{"id":815,"date":"2016-12-01T14:47:00","date_gmt":"2016-12-01T13:47:00","guid":{"rendered":"https:\/\/samovar2022.int-evry.fr\/index.php\/2016\/12\/01\/protocoles-de-securite-efficaces-pour-les-reseaux-de-capteurs-sans-fil-ip-et-linternet-des-objets\/"},"modified":"2020-09-04T18:46:10","modified_gmt":"2020-09-04T16:46:10","slug":"protocoles-de-securite-efficaces-pour-les-reseaux-de-capteurs-sans-fil-ip-et-linternet-des-objets","status":"publish","type":"post","link":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/2016\/12\/01\/protocoles-de-securite-efficaces-pour-les-reseaux-de-capteurs-sans-fil-ip-et-linternet-des-objets\/","title":{"rendered":"Protocoles de s\u00e9curit\u00e9 efficaces pour les r\u00e9seaux de capteurs sans-fil IP et l\u2019Internet des Objets"},"content":{"rendered":"

Kim Thuat NGUYEN<\/strong><\/p>\n

a le plaisir de vous inviter \u00e0 sa soutenance de th\u00e8se qui aura lieu au<\/p>\n

CEA, Centre d\u2019Int\u00e9gration Nano-INNOV,<\/p>\n

jeudi 8 d\u00e9cembre 2016 \u00e0 14h00<\/strong><\/p>\n

en amphi 33, b\u00e2timent 862,<\/p>\n

8 avenue de la Vauve,91120 PALAISEAU<\/p>\n

et sera suivie d’un pot sur place.<\/p>\n

Sujet de la th\u00e8se : Protocoles de s\u00e9curit\u00e9 efficaces pour les r\u00e9seaux de capteurs sans-fil IP et l\u2019Internet des Objets<\/p>\n

Jury :<\/em><\/p>\n\n\n\n\n\n\n\n\n
Isabelle CHRISMENT <\/td>\n Rapporteur<\/td>\nProfesseur \u00e0 T\u00e9l\u00e9com Nancy<\/td>\n<\/tr>\n
Yves ROUDIER <\/td>\n Rapporteur<\/td>\n Professeur \u00e0 l\u2019Universit\u00e9 de Nice Sophia-Antipolis<\/td>\n<\/tr>\n
S\u00e9bastien TIXEUIL<\/td>\n Examinateur<\/td>\n Professeur \u00e0 l\u2019Universit\u00e9 Pierre et Marie Curie<\/td>\n<\/tr>\n
Sa\u00efd GHAROUT <\/td>\n Examinateur <\/td>\n Ing\u00e9nieur de recherche \u00e0 Orange Lab<\/td>\n<\/tr>\n
Nouha OUALHA<\/td>\n Encadrant <\/td>\n Ing\u00e9nieur de recherche au CEA LIST<\/td>\n<\/tr>\n
Maryline LAURENT<\/td>\n Directrice de th\u00e8se <\/td>\n Professeur \u00e0 T\u00e9l\u00e9com SudParis<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

R\u00e9sum\u00e9 :<\/em><\/p>\n

L’Internet des Objets (IdO) permet \u00e0 des milliards de dispositifs informatiques embarqu\u00e9s de se connecter les uns aux autres. Les objets concern\u00e9s couvrent la plupart de nos appareils de la vie quotidienne, tels que les thermostats, les r\u00e9frig\u00e9rateurs, les fours, les machines \u00e0 laver et les t\u00e9l\u00e9viseurs. Il est facile d’imaginer l’ampleur du danger, si ces dispositifs venaient \u00e0 nous espionner et r\u00e9v\u00e9laient nos donn\u00e9es personnelles. La situation serait encore pire si les applications critiques IdO, par exemple, le syst\u00e8me de contr\u00f4le des r\u00e9acteurs nucl\u00e9aires, le syst\u00e8me de s\u00e9curit\u00e9 du v\u00e9hicule ou les dispositifs m\u00e9dicaux, \u00e9taient compromis. Afin de garantir la s\u00e9curit\u00e9 et lutter contre des menaces de s\u00e9curit\u00e9 dans l’IdO, des solutions de s\u00e9curit\u00e9 robustes doivent \u00eatre consid\u00e9r\u00e9es. Cependant, les appareils pour l\u2019IdO sont limit\u00e9s en m\u00e9moire, capacit\u00e9s de calcul et \u00e9nergie, et disposent de moyens de communication peu fiables, ce qui les rend vuln\u00e9rables \u00e0 des attaques vari\u00e9es.<\/p>\n

Dans ce contexte, nous nous concentrons sur deux d\u00e9fis majeurs, \u00e0 savoir des protocoles de s\u00e9curit\u00e9 l\u00e9gers en termes de calculs et d\u2019infrastructure, et des m\u00e9canismes d’\u00e9tablissement de cl\u00e9s l\u00e9gers, les solutions existantes actuellement \u00e9tant beaucoup trop co\u00fbteuses pour les dispositifs IdO.<\/p>\n

