Contribution to authentication and data privacy on internet of things scenarios

Resumen

Nowadays, an ever-increasing amount of sensors is applied in our daily lives in areas like health parameters monitoring, smart meter’s real-time consumption data monitoring. The plethora of data collected by these sensors is available for users to access it from any device connected to the Internet. Considering the importance and confidentiality of the data, it is necessary to ensure its security and privacy. To solve the aforementioned problems, authentication schemes and data aggregation schemes for low capability devices are proposed in this thesis, which can be applied to the scenarios of the Internet of Things: e-health and smart grid. The authentication schemes help the entities in the system to authenticate each other and build a shared key. With this shared key, the entity can build a secure two-way communication channel. The data aggregation scheme is aimed to protect the security and privacy of these data. Firstly, the security of these data is protected by the homomorphic encryption schemes. Secondly, the server is unable to learn the data of a single sensor, as it is only able to conduct statistical analysis on these data rather than access them directly. The server is able to get the sum, average, variance of these data and to conduct a one-way analysis of variance on them. In this way, the sensor’s data privacy is protected. In an e-health scenario, wearable sensors are deployed on patients to check body health parameters so patients can be monitored by healthcare providers in real time remotely, which will reduce unnecessary visits to the doctors. For elderly people and chronic disease patients, the access to healthcare services is easier and the costs are reduced. Continuous physiological information monitored by wearable sensors can help doctors to have a better diagnostic and recommend a suitable treatment, since the doctors have all the necessary patient data at hand. When doctors want to access patient’s data remotely via network, the patient has to authenticate the identity of the doctor first. Only after the identity of the doctor is validated, he would be allowed to access the data. Many lightweight authentication schemes have been proposed to enable a mutual authentication and key establishment between the two parties with the help of a gateway. But most of these schemes cannot enable identity privacy. Besides, in some existing schemes, the shared key is also known by the gateway, which means the patient’s data encrypted using this key is available to the gateway, which goes against the patient privacy. To solve these problems, an anonymous authentication and key establishment scheme is proposed. The proposed authentication scheme enables many security features: user anonymity, sensor anonymity, perfect forward privacy and resistance to the loss of synchronization problem. These security features have been validated using AVISPA and ProVerif respectively. Both systems show results proving that the scheme is secure enough to meet the security requirements. Additionally, the Elliptic Curve Diffie–Hellman (ECDH) key exchange protocol has been adopted to ensure the secrecy of the shared key, in order to prevent the gateway from learning the shared key and to enable perfect forward privacy. To make the proposed scheme more efficient, hash functions and a minimal amount of asymmetric encryption operations are used. Besides, because of the computability and power constraint of the wearable sensors, only hash, and XOR operations are adopted. Experiment results show the proposed schema is more efficiency than related works. A data aggregation scheme is proposed in order to prevent accessing personal data by the gateway. Sensors are divided into small groups where each group has at least k sensors. The k sensors will generate a group of keys dependent on each other, to make sure that these keys can be canceled out only when they are grouped. One of these keys encrypts a single sensor’s datum; in this way, the gateway is unable to get the data of a single sensor and the data privacy is protected. However, the gateway can learn the statistical results of k sensors’ data (sum, average, variance, etc.) as the keys will cancel out each other when the data of a group are added up. Regarding the smart grid scenario, smart meters have been widely applied to enable two-way communications in the grid. User’s real-time electricity consumption data and other data are transmitted between entities. It is necessary to ensure the security of this two-way communication. Several authentication schemes have been proposed to solve this problem. It presents a mutual authentication and key establishment scheme based on a bilinear map pairing, which can withstand attacks on privacy and provides security features such as perfect forward privacy and message integrity. Besides, a simpler registration scheme is designed in order to reduce the computational cost of the registration phase. A formal security analysis of the proposed scheme is also completed and the results show that the proposed scheme is secure. The simulation results show the proposed scheme has better communication and computation costs than those shown in the related works. As smart meters have been installed to report users’ real-time electricity consumption data to the utility supplier periodically, the latter can adjust its provided energy based on users’ electricity consumption data, which enables fine-grained energy supply. However, these real-time electricity consumption data can also reveal the behaviors of the inhabitants (for example, real-time electricity consumption data can reveal if an inhabitant is at home, if the television is working, etc.). It is necessary to avoid that the public service provider knows directly the real-time electricity consumption data of each user. However, on the other hand, it is necessary to allow the electric supplier to learn the total consumption data of an area to enable a dynamic supply of energy. A data aggregation scheme for smart meters based on Paillier homomorphic cryptosystem is proposed enabling the utility supplier to get the total consumption data of all the smart meters of an area, while the utility supplier is unable to get the real-time electricity consumption data of a single smart meter. In addition, smart meter data are likely to be multiple (identity, consumption data, time and so on), the proposed scheme enables smart meters to report multiple types of data in a reporting message. Furthermore, the proposed scheme also makes it possible for the utility supplier to conduct a one-way analysis of variance on the data. Formal security analysis shows the proposed scheme is semantically secure. The experiment results show that the proposed scheme reduce the computation cost both on the smart meter side and on the aggregator side.