Your search keyword '"Handshake"' showing total 500 results

1. Age of Information Minimization for Grant-Free Non-Orthogonal Massive Access Using Mean-Field Games

Author

H. Vincent Poor, Lingyang Song, Yuhan Kang, Hongliang Zhang, and Zhu Han

Subjects

Base station, Handshake, Network packet, Computer science, business.industry, Telecommunications link, Cellular network, Minification, Electrical and Electronic Engineering, business, Communication channel, Computer network, Data modeling

Abstract

Grant-free access, in which channels are accessed without undergoing assignment through a handshake process, is a promising solution to support massive connectivity needed for Internet-of-Things (IoT) networks. In this paper, we consider uplink grant-free massive access for an IoT network with multiple channels. To be specific, the IoT devices generate short packets and have grant-free non-orthogonal access to a channel to transmit the generated packets to a base station (BS). With the aim of keeping the information fresh at the BS, we first derive the age of information (AoI) for grant-free short-packet communications, and then formulate the AoI minimization problem. However, the problem is challenging as the number of users involved is large, and to tackle this problem efficiently, we propose a mean-field evolutionary game-based approach. In this approach, the average behavior of the IoT devices is considered rather than their individual behaviors, and the dynamics of the strategies of the IoT devices are modeled by an evolutionary process. Simulation results verify the effectiveness of the proposed mean-field evolutionary game-based approach.

Published

2021

2. RHNE-MAC: Random Handshake MAC Protocol Based on Nash Equilibrium for Underwater Wireless Sensor Networks

Author

Dong Wei, Yang Qiuling, Chen Yan-xia, Sun Shijie, and Huang Xiangdang

Subjects

Handshake, Network packet, Computer science, business.industry, Node (networking), ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Time division multiple access, Throughput, symbols.namesake, Nash equilibrium, symbols, Electrical and Electronic Engineering, business, Instrumentation, Wireless sensor network, Communication channel, Computer network

Abstract

Underwater wireless sensor networks (UWSNs) have a long propagation delay; thus, when multiple nodes access the channel at the same time, the nodes cannot perceive the channel status in time, which causes access conflicts between nodes. To reduce multinode access conflicts and improve network throughput, a random handshake MAC protocol based on Nash equilibrium (RHNE-MAC) is proposed. In the RTS phase, RHNE-MAC regards nodes sending control packets to channels as competitive behavior and an incomplete information game. This paper firstly discusses the collision probability of two nodes sending data to the master node at the same time when the nodes are evenly distributed. Subsequently, according to the collision probability and the size of the network, the mathematical expectation concept is added to the payment function. Then, it uses the Nash equilibrium theory to solve the game, which allows the network to dynamically adjust the probability of nodes requesting access to a channel according to the number of nodes, thereby minimizing the problem of multinode access conflicts. Finally, the master node schedules the data transmission for each node according to the successful receipt of control packet information and propagation delay information of the network; therefore, multiple nodes can transmit data after a handshake period. The simulation results show that the throughput is increased by approximately 12% compared with prescheduling-based MAC and by 207% compared with TDMA; moreover, the end-to-end delay also has better performance.

Published

2021

3. A Systematic Approach to Formal Analysis of QUIC Handshake Protocol Using Symbolic Model Checking

Author

Lin Yang, Tao Feng, Dongyang Li, Qiang Wang, Xianming Gao, and Jingjing Zhang

Subjects

Model checking, Science (General), Article Subject, Handshake, Computer Networks and Communications, Computer science, business.industry, computer.internet_protocol, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, QUIC, Q1-390, Software deployment, T1-995, business, computer, Protocol (object-oriented programming), Technology (General), Information Systems, Computer network

Abstract

As a newly proposed secure transport protocol, QUIC aims to improve the transport performance of HTTPS traffic and enable rapid deployment and evolution of transport mechanisms. QUIC is currently in the IETF standardization process and will potentially carry a significant portion of Internet traffic in the emerging future. An important safety goal of QUIC protocol is to provide effective data service for users. To aim this safety requirement, we propose a formal analysis method to analyze the safety of QUIC handshake protocol by using model checker SPIN and cryptographic protocol verifier ProVerif. Our analysis shows the counterexamples to safety properties, which reveal a design flaw in the current protocol specification. To this end, we also propose and verify a possible fix that is able to mitigate these flaws.

Published

2021

4. Secure and Usable Handshake Based Pairing for Wrist-Worn Smart Devices on Different Users

Author

Xindi Ma, Guichuan Zhao, Jianfeng Ma, Qi Jiang, Youliang Tian, and Xiaohan Huang

Subjects

Security analysis, Key generation, Handshake, Computer Networks and Communications, Computer science, business.industry, 020206 networking & telecommunications, 02 engineering and technology, USable, Hardware and Architecture, Pairing, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, Personally identifiable information, Software, Information Systems, Data transmission, Communication channel, Computer network

Abstract

Wrist-worn smart devices are being used to share various sensitive personal information in various fields such as social, medical treatment, sports, etc. Secure pairing establishing a trusted channel between involved devices is a prerequisite to ensure data transmission security. Handshake has been employed to realize secure pairing between devices worn by different users without pre-shared knowledge, the participation of third parties or complicated user interactions. However, existing schemes cannot meet the practical requirement in terms of time delay and security. In this paper, we present a secure and usable pairing scheme utilizing the handshake acceleration data. Specifically, we propose an optimal feature selection algorithm based on Euclidean distance sorting which improves the success rate and security of the system. In addition, we use Pearson correlation coefficient based feature sequence similarity measurement approach to enhance the accuracy of pairing scheme. Theoretical and experimental security analysis indicates that our solution can resist active and passive attacks. What’s more, the experimental results demonstrate that the proposed solution has a high key generation rate of 87 bits per second, and completes security pairing in less than 4 s.

Published

2021

5. KDC Authentication for Secured Communication using Four-Way Handshake Protocol

Author

R Anitha, S U Muthunagai, R Iyswarya, and S Poorani

Subjects

Authentication, Handshake, Computer science, business.industry, business, Protocol (object-oriented programming), Computer network

Published

2021

6. A Secure IoT Firmware Update Scheme Against SCPA and DoS Attacks

Author

Kai Hu, Yan-Hong Fan, Yanbin Li, Muzhou Li, and Meiqin Wang

Subjects

Handshake, business.industry, Firmware, Computer science, Denial-of-service attack, Permission, Encryption, computer.software_genre, Application layer, Computer Science Applications, Theoretical Computer Science, Computational Theory and Mathematics, Hardware and Architecture, Key (cryptography), business, computer, Software, Booting, Computer network

Abstract

In the IEEE S&P 2017, Ronen et al. exploited side-channel power analysis (SCPA) and approximately 5 000 power traces to recover the global AES-CCM key that Philip Hue lamps use to decrypt and authenticate new firmware. Based on the recovered key, the attacker could create a malicious firmware update and load it to Philip Hue lamps to cause Internet of Things (IoT) security issues. Inspired by the work of Ronen et al., we propose an AES-CCM-based firmware update scheme against SCPA and denial of service (DoS) attacks. The proposed scheme applied in IoT terminal devices includes two aspects of design (i.e., bootloader and application layer). Firstly, in the bootloader, the number of updates per unit time is limited to prevent the attacker from acquiring a sufficient number of useful traces in a short time, which can effectively counter an SCPA attack. Secondly, in the application layer, using the proposed handshake protocol, the IoT device can access the IoT server to regain update permission, which can defend against DoS attacks. Moreover, on the STM32F405+M25P40 hardware platform, we implement Philips’ and the proposed modified schemes. Experimental results show that compared with the firmware update scheme of Philips Hue smart lamps, the proposed scheme additionally requires only 2.35 KB of Flash memory and a maximum of 0.32 s update time to effectively enhance the security of the AES-CCM-based firmware update process.

Published

2021

7. Using Overhearing and Rateless Coding in Disseminating Various Messages in Vehicular AdHoc Networks

Author

Nadia H. Khiadani, Maryam Ataei Kachooei, Mostafa Nozari, and Faramarz Hendessi

Subjects

Vehicular ad hoc network, General Computer Science, Handshake, business.industry, Network packet, Computer science, Wireless ad hoc network, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, General Engineering, rateless coding, data dissemination, TK1-9971, Overhead (computing), General Materials Science, Network performance, VANETs, overhearing, Electrical engineering. Electronics. Nuclear engineering, Latency (engineering), business, Dissemination, Computer network

Abstract

Vehicular Ad hoc Networks (VANETs) are emerging technologies with the primary purpose of establishing Vehicular communications. Available protocols for data dissemination in VANETs are faced with issues like discontinuous connections, uncertainty about receiving messages, collisions, and latency. In this paper, a new method is presented for the dissemination of advertising and infotainment messages. The proposed method has used store carry and forward (SCF), rateless coding, and a new handshake mechanism to solve discontinuous connections, uncertainty about receiving messages, and collision problems, respectively. In this paper, changing the Road Side Unit (RSU) message over time and its impact on the network is proposed as a new step in evaluating data dissemination methods. Our results showed that if changing the RSU message happened very rapidly, the network performance will almost be eliminated; to address this problem and due to the advertising nature of messages, the use of overhearing has been suggested. To the best of our knowledge, this is the first time that message overhearing has been used in VANET. Extensive and accurate simulations results show that the proposed method for 2, 3, 5, and 10 messages: (i) reduces the overhead of handshake on average 70% 63%, 48%, and 3%, (ii) increases the number of delivered packets on average 5%, 22%, 75%, and 84%, and (iii) increases the range of data dissemination on average 47%, 187%, 661%, and 2962%, respectively. With the mentioned improvements, the proposed method can also significantly reduce the latency of disseminating messages between vehicles.