En r\u00e9ponse au premier d\u00e9fi, nous avons, d’une part, propos\u00e9 ECKSS – un nouveau sch\u00e9ma de signcryption l\u00e9ger qui \u00e9vite l’utilisation de PKI. Cette proposition permet de chiffrer et signer simultan\u00e9ment des messages en garantissant la confidentialit\u00e9 et la non-falsification du canal de communication. De plus, les \u00e9changes de message sont authentifi\u00e9s sans recourir \u00e0 des certificats. Par ailleurs, nous avons aussi propos\u00e9 OEABE qui est un m\u00e9canisme de d\u00e9l\u00e9gation pour le chiffrement \u00e0 base d\u2019attributs CP-ABE (Ciphertext-Policy Attribute-Based Encryption). CP-ABE est un sch\u00e9ma de chiffrement par attributs qui permet aux utilisateurs de pr\u00e9ciser au moment du chiffrement qui pourra d\u00e9chiffrer leurs donn\u00e9es. Notre solution, OEABE, permet \u00e0 un dispositif contraint en ressources de g\u00e9n\u00e9rer rapidement un chiffr\u00e9 CP-ABE tout en pr\u00e9cisant les droits d\u2019acc\u00e8s \u00e0 ses donn\u00e9es. Cette solution est d\u2019autant plus utile que le volume de donn\u00e9es g\u00e9n\u00e9r\u00e9es par les dispositifs IdO est en augmentation exponentielle chaque ann\u00e9e.<\/p>\n

Quant au deuxi\u00e8me d\u00e9fi, nous avons propos\u00e9 tout d’abord deux modes de distribution de cl\u00e9s pour le protocole standard de gestion de cl\u00e9s MIKEY. Ils s\u2019appuient sur notre sch\u00e9ma de signcryption ECKSS et h\u00e9ritent ainsi de la l\u00e9g\u00e8ret\u00e9 d’ECKSS \u00e0 la fois en termes de calculs et de dispensent d’utilisation de PKI. Les r\u00e9sultats exp\u00e9rimentaux, obtenus \u00e0 partir d\u2019une plateforme de capteurs Openmote, ont prouv\u00e9 l’efficacit\u00e9 de nos solutions comparativement aux autres m\u00e9thodes de MIKEY. Nous avons aussi propos\u00e9 un sch\u00e9ma d’\u00e9change de cl\u00e9s, appel\u00e9 AKAPR qui est tr\u00e8s adapt\u00e9 dans le cas o\u00f9 les deux parties qui participent \u00e0 la n\u00e9gociation de cl\u00e9s sont tr\u00e8s contraintes en ressources.<\/p>\n

Abstract :<\/em><\/p>\n

The Internet of Things (IoT) enables billions of embedded computing devices to connect to each other. The smart things cover our everyday friendly devices, such as, thermostats, fridges, ovens, washing machines, and TV sets. It is easy to imagine how bad it would be, if these devices were spying on us and revealing our personal information. It would be even worse if critical IoT applications, for instance, the control system in nuclear reactors, the vehicle safety system or the connected medical devices in health-care, were compromised. To counteract these security threats in the IoT, robust security solutions must be considered. However, IoT devices are limited in terms of memory, computation and energy capacities, in addition to the lack of communication reliability. All these inconvenients make them vulnerable to various attacks, as they become the weakest links of our information system.<\/p>\n

In this context, we seek for effective security mechanisms in order to establish secure communications between unknown IoT devices, while taking into account the security requirements and the resource constraints of these devices. To do so, we focus on two major challenges, namely,
\nlightweight security protocols in terms of processing and infrastructure and lightweight key establishment mechanisms, as existing solutions are too much resource consuming. <\/p>\n

To address this first challenge, we first propose ECKSS – a new lightweight signcryption scheme which does not rely on a PKI. This proposal enables to encrypt and sign messages simultaneously while ensuring the confidentiality and unforgeability of the communication channels.
\nIn addition, the message exchanges are authenticated without relying on certificates. Moreover, we also propose OEABE which is a delegation-based mechanism for the encryption of the Ciphertext-Policy Attribute-Based Encryption (CP-ABE). CP-ABE is anattribute-based public
\nkey encryption scheme that gives users the flexibility to determine who can decrypt their data at runtime. Our solution enables a resource-constrained device to generate rapidly a CP-ABE ciphertext with authorization access rights to its data. This solution is particularly useful as the
\nvolume of data issued from IoT devices grows exponentially every year. <\/p>\n

To solve the second challenge, we first propose two new key distribution modes for the standard key management protocol MIKEY, based on our signcryption scheme ECKSS. These modes inherit the lightness of ECKSS and avoid the use of PKI. The experimental results, conducted in
\nthe Openmote sensor platform, have proven the efficiency of our solutions compared with other existing methods of MIKEY. Then, we propose a new key agreement scheme, named AKAPR. In case the two communicating parties are involved in the key negotiation procedure, AKAPR
\nis very suitable in the context of IoT. As such, it can operate even if the two communicating parties are highly resource-constrained.<\/p>\n","protected":false},"excerpt":{"rendered":"

Kim Thuat NGUYEN a le plaisir de vous inviter \u00e0 sa soutenance de th\u00e8se qui aura lieu au CEA, Centre d\u2019Int\u00e9gration Nano-INNOV, jeudi 8 d\u00e9cembre 2016 \u00e0 14h00 en amphi 33, b\u00e2timent 862, 8 avenue de la Vauve,91120 PALAISEAU et sera suivie d’un pot sur place. Sujet de la th\u00e8se : Protocoles de s\u00e9curit\u00e9 efficaces […]<\/p>\n","protected":false},"author":1,"featured_media":814,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"","ocean_second_sidebar":"","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"","ocean_custom_header_template":"","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"","ocean_menu_typo_font_family":"","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"on","ocean_gallery_id":[],"footnotes":""},"categories":[350],"tags":[],"class_list":["post-815","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-theses-2016-fr","entry","has-media"],"_links":{"self":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/815","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/comments?post=815"}],"version-history":[{"count":1,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/815\/revisions"}],"predecessor-version":[{"id":1642,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/815\/revisions\/1642"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/media\/814"}],"wp:attachment":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/media?parent=815"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/categories?post=815"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/tags?post=815"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}