||Implication of Lightweight Cryptographic Primitives for Secure Communication in Various Wireless Networks
||Institute of Computer Science and Information Engineering
Perfect forward secrecy
Wireless technology releases us from copper wires. A user can have a notebook computer, PDA, Pocket PC, Tablet PC, or just a cell phone and stay online anywhere a wireless signal is available. The basic theory behind wireless technology is that signals can be carried by electromagnetic waves that are then transmitted to a signal receiver. Because of the nature of transmission, the communication in the air via various wireless technologies is easier than the traditional wired communication environments. However, due to the broadcast nature of the wireless channel, wireless communication suffers more security threats than the wired one. In this regard, the attacker may intercept the transmitted message by eavesdropping the wireless channel even the encrypted wireless communication provided. Moreover, since the communication in every session may be associated with the fixed identity and the static security credentials of the same individual. Therefore, the attackers may track any individual with wireless devices such as mobile phone, RFID tag, bio-sensor, etc. by intercepting its wireless communication. In addition to that, mobility of the wireless devices such as mobile phones, RFID tags incurs possible threat to the past encrypted transmitted data, where the past session keys for the encryption of wireless communications may be derived by the long-term secret key of the wireless devices if it was lost or broken. On the other hand, security (privacy and integrity) of the transmitted data is another imperative concern in wireless communication, where an attacker may intercept and try to alter the transmitted data communicated between the wireless devices and that eventually can bring about various security issues. By providing the features of anonymity, untraceability, perfect forward secrecy in the authentication protocols and with the help of an efficient data security mechanism, the aforesaid security threats can be dealt in wireless communication.
Although, impressive efforts have been made for accomplishing the security feature such as, anonymity, however, this thesis shows that existing approaches to ensure the property like anonymity are impractical. Besides, even though, some public key crypto-systems such as Differ-Hellman can provide the solution of perfect forward secrecy. However, most of the existing standards of wireless communication, e.g. global system for mobile communications (GSM), universal mobile telecommunications systems (UMTS), WiFi protected access, and etc., are based on symmetric-key crypto-system, where an asymmetric operation such modular exponential operation causes significantly higher communication overhead and execution time than the symmetric key operations, which is greatly imperative for any battery powered wireless devices such as mobile devices, RFID tags, sensors etc.
In this thesis, at first we show some ways to design the lightweight anonymous authentication framework, which can efficiently accomplish the features like anonymity, untraceability, perfect forward secrecy, etc. In this regard, we use the lightweight cryptographic primitives such as symmetric key encryption/decryption, one-way non-collision hash functions and Exclusive-OR operations, which are more suitable for battery powered wireless devices. In addition to that, this thesis also focuses on the data security, i.e. privacy, and integrity of the transmitted data communicated between the wireless devices. In this context, we design some data security frameworks in the form of single-pass authenticated encryption modes (Authencryption) by using the encryption modes such as counter mode, cipher feedback mode, etc., where these conventional modes cannot ensure privacy and integrity of the transmitted data in a single pass. Subsequently, we enforce our designed lightweight anonymous authentication frameworks and data security frameworks for ensuring security in various wireless networks, such as mobile network, wireless sensor network, etc. Furthermore, security analyses show that our proposed solutions are secure and hence can be useful for wireless communication.
List of Figures XIV
Chapter 1 1
1.1 Security Requirements in Wireless Communications 2
1.2 Necessity of Lightweight Cryptography for the Resource Constrained Wireless Devices 3
1.3 Problem Statement and Motivation 5
