Beruflich Dokumente
Kultur Dokumente
Question # 1:
From the abstract of the paper identify the main issue and its solution.
Answer:
An abstract is a short summary of a research or long report. It provides the
basic aims and outcomes of the report, helps reader to understand
regarding the complete paper. The main issue of the abstract of the paper
“Lightweight authentication protocol for M2M Communications of Resource-
constrained devices in Industrial internet of things” does not provides
concise summary of the paper rather an introduction of the paper.
Summary provides the first impression, the most important one sharing the
potential value or relevance of the research results. Abstract must focuses
on the basic overview of the paper rather than defining as in the abstract of
the paper it shares definition of authentication. Moreover, the abstract
should be precise and be specific to the content.
The solution is quite bit simple. Abstract should be precise and relevant to
the content. It should attract the attention of the reader as a complete
manuscript. The main concern lies in the initial part of the abstract. It
should summarize the whole research paper rather than focusing on
introduction, methodology, results or conclusion specifically.
Question # 2:
a) The properties of Class 0 devices in the classification of the RFC 7288
Answer:
The following are the properties of Class 0 devices of RFC 7288:
i. No utilization of public key encryption
ii. No encryption algorithms are used
iii. Its replacement relies on simple operations as XOR, hash
functions, addition, subtraction etc.
iv. According to study in the report, devices follow category 0
accounts more than 29% of the devices based on internet on
everything in the market.
1
used for checking the resistance to know attacks, used to evaluate
security of different protocols.
2
which is impossible because his design uses b0, which is the secret
between the node AID sensor and the gateway.
If D3 or D4, or T2 is modified, a check of the general value D5 = h (idx ||
r2 || b0 || r1) will not be determined, since it is created using r2 and
idx from which the gateway tries to extract D4 as well as D3. As for T2, it
is used in D3. Therefore, its change will also affect r2. Even if only one of
D3 or D4, or T2is changed, the r2 and idx values sent by the gateway will
be different, which will lead to false authentication of D5. Moreover, the
adversary cannot create an effective D5 because he uses b0.
In the case of D6 or T3 modifications, checking the value of the sum D6 =
h (b1 || r1 || T3 || r2 || KP (idx)) will be false, because it is made of T3.
It also uses KP (idx), which is the KP key selected by the gateway from
the gateway using idx in D4. The opponent cannot build a valid D6
because he does not know the key.
For D7 or T4 modifications, since D7 depends on KP (idx) and T4, a
situation similar to that described above occurs.
f) Why and how Forward and Backward Secrecy are achieved in the
proposed method?
Answer:
Forward Secrecy (also known as perfect secrecy) is a feature which gives
assurance that session keys will not be compromised even if the private
keys on the server is compromised. It can be achieved by configuring
server to select most desirable suite from the list offered by SSL client.
Backward secrecy ensures whenever a new user joins the group, he will
not get any access to the previous details.
3
A KP ( idx)) is not the one he chooses. Therefore, the LAKD protocol can
be based on repeated attacks.
Question # 3:
Summarize the performance analysis of the protocol in your own words.
Answer:
The security projects implementation time and communication cost are
high. However, the touch node is most limited device. In case 1, execution
time has reduced by 63% and in case 2 by 99.69%. In addition, the number
of transmitted bits has reduced by 71.43%. These savings carries great
importance for devices with limited resources. These devices share limited
information by Internet applications, networks or security services.
Question # 4:
Discuss the advantages and the disadvantages of the proposed
authentication method.
Answer:
The following are the advantages of proposed authentication method:
i. Lower computational cost
ii. Lightweight exceptional operations
iii. Providing addition, subtraction and functions of mixing
iv. Better communication costs and delivery in-time
v. Resistant to different attacks
vi. High security services protect data privacy and industry secrets
(spam, data leakage, MITM attacks)