research-article

ETA: efficient and tiny and authentication for heterogeneous wireless systems

Author:

Attila Altay YavuzAuthors Info & Claims

WiSec '13: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks

Pages 67 - 72

https://doi.org/10.1145/2462096.2462108

Published: 17 April 2013 Publication History

Abstract

Authentication and integrity are vital security services for wireless ubiquitous systems, which require various resource-constrained devices to operate securely and efficiently. Digital signatures are basic cryptographic tools to provide these security services. However, existing digital signatures are not practical for resource-constrained systems (e.g., wireless sensors, RFID-tags). That is, traditional signatures (e.g., RSA, DSA) require expensive operations (e.g., modular exponentiation) that bring high computational cost and power-consumption. Some alternative schemes (e.g., multiple-time signatures, online/offline signatures, pre-computed tokens) are computationally efficient. However, they have large key and signature sizes and therefore are impractical for resource-constrained systems.

In this paper, we develop a new cryptographic scheme called Efficient and Tiny Authentication (ETA), which is especially suitable for resource-constrained devices. That is, ETA does not require any expensive operation at the signer side and therefore is more computationally efficient than traditional signatures. Moreover, ETA has much smaller private key, signature and public key sizes than that of its counterparts (e.g., multiple-time and online/off-line signatures, pre-computed tokens). ETA is also fully tolerant to packet loss and does not require time synchronization. All these properties make ETA an ideal choice to provide authentication and integrity for heterogeneous systems, in which resource-constrained devices produce publicly verifiable signatures that are verified by resourceful devices (e.g., gateways, laptops, high-end sensors).

References

[1]

American Bankers Association. ANSI X9.62--1998: Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA), 1999.

[2]

F. Baldimtsi, G. Hinterwalder, A. Rupp, A. Lysyanskaya, C. Paar, and W. P. Burleson. Pay as you go. In Proc. of HotPETs, July 2012.

[3]

M. Bellare and P. Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM conference on Computer and Communications Security (CCS '93), pages 62--73, NY, USA, 1993. ACM.

Digital Library

[4]

D. Catalano, M. D. Raimondo, D. Fiore, and R. Gennaro. Off-line/on-line signatures: Theoretical aspects and experimental results. Public Key Cryptography (PKC), pages 101--120. Springer-Verlag, 2008.

Digital Library

[5]

M. Conti, R. D. Pietro, L. V. Mancini, and A. Mei. Distributed detection of clone attacks in wireless sensor networks. IEEE Trans. on Dependable Secure Compuation, pages 685--698, 2011.

Digital Library

[6]

S. Even, O. Goldreich, and S. Micali. Online/offline digital signatures. In Proceedings on Advances in Cryptology (CRYPTO '89), pages 263--275. Springer-Verlag, 1989.

Digital Library

[7]

D. Hankerson, A. Menezes, and S. Vanstone. Guide to Elliptic Curve Cryptography. Springer, 2004.

Digital Library

[8]

S. Hyun, P. Ning, A. Liu, and W. Du. Seluge: Secure and DoS-resistant code dissemination in wireless sensor networks. In Proceedings of the 7th international conference on Information processing in sensor networks, IPSN '08, pages 445--456, Washington, DC, USA, 2008. IEEE Computer Society.

Digital Library

[9]

J. Katz and Y. Lindell. Introduction to Modern Cryptography. Chapman & Hall/CRC, 2007.

Digital Library

[10]

L. Lamport. Constructing digital signatures from a one-way function. Technical report, October 1979.

[11]

Q. Li and G. Cao. Multicast authentication in the smart grid with one-time signature. IEEE Transactions on Smart Grid, 2(4):686--696, December 2011.

[12]

Y. Liu, M. K. Reiter, and P. Ning. False data injection attacks against state estimation in electric power grids. In ACM Conference on Computer and Communications Security, pages 21--32, 2009.

Digital Library

[13]

J. Lopez. Unleashing public-key cryptography in wireless sensor networks. Journal of Computer Security, pages 469--482, Sep. 2006.

Digital Library

[14]

Z. Lu, X. Lu, W. Wang, and C. Wang. Review and evaluation of security threats on the communication networks in the smart grid. In Military Communication Conference (MILCOM), November 2010.

