nach oben

Wireless Personal Communications

Erschienen in:

24.01.2020

BLE-Based Authentication Protocol for Micropayment Using Wearable Device

verfasst von: Nai-Wei Lo, Alexander Yohan

Erschienen in: Wireless Personal Communications | Ausgabe 4/2020

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Rapid growth of global wearable device market within the last 5 years shows the tremendous interest of modern society on environmental sensing technology to develop intelligent and convenient services for human beings. Wearable devices like smart watch and intelligent eyeglasses have been successfully deployed or associated to various application domains such as gamification of healthcare, real time location identification, mobile online games and health indicator monitoring. The idea of incorporating micropayment capability within wearable device has become a hot issue along with the market growth of wearable devices. Security strength, performance efficiency and deployment cost are the three major factors to develop a user-friendly wearable-device-oriented micropayment environment. As almost all wearable devices with screen display including smart watches and smartphones manufactured in recent years are equipped with Bluetooth communication module as a default deployment model; a Bluetooth-based authentication frontend is a reasonable choice for a user-friendly wearable-device-oriented micropayment system in terms of the reduction of system deployment cost. In this paper, a robust and lightweight BLE-based authentication protocol to support wearable-device-oriented micropayment system is proposed. The proposed authentication protocol generates unique and secure session key for each communicating session utilizing Physical Unclonable Function. Security analysis is conducted to evaluate security strength of the proposed protocol. Performance comparison among existing protocols shows that the proposed protocol is superior to other solutions.

Vorheriger Artikel Boltzmann Randomized Clustering Algorithm for Providing Quality of Evolution in Wireless Multimedia Sensor Networks

Nächster Artikel A Novel Method for Key Establishment Based on Symmetric Cryptography in Hierarchical Wireless Sensor Networks

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Ahonen, P., & Savola, R. (2005). Security threats to mobile service development in the age of digital convergence. In EUROCON 2005—the international conference on computer as a tool, vol. 2, pp. 1052–1055. https://doi.org/10.1109/EURCON.2005.1630130.

Akram, R. N., Markantonakis, K., & Mayes, K. (2011). User centric security model for tamper-resistant devices. In Proceedings—2011 IEEE 8th international conference on E-business engineering, pp. 168–177. https://doi.org/10.1109/ICEBE.2011.69.

Al Asar Tech Co. Ltd. Customizable bluetooth jammer. Retrieved March 8, 2018, from http://www.alasartech.cn/Product-Details?product_id=173.

Alahakone, A. U., Senanayake, S. M. N. A., & Senanayake, C. M. (2010). Smart wearable device for real time gait event detection during running. In Proceedings—2010 IEEE Asia Pacific conference on circuits and systems, pp. 612–615. https://doi.org/10.1109/APCCAS.2010.5774975.

Atzori, L., Iera, A., & Morabito, G. (2010). The internet of things: A survey. Computer Networks, 54, 2787–2805. https://doi.org/10.1016/j.comnet.2010.05.010.CrossRefMATH

Bai, Q. H. (2012). Comparative research on two kinds of certification system of the public key infrastructure (PKI) and the identity based encryption (IBE). CSQRWC, 2012, 147–150. https://doi.org/10.1109/CSQRWC.2012.6294997.CrossRef

Barnickel, J., Wang, J., & Meyer, U. (2012). Implementing an attack on bluetooth 2.1+ secure simple pairing in passkey entry mode. In Proceedings—2012 IEEE 11th international conference on trust, security and privacy in computing and communications, pp. 17–24. https://doi.org/10.1109/TrustCom.2012.182.

Beckmann, N., & Potkonjak, M. (2009). Hardware-based public-key cryptography with public physically unclonable functions. In Lecture notes in computer science (including subseries lecture notes in artificial intelligence and lecture notes in bioinformatics), pp. 206–220. https://doi.org/10.1007/978-3-642-04431-1_15.

Bluetooth SIG. (2014). Specification of the bluetooth system: Core package version 4.2. Retrieved July 14, 2017, from https://www.bluetooth.org/DocMan/handlers/DownloadDoc.ashx?doc_id=286439.

10.

Dementyev, A., Hodges, S., Taylor, S., & Smith, J. (2013). Power consumption analysis of bluetooth low energy, zigbee, and ANT sensor nodes in a cyclic sleep scenario. In Proceedings—2013 IEEE international wireless symposium (IWS), pp. 1–4. https://doi.org/10.1109/IEEE-IWS.2013.6616827.

11.

Diallo, A. S., Al-Khateeb, W. F. M., Olanrewaju, R. F., & Sado, F. (2014). A secure authentication scheme for bluetooth connection. In Proceedings—2014 international conference on computer and communication engineering, pp. 60–63. https://doi.org/10.1109/ICCCE.2014.29.