Published

2021

8. A Link-Layer Synchronization and Medium Access Control Protocol for Terahertz-Band Communication Networks

Author

Zahed Hossain, Michael J. Medley, Josep Miquel Jornet, and Qing Xia

Subjects

Handshake, Interleaving, Computer Networks and Communications, Wireless ad hoc network, Computer science, Throughput, 02 engineering and technology, Synchronization, Sliding window protocol, Synchronization (computer science), Computer Science::Networking and Internet Architecture, Multiple Access with Collision Avoidance for Wireless, 0202 electrical engineering, electronic engineering, information engineering, Wireless, Electrical and Electronic Engineering, Network architecture, Directional antenna, business.industry, Network packet, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Transmitter, Physical layer, 020206 networking & telecommunications, Telecommunications network, Media access control, Link layer, business, Wireless sensor network, Software, Carrier sense multiple access with collision avoidance, Communication channel, Computer network

Abstract

In this paper, a link-layer synchronization and medium access control (MAC) protocol for very-high-speed wireless communication networks in the THz band is presented. The protocol relies on a receiver-initiated handshake as a way to guarantee synchronization between transmitter and receiver. In addition, it incorporates a sliding window flow control mechanism, which combined with the one-way handshake, maximizes the channel utilization. Two different application scenarios are considered, namely, a macroscale scenario, in which nodes utilize turning directional antennas to periodically sweep the space while overcoming the distance problem at THz frequencies, and a nanoscale scenario, in which nano-nodes require energy harvesting systems to operate. A carrier-based physical layer is considered for the macro-scenario, whereas the physical layer for the nano-scenario is based on a femtosecond- long pulse-based modulation scheme with frame interleaving. The performance of the proposed MAC protocol is analytically investigated in terms of delay, throughput and successful packet transmission probability, and compared to that of an adapted Carrier Sense Multiple Access with Collision Avoidance with and without handshake. The results are validated by means of extensive simulations with ns-3, in which all the necessary THz elements have been implemented. The results show that the proposed protocol can maximize the successful packet delivery probability without compromising the achievable throughput in THz-band communication networks.

Published

2021

9. Geographic Multipath Routing based on Triangle Link Quality Metric with Minimum Inter-path Interference for Wireless Multimedia Sensor Networks

Author

Vijay R. Ghorpade and Shailendra Aswale

Subjects

Routing protocol, General Computer Science, Handshake, Computer science, QoS routing, 02 engineering and technology, lcsh:QA75.5-76.95, Multipath, 0202 electrical engineering, electronic engineering, information engineering, Wireless, Wireless multimedia sensor networks, Triangle Link Quality Metric, Hidden node problem, business.industry, Quality of service, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, Multipath routing, Hidden Node Problem, 020201 artificial intelligence & image processing, lcsh:Electronic computers. Computer science, Wireless Multimedia Sensor Network, Interference, business, Wireless sensor network, Computer network

Abstract

Wireless Multimedia Sensor Networks (WMSNs) have emerged as the new class of wireless sensor networks (WSNs) to meet the stringent Quality of Service (QoS) requirements of emerging applications. Multipath routing with cross-layer approach appears to be a potential solution for supporting the distinct characteristics of WMSNs. However, due to the broadcast nature of the underlying medium, multiple paths are exposed to inter-path interference. In addition, low-power wireless links are asymmetric, error-prone and unreliable in nature. Consequently, an accurate and stable link quality estimation is essential to guarantee the performance of routing protocol. This paper proposes Triangle link quality metric and minimum inter-path Interference based Geographic Multipath Routing (TIGMR) protocol which finds multiple node-disjoint paths in IEEE 802.15.4 compliant network. This cross-layer routing protocol selects forwarding node based on a triangle link quality metric, remaining energy, and distance while anticipating minimum adjacent path interference effect. In addition, TIGMR protocol avoids Hidden Node Problem (HNP) at the sink node without using Request-To-Send/Clear-To-Send (RTS/CTS) handshake mechanism. Simulation results indicate TIGMR protocol optimizes overall performance and improves network lifetime as compared with state-of-the-art Two-Phase Geographic Forwarding (TPGF) and Link Quality and Energy-Aware Routing (LQEAR) protocols.

Published

2021

10. An Adaptive High-Throughput Multichannel MAC Protocol for VANETs

Author

Dongfeng Yuan, Yuguang Fang, Haixia Zhang, and Yi Cao

Subjects

Handshake, Computer Networks and Communications, Computer science, Wireless ad hoc network, Retransmission, Access control, Throughput, Data_CODINGANDINFORMATIONTHEORY, 02 engineering and technology, 0203 mechanical engineering, Control channel, 0202 electrical engineering, electronic engineering, information engineering, Resource management, business.industry, Node (networking), ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, 020302 automobile design & engineering, Computer Science Applications, Shared resource, Hardware and Architecture, Signal Processing, business, Information Systems, Computer network, Communication channel

Abstract

IEEE 802.11p standard, operating over the 75-MHz spectrum at 5.9-GHz band with one control channel (CCH) and six service channels (SCHs), has been poised to provide V2X services over vehicular ad hoc networks (VANETs). However, due to the absence of central coordinator and the nature of high vehicular mobility, it is difficult to achieve reliable multichannel coordination and adaptive resource reservation to make full use of SCHs, resulting in dramatic throughput degradation. To mitigate this, in this article, we propose an adaptive high-throughput multichannel medium access control (MAC) protocol, namely, AHT-MAC, which can effectively handle the data transmissions over SCHs. With AHT-MAC, the data transmission range (TR) is adjusted according to the beacon TR over the CCH so that a transmitting node can determine proper communication candidates and prepare available resources for both communication nodes before transmissions. Moreover, the communication coordination is done through a two-way handshake. During the handshake, adaptive resource reservation is realized following the proposed resource sharing mechanism, where nodes first utilize as much resource as possible and then share them with others proactively. To increase the success probability of the communication handshake, a request conflict resolution mechanism is also designed to nullify improper handshakes. Therefore, AHT-MAC can reduce the resource wastage due to handshake failures and extra overheads for retransmission requests. Our performance analysis shows that AHT-MAC can significantly improve the system throughput and reduce the channel access period.

Published

2020

11. iTLS: Lightweight Transport-Layer Security Protocol for IoT With Minimal Latency and Perfect Forward Secrecy

Author

Jinshu Su, Xiaofeng Wang, and Pengkun Li

Subjects

Handshake, Computer Networks and Communications, Computer science, computer.internet_protocol, 0211 other engineering and technologies, Cryptography, 02 engineering and technology, Encryption, Communications security, Datagram Transport Layer Security, Secure communication, Forward secrecy, 0202 electrical engineering, electronic engineering, information engineering, 021110 strategic, defence & security studies, Authentication, Transport Layer Security, business.industry, 020206 networking & telecommunications, Mutual authentication, Certificate, Computer Science Applications, Hardware and Architecture, Signal Processing, business, computer, Information Systems, Computer network

Abstract

Enabling end-to-end secure communication is essential for many Internet-of-Things (IoT) application scenarios. Transport-layer security (TLS) and datagram TLS (DTLS) are the de-facto protocols for communication security in the IP-based IoT. However, the current authentication approaches of TLS are confronted with the heavy overhead and security issues in the resource-constrained IoT scenario. On the other hand, the identity-based cryptography (IBC) becomes an attractive cryptographic solution for the IoT. Unfortunately, the current IBC-based proposals exist the problem of either high communication latency or low level of security. In this article, we propose the first lightweight secure transport protocol called iTLS, which delivers protected data in the first flight with perfect forward secrecy, and provides implicit mutual authentication without certificates. iTLS dynamically generates identity-based early keys before receiving a server response, allowing clients to send the encrypted data without additional round trips. Furthermore, it employs the ephemeral secret ticket to obtain an ephemeral server key in the previous connection. Therefore, the early key established afterward can provide full forward secrecy. Design and implementation in the form of extension make iTLS fully compatible with TLS 1.3 and easy to be converted to a DTLS version. Our evaluation shows that iTLS reduces the network traffic overhead by at least 61.2%, and handshake latency on an ideal network by at least 60% compared to the certificate-based TLS. The results demonstrate iTLS achieves strong adaptability on the low-power and lossy IoT networks.

