Paper 2015/1110

Privacy-Aware Authentication in the Internet of Things

Hannes Gross, Marko Hölbl, Daniel Slamanig, and Raphael Spreitzer

Abstract

Besides the opportunities o ered by the all-embracing Internet of Things (IoT) technology, it also poses a tremendous threat to the privacy of the carriers of these devices. In this work, we build upon the idea of an RFID-based IoT realized by means of standardized and well-established Internet protocols. In particular, we demonstrate how the Internet Protocol Security protocol suite (IPsec) can be applied in a privacy-aware manner. Therefore, we introduce a privacy-aware mutual authentication protocol compatible with restrictions imposed by the IPsec standard and analyze its privacy and security properties. In order do so, we revisit and adapt the RFID privacy model (HPVP) of Hermans et al. (ESORICS'11). With this work, we show that privacy in the IoT can be achieved without relying on proprietary protocols and on the basis of existing Internet standards.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. CANS 2015, LNCS 9476 proceeding
Keywords
Internet of Thingsprivacyprivacy-aware authenticationEPC Gen2RFIDIPsecIKEv2
Contact author(s)
hannes gross @ iaik tugraz at
History
2015-11-18: received
Short URL
https://ia.cr/2015/1110
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/1110,
      author = {Hannes Gross and Marko Hölbl and Daniel Slamanig and Raphael Spreitzer},
      title = {Privacy-Aware Authentication in the Internet of Things},
      howpublished = {Cryptology ePrint Archive, Paper 2015/1110},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/1110}},
      url = {https://eprint.iacr.org/2015/1110}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.