12.

Dittmar, A., Meffre, R., De Oliveira, F., Gehin, C., & Delhomme, G. (2005). Wearable medical devices using textile and flexible technologies for ambulatory monitoring. In Proceedings—2005 IEEE engineering in medicine and biology 27th annual conference, pp. 7161–7164. https://doi.org/10.1109/IEMBS.2005.1616159.

13.

Fan, C. I., Liang, Y. K., & Wu, C. N. (2011). An anonymous fair offline micropayment scheme. In International conference on information society (i-Society 2011), pp. 377–381.

14.

Fan, K., Li, H., Jiang, W., Xiao, C., & Yang, Y. (2018). Secure authentication protocol for mobile payment. Tsinghua Science and Technology, 23, 610–620.CrossRef

15.

Handschuh, H., Schrijen, G. J., & Tuyls, P. (2010). Hardware intrinsic security from physically unclonable functions. In Information security and cryptography, pp. 39–53. https://doi.org/10.1007/978-3-642-14452-3_2.

16.

He, D., Kumar, N., Lee, J. H., & Sherratt, R. (2014). Enhanced three-factor security protocol for consumer USB mass storage devices. IEEE Transactions on Consumer Electronics, 60, 30–37. https://doi.org/10.1109/TCE.2014.6780922.CrossRef

17.

He, D., Kumar, N., & Lee, J. H. (2015). Secure pseudonym-based near field communication protocol for the consumer internet of things. IEEE Transactions on Consumer Electronics, 61, 56–62. https://doi.org/10.1109/TCE.2015.7064111.CrossRef

18.

Herder, C., Yu, M. D., Koushanfar, F., & Devadas, S. (2014). Physical unclonable functions and applications: A tutorial. Proceedings of the IEEE, 102, 1126–1141. https://doi.org/10.1109/JPROC.2014.2320516.CrossRef

19.

Kadhiwal, S., & Zulfiquar, M. (2007). Analysis of mobile payment security measures and different standards. Computer Fraud and Security, 2007(6), 12–16. https://doi.org/10.1016/S1361-3723(07)70077-5.CrossRef

20.

Khan, M. F. F., & Sakamura, K. (2015). Tamper-resistant security for cyber-physical systems with eTRON architecture. In Proceedings—2015 IEEE international conference on data science and data intensive systems, pp. 196–203. https://doi.org/10.1109/DSDIS.2015.98.

21.

Liu, Y., Zhao, Q., Liu, G., Chang, L., & Shen, J. (2017). A fairness-enhanced micropayment scheme. Wireless Personal Communications,. https://doi.org/10.1007/s11277-016-3740-8.CrossRef

22.

Madhoun, N. E., Guenane, F., & Pujolle, G. (2016). An online security protocol for NFC payment: Formally analyzed by the Scyther tool. In Proceedings—2016 second international conference on mobile and secure services (MobiSecServ), pp. 1–7. https://doi.org/10.1109/MOBISECSERV.2016.7440225.

23.

Madhoun, N. E., & Pujolle, G. (2016). A secure cloud-based NFC payment architecture for small traders. In 2016 3rd smart cloud networks and systems (SCNS), pp. 1–6. Retrieved April 30, 2019, from http://ieeexplore.ieee.org/document/7870562/.

24.

Maiti, A., Kim, I., & Schaumont, P. (2012). A robust physical unclonable function with enhanced challenge-response set. IEEE Transactions on Information Forensics and Security, 7, 333–345. https://doi.org/10.1109/TIFS.2011.2165540.CrossRef

25.

Maurya, P. K., & Bagchi, S. (2018). A secure PUF-based unilateral authentication scheme for RFID system. Wireless Personal Communications, 103(2), 1699–1712. https://doi.org/10.1007/s11277-018-5875-2.CrossRef

26.

Me, G., & Strangio, M. A. (2005). EC-PAY: An efficient and secure ECC-based wireless local payment scheme. In Proceedings—3rd international conference on information technology and applications (ICITA 2005), vol. II, pp. 442–447. https://doi.org/10.1109/ICITA.2005.122.

27.

Miorandi, D., Sicari, S., De Pellegrini, F., & Chlamtac, I. (2015). Internet of things: Vision, applications, and research challenges. Ad Hoc Networks, 10, 1497–1516. https://doi.org/10.1016/j.adhoc.2012.02.016.CrossRef

28.

Nashwan, S. (2017). Secure authentication protocol for NFC mobile payment systems. International Journal of Computer Science and Network Security, 17(8), 256–263.