Published

2020

12. A Sequence-Scheduled and Query-Based MAC Protocol for Underwater Acoustic Networks with a Mobile Node

Author

Cheng Chi, Haining Huang, Wei Wang, and Jing Huang

Subjects

Handshake, Computer Networks and Communications, business.industry, Computer science, Network packet, Node (networking), Access control, Throughput, Collision, Transmission (telecommunications), Electrical and Electronic Engineering, business, Data transmission, Computer network

Abstract

Since mobile nodes such as autonomous underwater vehicles can effectively expand network coverage, underwater acoustic networks with mobile nodes have attracted more and more attention in recent years. To ensure the timely access of a mobile node without disturbing the normal transmission of data packets from static nodes, a sequence-scheduled and query-based medium access control protocol is proposed in this paper. The underwater nodes with data packets to be transmitted reply with a control packet for channel reservation after receiving the broadcast control packet of the buoy, then the reserved nodes transmit their data packets as the order calculated by the buoy. We develop a mechanism to adjust the transmission order of the control packets sent by the underwater nodes in the handshake phase to reduce the collision and guarantee the success rate of reservation, and a query is initiated when the reserved control packet of the mobile node is not received by the buoy in the handshake to respond to the data transmission request of the mobile node in time. Simulations show that the maximum nodal throughput of the proposed MAC protocol increases by at least 20% and the access delay of the mobile node decreases by about 90%, compared to the two reference protocols. Besides, the average access probability of the mobile node in the proposed protocol is more than 90%.

Published

2020

13. ME-TLS: Middlebox-Enhanced TLS for Internet-of-Things Devices

Author

Jie Li, Xiaofeng Wang, Jinshu Su, Xinyi Huang, and Rongmao Chen

Subjects

Authentication, Transport Layer Security, Handshake, Computer Networks and Communications, Computer science, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Middlebox, 020206 networking & telecommunications, 02 engineering and technology, Permission, Encryption, Computer Science Applications, Hardware and Architecture, Signal Processing, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Session key, 020201 artificial intelligence & image processing, Session (computer science), business, Hardware_REGISTER-TRANSFER-LEVELIMPLEMENTATION, Information Systems, Computer network

Abstract

In-network middleboxes are vital for the Internet-of-Things (IoT) system security, but the widely adopted transport layer security (TLS) protocol blinds application-level middleboxes due to the encryption of traffic data. To resolve this problem, many solutions have been proposed to date. Among them, SplitTLS is widely adopted in the industry by proxy manufacturers. It requires TLS client to install customized root certificates and incurs additional security flaws, e.g., disabling server authentication and using weak cipher suites. Another approach is to customize the TLS protocol where middleboxes are enabled via either performing handshake directly with TLS endpoints or receiving session key materials in an out-of-band manner. Overall, current solutions would either jeopardize the original TLS handshake procedure or incur additional overheads on the endpoints. In this article, we design a new middlebox-enhanced TLS (ME-TLS), which enables endpoints to introduce authenticated middleboxes into a TLS session while control middleboxes’ access permission and processing order of traffic data. Particularly, in our proposed ME-TLS, the handshake structure of TLS keeps unchanged and middleboxes work in a passive manner. That is, middleboxes in the ME-TLS could recover session key materials by monitoring handshake messages passively instead of interacting with endpoints; secondary secure channels for key transmission are also not needed in our ME-TLS. We implement our ME-TLS based on the TLS 1.3 protocol and evaluate its performances. The experimental results demonstrate that our proposal is practical and deployable for real-world IoT scenarios.

Published

2020

14. An optimized recognition algorithm for SSL VPN protocol encrypted traffic

Author

Kehua Xian

Subjects

Handshake, Artificial neural network, business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Encryption, Convolutional neural network, Computer Science Applications, Theoretical Computer Science, Random forest, Identification (information), Artificial Intelligence, business, Protocol (object-oriented programming), Software, Private network, Computer network

Abstract

With the widespread use of Virtual Private Networks (VPNs), the identification of Secure Sockets Layer (SSL) VPN encrypted traffic has become an important issue. This paper first introduced SSL VPN encrypted traffic and analyzed the flow of its handshake protocol. Then, an improved fingerprint recognition algorithm was designed to identify SSL streams. Capsule Neural Network (CapsNet), an optimized convolutional neural network, was used to recognize SSL VPN. An experimental analysis was carried out on the ISCXVPN2016 dataset. It was found that the recognition accuracy of the proposed method reached up to 99.98% for SSL streams, and the convergence speed was high; the recognition precision reached 98.16%, and the recall rate reached 99.98% for SSL VPNs, both of which were better than the algorithms such as random forest (RF) and C4.5. The experimental results verify the effectiveness of the optimized recognition algorithm for SSL VPN recognition and make some contributions to its application in practice.

Published

2021

15. Design and Implementation of Data Security Transmission System Based on SSL

Author

Xinlin Liu and Weifeng Luo

Subjects

Scheme (programming language), Authentication, Handshake, Computer science, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Data security, Transmission system, Cryptographic protocol, business, Protocol (object-oriented programming), Business communication, computer, Computer network, computer.programming_language

Abstract

This paper designs a data security transmission system suitable for distributed working mode to provide a safe and reliable platform for business communication and information interaction between two data nodes. In the choice of system security protocol, this paper uses SSL based data security transmission protocol as the security protocol of system communication. According to the threat situation expulsion method, this paper proposes an improved scheme for the protocol, which uses the identity authentication mechanism to improve the authentication mechanism of handshake protocol, and uses the improved protocol as the security transmission protocol of the system. In order to prove the effectiveness of the improved scheme of handshake protocol, this paper uses the data security transmission system to test, and the results show that the improved scheme of handshake protocol is feasible. This method provides a reference for the research of data security transmission system based on SSL.

Published

2021

16. Secure Authentication in WLAN Using Modified Four-Way Handshake Protocol

Author

Pramod Kumar, Manoj Diwakar, Shashi Bhushan, Prabhishek Singh, Manju Kaushik, and Kartikay Tiwari

Subjects

Handshaking, Handshake, Network security, business.industry, Wireless network, Computer science, Problem statement, Denial-of-service attack, Architecture, business, Protocol (object-oriented programming), Computer network

Abstract

This paper presents a brief description of the wireless networks, their advantages over wired networks and security issues requiring immediate attention. It is then followed by 802.11 architecture and various services offered by it and then the motivation for conducting the research. Thereafter, a problem statement outlining the inherent flaws in the present IEEE 802.11i standard is presented. Hence, a method is proposed to overcome the denial of service using the handshaking approach. Finally, the results are discussed and concluded.

Published

2021

17. Public Key Reinforced Blockchain Platform for Fog-IoT Network System Administration

Author

Petros Spachos, Marc Jayson Baucas, and Konstantinos N. Plataniotis

Subjects

Networking and Internet Architecture (cs.NI), FOS: Computer and information sciences, Computer Science - Cryptography and Security, Handshake, Computer Networks and Communications, business.industry, Computer science, Wireless network, Network packet, Encryption, Computer Science Applications, Public-key cryptography, Computer Science - Networking and Internet Architecture, Hardware and Architecture, Server, Signal Processing, Wireless, business, Database transaction, Cryptography and Security (cs.CR), Information Systems, Computer network

Abstract

The number of embedded devices that connect to a wireless network has been growing for the past decade. This interaction creates a network of Internet of Things (IoT) devices where data travel continuously. With the increase of devices and the need for the network to extend via fog computing, we have fog-based IoT networks. However, with more endpoints introduced to it, the network becomes open to malicious attackers. This work attempts to protect fog-based IoT networks by creating a platform that secures the endpoints through public-key encryption. The servers are allowed to mask the data packets shared within the network. To be able to track all of the encryption processes, we incorporated the use of permissioned blockchains. This technology completes the security layer by providing an immutable and automated data structure to function as a hyper ledger for the network. Each data transaction incorporates a handshake mechanism with the use of a public key pair. This design guarantees that only devices that have proper access through the keys can use the network. Hence, management is made convenient and secure. The implementation of this platform is through a wireless server-client architecture to simulate the data transactions between devices. The conducted qualitative tests provide an in-depth feasibility investigation on the network's levels of security. The results show the validity of the design as a means of fortifying the network against endpoint attacks., Accepted at the IEEE Internet of Things Journal

Published

2021

18. Formal Analysis of SA-TEK 3-Way Handshake Protocols

Author

Kefei Zhang, Shuo Yang, and Sen Xu

Subjects

Multidisciplinary, Handshake, business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Key distribution, Access control, Wireless broadband, Layer (object-oriented design), business, Key management, Protocol (object-oriented programming), 3-Way, Computer network

Abstract

IEEE 802.16 is the standard for broadband wireless access. The security sublayer is provided within IEEE 802.16 MAC layer for privacy and access control, in which the privacy and key management (PKM) protocols are specified. In IEEE 802.16e, SA-TEK 3-way handshake is added into PKM protocols, aiming to facilitate re-authentication and key distribution. This paper analyzes the SA-TEK 3-way handshake protocol, and proposes an optimized version. We also use CasperFDR, a popular formal analysis tool, to verify our analysis. Moreover, we model various simplified versions to find the functions of those elements in the protocol, and correct some misunderstandings in related works using other formal analysis tools.

