A new authentication and key agreement protocol for 5G wireless networks

Telecommunication Systems - Authentication and key agreement (AKA) protocol is an important security mechanism for access services in mobile communication systems. The 3GPP group has standardized...     

A pairing-free identity-based authenticated group key agreement protocol for imbalanced mobile networks

The secure and reliable group communication gains popularity in imbalanced mobile networks due to the increase demand of the group-oriented applications such as teleconferences, collaborative workspaces, etc. For acquiring the group security objectives, many authenticated group key agreement (AGKA) protocols exploiting the public key infrastructure have been proposed, which require additional processing and storage space for validation of the public keys and the certificates. In addition, the most of the AGKA protocols are implemented using bilinear pairing and a map-to-point (MTP) hash function. The relative computation cost of the bilinear pairing is approximately two to three times more than the elliptic curve point multiplication (ECPM) and the MTP function has higher computation cost than an ECPM. Due to the limitation of communication bandwidth, computation ability, and storage space of the low-power mobile devices, these protocols are not suitable especially for insecure imbalanced mobile networks. To cope with the aforementioned problems, in this paper, we proposed a pairing-free identity-based authenticated group key agreement protocol using elliptic curve cryptosystem. It is found that the proposed protocol, compared with the related protocols, not only improves the computational efficiencies, but also enhances the security features.     

Provably secure hybrid key agreement protocols in cluster-based wireless ad hoc networks

Wireless ad hoc networks support rapid on-demand and adaptive communication among the nodes due to their self-configurable and autonomous nature and lack of fixed infrastructure. Security is a crucial factor for such systems. Since ad hoc networks rely on the collaboration principle, the issue of key distribution and efficient group key management in such networks represents two of the most important problems. We describe hybrid solutions to the problem of key distribution and key management by reflecting ad hoc networks in a topology composed of a set of clusters. To date no security proofs exist for these types of protocols. We present two dynamically efficient schemes. We show that both our hybrid schemes are provably secure in the standard model under Decision Diffie–Hellman (DDH) assumption. The proposed protocols avoid the use of a trusted third party (TTP) or a central authority, eliminating a single point of attack. We analyse the complexity of the schemes and differentiate between the two approaches based on performance in a wireless setting. In comparison with the existing cluster-based hybrid key agreement protocols, our proposed approaches individually provide better performance in terms of both communication and computation, handle dynamic events efficiently, and are supported by sound security analysis in formal security models under standard cryptographic assumptions.     

A novel authenticated group key agreement protocol for mobile environment

An authenticated group key agreement protocol allows a group of parties to authenticate each other and then determine a group key via an insecure network environment. In 2009, Lee et al. first adopted bilinear pairings to propose a new nonauthenticated group key agreement protocol and then extend it to an authenticated group key agreement protocol. This paper points out that the authenticated protocol of Lee et al. is vulnerable to an impersonation attack such that any adversary can masquerade as a legal node to determine a group key with the other legal nodes and the powerful node. This paper shall employ the short signature scheme of Zhang et al. to propose a new authenticated group key agreement protocol. The short signature scheme of Zhang et al. is proven to be secure against the adaptive chosen-message attacks in the random oracle model, so the proposed protocol can withstand the possible attacks. Besides, compared with the authenticated protocol of Lee et al., the proposed protocol is more secure and efficient.     

CAKA: a novel certificateless-based cross-domain authenticated key agreement protocol for wireless mesh networks

Due to the flexibility of wireless mesh networks (WMNs) to form the backhaul subnetworks, future generation networks may have to integrate various kinds of WMNs under possibly various administrative domains. Aiming at establishing secure access and communications among the communication entities in a multi-domain WMN environment, in this paper, we intend to address the cross-domain authentication and key agreement problem. We present a light-weight cross-domain authentication and key agreement protocol, namely CAKA, under certificateless-based public key cryptosystem. CAKA has a few attractive features. First, mutual authentication and key agreement between any pair of users from different WMN domains can be easily achieved with two-round interactions. Second, no central domain authentication server is required and fast authentication for various roaming scenarios is supported by using a repeated cross-domain algorithm. Third, no revocation and renewal of certificates and key escrow are needed. Finally, it provides relatively more security features without increasing too much overhead of computation and storage. Our analysis shows that the proposed CAKA protocol is highly efficient in terms of communication overhead and resilient to various kinds of attacks.     

A trust enhanced secure clustering framework for wireless ad hoc networks

Secure clustering in Wireless Ad Hoc Networks is a very important issue. Traditional cryptographic solution is useless against threats from internal compromised nodes. In light of this, we propose a novel distributed secure trust aware clustering protocol that provides secure solution for data delivery. A trust model is proposed that computes the trust of a node using self and recommendation evidences of its one-hop neighbors. Therefore, it is lightweight in terms of computational and communication requirements, yet powerful in terms of flexibility in managing trust. In addition, the proposed clustering protocol organizes the network into one-hop disjoint clusters and elects the most qualified, trustworthy node as a Clusterhead. This election is done by an authenticated voting scheme using parallel multiple signatures. Analysis of the protocol shows that it is more efficient and secure compared to similar existing schemes. Simulation results show that proposed protocol outperforms the popular ECS, CBRP and CBTRP in terms of throughput and packet delivery ratio with a reasonable communication overhead and latency in presence of malicious nodes.     