29.

Patel, R., Kunche, A., Mishra, N., Bhaiyat, Z., & Joshi, P. R. (2015). Paytooth—a cashless mobile payment system based on bluetooth. International Journal of Computer Applications, 120, 38–43. https://doi.org/10.5120/21412-4450.CrossRef

30.

Pereira, G. C. C. F., Alves, R. C. A., da Silva, F. L., Azevedo, R. M., Albertini, B. C., & Margi, C. B. (2017). Performance evaluation of cryptographic algorithms over IoT platforms and operating systems. Security and Communication Networks, 2017, 1–16. https://doi.org/10.1155/2017/2046735.CrossRef

31.

Ravi, S., Raghunathan, A., & Chakradhar, S. (2004). Tamper resistance mechanisms for secure embedded systems. In 17th international conference on VLSI design proceedings, pp. 605–611. https://doi.org/10.1109/ICVD.2004.1260985.

32.

Saravanan, K., & Yuvaraj, D. (2010). A new secure mechanism for bluetooth network. In 2010 the 2nd international conference on computer and automation engineering (ICCAE), pp. 202–205. https://doi.org/10.1109/ICCAE.2010.5451967.

33.

Shim, K. A. (2016). A survey of public-key cryptographic primitives in wireless sensor networks. IEEE Communications Surveys and Tutorials, 18, 577–601. https://doi.org/10.1109/COMST.2015.2459691.CrossRef

34.

Singh Tanwar, G., Singh, G., & Gaur, V. (2010). Secured encryption—concept and challenge. International Journal of Computer Applications, 2, 89–94.CrossRef

35.

Thammarat, C., Chokngamwong, R., Techapanupreeda, C., & Kungpisdan, S. (2015). A secure lightweight protocol for NFC communications with mutual authentication based on limited-use of session keys. In 2015 international conference on information networking (ICOIN), pp. 133–138. Retrieved April 30, 2019, from http://ieeexplore.ieee.org/document/7057870/.

36.

Weik, M. H. (2000). Closed system. In Computer science and communication dictionary, pp. 222. https://doi.org/10.1007/1-4020-0613-6_2792.

37.

Wu, T. (1998). The secure remote password protocol. Retrieved May 4, 2019, from https://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.81.7567.

38.

Xu, J., Zhang, T., Lin, D., Mao, Y., Liu, X., Chen, S., Shao, S., Tian, B., & Yi, S. (2013). Pairing and authentication security technologies in low-power bluetooth. In 2013 IEEE international conference on green computing and communications and IEEE internet of things and IEEE cyber, physical and social computing, pp. 1081–1085. https://doi.org/10.1109/GreenCom-iThings-CPSCom.2013.185.

39.

Yeh, K. H., Su, C. H., Choo, K. K. R., & Chiu, W. (2017). A novel certificateless signature scheme for smart objects in the internet-of-things. Sensors, 17, 1001. https://doi.org/10.3390/s17051001.CrossRef

40.

Yohan, A., Lo, N. W., & Winata, D. (2018). An Indoor positioning-based mobile payment system using bluetooth low energy technology. Sensors, 18, 974. https://doi.org/10.3390/s18040974.CrossRef

41.

Zolfaghar, K., & Mohammadi, S. (2009). Securing bluetooth-based payment system using honeypot. In 2009 international conference on innovations in information technology (IIT), pp. 21–25. https://doi.org/10.1109/IIT.2009.5413764.

Titel: BLE-Based Authentication Protocol for Micropayment Using Wearable Device
verfasst von: Nai-Wei Lo
Alexander Yohan
Publikationsdatum: 24.01.2020
Verlag: Springer US
Erschienen in: Wireless Personal Communications / Ausgabe 4/2020
Print ISSN: 0929-6212
Elektronische ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-020-07153-0

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Kryptowährungen/© gopixa / Getty Images / iStock, MG4 aus China auf dem Prüfstand im ADAC-Technik-Zentrum in Landsberg am Lech/© ADAC e.V., Chassis eines Elektrofahrzeugs/© chesky / stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Sustainibility Finance/© Robert Kneschke / stock.adobe.com / Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 4/2020

An Intrusion Detection System on Ping of Death Attacks in IoT Networks

Reconfigurable Antenna and Performance Optimization Approach

Two-Stage Ransomware Detection Using Dynamic Analysis and Machine Learning Techniques

Data Replication in Mobile Edge Computing Systems to Reduce Latency in Internet of Things

MCLMR: A Multicriteria Based Multipath Routing in the Mobile Ad Hoc Networks

Multipath Diversity for OFDM Based Visible Light Communication Systems Through Fractional Sampling

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.