Published

2021

19. Identification of TLS Communications Using Randomness Testing

Author

Atsushi Kanda and Masaki Hashimoto

Subjects

Identification (information), Handshake, business.industry, Computer science, Information and Communications Technology, The Internet, Cryptography, Fingerprint recognition, business, Encryption, Key size, Computer network

Abstract

In recent years, the use of encryption in Internet communications, such as HTTPS, has become more widespread. While encrypted communication technology has been popular and improved the security of communications, there is a concern that the information available from the communications will be reduced, making it difficult to distinguish between normal and malicious communications. As for SSL/TLS, there is an existing measurement called TLS fingerprinting which tries to identify a server or client based on surface-level information such as headers and handshake parameters. However, by randomizing parameters or modifying handshakes, some attacks have already bypassed the detection. Our goal is to identify encrypted communications in a way that is more robust against such circumvention. Therefore, we propose a method that can identify encryption algorithms and cryptographic libraries used in a communication. We focus on the randomness of encrypted communications and use the statistical characteristics of randomness. Our experiment on HTTPS shows that by using only the encrypted application data from TLS communications, we can identify encryption algorithms (without considering the key length), used in the communication, with 89.6% accuracy.

Published

2021

20. Julia

Author

Juraj Feljan and Frans Lundberg

Subjects

050101 languages & linguistics, Handshake, business.industry, Computer science, 05 social sciences, Scalar (mathematics), 02 engineering and technology, Mutual authentication, Scalar multiplication, Public-key cryptography, Diffie–Hellman key exchange, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), 020201 artificial intelligence & image processing, 0501 psychology and cognitive sciences, business, Secure channel, Computer network

Abstract

Even the most resource-constrained IoT devices need to communicate securely. In order to establish a secure channel, key agreement between the communicating parties is used. Today's key agreement protocols require at least three scalar multiplications in the handshake to achieve mutual authentication, forward and backward secrecy, and protection against key-compromise impersonation. As this is a computationally heavy operation, resource-constrained devices benefit from a lower number of scalar multiplications. In this paper we present Julia Key Agreement (JKA), a protocol that satisfies the aforementioned security properties using two scalar multiplications, and thus saves both time and energy. In addition, we define an optimized JKA that only requires a single scalar multiplication for a particular use case.

Published

2021

21. Connected and Autonomous Electric Vehicles Charging Reservation and Trip Planning System

Author

Hussein T. Mouftah and Palwasha W. Shaikh

Subjects

business.product_category, Handshake, business.industry, Computer science, Electric vehicle, Reservation, Systems design, Wireless, Vehicle-to-grid, business, Inductive charging, Intelligent transportation system, Computer network

Abstract

A novel three-layer charging system design of static and dynamic wireless charging that can operate with the existing wired charging infrastructure and standards for Intelligent Transportation System (ITS) is presented. This internet of things (IoT) application is accompanied by a proposed handshake protocol that uses vehicle to infrastructure (V2I) and vehicle to grid (V2G) communications for fulfilling charging requests of connected and autonomous electric vehicles with the shortest possible route to the destination. The charging requests of the Electric Vehicle (EV) and Autonomous Electric Vehicle (AEV) users are fulfilled by dynamically distributing the request over the three different types of charging equipment, and the requests are serviced and billed for in a private and secure manner using two different proposed payment schemes with the encrypted virtual currency. The hardware independent system can detect misalignment of the connected vehicles on the wireless charging pads and the speed issue errors in dynamic wireless charging system as well as avoid free-riders. Finally, the presented system is simulated and is revealed to plan trips with minimum waiting times, travel costs and battery consumption per vehicle trip with efficiency of 90.25% charge delivery.

Published

2021

22. Link Adaptive Protocol for V2LC

Author

Valeria Loscri, Antonio Costanzo, Meysam Mayahi, Self-organizing Future Ubiquitous Network (FUN), Inria Lille - Nord Europe, and Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)

Subjects

Vehicular VLC, MAC, Handshake, business.industry, Computer science, Goodput, Visible Light Communications, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Visible light communication, Throughput, Link adaptation, Access control, Adaptive Modulation, Link (knot theory), business, Protocol (object-oriented programming), [SPI.SIGNAL]Engineering Sciences [physics]/Signal and Image processing, Computer network

Abstract

International audience; As the Visible Light Communications (VLC) is growing up, it is not restricted anymore to the traditional indoor applications such as LiFi or positioning, but it finds new customers at outdoor vendors like underwater and vehicle applications. In this paper we looked at VLC challenges in Vehicular Communications from Medium Access Control point of view. We proposed Link Adaptive Protocol where a single handshake association and fast handover algorithms prolong VLC connectivity. Moreover, adaptive modulation has been suggested in order to increase the throughput. Simulation results show the link adaptive protocol outperforms slotted-aloha in outage probability and goodput, properly achieving a trade-off between pilot rate and protocol efficiency.

Published

2021

23. Mobility-Enabled Authentication Scheme for IoT Architecture

Author

Abderrahim Benslimane, Eman Shaaban, and Randa M. Abdelmoneem

Subjects

Authentication, Handshake, Computer science, business.industry, computer.internet_protocol, Gateway (computer program), Datagram Transport Layer Security, Secure communication, Systems architecture, Overhead (computing), Session (computer science), business, computer, Computer network

Abstract

In Internet of Things (IoT) system architectures where static and mobile IoT devices connected to gateway devices for forwarding and processing their collected data, authentication and secure communication between IoT device and gateways are crucial requirements. This paper proposes a mobility-enabled DTLS-based authentication scheme. It maintains mutual secure authentication between an IoT device and a gateway while transferring the connection between the visited gateways. We propose a scheme that implements a session resumption procedure to allow the authentication between a moving IoT device and a visited gateway. The performance of the proposed scheme is evaluated in terms of handshake time, processing time, energy consumption, and memory overhead. The results demonstrate its feasibility for limited resource devices.

Published

2021

24. An Opportunistic Directional MAC Protocol with Pulse/Tone Exchange in Wireless Ad-Hoc Networks

Author

Young-June Choi, Nobuyoshi Komuro, Zhetao Li, Hiroo Sekiya, Jing Ma, Tetsuro Okazawa, and Tingrui Pei

Subjects

Directional antenna, Handshake, Computer science, business.industry, Wireless ad hoc network, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Frame (networking), 020206 networking & telecommunications, 02 engineering and technology, Computer Science Applications, Reduction (complexity), Tone (musical instrument), 0202 electrical engineering, electronic engineering, information engineering, Wireless, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, business, Protocol (object-oriented programming), Computer network

Abstract

This paper proposes a Medium Access Control (MAC) protocol using directional antennas in wireless ad-hoc networks, which achieves frame-collision reduction, freezing-state duration reduction, and deafness-problem mitigation simultaneously. The idea of the proposed protocol is that Pulse/Tone exchange is applied to the Opportunistic Directional MAC protocol (OPDMAC). By applying the Pulse/Tone exchange prior to Request to Send/Clear to Send (RTS/CTS) handshake, RTS-to-RTS frame collisions are reduced dramatically. Additionally, RTS-to-DATA frame collisions in the OPDMAC are changed to Pulse signal-to-DATA frame overlaps in the proposed protocol. This change makes the DATA-frame transmissions in success because the Pulse signal-to-DATA frame overlaps are regarded as a deafness problem. On that basis, the deafness-problem mitigation can be obtained in the proposed protocol by adaptive transmission-direction switching, which follows the OPDMAC technique. The freezing-state durations can be also reduced by the transmission-direction switching. As a result, the proposed protocol provides high network throughput compared with conventional protocols. Simulation results show the validity and effectiveness of the proposed protocol.

