Privacy-Aware Authentication in the Internet of Things

Hannes Groß, Marko Hölbl, Daniel Slamanig, Raphael Spreitzer

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

Besides the opportunities offered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.
Original languageEnglish
Title of host publication14th International Conference on Cryptology and Network Security (CANS 2015)
PublisherSpringer Verlag
Pages32-39
Volume9476
EditionLNCS
DOIs
Publication statusPublished - 2015
EventInternational Conference on Cryptology and Network Security - Marrakesh, Morocco
Duration: 10 Dec 201512 Dec 2015

Publication series

NameLecture Notes in Computer Science
PublisherSpringer

Conference

ConferenceInternational Conference on Cryptology and Network Security
CountryMorocco
CityMarrakesh
Period10/12/1512/12/15

Fingerprint

Authentication
Internet protocols
Radio frequency identification (RFID)
Network protocols
Internet
Internet of things

Fields of Expertise

  • Information, Communication & Computing

Treatment code (Nähere Zuordnung)

  • Application
  • Theoretical

Cite this

Groß, H., Hölbl, M., Slamanig, D., & Spreitzer, R. (2015). Privacy-Aware Authentication in the Internet of Things. In 14th International Conference on Cryptology and Network Security (CANS 2015) (LNCS ed., Vol. 9476, pp. 32-39). (Lecture Notes in Computer Science). Springer Verlag. https://doi.org/10.1007/978-3-319-26823-1_3

Privacy-Aware Authentication in the Internet of Things. / Groß, Hannes; Hölbl, Marko; Slamanig, Daniel; Spreitzer, Raphael.

14th International Conference on Cryptology and Network Security (CANS 2015) . Vol. 9476 LNCS. ed. Springer Verlag, 2015. p. 32-39 (Lecture Notes in Computer Science).

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Groß, H, Hölbl, M, Slamanig, D & Spreitzer, R 2015, Privacy-Aware Authentication in the Internet of Things. in 14th International Conference on Cryptology and Network Security (CANS 2015) . LNCS edn, vol. 9476, Lecture Notes in Computer Science, Springer Verlag, pp. 32-39, International Conference on Cryptology and Network Security, Marrakesh, Morocco, 10/12/15. https://doi.org/10.1007/978-3-319-26823-1_3
Groß H, Hölbl M, Slamanig D, Spreitzer R. Privacy-Aware Authentication in the Internet of Things. In 14th International Conference on Cryptology and Network Security (CANS 2015) . LNCS ed. Vol. 9476. Springer Verlag. 2015. p. 32-39. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-319-26823-1_3
Groß, Hannes ; Hölbl, Marko ; Slamanig, Daniel ; Spreitzer, Raphael. / Privacy-Aware Authentication in the Internet of Things. 14th International Conference on Cryptology and Network Security (CANS 2015) . Vol. 9476 LNCS. ed. Springer Verlag, 2015. pp. 32-39 (Lecture Notes in Computer Science).
@inproceedings{4ee1a8771bdc45fe882f4e600a39e7f2,
title = "Privacy-Aware Authentication in the Internet of Things",
abstract = "Besides the opportunities offered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.",
author = "Hannes Gro{\ss} and Marko H{\"o}lbl and Daniel Slamanig and Raphael Spreitzer",
year = "2015",
doi = "10.1007/978-3-319-26823-1_3",
language = "English",
volume = "9476",
series = "Lecture Notes in Computer Science",
publisher = "Springer Verlag",
pages = "32--39",
booktitle = "14th International Conference on Cryptology and Network Security (CANS 2015)",
address = "Germany",
edition = "LNCS",

}

TY - GEN

T1 - Privacy-Aware Authentication in the Internet of Things

AU - Groß, Hannes

AU - Hölbl, Marko

AU - Slamanig, Daniel

AU - Spreitzer, Raphael

PY - 2015

Y1 - 2015

N2 - Besides the opportunities offered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.

AB - Besides the opportunities offered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.

UR - http://dx.doi.org/10.1007/978-3-319-26823-1_3

U2 - 10.1007/978-3-319-26823-1_3

DO - 10.1007/978-3-319-26823-1_3

M3 - Conference contribution

VL - 9476

T3 - Lecture Notes in Computer Science

SP - 32

EP - 39

BT - 14th International Conference on Cryptology and Network Security (CANS 2015)

PB - Springer Verlag

ER -