[15]

M. Mass. Pairing-based cryptography. Master's thesis, Technische Universiteit Eindhoven, 2004.

[16]

D. Naccache, D. M'Raıhi, S. Vaudenay, and D. Raphaeli. Can D.S.A. be improved? Complexity trade-offs with the digital signature standard. In Proceedings of the 13th International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT '94), pages 77--85, 1994.

[17]

W.D. Neumann. HORSE: An extension of an r-time signature scheme with fast signing and verification. In Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on, volume 1, pages 129 -- 134 Vol.1, april 2004.

Digital Library

[18]

A. Perrig, R. Canetti, D. Song, and D. Tygar. Efficient authentication and signing of multicast streams over lossy channels. In Proceedings of the IEEE Symposium on Security and Privacy, May 2000.

Digital Library

[19]

J. Pieprzyk, H. Wang, and C. Xing. Multiple-time signature schemes against adaptive chosen message attacks. In Selected Areas in Cryptography (SAC), pages 88--100, 2003.

[20]

L. Reyzin and N. Reyzin. Better than BiBa: Short one-time signatures with fast signing and verifying. In Proceedings of the 7th Australian Conference on Information Security and Privacy (ACIPS '02), pages 144--153. Springer-Verlag, 2002.

Digital Library

[21]

R.L. Rivest, A. Shamir, and L.A. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120--126, 1978.

Digital Library

[22]

C. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4(3):161--174, 1991.

Digital Library

[23]

A. Shamir and Y. Tauman. Improved online/offline signature schemes. In Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, CRYPTO '01, pages 355--367, London, UK, 2001. Springer-Verlag.

Digital Library

[24]

Shamus. Multiprecision integer and rational arithmetic c/c++ library (MIRACL). http://www.shamus.ie/.

[25]

Q. Wang, H. Khurana, Y. Huang, and K. Nahrstedt. Time valid one-time signature for time-critical multicast data authentication. In INFOCOM 2009, IEEE, April 2009.

[26]

A. A. Yavuz and P. Ning. Self-sustaining, efficient and forward-secure cryptographic constructions for unattended wireless sensor networks. Ad Hoc Networks, 10(7):1204--1220, 2012.

Digital Library

[27]

A. A. Yavuz, P. Ning, and M. K. Reiter. Efficient, compromise resilient and append-only cryptographic schemes for secure audit logging. In Proceedings of 2012 Financial Cryptography and Data Security (FC 2012), March 2012.

Cited By

Yavuz ASedghighadikolaei KDarzi SNouma S(2023)Beyond Basic Trust: Envisioning the Future of NextGen Networked Systems and Digital Signatures2023 5th IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)10.1109/TPS-ISA58951.2023.00041(267-276)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TPS-ISA58951.2023.00041
Nouma SYavuz A(2023)Lightweight Digital Signatures for Internet of Things: Current and Post-Quantum Trends and Visions2023 IEEE Conference on Dependable and Secure Computing (DSC)10.1109/DSC61021.2023.10354177(1-2)Online publication date: 7-Nov-2023
https://doi.org/10.1109/DSC61021.2023.10354177
Yavuz AOzmen M(2022)Ultra Lightweight Multiple-Time Digital Signature for the Internet of Things DevicesIEEE Transactions on Services Computing10.1109/TSC.2019.292830315:1(215-227)Online publication date: 1-Jan-2022
https://doi.org/10.1109/TSC.2019.2928303
Show More Cited By

Index Terms

ETA: efficient and tiny and authentication for heterogeneous wireless systems
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption

Recommendations

A novel approach for privacy homomorphism using attribute-based encryption

In CRYPTO'13, Gentry et al. proposed the first homomorphic encryption HE scheme for the attribute-based encryption ABE. However, Gentry's scheme requires the same index for encryption of each ciphertext and supports only the key-policy ABE. Indeed, in ...
BAF and FI-BAF: Efficient and Publicly Verifiable Cryptographic Schemes for Secure Logging in Resource-Constrained Systems

Audit logs are an integral part of modern computer systems due to their forensic value. Protecting audit logs on a physically unprotected machine in hostile environments is a challenging task, especially in the presence of active adversaries. It is ...
The BiBa one-time signature and broadcast authentication protocol
CCS '01: Proceedings of the 8th ACM conference on Computer and Communications Security

