Privacy-Aware Authentication in the Internet of Things

Hannes Groß; Marko Hölbl; Daniel Slamanig; Raphael Spreitzer

doi:10.1007/978-3-319-26823-1_3

Privacy-Aware Authentication in the Internet of Things

Hannes Groß, Marko Hölbl, Daniel Slamanig, Raphael Spreitzer

Institute of Applied Information Processing and Communications (7050)

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Abstract

Besides the opportunities offered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.

Original language	English
Title of host publication	14th International Conference on Cryptology and Network Security (CANS 2015)
Publisher	Springer Verlag
Pages	32-39
Volume	9476
Edition	LNCS
DOIs	https://doi.org/10.1007/978-3-319-26823-1_3
Publication status	Published - 2015
Event	International Conference on Cryptology and Network Security - Marrakesh, Morocco Duration: 10 Dec 2015 → 12 Dec 2015

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer

Conference

Conference	International Conference on Cryptology and Network Security
Country/Territory	Morocco
City	Marrakesh
Period	10/12/15 → 12/12/15

Fields of Expertise

Information, Communication & Computing

Treatment code (Nähere Zuordnung)

Application
Theoretical

Access to Document

10.1007/978-3-319-26823-1_3

main.pdfFinal published version, 595 KB

Cite this

Privacy-Aware Authentication in the Internet of Things. / Groß, Hannes; Hölbl, Marko; Slamanig, Daniel et al.

14th International Conference on Cryptology and Network Security (CANS 2015) . Vol. 9476 LNCS. ed. Springer Verlag, 2015. p. 32-39 (Lecture Notes in Computer Science).

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Groß, H, Hölbl, M, Slamanig, D & Spreitzer, R 2015, Privacy-Aware Authentication in the Internet of Things. in 14th International Conference on Cryptology and Network Security (CANS 2015) . LNCS edn, vol. 9476, Lecture Notes in Computer Science, Springer Verlag, pp. 32-39, International Conference on Cryptology and Network Security, Marrakesh, Morocco, 10/12/15. https://doi.org/10.1007/978-3-319-26823-1_3

@inproceedings{4ee1a8771bdc45fe882f4e600a39e7f2,

title = "Privacy-Aware Authentication in the Internet of Things",

abstract = "Besides the opportunities offered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.",

author = "Hannes Gro{\ss} and Marko H{\"o}lbl and Daniel Slamanig and Raphael Spreitzer",

year = "2015",

doi = "10.1007/978-3-319-26823-1_3",

language = "English",

volume = "9476",

series = "Lecture Notes in Computer Science",

publisher = "Springer Verlag",

pages = "32--39",

booktitle = "14th International Conference on Cryptology and Network Security (CANS 2015)",

address = "Germany",

edition = "LNCS",

note = "International Conference on Cryptology and Network Security ; Conference date: 10-12-2015 Through 12-12-2015",

}

TY - GEN

T1 - Privacy-Aware Authentication in the Internet of Things

AU - Groß, Hannes

AU - Hölbl, Marko

AU - Slamanig, Daniel

AU - Spreitzer, Raphael

PY - 2015

Y1 - 2015

N2 - Besides the opportunities offered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.

AB - Besides the opportunities offered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.

UR - http://dx.doi.org/10.1007/978-3-319-26823-1_3

U2 - 10.1007/978-3-319-26823-1_3

DO - 10.1007/978-3-319-26823-1_3

M3 - Conference paper

VL - 9476

T3 - Lecture Notes in Computer Science

SP - 32

EP - 39

BT - 14th International Conference on Cryptology and Network Security (CANS 2015)

PB - Springer Verlag

T2 - International Conference on Cryptology and Network Security

Y2 - 10 December 2015 through 12 December 2015

ER -

Privacy-Aware Authentication in the Internet of Things

Abstract

Publication series

Conference

Fields of Expertise

Treatment code (Nähere Zuordnung)

Access to Document

Other files and links

Fingerprint

EU - PrismaCloud - PRIvacy and Security MAintaining services in the CLOUD

SeCoS - Secure Contactless Sphere - Smart RFID-Technologies for a Connected World

FWF - ReSIT - Realizing a Secure Internet of Things

Cite this

Privacy-Aware Authentication in the Internet of Things

Abstract

Publication series

Conference

Fields of Expertise

Treatment code (Nähere Zuordnung)

Access to Document

Other files and links

Fingerprint

Projects

EU - PrismaCloud - PRIvacy and Security MAintaining services in the CLOUD

SeCoS - Secure Contactless Sphere - Smart RFID-Technologies for a Connected World

FWF - ReSIT - Realizing a Secure Internet of Things

Cite this