1.4 Contribution of the Thesis 8
1.5 Thesis Organization 9
Chapter 2 10
2.1 Symmetric Key Encryption (SKE) 10
2.2 Block Cipher and its Security 11
2.3 Advanced Encryption Standard (AES) 13
2.4 Encryption Modes 14
2.5 Hash Functions 16
2.6 Authenticated Encryption 17
2.7 Different notions of indistinguishability 19
Chapter 3 22
Designing of Lightweight Anonymous Authentication Frameworks 22
3.1 Designing of an Anonymous Authentication and Key Agreement Framework Using Symmetric Key Encryption/Decryption (Framework 1) 23
3.2 Lightweight Anonymous Authentication and Key Agreement Framework Using Hash Function (Framework 2) 25
3.3 Lightweight Anonymous Authentication and Key Agreement Framework with Perfect Forward Secrecy Using Hash Function (Framework 3) ……………………………………………………………………………..28
Chapter 4 33
Designing of Lightweight Data Security Frameworks (Authencryption) 33
4.1 Introduction and Related Works 33
4.2 Designing of an Authenticated Mode of Operation Plain-text Feedback XORing (PFX) 35
4.3 Proposed Counter based Block-Cipher Modes of Authencryption (PFX-CTR) 37
4.4 Proposed Counter based Stream-Cipher Modes of Authencryption (PFC-CTR) 40
4.5 Proposed Counter based Real-time Modes of Authencryption (IAR-CTR) 42
4.5.1 Motivation and Requirements 42
4.5.2 Our Basic Idea 43
4.5.3 Counter based Integrity Aware Real-time Authenticated Encryption (IAR-CTR) Mode 45
4.6 Cryptanalysis of the Authencryption Mode 48
Chapter 5 57
Security in Global Mobility Networks 57
5.1 Introduction and Related Works 58
5.2 Provably Secure Mutual Authentication and Key Agreement Scheme Preserving User Anonymity in Global Mobility Networks Using Symmetric-Key Encryption/Decryption and Hash Function (Authentication Framework 1) 61
5.2.1 Phase I: Registration and Reestablishment Phase 62
5.2.2 Phase II: Mutual Authentication and Key Agreement Phase 64
5.2.3 Security Analysis 66
5.3 Lightweight Anonymous Mutual Authentication and Key Agreement Scheme for Secure Communication in Global Mobile Networks Using One-way Non-Collusion Hash Function (Authentication Framework 2) 69
5.3.1 Phase I: Registration Phase 70
5.3.2 Phase II: Mutual Authentication and Key Agreement (MAKA) Phase 72
5.3.3 Phase III: Password Renewal Phase 76
5.3.4 Security Model and Analysis 76
22.214.171.124 Formal Security Model 76
126.96.36.199 Adversarial Model 77
188.8.131.52 Definitions of Security 78
184.108.40.206 Security Analysis 80
5.4 Lightweight and Energy Efficient Mutual Authentication and Key Agreement Scheme with User Anonymity and Perfect Forward Secrecy Support for Secure Communication in Global Mobility Networks (Using Framework 3) 86
5.4.1 Phase I: Registration Phase 87
5.4.2 Phase II: Mutual Authentication and Key Agreement (MAKA) Phase 88
5.4.3 Protocol Analysis 93
220.127.116.11 BAN logic and its improvement 94
18.104.22.168 Formal Analysis of the Proposed Scheme 95
5.4.4 Performance Analysis and Comparisons 96
Chapter 6 102
Security in Wireless Sensor Networks 102
6.1 Introduction and Related Works 102
6.2 Problem Statement and Motivation 105
6.2.1 Threat Model 108
6.3 A Realistic Lightweight Anonymous Authentication Protocol for Securing Real-time Application Data Access in Wireless Sensor Networks Using One-way Non-Collusion Hash Function (Authentication Framework 3) 108
6.3.1 Phase I: Registration Phase 109
6.3.2 Phase II: Anonymous Authentication and Key Exchange Phase 111
6.3.3 Phase III: Password Renewal Phase 116
6.3.4 Phase IV: Dynamic Node Addition Phase 117
6.4 Security Analysis 117
6.5 Performance Analysis And Comparisons 122
6.6 Simulation for Formal Security Verification Using AVISPA Tool 126
6.6.1 Analysis of Results 130
Chapter 7 131
Security in Radio Frequency Identification System 131
7.1 Introduction and Related Works 131
7.1.1 Security Requirements of the RFID System 132
7.1.2 Related Work 134
7.1.3 Problem statement and Motivation 135
7.2 A Realistic Lightweight Authentication Protocol Preserving Strong Anonymity for Securing RFID System Using One-way Non-Collusion Hash Function (Authentication Framework 3) 137
7.2.1 Phase I: Registration Phase 138
7.2.2 Phase II: Realistic Anonymous Authentication Phase 139
7.3 Security Analysis 143
7.3.1 System Requirements Analysis 144
7.3.2 Attacks Analysis 146
7.4 Performance Analysis and Comparison 148
Chapter 8 152
Security in Internet of Things (IoT) 152
8.1 Part 1: Untraceable Sensor Movement in Distributed IoT Infrastructure 152
8.1.1 Introduction and Related Work 152
8.1.2 Proposed Distributed IoT System Architecture 155
8.1.3 Proposed Anonymous Authentication Scheme 157
