Skip to main content
SpringerLink
Log in

A lightweight signcryption scheme for defense against fragment duplication attack in the 6LoWPAN networks

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

A Correction to this article was published on 07 June 2018

This article has been updated

Abstract

The Internet of Things (IoT) presents a new paradigm of the future Internet that intends to provide interactive communication between various processing objects via heterogeneous networks. The IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) is an IPv6 adaptation sub-layer and provides the requirements of IP connectivity between resource-constrained devices in lossy, low power networks. Since the size of a packet in the IPv6 is larger than the size of a frame in the IEEE 802.15.4, the 6LoWPAN adaptation layer performs packet fragmentation. In this paper, first, the 6LoWPAN fragmentation mechanism in terms of security issues is analyzed and then, fragment duplication attack which an attacker can selectively disrupt the reassembly of fragments of a particular packet at a receiver node is identified. Next, signcryption, which is a high performance cryptographic primitive, is discussed. Finally, a lightweight Offline-Online SignCryption (OOSC) scheme is proposed to counter fragment duplication attack. The evaluation shows that the proposed scheme is secure in the random oracle model and in terms of computational cost, and energy consumption efficiently counters with this attack.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

Change history

  • 07 June 2018

    The Publisher regrets an incorrect figure was placed in the pdf version of the article.

References

  1. Tsai CW, Lai CF, Vasilakos AV (2014) Future internet of things: open issues and challenges. J Wireless Networks 20(8):2201–2217

    Article  Google Scholar 

  2. Roman R, Zhou J, Lopez J (2013) On the features and challenges of security and privacy in distributed internet of things. J Computer Networks 57(10):2266–2279

    Article  Google Scholar 

  3. Jing Q, Vasilakos AV, Wan J, Lu J, Qiu D (2014) Security of the internet of things: perspectives and challenges. J Wireless Networks 20(8):2481–2501

    Article  Google Scholar 

  4. Kim E, Kaspar D, Vasseur J (2012) Design and application spaces for IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs). https://tools.ietf.org/html/rfc6568. Accessed April 2012

  5. IEEE. Part 15.4: wireless medium access control (MAC) and physical layer (PHY) specifications for low-rate wireless personal area networks (WPANs) (2006). IEEE 802.15.4, IEEE Computer Society, 2006

  6. Zheng Y (1977) Digital signcryption or how to achieve cost (signature & encryption) < cost (signature) + cost (encryption). Adv Cryptol Lect Notes Comput Sci 1294:165–179

    Article  Google Scholar 

  7. Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. Adv Cryptol, Lect Notes Comput Sci 2139:213–229

    Article  MathSciNet  Google Scholar 

  8. Kim H (2007) Protection against packet fragmentation attacks at 6LoWPAN adaptation layer. In: Convergence and Hybrid Information Technology, 2008. In: Proceedings. 2008 IEEE International Conference on, pp 796–801

  9. Montenegro G, Kushalnagar N, Hui J, Culler D (2007) Transmission of IPv6 packets over IEEE 802.15.4 networks. https://tools.ietf.org/html/rfc4944, Accessed September 2007

  10. Ziemba G, Reed D,Traina P (1995) Security considerations for IP fragment filtering. https://tools.ietf.org/html/rfc1858.html, Accessed October 1995

  11. Ptacek T, Newsham T (1998) Insertion, evasion, and denial of service: eluding network intrusion detection. Eluding network intrusion detection. SECURE NETWORKS INC CALGARY ALBERTA

  12. Hummen R, Hiller J, Wirtz H, Henze M, Shafagh H, Wehrle K (2013) 6LoWPAN fragmentation attacks and mitigation mechanisms. In: security and privacy in wireless and mobile networks, 2013. WiSec’13. In: Proceedings. 2013 6th ACM conference on, pp 55-66

  13. Libert B, Quisquater JJ (2003) A new identity based signcryption schemes from pairings. In: Proceedings of the 2003 IEEE workshop on information theory, pp 155–158

  14. Boyen X (2003) Multipurpose identity-based signcryption: a swiss army knife for identity-based cryptography. Adv Cryptol Lect Notes Comput Sci 2729:383–399