A region-based routing protocol for wireless mobile ad hoc networks

Flooding-based route discovery is widely assumed in existing routing protocols of wireless ad hoc networks. Network-wide flooding enables the discovery of optimal routes from sources to destinations; however, as all network nodes are required to participate in the relays of route request packets, substantial control overhead is inevitable. Some efficient broadcast schemes can suppress redundant packet relays, but they often suppress the discovery of optimal routes, too. In this article we propose to dynamically create a prerouting region between each source-destination pair and limit the propagations of route request packets only within this region. The prerouting region effectively restricts route discovery activities to the nodes that most likely constitute the optimal or near-optimal routes. Consequently, not only is route construction overhead significantly reduced; route optimality is also guaranteed. The article presents a region-based routing (REGR) protocol covering both new route formation cases and route update cases. Simulations show that our protocol is particularly beneficial to dense and large-scale mobile ad hoc networks.     

An Aloha protocol for multihop mobile wireless networks

An Aloha-type access control mechanism for large mobile, multihop, wireless networks is defined and analyzed. This access scheme is designed for the multihop context, where it is important to find a compromise between the spatial density of communications and the range of each transmission. More precisely, the analysis aims at optimizing the product of the number of simultaneously successful transmissions per unit of space (spatial reuse) by the average range of each transmission. The optimization is obtained via an averaging over all Poisson configurations for the location of interfering mobiles, where an exact evaluation of signal over noise ratio is possible. The main mathematical tools stem from stochastic geometry and are spatial versions of the so-called additive and max shot noise processes. The resulting medium access control (MAC) protocol exhibits some interesting properties. First, it can be implemented in a decentralized way provided some local geographic information is available to the mobiles. In addition, its transport capacity is proportional to the square root of the density of mobiles which is the upper bound of Gupta and Kumar. Finally, this protocol is self-adapting to the node density and it does not require prior knowledge of this density.     

Anonymous three-factor authenticated key agreement for wireless sensor networks

Wireless Networks - Secure information exchange in wireless sensor networks (WSN) is a continuing issue since the resource-constrained sensors generally deployed over an unattended environment. To...     

Identity-based key agreement and encryption for wireless sensor networks

1 Introduction WSN has received considerable attention during last decade [1?4] (see, for example, the proceedings of the ACM and IEEE Workshops on WSN). It has wide variety of applications, including military sensing and tracking, environment and securit…     

一种新的适于Ad hoc网可认证密钥协商协议

提出一种新的适于Ad hoc网可认证密钥协商协议。基于签密技术。在同一逻辑步内同时实现了认证和加密功能,提高了密钥协商效率;基于身份的公钥密码系统,降低了建立和管理公钥基础设施的代价;应用椭圆曲线上双线性对,使得该协议能以短的密钥和小的计算量实现同等安全要求。与已有密钥协商协议相比,新协议计算和传输量小,带宽要求低,安全性高,适合能源和带宽受限的Ad hoc网络。     

A secure and efficient key agreement framework for critical energy infrastructure using mobile device

Telecommunication Systems - Internet of Energy (IoE) provides two-way communication for reform of energy utilization between service providers and consumers. To provide secure, efficient, and...     

A secure group key management scheme for hierarchical mobile ad hoc networks

In this paper, we present a secure group key management scheme for hierarchical mobile ad hoc networks. Our approach aims to improve both scalability and survivability of group key management for large-scale wireless ad hoc networks. To achieve our goal, we propose the following approaches: (1) a multi-level security model, which follows a modified Bell-La Padula security model that is suitable in a hierarchical mobile ad hoc networking environment, and (2) a decentralized group key management infrastructure to achieve such a multi-level security model. Our approaches reduce the key management overhead and improve resilience to any single point failure problem. In addition, we have developed a roaming protocol that is able to provide secure group communication involving group members from different groups without requiring new keys; an advantage of this protocol is that it is able to provide continuous group communication even when the group manager fails.     

A fast handover protocol for 6LoWPAN wireless mobile sensor networks

Node localization is one of the most critical issues for wireless sensor networks, as many applications depend on the precise location of the sensor nodes. To attain precise location of nodes, an improved distance vector hop (IDV-Hop) algorithm using teaching learning based optimization (TLBO) has been proposed in this paper. In the proposed algorithm, hop sizes of the anchor nodes are modified by adding correction factor. The concept of collinearity is introduced to reduce location errors caused by anchor nodes which are collinear. For better positioning coverage, up-gradation of target nodes to assistant anchor nodes has been used in such a way that those target nodes are upgraded to assistant anchor nodes which have been localized in the first round of localization. For further improvement in localization accuracy, location of target nodes has been formulated as optimization problem and an efficient parameter free optimization technique viz. TLBO has been used. Simulation results show that the proposed algorithm is overall 47, 30 and 22% more accurate than DV-Hop, DV-Hop based on genetic algorithm (GADV-Hop) and IDV-Hop using particle swarm optimization algorithms respectively and achieves high positioning coverage with fast convergence.     