22.214.171.124 Phase I: Registration Phase 158
126.96.36.199 Phase II: Anonymous Authentication in Inter-Cluster Movement Phase 159
188.8.131.52 Phase III: Anonymous Authentication in Inter-Network Movement Phase 162
8.1.4 Security Analysis 163
8.1.5 Performance Analysis and Comparisons 167
8.2 Part 2: BSN-Care: A Secure IoT-based Modern Healthcare System Using Body Sensor Network 170
8.2.1 Introduction 170
8.2.2 Security Requirements in IoT Based Healthcare System Using BSN 171
8.2.3 Related Work and Motivation 173
8.2.4 Secure IoT-Based Healthcare System Using BSN (BSN-Care) 177
8.2.5 Enforcement of Security in BSN-Care System 179
184.108.40.206 Lightweight Anonymous Authentication Protocol 179
8.2.6 Data Security in BSN-Care System 183
8.2.7 Performance Analyses and Comparison 184
8.3 Part 3: Security in M2M Home Network Service 188
8.3.1 Machine-to-Machine Home Network Application Model 188
8.3.2 Security Requirements in Machine-to-Machine Home Network Services ………………………………………………………………………189
8.3.3 Related Work and Motivation 191
8.3.4 An Anonymous Authentication and Key-Agreement Protocol for Secure Communication in M2M Home Network Service (Using Framework 3) ………………………………………………………………………193
220.127.116.11 Phase I: Registration Phase 194
18.104.22.168 Phase II: Lightweight Anonymous Authentication Phase 195
22.214.171.124 Phase III: Password Renewal Phase 198
8.3.5 Security Model and Analysis 199
126.96.36.199 Formal Security Model 199
188.8.131.52 Adversarial Model 200
184.108.40.206 Definitions of Security 201
220.127.116.11 Formal Security Analysis of the Proposed Scheme 202
8.3.6 Performance Analysis and Comparisons 206
Chapter 9 210
Conclusions and Future Works 210
Curriculum Vitae 225
Publication List 226
 A. Herzberg, H. Krawczyk, and G. Tsudik, “On travelling incognito,” IEEE Workshop on Mobile systems and Applications, pp. 205-211, 1994.
 S. Hirani, “Energy Consumption of Encryption Schemes in Wireless Devices,” M.S. thesis, School of Information Science, University of Pittsburgh, United States, 2003.
 J. Zhu and J. Ma, “A new authentication scheme with anonymity for wireless environments,” IEEE Transactions on Consumer Electronics, vol. 50, no.1, pp. 50, 230-234, 2004.
 C. C Lee, M. S Hwang, and I. E. Liao, “Security enhancement on a new authentication scheme with anonymity for wireless environments,” IEEE Transactions on Industrial Electronics, vol. 53, no. 5, pp. 1683-1687, 2006.
 C. C. Wu, W. B. Lee, and W. J. Tsaur, “A secure authentication scheme with anonymity for wireless communications,” IEEE Communication Letters, vol. 12, no.10, pp. 722-723, 2008.
 C. C. Chang, C.Y. Lee and Y. C. Chiu, “Enhance authentication scheme with anonymity for roaming service in global mobility networks,” Computer Communications, vol. 32, pp. 611-618, 2009.
 T. Y. Youn, T. H. Park, and Lim, “Weaknesses in an anonymous authentication scheme for roaming service in global mobile networks,” IEEE Communication Letters, vol.13, no.7, pp. 471-473, 2009.
 C. Tang and D. O. Wu, “Mobile privacy in wireless networks revisited,” IEEE Transactions on Wireless Communication, vol.7, pp. 1035-1042, 2008.
 J. Lu and J. Zhou, “On the security of an efficient mobile authentication scheme for wireless networks,” WICOM2010, 6th International Conference on Wireless Communications Networking and Mobile Computing, IEEE Press, pp. 23-25, Sept. 2010.
 T. Zhou and J. Xu, “Provable secure authentication protocol with anonymity for roaming service in global mobility networks,” Computer Networks, vol. 55, pp. 205-213, 2011.
 G. Yang, Q. Huang, W. S. Duncan, X. Deng, “Universal authentication protocols for anonymous wireless communications,” IEEE Transactions on Wireless Communications, vol. 9, no. 1, pp. 168 - 174, 2010.
 D. He, C. Chen, S. Chan, and J. Bu, “Secure and Efﬁcient Handover Authentication Based on Bilinear Pairing Functions,” IEEE Transactions on Wireless Communication, vol. 11, no. 1, pp. 48-53, 2012.
 D He, C Chen, S Chan, J Bu, “Analysis and improvement of a secure and efficient handover authentication for wireless networks,” IEEE Communications Letters, pp. 1270-1273, 2012.
 J.L. Tsai, N.W. Lo, T.C. Wu, “Secure Handover Authentication Protocol Based on Bilinear Pairings,” Wireless Personal Communications, December 2013, Volume 73, Issue 3, pp 1037-1047, 2012.
 H. Mun, K. Han, Y. Lee, C. Yeun, and H. Choi, “Enhanced secure anonymous authentication scheme for roaming service in global mobile network,” Mathematical and computer Modeling, vol. 55, pp. 214-222, 2012.