    Article  MathSciNet  Google Scholar 

  15. Barreto PSLM, Libert B, McCullagh N, Quisquater JJ (2005) Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. Adv Cryptol Lect Notes Comput Sci 3788:515–532

    Article  MathSciNet  Google Scholar 

  16. Jo HJ, Paik JH, Lee DH (2014) Efficient privacy preserving authentication in wireless mobile networks. Trans Mobile Comput IEEE 13(7):1469–1481

    Article  Google Scholar 

  17. An JH, Dodis Y, Rabin T (2002) On the security of joint signature and encryption. Advances in cryptology, Eurocrypt 2002, lecture notes in computer science 2332: 83–107

  18. Xu Z, Dai G, Yang D (2007) An efficient online/offline signcryption scheme for MANET. In: proceedings of the 2007 workshop on advanced information networking and applications, pp 171–176

  19. Yan F, Chen X, Zhang Y (2013) Efficient online/offline signcryption without key exposure. J Grid Util Comput 4(1):85–93

    Article  Google Scholar 

  20. Sun D, Huang X, Mu Y, Susilo W (2008) Identity-based on-line/off-line signcryption. In: network and parallel computing, 2008. In: proceedings. 2008 IFIP international conference on, pp 34–41

  21. Liu JK, Baek J, Zhou J (2011) Online/offline identity based signcryption re-visited. In: information security and cryptology, Inscrypt 2010, lecture notes in computer science 6584: 36–51

  22. Li F, Khan MK, Alghathbar K, Takagi T (2012) Identity-based online/offline signcryption for low power devices. J Network Comput Appl 35(1):340–347

    Article  Google Scholar 

  23. Li F, Xiong P (2013) Practical secure communication for integrating wireless sensor networks into the internet of things. J IEEE Sensors 13(10):3677–3684

    Article  Google Scholar 

  24. Senthil kumaran U, Ilango P (2015) Secure authentication and integrity techniques for randomized secured routing in WSN. J Wireless Networks 21(2):443–451

    Article  Google Scholar 

  25. Li F, Zheng Z, Jin C (2016) Secure and efficient data transmission in the internet of things. J Telecommun Syst 62(1):111–122

    Article  Google Scholar 

  26. Bormann C (2012) Guidance for light-weight implementations of the internet protocol suite. https://tools.ietf.org/html/draft-bormann-lwig-guidance-01, Accessed 24 January 2012

  27. Wilhelm M, Martinovic I, Schmitt JB, Lenders V (2011) reactive jamming in wireless networks: how realistic is the threat?. In: wireless network security, 2011. WiSec’11. In: Proceedings. 2011 4th ACM conference on, pp 47–52

  28. Becher A, Benenson Z, Dornseif M (2006) Tampering with motes: real-world physical attacks on wireless sensor networks. In: security in pervasive computing, 2006. SPC’06. In: Proceedings. 2006 3rd international conference on, pp 104–118

  29. Heer T, Garcia-Morchon O, Hummen R, Keoh S, Kumar S, Wehrle K (2011) Security challenges in the IP-based internet of things. J. Wirel Pers Commun 61(3):527–542

    Article  Google Scholar 

  30. Daemen J, Rijmen V (2002) The design of Rijndael: AES the advanced encryption standard. Springer, Berlin

    Book  Google Scholar 

  31. Secure Hash Standard (1995) Nat’l Inst. of standards and technology (NIST), Fed. Inf Process Stand Publ 180(1)

  32. Pointcheval D, Stern J (2000) Security arguments for digital signatures and blind signatures. J Cryptology 13(3):361–396

    Article  Google Scholar 

  33. Boneh D, Boyen X (2004) Short signatures without random oracles. In: advances in cryptology. Lect Notes Comput Sci 3027:56–73

    Article  Google Scholar 

  34. Cha JC, Cheon JH (2003) An identity-based signature from gap Diffie-Hellman groups. Public Key Cryptogr, Lect Notes Comput Scie 2567:18–30