Energy-efficient neighbor discovery protocol for mobile wireless sensor networks

Low energy consumption is a critical design requirement for most wireless sensor network (WSN) applications. Due to minimal transmission power levels, time-varying environmental factors and mobility of nodes, network neighborhood changes frequently. In these conditions, the most critical issue for energy is to minimize the transactions and time consumed for neighbor discovery operations. In this paper, we present an energy-efficient neighbor discovery protocol targeted at synchronized low duty-cycle medium access control (MAC) schemes such as IEEE 802.15.4 and S-MAC. The protocol effectively reduces the need for costly network scans by proactively distributing node schedule information in MAC protocol beacons and by using this information for establishing new communication links. Energy consumption is further reduced by optimizing the beacon transmission rate. The protocol is validated by performance analysis and experimental measurements with physical WSN prototypes. Experimental results show that the protocol can reduce node energy consumption up to 80% at 1–3 m/s node mobility.     

A hexagonal-tree TDMA-based QoS multicasting protocol for wireless mobile ad hoc networks

The mobile multimedia applications have recently generated much interest in wireless ad hoc networks with supporting the quality-of-service (QoS) communications. The QoS metric considered in this work is the reserved bandwidth, i.e., the time slot reservation. We approach this problem by assuming a common channel shared by all hosts under a TDMA (Time Division Multiple Access) channel model. In this paper, we propose a new TDMA-based QoS multicast routing protocol, namely hexagonal-tree QoS multicast protocol, for a wireless mobile ad hoc network. Existing QoS routing solutions have addressed this problem by assuming a stronger multi-antenna model or a less-strong CDMA-over-TDMA channel model. While more practical and less costly, using a TDMA model needs to face the challenge of radio interference problems. The simpler TDMA model offers the power-saving nature. In this paper, we propose a new multicast tree structure, namely a hexagonal-tree, to serve as the QoS multicasting tree, where the MAC sub-layer adopts the TDMA channel model. In this work, both the hidden-terminal and exposed-terminal problems are taken into consideration to possibly exploit the time-slot reuse capability. The hexagonal-based scheme offers a higher success rate for constructing the QoS multicast tree due to the use of the hexagonal-tree. A hexagonal-tree is a tree whose sub-path is a hexagonal-path. A hexagonal-path is a special two-path structure. This greatly improves the success rate by means of multi-path routing. Performance analysis results are discussed to demonstrate the achievement of efficient QoS multicasting.     

Practical and secure localization and key distribution for wireless sensor networks

In many applications of wireless sensor networks, sensor nodes are manually deployed in hostile environments where an attacker can disrupt the localization service and tamper with legitimate in-network communication. In this article, we introduce Secure Walking GPS, a practical and cost effective secure localization and key distribution solution for real, manual deployments of WSNs. Using the location information provided by the GPS and inertial guidance modules on a special master node, Secure Walking GPS achieves accurate node localization and location-based key distribution at the same time. We evaluate our localization solution in real deployments of MicaZ. Our experiments show that 100% of the deployed nodes localize (i.e., have a location position) and that the average localization errors are within 1–2 m, due mainly to the limitations of the existing commercial GPS devices. Our further analysis and simulation results indicate that the Secure Walking GPS scheme makes a deployed WSN resistant to the Dolev-Yao, the wormhole, and the GPS-denial attacks, the scheme is practical for large-scale deployments with resource-constrained sensor nodes and has good localization and key distribution performance.     

An efficient and provably secure authenticated key agreement scheme for mobile edge computing

Wireless Networks - Though Mobile Cloud Computing (MCC) and Mobile Edge Computing (MEC) technologies have brought more convenience to mobile services over past few years, but security concerns like...     

SERP: secure energy-efficient routing protocol for densely deployed wireless sensor networks

In this paper, we present secure energy-efficient routing protocol (SERP) for densely deployed wireless sensor networks which aims to achieve robust security for transmitted sensor readings with an energy-efficient network backbone. When the sensors with limited energy budgets are deployed in hazardous environment, ensuring energy efficiency and security of the sensor readings becomes a crucial task. Here, we address how to deal with such a deployment scenario. Our protocol ensures secure transmission of data from the source sensors to the base station in a way that it can best utilize the available amount of energy in the network. We use one-way hash chain and pre-stored shared secret keys for ensuring data transmission security. In SERP, first, a sink rooted tree structure is created as the backbone of the network. This energy-efficient network structure is used for authenticated and encrypted data delivery from the source sensors to the base station. To introduce data freshness, SERP includes an optional key refreshment mechanism which could be applied depending on the application at hand. Our analysis and simulation results show that SERP provides a good level of confidentiality and authenticity of data that are transmitted from the sensors to the base station. It also helps for energy-efficient structuring of the network so that the maximum lifetime of the network could be achieved.