Published

2019

25. Tone-Based Contention Resolution for Multi-hop Wireless Sensor Networks

Author

Sandra M. Djosic, Igor Stojanovic, Milica D. Jovanovic, and Goran Lj. Djordjevic

Subjects

Handshake, business.industry, Network packet, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, Access control, Throughput, 02 engineering and technology, Energy consumption, Computer Science Applications, Hop (networking), Energy conservation, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, business, Wireless sensor network, Computer network, Communication channel

Abstract

Medium access control protocols with common active period (AP MACs) are frequently used in wireless sensor networks (WSNs) with medium-load traffic requirements. In this class of low duty-cycle contention-based protocols, sensor nodes synchronously alternate between active periods (used for data exchange) and sleep periods (used for energy conservation). The key component of AP MAC protocols is the contention resolution mechanism (CRM), which should provide channel access to as many nodes as possible, while eliminating, or at least minimizing the chance of date message collisions. Current AP MAC protocols commonly employ CRMs based on the traditional CSMA scheme, possibly extended with RTS–CTS handshake mechanism, which are known to be energy inefficient under heavy traffic conditions, especially in dense multi-hop WSNs. In this paper, we propose a collision-free and energy-efficient CRM, specially designed for application in AP MACs. The proposed CRM, referred to as AP/TONE protocol, replaces RTS-CTS control packets with short RF tones for exchanging elementary status information among neighbouring nodes. At the top of the tone-based signalling mechanism, AP/TONE implements a distributed two-phase multi-round contention resolution procedure. In the first phase, the network is partitioned into non-interfering clusters by selectively blocking sending/receiving status of contending nodes. In the second phase, the existing intra-cluster tone-based CRM is used to make the final selection. The performance of the proposed approach was evaluated by simulation of a multi-hop WSN with varying traffic parameters and node density. The obtained results show that AP/TONE achieves significantly higher throughput with reduced energy consumption with respect to CSMA-based approaches.

Published

2019

26. An enhanced 4-way technique using cookies for robust authentication process in wireless network

Author

Chothmal Choudhary, Basant Agarwal, Pankaj Dadheech, Ankit Kumar, Sanwta Ram Dogiwal, and Mahender Kumar Beniwal

Subjects

Handshake, Computer science, business.industry, Wireless network, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Denial-of-service attack, 02 engineering and technology, 01 natural sciences, law.invention, InformationSystems_GENERAL, 010104 statistics & probability, law, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Wi-Fi, 0101 mathematics, business, Computer network

Abstract

In Wireless Local Area Network (WLAN) IEEE802.11, during the connection establishment four way handshake approaches is used for authentication. 4-way handshake approach, thought has been worked upo...

Published

2019

27. REMOVING RF VULNERABILITIES FROM IOT DEVICES

Author

Sushmita Ghosh, H. Parveen Sultana, and Pranab Ray

Subjects

Handshake, business.industry, Computer science, 020206 networking & telecommunications, 02 engineering and technology, Signal, Synchronization, Relay attack, Handshaking, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), General Earth and Planetary Sciences, 020201 artificial intelligence & image processing, Radio frequency, business, General Environmental Science, Computer network

Abstract

RF vulnerabilities is a massive problem nowadays. If you see TV remote, AC remote, camera and car remotes RF have been using everywhere. The problem with RF security is that it always generates a signal with the same key which locked or unlock the system. RF signals are also unencrypted and It transfers signal through an unsecured channel so It suffers from key relay attack where the same key signal used to generate every time from a captured RF signal having the same key to make work to the system. Our problem statement is “Removing RF vulnerabilities to transfer data securely so that RF can avoid any types of relay attack threats”. we proposed a system which transferred data securely, In our system, we advise key rolling algorithm with a 2-way handshake, Key rolling algorithm rolls key which provides a new key every time of data transferring and 2-way handshaking provide synchronization between sender and receiver.

Published

2019

28. Model and implementation of user activity tracking utilizing the TLS Client Hello's server name extension

Author

M Mauro

Subjects

Activity tracking, Point of entry, Handshake, Computer science, Section (archaeology), business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Attack surface, Extension (predicate logic), Tracking (particle physics), business, Protocol (object-oriented programming), Computer network

Abstract

This paper puts forward a feasible, non-intrusive, method of tracking user activity using TLS’s Client Hello section of a handshake (specified in the TLS protocol), namely the server name extension. This method can provide an attacker with relevant information regarding patterns and services utilized inside of the target network, further expanding their understanding of the attack surface, potentially, serving as a tool to determine the timing of an attack or, even, provide an attacker with knowledge of a point of entry to a given system.

Published

2021

29. Stateless One-time Authenticated Session Resumption in TLS Handshake Using Paired Token

Author

Byoungcheon Lee

Subjects

Stateless protocol, Transport Layer Security, Handshake, Computer science, business.industry, Session (computer science), Security token, business, algebra_number_theory, Computer network

Abstract

Transport Layer Security (TLS) is a cryptographic protocol that provides communications security between two peers and it is widely used in many applications. To reduce the latency in TLS handshake session resumption using pre-shared key (PSK) had been used. But current methods in PSK mode handshake uses a fixed session key multiple times for the lifetime of session ticket. Reuse of fixed session key should be very careful in the point of communications security. It is vulnerable to replay attacks and there is a possibility of tracking users. Paired token (PT) is a new secondary credential scheme that provides pre-shared key in stateless way in client-server environment. Server issues paired token (public token and secret token) to authenticated client. Public token represents signed identity of client and secret token is a kind of shared secret between client and server. Once client is equipped with PT, it can be used for many symmetric key based cryptographic applications such as authentication, authorization, key establishment, etc. It was also shown that it can be used for one-time authenticated key establishment using the time-based one-time password (TOTP) approach. In this paper we apply the PT and TOTP approach to TLS to achieve stateless one-time authenticated session resumption. Server executes full handshake of TLS 1.3 and issues PT to authenticated client. Then client and server can execute one-time authenticated session resumption using PT in stateless way in server side. In every runs of session resumption distinct session keys are established that the same PT can be used safely for longer lifetime. If anonymous PT is used with renewal issuing, user privacy, untraceability and forward security can be achieved easily. It will provide a huge performance gain in large-scale distributed services.

Published

2021

30. QUICsand: Quantifying QUIC Reconnaissance Scans and DoS Flooding Events

Author

Thomas C. Schmidt, Raphael Hiesgen, Matthias Wählisch, and Marcin Nawrocki

Subjects

Networking and Internet Architecture (cs.NI), FOS: Computer and information sciences, Computer Science - Cryptography and Security, Handshake, business.industry, Computer science, computer.internet_protocol, Network telescope, QUIC, Flooding (computer networking), Internet Control Message Protocol, Computer Science - Networking and Internet Architecture, Attack model, The Internet, business, computer, Cryptography and Security (cs.CR), Computer network

Abstract

In this paper, we present first measurements of Internet background radiation originating from the emerging transport protocol QUIC. Our analysis is based on the UCSD network telescope, correlated with active measurements. We find that research projects dominate the QUIC scanning ecosystem but also discover traffic from non-benign sources. We argue that although QUIC has been carefully designed to restrict reflective amplification attacks, the QUIC handshake is prone to resource exhaustion attacks, similar to TCP SYN floods. We confirm this conjecture by showing how this attack vector is already exploited in multi-vector attacks: On average, the Internet is exposed to four QUIC floods per hour and half of these attacks occur concurrently with other common attack types such as TCP/ICMP floods., Comment: Proc. of ACM IMC'21, camera-ready

Published

2021

31. Stateless Re-Association in WPA3 Using Paired Token

Author

Byoungcheon Lee

Subjects

Key establishment, JSON Web Token, Handshake, Computer Networks and Communications, Computer science, lcsh:TK7800-8360, stateless re-association, 050109 social psychology, Cryptography, 02 engineering and technology, Shared secret, Security token, WPA3, PMK caching, Stateful firewall, 0202 electrical engineering, electronic engineering, information engineering, paired token, 0501 psychology and cognitive sciences, Electrical and Electronic Engineering, Stateless protocol, Authentication, business.industry, 05 social sciences, lcsh:Electronics, Authorization, JSON web token, Symmetric-key algorithm, one-time authenticated key establishment, Hardware and Architecture, Control and Systems Engineering, Signal Processing, Key (cryptography), 020201 artificial intelligence & image processing, Cache, Wi-Fi security, business, secondary credential, Computer network

Abstract

In Wi-Fi Protected Access 3 (WPA3), a secure connection is established in two sequential stages. Firstly, in the authentication and association stage, a pairwise master key (PMK) is generated. Secondly, in the post-association stage, a pairwise transient key (PTK) is generated from PMK using the traditional 4-way handshake protocol. To reduce the heavy load of the first stage, PMK caching can be used. If the client and AP are previously authenticated and have a PMK cache, the first heavy stage can be skipped and the cached PMK can be used to directly execute the 4-way handshake. However, PMK caching is a very primitive technology to manage shared key between a client and AP and there are many limitations, AP has to manage a stateful cache for a large number of clients, cache lifetime is limited, etc. Paired token (PT)is a new secondary credential scheme that provides stateless pre-shared key (PSK) in a client-server environment. The server issues a paired token (public token and secret token) to an authenticated client where the public token has the role of signed identity and the secret token is a kind of shared secret. Once a client is equipped with PT, it can be used for many symmetric key-based cryptographic applications such as authentication, authorization, key establishment, etc. In this paper, we apply the PT approach to WPA3 and try to replace the PMK caching with the one-time authenticated key establishment using PT. At the end of a successful full handshake, AP securely issues PT to the client. Then, in subsequent re-association requests, the client and AP can compute the same one-time authenticated PMK using PT in a stateless way. Using this kind of stateless re-association technology, AP can provide a high performance Wi-Fi service to a larger number of clients.

Published

2021

32. An Efficient and Generic Construction for Signal’s Handshake (X3DH): Post-Quantum, State Leakage Secure, and Deniable

Author

Keitaro Hashimoto, Kris Kwiatkowski, Shuichi Katsumata, and Thomas Prest

Subjects

SIMPLE (military communications protocol), Handshake, Computer science, Quantum state, business.industry, SIGNAL (programming language), Concrete security, Instant messaging, Leakage (economics), business, Protocol (object-oriented programming), Computer network

Abstract

The Signal protocol is a secure instant messaging protocol that underlies the security of numerous applications such as WhatsApp, Skype, Facebook Messenger among many others. The Signal protocol consists of two sub-protocols known as the X3DH protocol and the double ratchet protocol, where the latter has recently gained much attention. For instance, Alwen, Coretti, and Dodis (Eurocrypt’19) provided a concrete security model along with a generic construction based on simple building blocks that are instantiable from versatile assumptions, including post-quantum ones. In contrast, as far as we are aware, works focusing on the X3DH protocol seem limited.

Published

2021

33. A Cryptographic Analysis of the TLS 1.3 Handshake Protocol

Author

Marc Fischlin, Douglas Stebila, Felix Günther, and Benjamin Dowling

Subjects

0301 basic medicine, Authentication, Authenticated key exchange, Transport Layer Security, Handshake, business.industry, Computer science, Applied Mathematics, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Transport Layer Security (TLS), Cryptography, Computer security model, Handshake protocol, Computer Science Applications, Authenticated Key Exchange, 03 medical and health sciences, 030104 developmental biology, 0302 clinical medicine, Forward secrecy, 030220 oncology & carcinogenesis, business, Software, Key exchange, Computer network

Abstract

We analyze the handshake protocol of the Transport Layer Security (TLS) protocol, version 1.3. We address both the full TLS 1.3 handshake (the one round-trip time mode, with signatures for authentication and (elliptic curve) Diffie–Hellman ephemeral ((EC)DHE) key exchange), and the abbreviated resumption/“PSK” mode which uses a pre-shared key for authentication (with optional (EC)DHE key exchange and zero round-trip time key establishment). Our analysis in the reductionist security framework uses a multi-stage key exchange security model, where each of the many session keys derived in a single TLS 1.3 handshake is tagged with various properties (such as unauthenticated versus unilaterally authenticated versus mutually authenticated, whether it is intended to provide forward security, how it is used in the protocol, and whether the key is protected against replay attacks). We show that these TLS 1.3 handshake protocol modes establish session keys with their desired security properties under standard cryptographic assumptions., Journal of Cryptology, 34 (4), ISSN:1432-1378, ISSN:0933-2790

Published

2021

34. Usable and Secure Pairing Based on Handshake for Wrist-Worn Smart Devices on Different Users

Author

Jianfeng Ma, Xiaohan Huang, Xindi Ma, Guichuan Zhao, Qi Jiang, and Youliang Tian

Subjects

Scheme (programming language), Security analysis, Handshake, Computer science, business.industry, USable, Key (cryptography), business, Personally identifiable information, computer, Computer network, Data transmission, Communication channel, computer.programming_language

Abstract

Wrist-worn smart devices are being used to share various sensitive personal information in various fields such as social, medical, sports, etc. Secure pairing establishing a trusted channel between the involved devices is a prerequisite to ensure data transmission security. Handshake has been proposed to realize secure pairing between devices worn by different users without pre-shared knowledge, the participation of third parties and complex user interactions. However, existing schemes cannot meet the practical requirement in terms of time delay and security. In this paper, we proposed a feasible handshake based secure pairing scheme, which utilizes the handshake acceleration data. Specifically, we quantify the features of acceleration data through random threshold values, to shorten the handshake time required for guaranteeing the length of the negotiated key. Besides, we propose an optimal feature selection algorithm that improves the success rate and security of the system. What’s more, security analysis indicates that our solution can resist man-in-the-middle attacks. Experiments are performed on our scheme, which show that the proposed scheme is robust and secure. Users only need to take a few seconds to perform simple operations, and the devices can automatically pair securely.

Published

2021

35. A CSMA Mechanism with Variable Collision Control and Priority Provision in Multichannel Mobile Ad Hoc Networks

Author

Hongwei Ding, Jun Zhang, and Mingliang Li

Subjects

Handshake, Article Subject, Computer Networks and Communications, business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, 020302 automobile design & engineering, Throughput, TK5101-6720, 02 engineering and technology, Energy consumption, Mobile ad hoc network, Collision, Computer Science Applications, 0203 mechanical engineering, Transmission (telecommunications), Telecommunication, 0202 electrical engineering, electronic engineering, information engineering, State (computer science), business, Computer network, Communication channel

Abstract

Toward making the conventional carrier sense multiple access (CSMA) protocol transmit and control mobile ad hoc network systems, as well as reducing energy consumption, an adaptive multichannel multipriority two-dimensional probability detection and 1-stick joint control strategy carrier sense multiple access with variable collision duration and three-way handshake mechanisms (iCSMA for short) is proposed. Based on the conventional two-slot model of the CSMA protocol, iCSMA introduces a concept of collision duration (b), which divides the system’s timeslot into the duration of successful packet transmission (1 + a), the duration of collision (b + a), and the duration of the idle state (a) of the system. By employing iCSMA, the loss of the system could be reduced with a fine-tuned collision duration (b), which leads to improved performance compared to the conventional 1P-persistent CSMA protocol. Furthermore, a three-way handshake mechanism is introduced for monitoring the entire network system at a minimal cost of throughput. Toward a higher channel utilization rate, a multichannel and multipriority function is employed in the implementation of multiservice communication for the system. Besides, with an adaptive mechanism, the transmission probabilities p 1 and p 2 are reasonably set so that the system will not produce a complete collision under the condition of high load, and the throughput can also be stabilized. Based on the battery model, the lifetime of the system nodes (T) is extended. Both theoretical analysis and experimental results confirm the accuracy of the theoretical derivation.

Published

2021

36. ASSURE: A Hardware-Based Security Protocol for Internet of Things Devices

Author

Basel Halak, Yildiran Yilmaz, and Leonardo Aniello

Subjects

Key-agreement protocol, Handshake, Computer science, business.industry, computer.internet_protocol, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Mutual authentication, Cryptographic protocol, Datagram Transport Layer Security, User Datagram Protocol, business, Protocol (object-oriented programming), computer, Wireless sensor network, Computer network

Abstract

This chapter discusses the design, implementation and evaluation of a hardware-based mutual authentication and the key agreement protocol. The latter combines a lightweight symmetric cipher with physically unclonable functions technology to provide an energy-efficient solution that is particularly useful for Internet of Things (IoT) systems. The security of the proposed protocol is rigorously analysed under various cyberattack scenarios. For overheads’ evaluation, a wireless sensor network using typical IoT devices, called Zolertia Zoul RE-mote, is constructed. The functionality of the proposed scheme is verified using a server–client configuration. Then energy consumption and memory utilisation are estimated and compared with the existing solutions, namely the DTLS (datagram transport layer security) handshake protocol in pre-shared secret (PSK) mode and UDP (user datagram protocol). Experimental analysis results indicate that the proposed protocol can save up to 39.5% energy and use 14% less memory compared to the DTLS handshake protocol.

Published

2021

37. WebRTC Data Channel Establishment Protocol

Author

Randell Jesup, Michael Tüxen, and Salvatore Loreto

Subjects

Handshake, SIMPLE (military communications protocol), business.industry, Data channel, Computer science, business, Protocol (object-oriented programming), WebRTC, Computer network

Abstract

The WebRTC framework specifies protocol support for direct interactive rich communication using audio, video, and data between two peers' web-browsers. This document specifies a simple protocol for establishing symmetric Data Channels between the peers. It uses a two way handshake and allows sending of user data without waiting for the handshake to complete.

