Privacy-Aware Authentication in the Internet of Things

Hannes Groß, Marko Hölbl, Daniel Slamanig, Raphael Spreitzer

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


Besides the opportunities offered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.
Original languageEnglish
Title of host publication14th International Conference on Cryptology and Network Security (CANS 2015)
PublisherSpringer Verlag
Publication statusPublished - 2015
EventInternational Conference on Cryptology and Network Security - Marrakesh, Morocco
Duration: 10 Dec 201512 Dec 2015

Publication series

NameLecture Notes in Computer Science


ConferenceInternational Conference on Cryptology and Network Security

Fields of Expertise

  • Information, Communication & Computing

Treatment code (Nähere Zuordnung)

  • Application
  • Theoretical


Dive into the research topics of 'Privacy-Aware Authentication in the Internet of Things'. Together they form a unique fingerprint.

Cite this