 J. Kim, and J. Kwak, “Improved secure anonymous authentication scheme for roaming service in global mobile network,” International Journal of Security and its Applications, vol.6(3), pp. 45-54, 2012.
 Q. Jiang, J. Ma, G. Li, L. Yang, “An enhanced authentication scheme with privacy preservation for roaming services in global mobility networks,” Wireless Personal Communications, vol. 68, pp. 1477-1491, 2013.
 F. Wen, W. Susilo, and G. Yang, “A secure and effective user authentication scheme for roaming service in global mobility networks,” Wireless Personal Communications, DOI. 10.1007/s11277-013-1243-4, 2013.
 D. He, Y. Zhang, J. Chen, “Cryptanalysis and Improvement of an Anonymous Authentication Protocol for Wireless Access Networks,” Wireless Personal Communications, vol. 74, pp. 229–243, 2014.
 T. Hwang, P. Gope, “Provably secure mutual authentication and key exchange scheme for expeditious mobile communication through synchronously one-time Secrets,” Wireless Personal Communications, DOI. 10.1007/s11277-013-1501-5, 2013.
 J. Yang, J. Park, H. Lee, K. Ren, K. Kim, “Mutual authentication protocol for low-cost RFID,” Proceedings of the Workshop on RFID and Lightweight Cryptography, pp. 17–24, 2005.
 C. Qingling, Z. Yiju, W. Yonghua, “A minimalist mutual authentication protocol for RFID system and BAN logic analysis,” ISECS International Colloquium on Computing, Communication, Control, and Management pp. 449–453, 2008.
 Z. Luo, T. Chan, J.S. Li, “A lightweight mutual authentication protocol for RFID networks,” Proceedings of the IEEE International Conference on e-Business Engineering (ICEBE '05), pp. 620–625, 2005,
 C.C. Tan, B. Sheng, Q. Li, “Secure and server-less RFID authentication and search protocols,” IEEE Transactions on Wireless Communications, vol. 7 (4) pp. 1400–1407, (April 2008).
 S. Cai, Y. Li, T. Li, R. Deng, “Attacks and improvements to an RFID mutual authentication protocol,” 2nd ACM Conference on Wireless Network Security (WiSec '09), pp. 51–58, 2009.
 J-S Cho, Y-S Jeong, S. Park, “Consideration on the Brute-force Attack Cost and Retrieval Cost: a Hash-based radio-frequency identification (RFID) Tag Mutual Authentication Protocol,” Computers & Mathematics with Applications (2012).
 K. H. M. Wong, Z. Yuan, C. Jiannong, and W. Sheng wei, “A dynamic user authentication scheme for wireless sensor networks,” in Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing, pp. 244-251, Taiwan, June, 2006.
 M.L. Das, “Two-factor user authentication in wireless sensor networks,” IEEE Transaction on Wireless Communications. vol. 8 no. 3, pp. 1086–1090, 2009.
 D. He, Y. Gao, S. Chan, C. Chen, J. Bu. “A n enhanced two-factor user authentication scheme in wireless sensor networks,” AdHoc & Sensor Wireless Networks vol. 10 no. 4, 2010.
 H. Yeh, T. Chen, P. Liu, T. Kim, H. Wei, “A secured authentication protocol for wireless sensor networks using elliptic curves cryptography,” Sensors vol. 11, no. 5 pp. 4767–4779. 2011.
 R. Fan, D. He, X. Pan, L. Ping, “An efficient and dos-resistant user authentication scheme for two-tiered wireless sensor networks,” Journal of Zhejinag Univ.-Sci C vol. 12 no.7 pp. 550–560, 2011.
 D. Wang, P. Wang, “On the anonymity of two-factor authentication schemes for wireless sensor networks: attacks, principle, and solutions,” Computer Networks, vol. 73, pp. 41-57, 2014.
 P. Kumar, A.J. Choudhury, M. Sain, S.M. Lee, H.J. Lee, “Ruasn: a robust user authentication framework for wireless sensor networks,” Sensors vol. 11 no. 5, pp.5020–5046, 2011.
 Q. Jiang, Z. Ma, J.F. Ma, G. Li, “Security enhancement of robust user authentication framework for wireless sensor networks,” China Communication, vol. 9, no. 10, pp. 103–111, 2012.
 TH Chen, WK. Shih, “A robust authentication protocol for wireless sensor networks,” ETRI Journal, vol. 32, no. 5, pp. 704-712, 2010.
 K. Xue, C. Ma, P. Hong, R. Ding, “A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks,” Journal of Network Computer Applications, vol. 36 no. 1, pp.316–323, 2013.
 C. T. Li, C. Y. Weng, C. C. Lee, “An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks,” Sensors, vol. 13, pp. 9589–9603, 2013.
