A Lightweight Iot Security Protocol Mohamed Hammi, Erwan Livolant, Patrick Bellot, Ahmed Serhrouchni, Pascale Minet
Total Page:16
File Type:pdf, Size:1020Kb
A Lightweight IoT Security Protocol Mohamed Hammi, Erwan Livolant, Patrick Bellot, Ahmed Serhrouchni, Pascale Minet To cite this version: Mohamed Hammi, Erwan Livolant, Patrick Bellot, Ahmed Serhrouchni, Pascale Minet. A Lightweight IoT Security Protocol. 1st Cyber Security in Networking Conference (CSNet2017), Oct 2017, Rio de Janeiro, Brazil. hal-01640510 HAL Id: hal-01640510 https://hal.archives-ouvertes.fr/hal-01640510 Submitted on 20 Nov 2017 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. A Lightweight IoT Security Protocol Mohamed Tahar Hammi∗, Erwan Livolanty, Patrick Bellot∗, Ahmed Serhrouchni∗, Pascale Minetz ∗ LTCI, Télécom ParisTech, Université Paris-Saclay, 75013, Paris, France ∗{hammi,bellot,serhrouchni}@telecom-paristech.fr yAFNeT, Boost-Conseil, 75008 Paris, France [email protected] zInria-Paris, EVA team, 2 rue Simone Iff, 75589 Paris Cedex 12, France [email protected] Abstract—The IoT is a technology that enables the inter- in October 2015. Hackers managed to get many customers connection of smart physical and virtual objects and provides records, that contain important informations like logins and advanced services. Objects or things are generally constrained passwords, secret codes, confidential and personal data, etc. devices which are limited by their energy, computing and storage capacity. A Wireless Sensor Networks (WSN) is a network com- Therefore the company has lost a lot of money and customers. posed of devices managed by a CPAN (Personal Area Network The unauthorized access, the identity usurpation, and the Coordinator). The network is used in order to gather and process steal and/or modification of stored and/or exchanged data data of a given environment. It is characterized by their low bit rate and low power consumption, and it uses small size packet represent a serious danger for our information systems. Re- in their transmissions. In order to protect the WSN, a mutual searchers and developers try to find and create new solutions authentication between devices is required during the association to enhance the security and the robustness of such systems. of a new device. The exchanged data should be authenticated The issue is more complex if the system is an architecture and encrypted. In this work we propose a robust, lightweight for the Internet of Things (IoT). The IoT is a technology and energy-efficient security protocol for the WSN systems. The real tests we made and a performance evaluation of our security that enables the interconnection of smart physical and virtual protocol are provided. objects and provides advanced services. Objects or things Index Terms—Security, Authenticated encryption, Mutual are generally constrained devices, which are limited by their authentication, WSN, IoT, Industrial Environment, Scyther, energy, computing and storage capacity. OCARI. The IoT covers a lot of areas such as Smart Cities, I. INTRODUCTION M2M (Machine to Machine) systems, Body Area Net- With the IoT, today, virtual and smart physical things are works (BAN), and Wireless Sensor Networks (WSN). The WSN able to communicate with each other, without the human is a network composed of devices managed by a CPAN (Per- intervention. This technology attracts different fields, because sonal Area Network Coordinator). The network is used in of its economical and societal benefits. Industry is in the order to gather and process data of a given environment. top list. In fact, industrial wireless sensor networks represent Usually, the devices (except the CPAN) are limited in terms a sub-domain of the IoT which concerns limited capacity of computation and memory capacity. They are characterized devices used to gather data and manage various environments. by their low bit rate and low power consumption, and they use Due to the nature of these devices, security represents a big small size packet in their transmissions. The data produced by issue for researchers and developers. In this paper, we present each device is transmitted via multiple hops to the CPAN, a robust and a lightweight securing protocol that ensures which can use them, or forward them to another network. a mutual authentication and secures transmissions between The most known WSN technologies are based on the IEEE devices. This protocol has been implemented on the OCARI 802.15.4 physical layer (PHY) [9]. It is resilient to radio platfrom which is a promising and energy efficient industrial interferences and provides a good foundation for building ad- wireless sensor network. hoc mesh networks. In 2014, according to The New York Times, Russian hackers In order to protect the WSN, a mutual authentication got access to the state department’s unclassified system and between