1 / 23

Lightweight Security Scheme for Vehicle Tracking System Using CoAP

Lightweight Security Scheme for Vehicle Tracking System Using CoAP. Introduction. We endeavor to embed a low overhead security mechanism consisting of both authentication with integrated key management and encryption on CoAP ( Constrained Application Protocol ).

vbartlett
Download Presentation

Lightweight Security Scheme for Vehicle Tracking System Using CoAP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lightweight Security Scheme for Vehicle Tracking System Using CoAP Department of Computer Science and Information Engineering, National Cheng Kung University, Tainan, Taiwan, R.O.C.

  2. Introduction Computer & Internet Architecture Lab CSIE NCKU We endeavor to embed a low overhead security mechanism consisting of both authentication with integrated key management and encryption on CoAP(Constrained Application Protocol). Our proposed security scheme leverages the request-response layer of CoAP. A novel approach is designed to enable secure mode of CoAP by introducing a unique option in CoAP header. It further adapts handshaking level of its secure channel depending on the state of vehicle (like moving fast, moving slowly, at rest etc.).

  3. Related work Computer & Internet Architecture Lab CSIE NCKU Web-enablement of constrained sensor and gateways using traditional HTTP based protocol would be unsustainable and non- scalable. CoAP is established as candidate lightweight protocol for Internet connectivity of such energy-constrained sensors. The trend of using security scheme for sensor devices is based on symmetric key.

  4. System Architecture Computer & Internet Architecture Lab CSIE NCKU

  5. Threat Model And Security Engineering Computer & Internet Architecture Lab CSIE NCKU

  6. Authentication Mechanism(1/) Computer & Internet Architecture Lab CSIE NCKU Our proposed security solution is symmetric key based authentication with integrated key management. Exchanged symmetric key is used with AES 128 CBC (Cipher Block Chaining) mode. At the time of provisioning of a sensor gateway and server a unique secret is pre-shared, which in our case is considered as hardcoded with the device at the time of manufacturing and deployment.

  7. Authentication Mechanism(2/) Computer & Internet Architecture Lab CSIE NCKU

  8. Authentication Mechanism(3/) Computer & Internet Architecture Lab CSIE NCKU In order to secure the authentication scheme against the threats described earlier, we propose nonce based authentication-key management.

  9. Authentication Mechanism(4/) Computer & Internet Architecture Lab CSIE NCKU

  10. Authentication Mechanism(5/) Computer & Internet Architecture Lab CSIE NCKU

  11. Authentication Mechanism(6/) Computer & Internet Architecture Lab CSIE NCKU

  12. Authentication Mechanism(7/) Computer & Internet Architecture Lab CSIE NCKU

  13. Security Analysis(1/)

  14. Security Analysis(2/) Computer & Internet Architecture Lab CSIE NCKU

  15. Security Analysis(3/) Computer & Internet Architecture Lab CSIE NCKU

  16. Security Analysis(4/) Nonces are generally generated using larger length random number generation (RNG) to minimize collision attack. However, in practice, true RNG is difficult to find. Uses a pseudo random number generation (PRNG) appended with a timer(counter).

  17. Embedding Authentication(1/) Computer & Internet Architecture Lab CSIE NCKU

  18. Embedding Authentication(2/) Computer & Internet Architecture Lab CSIE NCKU

  19. Embedding Authentication(3/) Computer & Internet Architecture Lab CSIE NCKU

  20. Embedding Authentication(4/) Computer & Internet Architecture Lab CSIE NCKU

  21. Embedding Authentication(5/) Computer & Internet Architecture Lab CSIE NCKU

  22. Embedding confidentiality Computer & Internet Architecture Lab CSIE NCKU Payload consists of following fields: <vehicle ID, Route ID, Lat, Long, Time Stamp, Accelerometer Data>

  23. Experimental Results And Analysis Computer & Internet Architecture Lab CSIE NCKU We consider stringent wireless network condition with 9.6KBps data rate and three types of packet loss: 0%, 10% and 20%.

More Related