 A. K. Das, “A Secure and Efficient User Anonymity-Preserving Three-Factor Authentication Protocol for Large-Scale Distributed Wireless Sensor Networks,” Wireless Personal Communications, vol. 82 no. 3: pp. 1377-1404, 2015.
 A. K. Das, “A secure and effective biometric-based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor,” International Journal of Communication Systems DOI: 10.1002/dac.2933, 2015.
 Q. Jiang, J. Ma, X. Lu, Y. Tian: “An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks,” Peer-to-Peer Networking and Applications, 2014.
 A. K. Das, “A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks,” Peer-to-Peer Networking and Applications DOI: 10.1007/s12083-014-0324-9, 2014.
 C. H. Meyer, S. M. Matyas, “Cryptography: A New Dimension in Computer Data Security,” John Wiley and Sons, New York, 1982.
 National Bureau of Standards. 1980. “NBS FIPS PUB 81: DES modes of operation,” U.S. Department of Commerce.
 M. Bellare, A. Desai, E. Jokipii, P. Rogaway, “A Concrete Security Treatment of Symmetric Encryption: Analysis of the DES Modes of Operation,” 38th Symposium on Foundations of Computer Science (FOCS), IEEE Computer Society, 1997, 394-403.
 S. Goldwasser and S. Micali, “Probabilistic Encryption,” J. Com-put. Syst. Sci., 28(2):270299, 1984.
 P. Gope, T. Hwang, “Lightweight and Energy Efficient Mutual Authentication and Key Agreement Scheme with User Anonymity for Secure Communication in Global Mobility Networks,” IEEE Systems Journal, DOI: 10.1109/JSYST.2015.2416396, 2015.
 C. Jutla, “Encryption modes with almost free message integrity,” In Advances in Cryptology–EUROCRYPT 2001, B. Pfitzmann, Ed., vol. 2045, LNCS, Springer–Verlag, pp. 529–544.
 S. Halevi, “An observation regarding Jutla’s modes of operation,” submitted Feb 22, 2001, and revised. Apr 2, 2001, Cryptology ePrint archive, reference number 2001/015.
 V. Gligor, and P. Donescu, “Fast encryption and authentication: XCBC encryption and XECB authentication modes,” In Fast Software Encryption, 8th International Workshop, FSE 2001, M. Matsui, Ed., vol. 2355 of LNCS, Springer–Verlag, pp. 92–108.
 P. Rogaway, “Efficient instantiations of tweakable block–ciphers and reﬁnements to modes OCB and PMAC,” Proceeding of the ASIACRYPT 2004, LNCS, vol. 3329 pp. 16–31, Springer, Heidelberg.
 T. Krovetz, and P. Rogaway, “The software performance of authenticated–encryption modes,” 18th international workshop, FSE 2011, LNCS 6733, pp. 306–327, Springer, Lyngby, Denmark.
 N. Ferguson, “Collision attacks on OCB,” NIST CSRC website, 2002.
 Z. Sun, P. Wang, L. Zhang, “Collision Attacks on Variant of OCB Mode and Its Series,” Information Security and Cryptology, Lecture Notes in Computer Science vol. 7763, 216-224, (2013).
 R. Struik, “Formal specification of the CCM* mode of operation,” IEEE P802. 15 Working Group for Wireless Personal Area Networks (WPANS), 2005.
 D. A McGrew, and J. Viega, “The security and performance of the galois/counter mode (GCM) of operation,” Progress in Cryptology–INDOCRYPT, 2004, Springer–Verlag.
 T. Kohno, J. Viega, and D. Whiting, CWC: A high–performance conventional authenticated encryption mode, Proceedings of Fast Software Encryption 2004, LNCS vol. 3017, Springer–Verlag.
 Saarinen, O. Markku-Juhani, “Cycling Attacks on GCM, GHASH and Other Polynomial MACs and Hashes,” FSE 2012 – Washington D.C. LNCS vol. 7549, Springer–Verlag, pp. 216-225, 2012.
 P. Fouque, G. Martinet, F. Valette, and S. Zimmer, On the Security of the CCM Encryption Mode and of a Slight Variant. In ACNS, pp. 411–428, 2008.
 T. Hwang, P. Gope, “IAR-CTR and IAR-CFB: Integrity Aware Real-time Based Counter and Cipher Feedback Modes,” Security and Communication Networks, DOI: 10.1002/sec.1312, 2015.
 T. Hwang, P. Gope, “RT-OCFB: Real-Time Based Optimized Cipher Feedback Mode,” Cryptologia, DOI:10.1080/01611194.2014.988366, 2015.