devices is required during the association of a new stole the archived e-mails including the president’s ones. Even device. The exchanged data should be authenticated and en- worst, a few years ago in Australia, a certain Vitek Boden, for crypted. In this work we propose a robust, lightweight and revenge reasons, attacked the SCADA (Supervisory Control energy-efficient security protocol for the WSN systems. This and Data Acquisition) system of the Maroochy Shire Council paper is organized as follows. Section II presents different which was in charge of the waste management. As a result, researches realized for securing the IoT. Section III explains millions of liters of raw sewage were redirected to a park our proposed approach and its implementation. The real tests and an hotel located around the company. Thus, an ecosystem we made and a performance evaluation of our security protocol was destroyed in short time [1]. In the UK, a provider of are provided in section IV. Finally a conclusion and our future telecommunications services, was the victim of an attack works are given in section V. II. RELATED WORK generate a shared key. It will be used to secure transmissions during the data exchange using symmetric secure channel. In [7], we proposed an authentication protocol for securing This solution requires the exchange of only 3 messages. the IoT system OCARI, an industrial WSN for constrained en- It is lightweight, energy-efficient, and needs a reasonable vironment. It was based on pre-shared keys. It provided a mu- computing capacity. The only weakness is in the first sent tual authentication and a good mechanism for the derived key message (A) in Figure 1. exchange during the association step. Although this solution is lightweight robust and fast protocol, the confidentiality of the transmitted data is missing. In addition using HMAC [11] for signing packets can be expensive in terms of computing and execution time. Authors in [13] propose a security protocol called HIP (Host Identity Protocol). Their study focuses mainly on the security of the constrained devices over LoWPAN (Low power Wire- Figure 1: Authentication Procedure for a Wi-Fi based IoT less Personal Area Networks). HIP is based on the asymmetric key cryptography. They propose to add a central authority for XA;XB and xA; xB represent respectively the public and managing and controlling each IoT domain. During a new as- the private keys. K is a pre-shared key between two en- sociation, both devices and the central authority should be mu- tities. H(u; v) is the hash of the message u; v. And fi- tually authenticated using the asymmetric cryptography. Once nally SigA(u; v; w); SigB(u; v; w) is the signature of the the two communicating entities are authenticated, session messageu; v; w of the entity with its own public key. The symmetric keys are shared and an encrypted communication messages labelled (B) and (C) are without any risk. However can start. For managing and updating keys, they use another the authentication with the pre-shared key K in message protocol called MIKEY (Multimedia Internet KEYing). Their labelled (A), without any random factor or counter, exposes solution ensures a good authentication and data protection K to potential cryptanalysis attack. mechanism. However generating and providing new keys for In the next section, we will explain our proposed approach, each association step consumes a lot of time and energy. In which aim is to solve the performance and security problems Section III, we will describe our system that does not require seen above. a generation of new symmetric keys while keeping the system safe against the cryptanalysis and replay attacks. III. PROPOSED APPROACH Researchers in [10] propose a secure architecture based on As explained above, the WSN architecture is made of con- the DTLS (Datagram Transport Layer Security) protocol for strained devices (sensors, or actuators) managed by a CPAN IoT. It was designed to work over LoWPANs. It provides which is an unconstrained device. When a new device wants a mutual authentication and symmetric key exchange for to join the WSN network, first a mutual authentication should creating a symmetric secure channel). It uses x509 certifi- be ensured. Then, a symmetric secure channel should be cates [8] and RSA (Rivest Shamir Adleman) algorithm [15]. created between the communicating entities in order to protect The authentication requires a trustful third parties. Although the exchanged data. The mutual authentication mechanism this solution is very robust and ensures a strong authentication was realized in the MAC sub-layer, and the authenticated mechanism, it is not optimized. First, the use of RSA algorithm encryption of data is done in the application layer. and the exchange of a large number of messages (6 messages are mandatory for the DTLS-Handshake) is resource-intensive A.