    Article  MathSciNet  Google Scholar 

  35. Li J, Zhao J, Zhang Y (2015) Certificateless online/offline signcryption scheme. J Secur Commun Netw 8(11):1979–1990

    Article  Google Scholar 

  36. Li F, Han Y, Jin C (2017) Certificateless online/offline signcryption for the internet of things. J. Wirel Netw 23(1):145–158

    Article  Google Scholar 

  37. Luo M, Tu M, Xu J (2014) A security communication model based on certificateless online/offline signcryption for internet of things. J Sec Commun Netw 7(10):1560–1569

    Google Scholar 

  38. Shi W, Kumar N, Gong P, Chilamkurti N, Chang H (2015) On the security of a certificateless online/offline signcryption for internet of things. J Peer-to-Peer Network Appl 8(5):881–885

    Article  Google Scholar 

  39. Shim KA (2012) CPAS: an efficient conditional privacy preserving authentication scheme for vehicular sensor networks. Trans Veh Technol IEEE 61(4):1874–1883

    Article  Google Scholar 

  40. Shim KA, Lee YR, Park CM (2013) EIBAS: an efficient identity-based broadcast authentication scheme in wireless sensor networks. J Ad Hoc Netw 11(1):182–189

    Article  Google Scholar 

  41. Gura N, Patel A, Wander A, Eberle H, Shantz SC (2004) Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In: international workshop on cryptographic hardware and embedded systems, 2004. CHES’04. Lect Notes Comput Sci 3156:119–132

    Article  Google Scholar 

  42. Cao X, Kou W, Dang L, Zhao B (2008) IMBAS: Identitybased multi-user broadcast authentication in wireless sensor networks. J. Comput Commun 31(4):659–667

    Article  Google Scholar 

  43. Ma C, Xue K, Hong P (2014) Distributed access control with adaptive privacy preserving property for wireless sensor networks. J Secur Commun Netw 7(4):759–773

    Article  Google Scholar 

  44. Shim KA (2014) S2DRP: secure implementations of distributed reprogramming protocol forwireless sensor networks. J. Ad Hoc Netw 19:1–8

    Article  Google Scholar 

  45. Chang C, Muftic S (2007) Measurement of energy costs of security in wireless sensor nodes. In: computer communications and networks, 2007. ICCCN’07. In: proceedings. 2007 IEEE 16th international conference on, pp 95–102

  46. Prasithsangaree P, Krishnamurthy P (2003) Analysis of energy consumption of Rc4 and AES algorithms in wireless Lans. In: Global telecommunications, 2003. GLOBECOM'03. 2003 IEEE Conference on 3: 1445–1449

  47. Robinson DJS (1996) A course in the theory of groups. Springer, Heidelberg

    Book  Google Scholar 

  48. Martin L (2008) Introduction to identity-based encryption. Artech House, Boston, London, England

    MATH  Google Scholar 

  49. Rescorla E, Modadugu N (2012) Datagram transport layer security, http://www.rfc-editor.org/rfc/rfc6347.txt. Accessed January 2012

Download references

Author information

Authors and Affiliations

  1. Faculty of Electrical and Computer Engineering, Islamic Azad University, Science and Research Branch, Tehran, Iran

    Mohammad Nikravan

  2. Department of Computer Engineering, Sharif University of Technology, Tehran, Iran

    Ali Movaghar

  3. Iran University of Medical Sciences, Tehran, Iran

    Mehdi Hosseinzadeh

  4. Computer Science, University of Human Development, Sulaimaniyah, Iraq

    Mehdi Hosseinzadeh

Authors
  1. Mohammad Nikravan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ali Movaghar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mehdi Hosseinzadeh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohammad Nikravan.

Additional information

The original version of this article was revised: The Publisher regrets an incorrect figure was placed in the pdf version of the article.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Nikravan, M., Movaghar, A. & Hosseinzadeh, M. A lightweight signcryption scheme for defense against fragment duplication attack in the 6LoWPAN networks. Peer-to-Peer Netw. Appl. 12, 209–226 (2019). https://doi.org/10.1007/s12083-018-0659-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-018-0659-8

Keywords

Search

Navigation