Privacy-Aware Authentication in the Internet of Things

Hannes Groß; Marko Hölbl; Daniel Slamanig; Raphael Spreitzer

doi:10.1007/978-3-319-26823-1_3

Privacy-Aware Authentication in the Internet of Things

Hannes Groß, Marko Hölbl, Daniel Slamanig, Raphael Spreitzer

Institut für Angewandte Informationsverarbeitung und Kommunikationstechnologie (7050)

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Abstract

Besides the opportunities offered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.

Originalsprache	englisch
Titel	14th International Conference on Cryptology and Network Security (CANS 2015)
Herausgeber (Verlag)	Springer Verlag
Seiten	32-39
Band	9476
Auflage	LNCS
DOIs	https://doi.org/10.1007/978-3-319-26823-1_3
Publikationsstatus	Veröffentlicht - 2015
Veranstaltung	International Conference on Cryptology and Network Security - Marrakesh, Marokko Dauer: 10 Dez. 2015 → 12 Dez. 2015

Publikationsreihe

Name	Lecture Notes in Computer Science
Herausgeber (Verlag)	Springer

Konferenz

Konferenz	International Conference on Cryptology and Network Security
Land/Gebiet	Marokko
Ort	Marrakesh
Zeitraum	10/12/15 → 12/12/15

Fields of Expertise

Information, Communication & Computing

Treatment code (Nähere Zuordnung)

Application
Theoretical

Zugriff auf Dokument

10.1007/978-3-319-26823-1_3

main.pdfEndgültige, publizierte Fassung, 595 KB

Andere Dateien und Links

http://dx.doi.org/10.1007/978-3-319-26823-1_3

EU - PrismaCloud - Datenschutz und Sicherheits-Services in der Cloud [Original in Englisch: PRIvacy and Security MAintaining services in the CLOUD]
Derler, D., Hanser, C., Lipp, P., Slamanig, D. & Rechberger, C.
1/01/15 → 30/06/18
Projekt: Forschungsprojekt
SeCoS - Verbundene Welt [Original in Englisch: Secure Contactless Sphere Smart RFID-Technologies for a Connected World]
Bösch, W., Wenger, E., Khan, H. N., Schmidt, J., Gadringer, M. E., Spreitzer, R. C., Mendel, F., Gruss, D., Hutter, M., Freidl, P. F., Görtschacher, L. J., Mangard, S. & Grosinger, J.
1/01/13 → 31/12/15
Projekt: Forschungsprojekt
FWF -ReSIT - Umsetzung eines sicheren Internets der Dinge
Hutter, M., Wenger, E., Schmidt, J., Mendel, F., Mangard, S. & Posch, R.
1/07/12 → 31/05/16
Projekt: Forschungsprojekt

Dieses zitieren

Privacy-Aware Authentication in the Internet of Things. / Groß, Hannes; Hölbl, Marko; Slamanig, Daniel et al.
14th International Conference on Cryptology and Network Security (CANS 2015) . Band 9476 LNCS. Aufl. Springer Verlag, 2015. S. 32-39 (Lecture Notes in Computer Science).

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Groß, H, Hölbl, M, Slamanig, D & Spreitzer, R 2015, Privacy-Aware Authentication in the Internet of Things. in 14th International Conference on Cryptology and Network Security (CANS 2015) . LNCS Aufl., Bd. 9476, Lecture Notes in Computer Science, Springer Verlag, S. 32-39, International Conference on Cryptology and Network Security, Marrakesh, Marokko, 10/12/15. https://doi.org/10.1007/978-3-319-26823-1_3

@inproceedings{4ee1a8771bdc45fe882f4e600a39e7f2,

title = "Privacy-Aware Authentication in the Internet of Things",

abstract = "Besides the opportunities offered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.",

author = "Hannes Gro{\ss} and Marko H{\"o}lbl and Daniel Slamanig and Raphael Spreitzer",

year = "2015",

doi = "10.1007/978-3-319-26823-1_3",

language = "English",

volume = "9476",

series = "Lecture Notes in Computer Science",

publisher = "Springer Verlag",

pages = "32--39",

booktitle = "14th International Conference on Cryptology and Network Security (CANS 2015)",

address = "Germany",

edition = "LNCS",

note = "International Conference on Cryptology and Network Security ; Conference date: 10-12-2015 Through 12-12-2015",

}

TY - GEN

T1 - Privacy-Aware Authentication in the Internet of Things

AU - Groß, Hannes

AU - Hölbl, Marko

AU - Slamanig, Daniel

AU - Spreitzer, Raphael

PY - 2015

Y1 - 2015

N2 - Besides the opportunities offered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.

AB - Besides the opportunities offered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.

UR - http://dx.doi.org/10.1007/978-3-319-26823-1_3

U2 - 10.1007/978-3-319-26823-1_3

DO - 10.1007/978-3-319-26823-1_3

M3 - Conference paper

VL - 9476

T3 - Lecture Notes in Computer Science

SP - 32

EP - 39

BT - 14th International Conference on Cryptology and Network Security (CANS 2015)

PB - Springer Verlag

T2 - International Conference on Cryptology and Network Security

Y2 - 10 December 2015 through 12 December 2015

ER -

Privacy-Aware Authentication in the Internet of Things

Abstract

Publikationsreihe

Konferenz

Fields of Expertise

Treatment code (Nähere Zuordnung)

Zugriff auf Dokument

Andere Dateien und Links

Fingerprint

Projekte

EU - PrismaCloud - Datenschutz und Sicherheits-Services in der Cloud [Original in Englisch: PRIvacy and Security MAintaining services in the CLOUD]

SeCoS - Verbundene Welt [Original in Englisch: Secure Contactless Sphere Smart RFID-Technologies for a Connected World]

FWF -ReSIT - Umsetzung eines sicheren Internets der Dinge

Dieses zitieren