We introduce the BiBa signature scheme, a new signature construction that uses one-way functions without trapdoors. BiBa features a low verification overhead and a relatively small signature size. In comparison to other one-way function based signature ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

WiSec '13: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks

April 2013

230 pages

ISBN:9781450319980

DOI:10.1145/2462096

General Chair:
Levente Buttyán
Budapest University of Technology and Economics, Hungary
,
Program Chairs:
Ahmad-Reza Sadeghi
Technische Universitaet Darmstadt, Fraunhofer SIT, Intel-CRISC, Germany
,
Marco Gruteser
Rutgers University, USA

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

In-Cooperation

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 April 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

WISEC'13

Sponsor:

SIGSAC

WISEC'13: Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks

April 17 - 19, 2013

Budapest, Hungary

Acceptance Rates

WiSec '13 Paper Acceptance Rate 26 of 70 submissions, 37%;

Overall Acceptance Rate 98 of 338 submissions, 29%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
242
Total Downloads

Downloads (Last 12 months)17
Downloads (Last 6 weeks)0

Reflects downloads up to 25 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Yavuz ASedghighadikolaei KDarzi SNouma S(2023)Beyond Basic Trust: Envisioning the Future of NextGen Networked Systems and Digital Signatures2023 5th IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)10.1109/TPS-ISA58951.2023.00041(267-276)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TPS-ISA58951.2023.00041
Nouma SYavuz A(2023)Lightweight Digital Signatures for Internet of Things: Current and Post-Quantum Trends and Visions2023 IEEE Conference on Dependable and Secure Computing (DSC)10.1109/DSC61021.2023.10354177(1-2)Online publication date: 7-Nov-2023
https://doi.org/10.1109/DSC61021.2023.10354177
Yavuz AOzmen M(2022)Ultra Lightweight Multiple-Time Digital Signature for the Internet of Things DevicesIEEE Transactions on Services Computing10.1109/TSC.2019.292830315:1(215-227)Online publication date: 1-Jan-2022
https://doi.org/10.1109/TSC.2019.2928303
Pal SJadidi Z(2021)Protocol-Based and Hybrid Access Control for the IoT: Approaches and Research OpportunitiesSensors10.3390/s2120683221:20(6832)Online publication date: 14-Oct-2021
https://doi.org/10.3390/s21206832
Behnia RYavuz A(2021)Towards Practical Post-quantum Signatures for Resource-Limited Internet of ThingsProceedings of the 37th Annual Computer Security Applications Conference10.1145/3485832.3488023(119-130)Online publication date: 6-Dec-2021
https://dl.acm.org/doi/10.1145/3485832.3488023
Karmakar KVaradharajan VNepal STupakula U(2021)SDN-Enabled Secure IoT ArchitectureIEEE Internet of Things Journal10.1109/JIOT.2020.30437408:8(6549-6564)Online publication date: 15-Apr-2021
https://doi.org/10.1109/JIOT.2020.3043740
Seyitoglu EYavuz AOzmen M(2020)Compact and Resilient Cryptographic Tools for Digital Forensics2020 IEEE Conference on Communications and Network Security (CNS)10.1109/CNS48642.2020.9162236(1-9)Online publication date: Jun-2020
https://doi.org/10.1109/CNS48642.2020.9162236
Ozmen MYavuz ABehnia R(2019)Energy-Aware Digital Signatures for Embedded Medical Devices2019 IEEE Conference on Communications and Network Security (CNS)10.1109/CNS.2019.8802675(55-63)Online publication date: Jun-2019
https://doi.org/10.1109/CNS.2019.8802675
Yavuz A(2018)Immutable Authentication and Integrity Schemes for Outsourced DatabasesIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2016.253070815:1(69-82)Online publication date: 1-Jan-2018
https://doi.org/10.1109/TDSC.2016.2530708
Caparra GCeccato SSturaro SLaurenti N(2017)A key management architecture for GNSS open service Navigation Message Authentication2017 European Navigation Conference (ENC)10.1109/EURONAV.2017.7954220(287-297)Online publication date: May-2017
https://doi.org/10.1109/EURONAV.2017.7954220
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents