scholarly journals Secure Remote Multi-Factor Authentication Scheme Based on Chaotic Map Zero-Knowledge Proof for Crowdsourcing Internet of Things

IEEE Access ◽  
2020 ◽  
Vol 8 ◽  
pp. 8754-8767 ◽  
Author(s):  
Wenzheng Liu ◽  
Xiaofeng Wang ◽  
Wei Peng
Keyword(s):  
Internet Of Things ◽  
Chaotic Map ◽  
Authentication Scheme ◽  
Zero Knowledge ◽  
Zero Knowledge Proof

scholarly journals An access control model for the Internet of Things based on zero-knowledge token and blockchain

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Lihua Song ◽  
Xinran Ju ◽  
Zongke Zhu ◽  
Mengchen Li
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Single Point ◽  
Control Model ◽  
Third Party ◽  
Security Level ◽  
Zero Knowledge ◽  
Access Control Model ◽  
Test Analysis ◽  
Zero Knowledge Proof

AbstractInformation security has become a hot topic in Internet of Things (IoT), and traditional centralized access control models are faced with threats such as single point failure, internal attack, and central leak. In this paper, we propose a model to improve the access control security of the IoT, which is based on zero-knowledge proof and smart contract technology in the blockchain. Firstly, we deploy attribute information of access control in the blockchain, which relieves the pressure and credibility problem brought by the third-party information concentration. Secondly, encrypted access control token is used to gain the access permission of the resources, which makes the user's identity invisible and effectively avoids attribute ownership exposure problem. Besides, the use of smart contracts solves the problem of low computing efficiency of IoT devices and the waste of blockchain computing power resources. Finally, a prototype of IoT access control system based on blockchain and zero-knowledge proof technology is implemented. The test analysis results show that the model achieves effective attribute privacy protection, compared with the Attribute-Based Access Control model of the same security level, the access efficiency increases linearly with the increase of access scale.

GROUP AUTHENTICATION SCHEME BASED ON ZERO-KNOWLEDGE PROOF

2021 ◽  
pp. 68-84
Author(s):  
E. A. Shliakhtina ◽  
◽  
D. Y. Gamayunov ◽  
Keyword(s):  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Scheme ◽  
Third Party ◽  
Convergence Time ◽  
Group Signature ◽  
Sybil Attack ◽  
Zero Knowledge ◽  
User Groups ◽  
Zero Knowledge Proof

In this paper, we address the problem of mutual authentication in user groups in decentralized messaging systems without trusted third party. We propose a mutual authentication algorithm for groups using zero-knowledge proof. Using the algorithm, which is based on trust chains existing in decentralized network, users are able to authenticate each other without establishing a shared secret over side channel. The proposed algorithm is based on Democratic Group Signature protocol (DGS) and Communication-Computation Efficient Group Key algorithm for large and dynamic groups (CCEGK). We have performed security analysis of the proposed mutual authentication scheme against several attacks including Sybil attack and have made complexity estimation for the algorithm. The algorithm is implemented in an experimental P2P group messaging application, and using this implementation we estimate overhead of the authentication scheme and convergence time for several initial configurations of user groups and trust chains.

Chaotic Map-Based Anonymous User Authentication Scheme With User Biometrics and Fuzzy Extractor for Crowdsourcing Internet of Things

2018 ◽  
Vol 5 (4) ◽  
pp. 2884-2895 ◽  
Author(s):  
Sandip Roy ◽  
Santanu Chatterjee ◽  
Ashok Kumar Das ◽  
Samiran Chattopadhyay ◽  
Saru Kumari ◽  
...  
Keyword(s):  
Internet Of Things ◽  
User Authentication ◽  
Chaotic Map ◽  
Authentication Scheme ◽  
Fuzzy Extractor ◽  
User Authentication Scheme

scholarly journals How to Authenticate MQTT Sessions Without Channel and Broker Security

2020 ◽  
pp. 129-138
Author(s):  
Reto E. Koenig ◽  
Lukas Laederach ◽  
Cédric von Allmen
Keyword(s):  
Internet Of Things ◽  
State Of The Art ◽  
Application Layer ◽  
Zero Knowledge ◽  
The World ◽  
Security Properties ◽  
Session Hijacking ◽  
Client Side ◽  
Zero Knowledge Proof

This chapter describes a new but state-of-the-art approach to provide authenticity in MQTT sessions using the means of zero-knowledge proofs. This approach completely voids session hijacking for the MQTT protocol and provides authenticity. The presented approach does not require the broker to keep any secrets for session handling. The presented approach allows completely anonymous but authentic sessions; hence, the broker does not need any priory knowledge of the client party. As it is especially targeted for applications within the world of internet of things (IoT), the presented approach is designed to require only the minimum in extra power in terms of energy and space. The approach does not introduce any new concept, but simply combines a state of the art cryptographic Zero-Knowledge Proof of identity with the existing MQTT 5.0 specification. Thus, no protocol extension is required in order to provide the targeted security properties. The described approach is completely agnostic to the application layer at the client side and is only required during MQTT session establishment.

scholarly journals An Access Control Model for the Internet of Things Based on Zero-Knowledge Token and Blockchain

2020 ◽  
Author(s):  
Lihua Song ◽  
Xinran Ju ◽  
Zongke Zhu ◽  
Mengchen Li
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Single Point ◽  
Control Model ◽  
The Internet ◽  
Security Level ◽  
Zero Knowledge ◽  
Access Control Model ◽  
The Internet Of Things ◽  
Zero Knowledge Proof

Abstract Information security has become the focus problem in the Internet of Things, and the traditional centralized access control model is faced with threats such as single point failure, internal attack, and central leak. In this paper, we proposed a model to improve the access control security of the Internet of Things, which is based on zero-knowledge proof and smart contract technology in the blockchain. Firstly, we deployed the attribute information of access control in the blockchain, which relieves the pressure and credibility problem brought by the third-party information concentration; Secondly, the encrypted access control token is used to gain the access permission of the resources, which makes the user's identity invisible and effectively avoids the attribute ownership exposure problem; Besides, the use of smart contracts solves the problem of low computing efficiency of Internet of Things devices and the waste of blockchain computing power resources; Finally, a prototype of Internet of Things access control system based on blockchain and zero-knowledge proof technology is implemented. The test analysis results show that the model achieves effective attribute privacy protection, compared with the Attribute-Based Access Control model of the same security level, the access efficiency increases linearly with the increase of access scale.

Sign in / Sign up

Export Citation Format

Share Document