 M. Bellare, A. Desai, E. JokiPii, and P. Rogaway, “A Concrete Security Treatment of Symmetric Encryption: Analysis of the DES Modes of Operation,” Proceedings of the 38th Symposium on Foundations of Computer Science, IEEE, 1997; A revised version is available online at http://www-cse.ucsd.edu/users/mihir
 D. Dolev, C. Dwork, and M. Naor, “Non-malleable cryptography,” Proc. 23rd Annual Symposium on the Theory of Computing.
 Crypto++ Library.[Online] Available: http://www.cryptopp.com.
 I. F. Akyildiz, W. Su , Y. S. Subramaniam , E. Cayirci, “Survey on sensor network,”, IEEE Communication Magazine, vol.40, pp. 112-114, 2002.
 O. Gnawali, K.-Y. Jang, J. Paek, M. Vieira, R. Govindan, B. Greenstein, A. Joki, D. Estrin, E. Kohler, “The tenet architecture for tiered sensor networks,” in: Proc. SenSys 2006, ACM, 2006, pp. 153–166.
 D. Yang, S. Misra, X. Fang, G. Xue, J. Zhang, “Two-tiered constrained relay node placement in wireless sensor networks: computational complexity and efficient approximations,” IEEE Trans. Mobile Computing. vol. 11 no. 8 pp. 1399–1411, 2012.
 T. Nguyen, A. Al-Saffar, and E-N Huh, “A dynamic ID-based authentication scheme,” Proceedings of the Sixth International Conference on Networked Computing and Advanced Information Management (NCM), pp. 248-253, August 2010.
 S. Chen and M. Ma, “A Dynamic-Encryption Authentication Scheme for M2M Security in Cyber-Physical Systems,” Globecom 2013 - Symposium on Selected Areas in Communications, pp.2897-2901, 2013.
 D. Dovel, A Yao, On the security of public key .protocols, IEEE Transaction on Information Theory, vol. 29 no. 2, pp. 198-208, 1983.
 P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis”, in Proc. CRYPTO’99, LNCS 1666, pp. 388-397, Springer-Verlag, 1999.
 W. Diffie, P. C. van Oorshot, and M. J. Wiener, “Authentication and Authenticated Key Exchanges”, Designs, Codes and Cryptography, vol. 2, Kluwer Academic Publishers, pp. 107-125, 1992.
 D. R. Stinson, “Universal Hashing and Authentication Codes,” Design Codes and Cryptography, vol. 4 no. 4, pp. 369-380, 1994.
 A. Armando, The AVISPA tool for the automated validation of internet security protocols and applications. In: 17th International conference on computer aided verification (CAV’05). (Lecture Notes in Computer Science), vol 3576. Springer, Berlin, pp 281–285, 2005.
 AVISPA Automated Validation of Internet Security Protocols and Applications. http://www.avispa-project.org/.
 L. Wang, X. Yi, C. Lv and Y. Guo, “Security improvement in authentication protocol for Gen-2 based RFID system”, Journal of Convergence Information Technology, AICIT, vol. 6(1), pp. 157-169, 2011.
 K. Finkenzeller, RFID Handbook. Second ed. Wiley & Sons, 2002.
 EPC Radio-Frequency Identity Protocols Class-1 Generation-2 UHF RFID Protocol for Communications at 860 MHz-960 MHz Version 1.2.0, EPC global Inc., October 2008.
 A. Juels, RFID security and privacy: A research survey, IEEE Journal on Selected Areas in Communications, 24 (2), pp. 381-394. doi: 10.1109/JSAC.2005.861395, 2006.
 P. Gope, T. Hwang, “A Realistic Lightweight Authentication Protocol Preserving Strong Anonymity for Securing RFID System,” Computers & Security, DOI: 10.1016/j.cose.2015.05.004, 2015.
 M. Burmester, B. Medeiros, R. Motta, Robust, “Anonymous RFID Authentication with Constant Key-lookup,” Cryptology ePrint Archive: Listing for 2007 (2007/402), 2007.
 G. Gaubatz, J.P. Kaps, E. Ozturk, B. Sunar, “State of the art in ultra-low power public key cryptography for wireless sensor networks,” in Proc. in the Third IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW’05), 2005.
 S.V. Kaya, E. Savaş, A. Levi, Ö. Erçetin, “Public key cryptography based privacy preserving multi-context RFID infrastructure,” Ad Hoc Netw., 7 (2009), pp. 136–152
 N. Koblitz, “Elliptic curve cryptosystems,” Math. Comput., vol 48 (1987), pp. 203–209.
 Y. K. Lee, K. Sakiyama, I. Verbauwhede, “Elliptic-curve-based security processor for RFID,” IEEE Trans. Computer, vol. 57 (11) (2008)
 Y-P Liao, C. Hsiao, “A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol,” Ad Hoc Networks, vol 18, pp. 133-146, 2014.
