The use of Internet of things (IoT) devices is on the rise and given their involvement with sensitive data the security for these devices is of greater importance. As these devices are connected with the internet being able to have secure communication is crucial. Some of the major aspects for secure communication are identification and message integrity. These can both be provided by signature schemes. As IoT devices are often constrained devices picking a signature scheme is not trivial and depends among other things on storage size, security level and computation costs. One should thus look at how current available solutions compare and their suitability for IoT. This paper therefore provides a comparison of some signature schemes and presented some such as SCDSA and CLS suitable for IoT. Furthermore this paper points out that current solutions may become obsolete with the development of quantum computing. This paper thus also presents some hash based quantum resistant solutions for use in IoT. ... Read more

With the current fast paced growth in the number of devices connected to the internet, many of these having limited computational capability, security concerns are of increasing importance. To meet the necessity of providing secure encryption to constrained devices many lightweight cryptographic schemes have been developed. This paper provides a comparative study of four of these schemes, namely TEA, XTEA, PRESENT and Simon, explaining how they work and discussing their vulnerabilities and performances. This paper specifically considers the performance of Application Specific Integrated Circuit (ASIC) implementations with regards to their size, throughput, power usage and energy usage per bit encrypted. TEA and PRESENT were found to have potentially problematic vulnerabilities, while no attacks on XTEA and Simon are known that do not reduce the number of rounds used during encryption. Simon and PRESENT were found to perform well, while XTEA implementations were found to be too large for constrained devices. Out of the four, Simon seems the most promising for use in constrained devices. As such, further research into its vulnerabilities is advisable. ... Read more

Wireless Sensor Networks(WSN's) are networks of sensor that wirelessly communicate to each other. The communication of these sensors needs to be secured to prevent leaking of potentially sensitive information of the data sent between the user, gateway and sensors. For WSN's lightweight authentication, protocols have been developed in order to provide lightweight authentication for resource constrained devices. This paper performs a comparative study of authentication protocols for WSN's. This is done by comparing the performance and examining the attack types to which a protocol is vulnerable. From this comparison, a possible improvement for newer authentication protocols is proposed. This study includes a comparative study on lightweight authentication protocols for IoT and a possible improvement for new authentication protocols is proposed. ... Read more

Pseudo-random number generators are the essential part of many security protocols such as signature schemes, key-exchange protocols and encryption algorithms. The security of these protocols is usually dependent on the quality of the generators they use. The generation of unpredictable random numbers supplies refreshment to the protocols, which makes them harder to break. In this paper, an extensive comparative study made on some of the well known and some interesting pseudo-random generators. These generators consist of xorshift, xorshiftStar, PCG, CMWC and Fortuna. They are tested according to some criteria, which consists of efficiency, security and statistical randomness quality. Possible IoT usages are suggested for each generator according to their results. In the end, for the xorshift and xorshiftStar generators, improvements are suggested to increase their statistical quality and security. ... Read more

IoT devices have grown rapidly over the past few years. IoT devices are mostly connected to a central server that stores the data and handles end-to-end communication. Due to the increase of IoT devices, the latency with the server increases. Furthermore, when using a central server the data is at risk of being deleted or tampered with. To mitigate these issues blockchain could be integrated with the IoT devices to create a decentralized framework. This paper discusses how IoT integrated with blockchain can solve the problems with data integrity and fault tolerance in current IoT frameworks. Furthermore, different consensus mechanisms are compared and improvements are given to make the mechanisms suitable for IoT devices. The paper concludes by stating that G-PBFT, BFT-SMaRt and Tangle/Jointgraph are the most suitable consensus mechanisms for IoT devices with regard to computational power, throughput, latency and Byzantine fault tolerance. Moreover, two improvements with regard to reducing the latency and increasing the trust in G-PBFT are given. ... Read more

An increasingly large amount of data is generated on the IoT. Widespread use of this data may help provide valuable insights and actionable triggers for new innovative services. To tap the potential of this increasing supply of data, a platform is needed. However in creating marketplaces for this data concerns regarding privacy and misuse of data are raised. This paper analyses several technologies that leverage the benefits of blockchain to attempt to mitigate these concerns. Mechanisms regarding data transfer, registration contracts and the responsibilities of gateway nodes are considered. The benefits and drawbacks of these technologies is discussed, as well as potential mitigations for these drawbacks. Finally the paper proposes a set of guidelines for future iterations of such platforms. ... Read more

The expansion of the Internet and wireless access has led to a widespread increase of Internet of Things applications. These smart devices are becoming a daily aspect of our lives. All the convenient and automated services provided by smart devices come from a centralized service provider. This service provider has access to all the personal data associated with the devices and hence, poses a threat to users' data privacy. Blockchain-based applications provide many desirable features for the IoT infrastructure, for example, decentralization, trust, and immutability. This paper discusses the integration of blockchain and IoT while expanding upon existing studies in a smart home environment where privacy needs immediate attention. Furthermore, different privacy-preserving mechanisms used in blockchain-based IoT solutions were classified and analyzed. The evaluation reflects that cryptographic solutions enhance overall privacy in terms of data confidentiality and untraceability but are low utility solutions for resource-constrained IoT. An effective balance can be found in data manipulation solutions. Finally, suggestions and future research directions on the subject of privacy in blockchain-based IoT systems are offered as a result of this review. ... Read more

The domain name system (DNS) and public key infrastructure (PKI) provide the core services for the Internet. The use of these systems requires trust in institutions to provide proper services, which they can fail to provide. Centralized management allows these institutions to perform censorship. Additionally, these legacy systems have seen numerous security issues over the years related to both network security and data security. The rise of the Internet of Things, often resource-constrained devices such as embedded sensors, has leveraged these services. But in doing so has exposed the IoT to the same flaws as the underlying infrastructure. To combat this, both non-blockchain-based and blockchain-based solutions have been proposed, both with their own issues. Non-blockchain-based solutions offer improvements in one dimension, such as trust, but at the cost of security. In comparison, blockchain-based solutions can offer improvements in multiple dimensions simultaneously as has been shown in proposed systems. Blockchain-based solutions deal with their own set of issues: they struggle with the adoption of such a system and lack compatibility with the resource-constrained IoT. To combat the issues of blockchain-based solutions, this paper proposes theoretical improvements on blockchain-based DNS and PKI solutions, building on work done in the field. These improvements address the interoperability with current systems to increase adoptability. Additionally, it offers a system architecture compatible with both the IoT and regular devices by leveraging different types of nodes for the blockchain network based on device constraints and needs. ... Read more