it is important to have a robust key management scheme. In this paper, we propose a Quorum-based key management scheme. A specific sensor, called as key distribution server (KDS), generates a key matrix and establishes a quorum system from the key matrix. The quorum system is a set system of subsets that the intersection of any two subsets is non-empty. In our scheme, each sensor is assigned a subset of the quorum system as its pre-distributed keys. Whenever any two sensors need a shared key, they exchange their IDs, and then each sensor by itself finds a common key from its assigned subset. A shared key is then generated by the two sensors individually based on the common key. By our scheme, no key is needed to be refreshed as a sensor leaves the network. Upon a sensor joining the network, the KDS broadcasts a message containing the joining sensor ID. After receiving the broadcast message, each sensor updates the key which is in common with the new joining one. Only XOR and hash operations are required to be executed during key update process, and each sensor needs to update one key only. Furthermore, if multiple sensors would like to have a secure group communication, the KDS broadcasts a message containing the partial information of a group key, and then each sensor in the group by itself is able to restore the group key by using the secret sharing technique without cooperating with other sensors in the group.

A Secure WPA-PSK Protocol Resistant to Dictionary Attack on Smartphone Communication Using Wi-Fi Channel (Wi-Fi를 이용한 스마트폰에서 사전 공격에 안전한 WPA-PSK 프로토콜)

  • Park, Geun-Duk;Park, Jeong-Soo;Ha, Jae-Cheol
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.13 no.4
    • /
    • pp.1839-1848
    • /
    • 2012
  • Recently, smartphone communications using Wi-Fi channel are increasing rapidly to provide diverse internet services. The WPA security protocol was used for data protection between user and wireless AP. However, WPA-PSK protocol was known to be weak to the dictionary attack. In this paper, we proposed a secure WPA-PSK protocol to resist the dictionary attack. Since the proposed method was designed to generate a strong encryption key which is combined the Diffie-Hellman key agreement scheme with secrecy property of PSK(Pre-Shared Key), we can protect the Wi-Fi channel from Man-In-The-Middle attack and Rogue AP impersonation attack.

Secure Configuration Scheme for Internet of Things using NFC as OOB Channel (NFC를 OOB 채널로 활용한 사물인터넷 보안 설정 기술)

  • Kim, Jeongin;Kang, Namhi
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.16 no.3
    • /
    • pp.13-19
    • /
    • 2016
  • The PSK (Pre-shared Secret Key) based method is appropriate for the IoT environment consisting of lightweight devices since this method requires less computing time and energy than the method to configure the session key based on the public key algorithm. A fundamental prerequisite for the PSK based method is that PSK should have been configured between the communication entities safely in advance. However, in case of a small sensor or actuator, no input and output interface such as keyboard and monitor required for configuration exists, so it is more difficult to configure PSK for such lightweight devices safely in the IoT environment than the previous Internet devices. Especially, normal users lack expertise in security so they face difficulty in configuration. Therefore, the default value configured at the time of manufacturing at factories is used or the device installer configures PSK in most cases. In such case, it is a matter for consideration whether all installers and manufacturers can be trusted or not. In order to solve such problem, this paper proposes a secure bootstrapping scheme, which utilizes the NFC (Near Field Communication) as an OOB (Out-Of-Band) channel, for lightweight devices with limited resources.