wireless Sensor Networks becomes very popular in the last decade and used every where due to their ease of implementation. WSN is composed by constrained nodes with low battery energy and computation capabilities. It is rigid to maintain security of WSNs . The nodes are dipersed
in wide environment in order to collect informations like temperature , humidity , health informations, ...
Security in this type of networks, and especially in IoT context, must take in consideration that nodes are very limited battery power that could not support the heavy computation of the authentication process.
Our work demonstrates the efficiency of HIP DEX in minimizing the global authentication time in IoT networks
2. 2
1 Introduction
Authentication in WSN
HIP-DEX: a promessing candidate for IoT
Experimental Results
Conclusion
Experimental Setup
2
3
4
5
6
Split Croitia 13/09/2018
3. Wireless Sensor Network(WSN) is
the promise architecture of
Internet of Things(IoT).
WSN is composed by tiny
devices(sensors, or actuators)
with low battery power
Integration of WSN in IoT brings
a new architecture with high
level of security
requirements
IoT networks
3Split Croitia 13/09/2018
4. IP-based security infrastructures are too
heavy to operate on tiny sensor nodes
Lightweight and efficient cryptographic
primitives are required.
Elliptic Curve Cryptography (ECC) is
becoming a standard security component for
WSNs
ECC achieves the same security strength
with much smaller key size
4Split Croitia 13/09/2018
5. HIP Diet EXchange (HIP-DEX) protocol is
primarily designed for computation or
memory-constrained sensor/actuator devices
Revolution in the authentication process by
using Elliptic Curve Cryptography
Current Protocols are not designed to be
suitable with IoT networks
5Split Croitia 13/09/2018
6. Goal of this paper
◦ Authentication process between the end user and
the sensor.
◦ Currently available protocols do not respond to IoT
requirements
◦ Implementing HIP-DEX protocol in an IoT network
◦ Demonstrating the encouraging results of this
protocol.
6Split Croitia 13/09/2018
7. 7
1 Introduction
Authentication in WSN
HIP-DEX: a promessing candidate for IoT
Experimental Results
Conclusion
Experimental Setup
2
3
4
5
6
Split Croitia 13/09/2018
8. Security of communications between nodes in
WSN is critical
Difficulty or even impossibility for human
Intervention after deployment of sensors
Authentication is performed more often than
bootstrapping in WSN
Studying Authentication mechanism is based on
number of exchanged messages, bytes and the
total computing time
8Split Croitia 13/09/2018
9. Two authentication mechanisms based on
crypthography:
◦ symmetric cryptosystem
◦ asymmetric cryptosystem
The symmetric cryptosystem is based on
a shared key between the sender and the receiver.
Authentication schemes based on simple
symetric cryptographic primitives are suitable to
WSN.
9Split Croitia 13/09/2018
10. The asymmetric cryptosystem uses a public
key and a private
◦ the sender signs a message with the private key
and
◦ The receiver authenticate it by the respective public
key.
Sensors are unable to perform heavy
cryptographic operations like classical
asymmetric algorithms (RSA, Diffie-
Hellman,...).
10Split Croitia 13/09/2018
11. 11
1 Introduction
Authentication in WSN
HIP-DEX: a promessing candidate for IoT
Experimental Results
Conclusion
Experimental Setup
2
3
4
5
6
Split Croitia 13/09/2018
12. Developped to address the problems caused
by the dual-role of IP addresses as identifiers
and locators.
HIP integrates host mobility and multihoming
in a simple and elegant way
Elliptic Curve Cryptography (ECC) is the best
calculation method for generating key
materiel with few operation
12Split Croitia 13/09/2018
14. IoT Network access using HIP-DEX
◦ The Initiator I first performs a standard HIP-DEX with
the responder R.
◦ HIP-DEX mutually authenticates I and R and creates a
session key from a static Diffie-Hellman key exchange
◦ DoS protection to R through its puzzle mechanism.
◦ Use of the node’s HIT by the Responder to generate a
polynomial share F(HITA, y) from the secret bivariate
polynomial F(x, y) and the nodes HIT
14Split Croitia 13/09/2018
15. 15
1 Introduction
Authentication in WSN
HIP-DEX: a promessing candidate for IoT
Experimental Results
Conclusion
Experimental Setup
2
3
4
5
6
Split Croitia 13/09/2018
16. Real expriment scenario
◦ Initiator: Intel(R)Core(TM) i5-4210U CPU @1.70GHz
2.40GHz equiped with Ubuntu 12.04 LTS(32-bit)
◦ Responder: which is a Raspberry Pi 3 Model B, 1GB RAM
with ARMv71 processor
◦ Wi-Fi connection
◦ Putty access to Raspberry
Testbed Architecture
16Split Croitia 13/09/2018
17. 17
1 Introduction
Authentication in WSN
HIP-DEX: a promessing candidate for IoT
Experimental Results
Conclusion
Experimental Setup
2
3
4
5
6
Split Croitia 13/09/2018
18. Execution of the HIP-DEX 4 Way-Handshake
50 times(200 exchanged messages between I
and R were captured)
Association time is equal to timestamp of the
authentication response minus timestamp of
the association request( R2 message
reception time by the end-user minus I1
message sending time by the device)
18Split Croitia 13/09/2018
19. Avearge of the 4-Way handshake(association
time) of HIP-DEX protocol does not exceed 30ms
Authentication computing time executed by HIP-
DEX shows an improvement with 3% comparing
with other solutions
HIP-DEX 4 Way Handshake latency time
19Split Croitia 13/09/2018
20. Average time association time of studied
solutions
◦ Protocol proposed by Mohamed Hammi, Erwan Livolant, Patrick Bellot,
Ahmed Serhrouchni, Pascale Minet: 37.504ms
◦ Scheme proposed by Omar Cheikhrouhou, Anis Kouba,
Manel Boujelben, Mohamed Abid:1128ms
◦ DTLS-Based protocol 2048 bits propsed by Thomas
Kothmayr, Corinna Schmitt, Wen Hu, Michael Brnig, and Georg Carle :
859 ms
Our implementation: 30ms
20Split Croitia 13/09/2018
21. 21
1 Introduction
Authentication in WSN
HIP-DEX: a promessing candidate for IoT
Experimental Results
Conclusion
Experimental Setup
2
3
4
5
6
Split Croitia 13/09/2018
22. In this paper, we:
◦ analyzed security features of HIP-DEX protocol, an
IETF Internet draft, and also evaluated its overhead in
terms computing latency on a real IoT network
◦ proved the feasibility of the end user authenticaton to
access a WSN using HIP-DEX protocol
An evaluation of our implementation is being
done in a multi-hop IoT network. Studying the
attack risks that can occur in the 4 exchanged
messages of HIP-DEX will be conducted in order
to evaluate its security performance in a global
and real authentication scheme in an IoT
networks.
22Split Croitia 13/09/2018