Published

2021

38. BA-TLS: Blockchain Authentication for Transport Layer Security in Internet of Things

Author

Geethapriya Thamilarasu and Erin Beckwith

Subjects

Authentication, Transport Layer Security, Handshake, business.industry, computer.internet_protocol, Network security, Computer science, 020206 networking & telecommunications, Public key infrastructure, 02 engineering and technology, Cryptographic protocol, Public-key cryptography, Datagram Transport Layer Security, Certificate authority, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer, Computer network

Abstract

Traditional security solutions that rely on public key infrastructure present scalability and transparency challenges when deployed in Internet of Things (IoT). In this paper, we develop a blockchain based authentication mechanism for IoT that can be integrated into the traditional transport layer security protocols such as Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). Our proposed mechanism is an alternative to the traditional Certificate Authority (CA)-based Public Key Infrastructure (PKI) that relies on x.509 certificates. Specifically, the proposed solution enables the modified TLS/DTLS a viable option for resource constrained IoT devices where minimizing memory utilization is critical. Experiments show that blockchain based authentication can reduce dynamic memory usage by up to 20%, while only minimally increasing application image size and time of execution of the TLS/DTLS handshake.

Published

2020

39. A Collision-Protected Multihop Frame Transmission Method with Wireless LAN Communication Supported by Longer-Distance Wireless Communication

Author

Hideki Tode, Ryosuke Nagayoshi, and Yosuke Tanigawa

Subjects

Handshake, business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Transmitter, Frame (networking), 020302 automobile design & engineering, 020206 networking & telecommunications, Data_CODINGANDINFORMATIONTHEORY, 02 engineering and technology, law.invention, 0203 mechanical engineering, Transmission (telecommunications), Relay, law, Wireless lan, Telecommunications link, 0202 electrical engineering, electronic engineering, information engineering, Wireless, business, Wireless sensor network, Computer network, Communication channel

Abstract

Currently, in addition to wireless LAN (WLAN), equipments for longer-distance wireless communication like IEEE 802.11af and 802.11ah are being developed. Thus, in the near future, access points (APs) and wireless stations (STAs) equipped with functions for both WLAN communication and longer-distance communication are expected. Although longer-distance communication enables STAs to connect to their APs even outside the WLAN coverages, the transmission rates are smaller. Multihop WLAN communication via relay STAs provides larger transmission rates. However, frame transmission from relay STAs increases collisions, and additional routing is required. This study proposes collision-protected multihop transmission without preliminary routing in the environment in which both WLAN communication and longer-distance communication are available. Collision protection and routing are processed by a two-way handshake between data frame transmitter and receiver stations with the longer-distance communication. After the handshake, the data frame is transmitted via relay STAs by exclusively using the WLAN channel.

Published

2020

40. An Uplink Grant-Free Access Solution Based on Sparse Resource Pattern for IoT

Author

Jian Song and Haoran Huang

Subjects

Resource (project management), Handshake, Computer science, Aloha, business.industry, Telecommunications link, Process (computing), Permission, business, 5G, Random access, Computer network

Abstract

With the rapid development of the Internet of things (IoT), simultaneous access of the massive devices to the network becomes essential. The current multiple access scheme in 4G is a traditional grant-based scheme which needs permission to access the system. It will suffer from congestion and overloading as the number of device increases. Therefore, grant-free random access, where users do not need to access channel resource through four step handshake process, recently gained wide interest in 5G new radio. Moreover, non-orthogonal technology is an effective way to deal with frequent collisions in the grant-free scheme. In this paper, we propose a grant-free non-orthogonal random access (GF-NORA) scheme based on sparse on-off resource pattern. The on-off pattern enables users to occupy resource blocks continuously or discontinuously. And the sparsity of resource pattern is helpful to change the distribution of non-collision part’s ratio of signals. A variety of operating modes are supported because of the flexible use of resource patterns. The simulation results indicate that the proposed method can effectively change the distribution of non-collision part’s ratio of signals when adopting the single user detection. By selecting the appropriate coded-modulation scheme to recover messages from the non-collision part, the outage probability will be reduced compared with slotted ALOHA.

Published

2020

41. A Lightweight Security Authentication Method for the Charging Protocol of Smart Charging Pile

Author

Chang Liu, Xiao Yu, Jiangpei Xu, Jin Wang, Li Tian, and Zhou Liang

Subjects

business.product_category, Handshake, Computer science, business.industry, Denial-of-service attack, Hardware_GENERAL, Software security assurance, Electric vehicle, Message authentication code, business, Communications protocol, Replay attack, Protocol (object-oriented programming), Computer network

Abstract

Charging protocol is the communication protocol between the charging pile and the electric vehicle during charging process, which safety is very important. However, due to the lack of security assurance mechanism, the charging protocol is vulnerable to malicious attacks such as forgery attack, man-in-the-middle attack, replay attack, etc. These malicious attacks may end up with denial of service, system halt of the smart charging pile, and lead to other security problems such as power theft. The issues mentioned above would cause serious damages to the charging facilities. In this paper, a lightweight security authentication method is proposed to solve the security problems existing in the charging protocol of the smart charging pile. During the handshake phase of charging, an exchanged strategy for shared seed based on ECDH is designed to make the charging pile and BMS(Battery Management System) of the electric vehicle get the same shared seed. To protect the sensitive messages at different phases such as charging parameter configuration, charging, and the end of charging, we have designed a lightweight scheme for generating the MAC (Message Authentication Code) and proposed a verification mechanism for multi-frame data message. A simulated communication environment for the charging pile and BMS of the electric vehicle is established and the scheme is proved to be effective according to the experimental results. The experimental results show that the scheme can help the charging pile defend against forgery attack, man-in-the-middle attack, replay attack, etc., and maintaining good system performance.

Published

2020

42. A handshake algorithm for scheduling communications in wireless sensor networks

Author

Abdessalem Mnif, Ahmed Hadj Kacem, Mohamed Mosbah, Mohamed Tounsi, and Emna Taktak

Subjects

Handshake, Computer Networks and Communications, business.industry, Computer science, Fault tolerance, Computer Science Applications, Theoretical Computer Science, Scheduling (computing), Computational Theory and Mathematics, business, Wireless sensor network, Software, Computer network, Efficient energy use

Published

2020

43. Reducing NoC Energy Consumption Exploring Asynchronous End-to-end GALS Communication

Author

Iacana Weber, Everton Alceu Carara, Fernando Moraes, and Leonardo Hadlich de Oliveira

Subjects

010302 applied physics, Handshake, business.industry, Clock signal, Computer science, Hardware_PERFORMANCEANDRELIABILITY, 02 engineering and technology, Energy consumption, 01 natural sciences, 020202 computer hardware & architecture, End-to-end principle, Asynchronous communication, 0103 physical sciences, Scalability, Hardware_INTEGRATEDCIRCUITS, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), Latency (engineering), business, Computer network

Abstract

Systems-on-Chip (SoCs) with a large number of cores adopt Networks-on-chip (NoCs) as the communication infrastructure due to its scalability. The complexity to distribute a skew-free synchronous clock signal over the entire chip increases in current fabrication technologies due to the process variability. Thus, designers may choose among fully asynchronous and Globally Asynchronous, Locally Synchronous (GALS) NoCs. This work proposes an intermediate solution. Each Intellectual Property (IP) core may have its clock domain, and the NoC supports both synchronous and asynchronous communication. The NoC has its own clock domain, with the synchronous communication used to establish end-to-end paths. Once the end-to-end path is established, the NoC connects the IPs asynchronously, as wires with repeaters. The message is transmitted using handshake protocol at the source IP frequency. The benefit of the proposal is the reduction in the communication energy consumption (up to 52%). The cost is a latency increase (16% to 30%) and area overhead (4%).

Published

2020

44. Authentication Technology in Industrial Control System Based on Identity Password

Author

Zhoubin Liu, Luyao Yang, Tianyu Wang, Wenli Shang, and Chen Chunyu

Subjects

Password, 0209 industrial biotechnology, Authentication, Revocation list, Public key certificate, Handshake, business.industry, Computer science, Cryptography, 02 engineering and technology, Industrial control system, Digital Signature Algorithm, 020901 industrial engineering & automation, Digital signature, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, Computer network

Abstract

Aiming at the current lack of certification capability in domestic industrial control systems, an industrial control system authentication scheme based on identity cryptography algorithm is proposed. When authenticating between control system devices, the scheme integrates the identity-based digital signature algorithm into the SSL/TLS handshake protocol to complete identity authentication between the engineering station and the trusted PLC. At the same time, when the connection is established for the first time between devices, the connection authentication is selected by the challenge/response based method. The authentication technology based on the identity cryptographic algorithm no longer requires the existence of a public key certificate. This eliminates the need to revoke, store, and issue certificates, simplifies the certification process and reduces the amount of computation required by the authentication process. At the same time, the improved handshake protocol is universal in industrial control systems. The authentication technology based on the identity and password algorithm no longer requires the existence of a public key certificate, eliminating the need for certificate revocation, storage, and issuance, simplifying authentication steps, and reducing system maintenance. Finally, by establishing a test environment, the improved handshake protocol is implemented, and the feasibility of the authentication scheme is verified and analyzed.