 S. Piramuthu, RFID mutual authentication protocols, Decision Support Systems, vol. 50, pp.387-393 , 2011 http://dx.doi.org/10.1016/j.dss.2010.09.005.
 M. Safkhani, P. Peris-Lopez, J. C. Hernandez-Castro, N. Bagheri, and Cryptanalysis of the Cho et al. protocol: A hash-based RFID tag mutual authentication protocol, Journal of Computational and Applied Mathematics, vol 259, Part B, pp. 571-577, 15 March 2014.
 T. Dimitriou, A Lightweight RFID Protocol to Protect against Traceability and Cloning Attacks, in: Proceedings of SecureComm’05, pp. 59–66, 2005.
 S.-Y. Kang, I.-Y. Lee, A Study on low-cost RFID system management with mutual authentication scheme in ubiquitous, Proceedings of APNOMS, 4773, LNCS, pp. 492–502, 2007.
 R. Roman, J. Zhou, and J. Lopez, “On the features and challenges of security and privacy in distributed internet of things,” Computer Networks, vol. 57, no. 10, pp. 2266–2279, 2013.
 F. Zhu, M. W. Mutka, and L. M. Ni, “Private entity authentication for pervasive computing environments,” International Journal of Network Security, vol. 14, no. 2, pp. 86–100, 2012.
 S. Shin, T. Shon, H. Yeh, and K. Kim, “An effective authentication mechanism for ubiquitous collaboration in heterogeneous computing environment,” Peer-to-Peer Networking and Applications, 2013.
 Y. Liu, J. Li, and M. Guizani, “PKC based broadcast authentication using signature amortization for WSNs,” IEEE Transactions on Wireless Communications, vol. 11, no. 6, pp. 2106–2115, 2012.
 T. Kwon and J. Hong, “Secure and efficient broadcast authentication in wireless sensor networks,” IEEE Transactions on Computers, vol. 59, no. 8, pp. 1120–1133, 2010.
 E. Rescorla and N. Modadugu, “Datagram Transport Layer Security,” IETF RFC 4347, April 2006, http://tools.ietf.org/html/rfc4347.
 Z. Shelby, K. Hartke, and C. Bormann, “Constrained Application Protocol (CoAP),” IETF draft, R FC editor, 2013, http://tools.ietf.org/pdf/draft-ietf-core-coap-18.pdf.
 T. Kothmayr, C. Schmitt, W. Hu, M. Brünig, and G. Carle, “DTLS based security and two-way authentication for the Internet of Things,” Ad Hoc Networks, vol. 11, no. 8, pp. 2710–2723, 2013.
 X. H. Le, S. Lee, I. Butun et al., “An energy-efficient access control scheme for wireless sensor networks based on elliptic curve cryptography,” Journal of Communications and Networks, vol. 11, no. 6, pp. 599–606, 2009.
 C. T. Li, M. S. Hwang, and Y. P. Chu, “An efficient sensor-to-sensor authenticated path-key establishment scheme for secure communications in wireless sensor networks,” International Journal of Innovative Computing, Information and Control, vol. 5, no. 8, pp. 2107–2124, 2009.
 P. Kotzanikolaou and E. Magkos, “Hybrid key establishment for multiphase self-organized sensor networks,” in Proceedings of the 6th IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks (WoWMoM '05), pp. 581–587, June 2005.
 P. Porambage, C. Schmitt, P. Kumar, A. Gurtov, and M. Ylianttila, “PAuthKey: A Pervasive Authentication Protocol and Key Establishment Scheme for Wireless Sensor Networks in Distributed IoT Applications,” International Journal of Distributed Sensor Networks, vol. 2014.
 C. H. Wang and C. Y. Lin, “An efficient delegation-based roaming payment, protocol against denial of service attacks,” in Proc. 2011 International Conference on Electronics, Communications and Control, pp. 4136–4140, 2011.
 UN, “World Population Aging 2013,” pp. 8–10, 2013.
 R. Weinstein, “RFID: A technical overview and its application to the enterprise,” IEEE IT Prof., vol. 7, no. 3, pp. 27–33, May/Jun. 2005.
 L. Atzori, A. Iera, and G. Morabito, “The Internet of Things: A survey,” Comput. Netw., vol. 54, no. 15, pp. 2787–2805, 2010.
 P. Najera, J. Lopez, and R. Roman, “Real-time location and inpatient care systems based on passive RFID,” J. Netw. Comput. Appl., vol. 34, no. 3, pp. 980–989, 2011.
 P. Kumar, and H. Lee, “Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey,” Sensors (Basel, Switzerland) 12.1 pp. 55–91, 2012.
