{"title":"机器对机器通信中 6LoWPAN 的安全轻量级认证","authors":"","doi":"10.1016/j.cose.2024.104002","DOIUrl":null,"url":null,"abstract":"<div><p>The development of machine-to-machine (M2M) technologies is becoming increasingly important in the rapidly growing domain of wireless sensor networks (WSNs) and the Internet of Things (IoT). Adopting IPv6 over 6LoWPANs (Low-Power Wireless Personal Area Networks) is instrumental in communicating across diverse domains within WSNs, albeit with its challenges. Particularly, resource limitations and security vulnerabilities remain significant concerns. 6LoWPAN-based M2M protocols that rely on authentication and key establishment schemes (AKE) often fall short due to inadequate security issues and excessive resource requirements. This paper addresses these challenges by introducing a secure and resource-efficient framework—Lightweight AKE for 6LoWPAN Nodes (LAKE-6LN). LAKE-6LN capitalizes on the clustering architecture's merits and contrasts conventional router-centric approaches. To ensure lightweight and efficient operation, it uses hash functions, XOR functions, and symmetric encryption techniques. Pseudo-identity, sequence tracking numbers, and secure parameters ensure privacy and protection against attacks, including traceability, perfect forward secrecy, ephemeral secret leakage, and secure the session key. An informal analysis of LAKE-6LN's security confirms that compliance with all essential security properties has been achieved. In addition, the framework's logical robustness and security analysis are rigorously verified using BAN logic, AVISPA, and Scyther tools. LAKE-6LN has demonstrated superior performance over related schemes, demonstrating a reduction in storage costs (by 33.33 % to 85.71 %), computational overhead (by 14.28 % to 95.97 %), communication overhead (by 16.12 % to 51.85 %), and energy consumption (by 22.04 % to 99.40 %). In our comparative analysis, LAKE-6LN demonstrates its resilience against various security threats, demonstrating its potential to secure 6LoWPAN networks in M2M.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":null,"pages":null},"PeriodicalIF":4.8000,"publicationDate":"2024-07-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Secured lightweight authentication for 6LoWPANs in machine-to-machine communications\",\"authors\":\"\",\"doi\":\"10.1016/j.cose.2024.104002\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>The development of machine-to-machine (M2M) technologies is becoming increasingly important in the rapidly growing domain of wireless sensor networks (WSNs) and the Internet of Things (IoT). Adopting IPv6 over 6LoWPANs (Low-Power Wireless Personal Area Networks) is instrumental in communicating across diverse domains within WSNs, albeit with its challenges. Particularly, resource limitations and security vulnerabilities remain significant concerns. 6LoWPAN-based M2M protocols that rely on authentication and key establishment schemes (AKE) often fall short due to inadequate security issues and excessive resource requirements. This paper addresses these challenges by introducing a secure and resource-efficient framework—Lightweight AKE for 6LoWPAN Nodes (LAKE-6LN). LAKE-6LN capitalizes on the clustering architecture's merits and contrasts conventional router-centric approaches. To ensure lightweight and efficient operation, it uses hash functions, XOR functions, and symmetric encryption techniques. Pseudo-identity, sequence tracking numbers, and secure parameters ensure privacy and protection against attacks, including traceability, perfect forward secrecy, ephemeral secret leakage, and secure the session key. An informal analysis of LAKE-6LN's security confirms that compliance with all essential security properties has been achieved. In addition, the framework's logical robustness and security analysis are rigorously verified using BAN logic, AVISPA, and Scyther tools. LAKE-6LN has demonstrated superior performance over related schemes, demonstrating a reduction in storage costs (by 33.33 % to 85.71 %), computational overhead (by 14.28 % to 95.97 %), communication overhead (by 16.12 % to 51.85 %), and energy consumption (by 22.04 % to 99.40 %). In our comparative analysis, LAKE-6LN demonstrates its resilience against various security threats, demonstrating its potential to secure 6LoWPAN networks in M2M.</p></div>\",\"PeriodicalId\":51004,\"journal\":{\"name\":\"Computers & Security\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":4.8000,\"publicationDate\":\"2024-07-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167404824003079\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824003079","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
Secured lightweight authentication for 6LoWPANs in machine-to-machine communications
The development of machine-to-machine (M2M) technologies is becoming increasingly important in the rapidly growing domain of wireless sensor networks (WSNs) and the Internet of Things (IoT). Adopting IPv6 over 6LoWPANs (Low-Power Wireless Personal Area Networks) is instrumental in communicating across diverse domains within WSNs, albeit with its challenges. Particularly, resource limitations and security vulnerabilities remain significant concerns. 6LoWPAN-based M2M protocols that rely on authentication and key establishment schemes (AKE) often fall short due to inadequate security issues and excessive resource requirements. This paper addresses these challenges by introducing a secure and resource-efficient framework—Lightweight AKE for 6LoWPAN Nodes (LAKE-6LN). LAKE-6LN capitalizes on the clustering architecture's merits and contrasts conventional router-centric approaches. To ensure lightweight and efficient operation, it uses hash functions, XOR functions, and symmetric encryption techniques. Pseudo-identity, sequence tracking numbers, and secure parameters ensure privacy and protection against attacks, including traceability, perfect forward secrecy, ephemeral secret leakage, and secure the session key. An informal analysis of LAKE-6LN's security confirms that compliance with all essential security properties has been achieved. In addition, the framework's logical robustness and security analysis are rigorously verified using BAN logic, AVISPA, and Scyther tools. LAKE-6LN has demonstrated superior performance over related schemes, demonstrating a reduction in storage costs (by 33.33 % to 85.71 %), computational overhead (by 14.28 % to 95.97 %), communication overhead (by 16.12 % to 51.85 %), and energy consumption (by 22.04 % to 99.40 %). In our comparative analysis, LAKE-6LN demonstrates its resilience against various security threats, demonstrating its potential to secure 6LoWPAN networks in M2M.
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.