I need to know how to test the security of an implemented algorithm in the field of the IoT to state the test results in a paper.
#IoT
#Security
#Blockchain
#remix
#Smart_Contract
what type of IoT security algorithm are you work? could you give me more details
Thanks a lot Dr. Ali Hamzah
Authentication algorithms for the node (sensor).
i was meaning when you try to test the security algorithm strength you have to stick to one of the security properties like CIA.
so my question how to test the efficiency of it...
You may want to try Scyther (if this is what you are asking for).
https://infsec.ethz.ch/research/software/scyther-proof.html
You're asking a question that is a profession in itself for many people. It's like asking automobile mechanics how they fix cars.
First, look at the state machines for the protocol. Look for ways to put the protocol in strange states. Observe precisely how the code gets in and out of each state and look for ways to screw up that state information.
Second, Fuzz the protocol. People write books about fuzzing techniques alone. So I'm not going to get in to details here.
Third, if applicable, analyze the cryptography. Look for weak parts such as poorly randomized nonce, weak hash methods, and other such things.
Fourth, analyze the parser of the protocol and confirm that it is stable in all conditions. If the parser crashes, whatever authentication you have won't matter much.
Those are things I would do. Note that none of these efforts are trivial tasks.
Also please note that I have experience from having been on the DNP3 SCADA protocol committee for over ten years, during which we reviewed the authentication features. From personal experience, I can tell you this is not a simple task.
Dear Asmaa Aljohani,
Thanks a lot for your answer, i appreciate it and i will read the paper.
Mina
Dear Jacob Brodsky,
Thanks a lot for your valuable answer, i appreciate.
i am trying to put my test result in time with the algorithm and without the algorithm. Mina
Dear Md Masuduzzaman
Thanks a lot for your answer, i appreciate it and i will read the paper.
Mina
This depends on what you want to analyze and give priority first as security parameter. Although, you can have a look at my paper for the same Article IoT-Chain: Security of things for Pervasive, Sustainable and...
Dear Mina
Security testing has recently received much attention in the research and especially in industrial areas. Its aim is to increase the user’s confidence in the system by ensuring its conformance to security requirements.
Two main goals for security testing are considered:
In order to satisfy the authentication model to secure IoT, namely, mutual authentication, perfect forward secrecy, anonymity, and un-traceability, the authentication protocols use both cryptosystems and non-cryptosystems countermeasures. Formal security verification techniques used in authentication protocols for the IoT.
Dear Mohd Majid Akhtar Thanks for your reply ... your paper considered and i am reading it.
Dear Dr. Mohammed El-hajj Thanks a lot for your detailed answer i really appreciate it and considered, i will try to apply it and use this technique in the testing result.
i wish if we can communicate to take advantage of your experience in the field IoT Security. Thanks in advance.
Mina
- Badges
- Science topic