Published

2020

45. Efficient Post-Quantum TLS Handshakes using Identity-Based Key Exchange from Lattices

Author

Anantha P. Chandrakasan, Utsav Banerjee, Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science, and Chandrakasan, Anantha P

Subjects

Public-key cryptography, Authenticated Key Exchange, Transport Layer Security, Handshake, business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, business, Encryption, Certificate, Wireless sensor network, Key exchange, Computer network

Abstract

Identity-Based Encryption (IBE) is considered an alternative to traditional certificate-based public key cryptography to reduce communication overheads in wireless sensor networks. In this work, we build on the well-known lattice-based DLP-IBE scheme to construct an ID-based certificateless authenticated key exchange for post-quantum Transport Layer Security (TLS) handshakes. We also propose concrete parameters for the underlying lattice computations and provide detailed implementation results. Finally, we compare the combined computation and communication cost of our ID-based certificate-less handshake with the traditional certificate-based handshake, both using lattice-based algorithms at similar postquantum security levels, and show that our ID-based handshake is 3.7× more energy-efficient, thus highlighting the advantage of ID-based key exchange for post-quantum TLS.

Published

2020

46. The Impact of SGI and RTS/CTS in WLAN Throughput

Author

Pawan Kumar Pant

Subjects

Handshake, business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Throughput, Encryption, law.invention, law, Guard interval, Wireless, High bandwidth, Network performance, Wi-Fi, business, Computer network

Abstract

Wireless Local Area Network (WLAN) formally known as Wi-Fi is the necessity for everyone. You can find WiFi in shops, airports, schools etc. WLAN is highly susceptible to security as data transmitted over the air via wireless signals and anyone can sniff it. WLAN generally have enhanced security for the protection of wireless data. Nowadays, people using Wi-Fi for high bandwidth traffic, such as audio and video traffic. In such cases, WLAN must provide a good amount of security and performance to the clients. It will help in user satisfaction. However, high-security mechanisms defiantly limit network performance. This paper, addressed the influence on the throughput of WLAN networks by controlling the SGI (Short Guard Interval) and enabling/disabling IEEE 802.11’s RTS/CTS (Request To Send/Clear To Send) handshake under various security methods used in WLAN. In our experiments, we have simulated a Wi-Fi network and performed various measurements while changing RTS/CTS, SGI and the security methods. We have simulated the environment in NS3 simulator and found that there is a significant impact of RTS/CTS and SGI on throughput performance.

Published

2020

47. Protecting publish/subscribe interactions via TLS and a system-wide certificate validation engine

Author

Andrew Alten, Tony Pierce, and Michael R. Clark

Subjects

Transport Layer Security, Handshake, computer.internet_protocol, Computer science, business.industry, Certificate Management Protocol, Certificate, System administrator, Root certificate, Scalability, Open architecture, business, computer, Computer network

Abstract

Multiple defense-relevant open architecture standards include the publish/subscribe messaging paradigm, which allows for dynamic network topology and scalability. Using the Transport Layer Security (TLS) protocol to secure such messaging is common; however, certificate validation must be performed. Typically, certificate validation is left to the application to configure, but history has shown that application developers often get incorrect certificate validation. In this paper, we explore the overhead costs of different security implementations under varying network conditions within a pub/sub system. Furthermore, we study how TrustBase strengthens and simplifies certificate validation within a pub/sub architecture. TrustBase allows a system administrator or integrator to specify a single certificate validation policy for all applications in the system. This ensures that even if application developers have misconfigured certificate validation, the policy is followed, which we believe could make system accreditation easier. Our study is conducted on a notional system with an Apache ActiveMQ messaging server. Handshake timing data are collected from several publishers and subscribers to understand the overhead resulting from using TLS with and without the TrustBase kernel module active on the system. Our experiments run with different certificate validation strategies including prepositioned public-keys and certificate chaining with a trusted root certificate authority. To our knowledge, we are the first to study TrustBase in an environment that emulates realistic network conditions and a messaging paradigm beyond the traditional client/server model. Our results confirm those of the original TrustBase work; TrustBase adds negligible overhead and is easily configurable as a universal certificate validation authority.

Published

2020

48. Stupify: A Hardware Countermeasure of KRACKs in WPA2 using Physically Unclonable Functions

Author

Debdeep Mukhopadhyay, Rajat Sadhukhan, Debashis Mahata, Rajat Subhra Chakraborty, Mukesh Manjunath Prabhu, and Urbi Chatterjee

Subjects

Hardware security module, Handshake, Wireless network, Computer science, business.industry, Authentication protocol, Mutual authentication, Cryptographic protocol, business, Protocol (object-oriented programming), Replay attack, Computer network

Abstract

A digital communication network is typically the backbone of world wide web and web based applications. Security protocols, specifically in wireless network has undergone several rounds of modifications and upgrades in order to prevent supplicants (or clients) or authenticators (or access points) from attackers either sitting physically around the wireless coverage area or being hooked up to a wired network connected to wireless clients. The latest security protocol in the series is WPA2 (Wi-Fi Protected Access II) which has been implemented in most of the Wi-Fi stations (clients or access points) that are being used in traditional wireless networking as well as recent IoT and CPS devices. Recently a severe replay attack named Key Reinstallation AttaCK (KRACK) has shown that the handshake in WPA2 protocol suite can be compromised and enforce the stations to reuse an old set of initialization vectors (IVs). In this work, we propose to use an unconventional hardware security primitive named Physically Unclonable Functions (PUFs) to nullify the impact of KRACK attack by ensuring a mutual authentication before establishing the communication between the authenticators and the supplicants. In this demo, we show i) how the hardware intrinsic properties of a device can be leveraged to embed a PUF instance in each device, ii) a working prototype of PUF based authentication protocol using Z-Turn board integrated with dual-core ARM Cortex-A9 processor and Artix-7 FPGA, iii) how this protocol can be integrated with existing handshake protocol in WiFi network to resist against KRACK attacks.

Published

2020

49. TLS-Level Security for Low Power Industrial IoT Network Infrastructures

Author

Jochen Mades, Frederik Lauer, Gerd Ebelt, Norbert Wehn, Boris Janjic, and Carl C. Rheinlander

Subjects

010302 applied physics, Transport Layer Security, Edge device, Handshake, business.industry, Computer science, Process (engineering), Cloud computing, 02 engineering and technology, Cryptographic protocol, 01 natural sciences, 020202 computer hardware & architecture, Forward secrecy, 0103 physical sciences, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), business, Computer network

Abstract

The Industrial Internet of Things (IIoT) enables communication services between machinery and cloud to enhance industrial processes e.g. by collecting relevant process parameters or providing predictable maintenance. Since the data is often origin from critical infrastructures, the security of the data channel is the main challenge, and is often weakened due to limited compute power and energy availability of battery-powered sensor nodes. Lightweight alternatives to standard security protocols avoid computationally intensive algorithms, however, they do not provide the same level of trust as established standards such as Transport Layer Security (TLS). In this paper, we propose an IIoT network system that enables a secure end-to-end IP communication between ultra-low-power sensor nodes and cloud servers. It provides full TLS support to ensure perfect forward secrecy by using hardware accelerators to reduce the energy demand of the security algorithms. Our results show that the energy overhead of the TLS handshake can be significantly reduced to enable a secure IIoT infrastructure with a reasonable battery lifetime of the edge devices.

Published

2020

50. A Handy Approach for Teaching and Learning Computer Networks using Wireshark

Author

G. Venkat Babu, G. Sasi, V. Balaji, P. Thanapal, and V. Elamaran

Subjects

Handshake, computer.internet_protocol, Computer science, Network packet, business.industry, Transmission Control Protocol, Domain Name System, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, IPv4, law.invention, Internet Control Message Protocol, Firewall (construction), law, Internet Protocol, business, computer, Computer network

Abstract

The prime motive of this study is to probe the basics of computer networking protocols. This article elucidates a few imperative views behind computer networks theory with a firsthand approach. This manuscript demonstrates ten important hands-on exercises using tools such as wireshark, nmap, and MS-DOS commands. Examples of IPv4 addressing scheme, Domain Name System (DNS) call through Nslookup, obtaining NS type DNS records, and a Transmission Control Protocol (TCP) 3-way handshake process are the first five exercises considered here. The other five tasks are such as a TCP termination, public versus private Internet Protocol (IP) addresses, identification of a firewall server, the role of a firewall server on Internet Control Message Protocol (ICMP) packet requests, and understanding of sequence and acknowledgment numbers during application data transfer in tcp. This type of research inspires the student community with self-learning, and hence, teachers may concentrate more on practice.

Published

2020