 D. Malan, T. F. Jones, M. Welsh, S. Moulton, “CodeBlue: An AdHoc Sensor Network Infrastructure for Emergency Medical Care,” Proceedings of the MobiSys 2004 Workshop on Applications of Mobile Embedded Systems (WAMES 2004); Boston, MA, USA. 6–9 June 2004.
 K. Lorincz, D. J. Malan, T. R. F. Fulford-Jones, A. Nawoj, A. Clavel, V. Shayder, G. Mainland, M. Welsh, “Sensor Networks for Emergency Response: Challenges and Opportunities”, Pervas. Comput. vol.3, pp.16–23, 2004.
 A. Wood, G. Virone, T. Doan, Q. Cao, L. Selavo, Y. Wu, L. Fang, Z. He , S. Lin, J. Stankovic, “ALARM-NET: Wireless Sensor Networks for Assisted-Living and Residential Monitoring,” Department of Computer Science, University of Virginia; Charlottesville, VA, USA: Technical Report CS-2006-01, 2006.
 S. Pai, M. Meingast, T. Roosta, S. Bermudez, S. Wicker, D. K. Mulligan , S. Sastry, "Confidentiality in Sensor Networks: Transactional Information," IEEE Security and Privacy Magazine. 2008.
 J.W.P. Ng, B.P.L Lo, O. Wells, M. Sloman, N. Peters, A. Darzi, C. Toumazou, G. Yang, "Ubiquitous Monitoring Environment for Wearable and Implantable Sensors (UbiMon)," Proceedings of 6th International Conference on Ubiquitous Computing (UbiComp’04); Nottingham, UK. 7–14 September 2004.
 Office for Civil Rights, United State Department of Health and Human Services Medical Privacy. National Standards of Protect the Privacy of Personal-Health-Information. Available online: http://www.hhs.gov/ocr/privacy/hipaa/administrative/privacyrule/index.html (accessed on 15 June 2011).
 R. Chakravorty, “A Programmable Service Architecture for Mobile Medical Care,” Proceedings of 4th Annual IEEE International Conference on Pervasive Computing and Communication Workshop (PERSOMW’06); Pisa, Italy. 13–17 March 2006.
 J. Ko, J. H. Lim, Y. Chen, R. Musaloiu-E, A. Terzis, G. M. Masson, “MEDiSN: Medical Emergency Detection in Sensor Networks,” ACM Trans. Embed. Comput. Syst. vol. 10, pp. 1–29, 2010.
 A. Kumar et al., “Caveat eptor: A comparative study of secure device pairing methods,” IEEE International Conference on Pervasive Computing and Communications, 2009. PerCom 2009.
 YK Lee, H. Ju, DW. Kim, et al. Home network modelling and home network user authentication mechanism using biometric information. IEEE Tenth International Symposium on Consumer Electronics, St. Petersburg; pp. 1–5, 2006.
 J. Jeong, MY. Chung. Integrated OTP-based user authentication scheme using smart cards in home networks. Proceedings of the 41st Hawaii International Conference on System Sciences, Waikoloa;294–294, 2008.
 X. Sun, S. Men, C. Zhao, and Z. Zhou. A security authentication scheme in machine-to-machine home network service. Security Comm. Networks. doi: 10.1002/sec.551, 2012.
 Y. Lai, J. Kang, and R. Yu, “Efficient and Secure Resource Management in Home M2M Networks,” International Journal of Distributed Sensor Networks, vol. 2013, Article ID 849572, 12 pages, doi:10.1155/2013/849572, 2013.
 T. Hwang, P. Gope, “IA-CTR: Integrity Aware Conventional Counter Mode for Secure and Efficient Communication in Wireless Sensor Networks,” Wireless Personal Communications, (Springer Journal), DOI: 10.1007/s11277-015-3096-5, 2015.
 T. Hwang, P. Gope, “Robust Stream-Cipher Mode of Authenticated Encryption for Secure Communication in Wireless Sensor Network,” Security and Communication Networks (Wiley Journal), DOI: 10.1002/sec.1388, 2015.
 T. Hwang, P. Gope, “IAR-CTR and IAR-CFB: Integrity Aware Real-time Based Counter and Cipher Feedback Modes,” Security and Communication Networks (Wiley Journal), DOI: 10.1002/sec.1312, 2015
 H-Y Chien, C-S Laih, “ECC-based lightweight authentication protocol with untracbility for low-cost RFID,” Joural of Parallel and Distributed Computing”, Vol. 69, pp. 848-853, 2009.
 H-Y Chien, “Combining Rabin cryptosystem and error correction codes to facilitate anonymous authentication with un-tracbility for low-end devices,” Joural of Parallel and Distributed Computing”, Vol. 57, pp. 2705-2717, 2013