An Efficient Key Management Technique for the Internet of Things (original) (raw)

Advanced Lightweight Encryption Key Management Algorithms for IoT Networks

2023

An Internet of Things (IoT) Network is a collection of sensors interconnected through a network that process and exchange data. IoT networks need sufficient resources to cope with the growing security challenges. In most cases, cryptography is implemented by symmetric and asymmetric encryption methods to cope with these security issues. Symmetric cryptography requires transmitting an encryption key to the receiver to decrypt the received encrypted messages. Consequently, secured key distribution techniques are the core for providing security and establishing a secured connection among objects. Encryption keys are frequently changed through key distribution mechanisms. Encrypted key exchange is a protocol that allows two parties who share the same key to communicate over an insecure network. This chapter outlines the challenges and core requirements for a robust key distribution mechanism, beginning with evaluating existing solutions and then detailing three innovative, efficient, and lightweight methods that balance the security level, network performance, and low processing overhead impact.

Efficient End-to-End Secure Key Management Protocol for Internet of Things

International Journal of Electrical and Computer Engineering (IJECE), 2017

Internet of things (IoT) has described a futurevision of internetwhere users, computing system, and everyday objects possessing sensing and actuating capabilities are part of distributed applications and required to support standard internet communication with more powerful device or internet hosts. This vision necessitates the security mechanisms for end-to-end communication. A key management protocol is critical to ensuring the secure exchange of data between interconnecting entities, but due to the nature of this communication system where a high resource constrained node may be communicating with node with high energy makes the application of existing key management protocols impossible. In this paper, we propose a new lightweight key management protocol that allows the constrained node in 6loWPAN network to transmit captured data to internet host in secure channel. This protocol is based on cooperation of selected 6loWPAN routers to participate in computation of highly consuming cryptographic primitives. Our protocol is assessed with AVISPA tool, the results show that our scheme ensured security properties. Keyword: 6LoWPAN network Internet of things Key management protocol 6LoWPAN routers AVISPA tool 1. INTRODUCTION The internet of things has made a revolution in the world of communication by connected the physical objects to Internet. According to [1] (IoT) is a concept and a paradigm that considers pervasive presence in the environment of a variety of things/objects that through wireless and wired connections and unique addressing schemes are able to interact with each other and cooperate with other things/objects to create new applications/services. The internet of things (IoT) describes the next generation of Internet, where the physical things or objects are connected, accessed and identified through the Internet, many technologies are involved in IoT, such as WSN (Wireless Sensors network) [2], intelligent sensing, Radio Frequency Identification (RFID) [3], 6LoWPAN [4], Near Field communications (NFC) [5] [6], low energy wireless communication , cloud computing, and so on. These technologies will interact with physical phenomena by employing more constrained sensing platforms and low-energy wireless communications, therefore, end-to-end communication between constrained sensing devices and other Internet host will be a fundamental requirement of many sensing application using these technologies, this aspects that seriously complicate the design and adoption of appropriate security mechanisms especially end-to-end security mechanisms.

PKIoT: A public key infrastructure for the Internet of Things

Transactions on Emerging Telecommunications Technologies, 2019

Internet of Things (IoT) nodes participating in the implementation of next-generation IoT applications will need standard methods to authenticate each other and secure their communications. However, the use of certificates and public key infrastructure (PKI) technologies, widely employed in the Internet, is not straightforward in this context because of the limitations of the involved entities. This paper presents the public key infrastructure for the Internet of Things (PKIoT) architecture, a solution which aims at enabling certificate-based authentication in the forthcoming IoT scenarios by allowing the flexible outsourcing of the most demanding security-related tasks and by introducing a new type of compact certificate. This paper also highlights the role that this architecture can play in the context of the oneM2 M security framework in enabling standard secure machine-2-machine interactions. In conclusion, this paper reports the results of the conducted experiments, which show the effectiveness of the proposed approach in reducing the execution time and the energy consumption of certificate-based session establishment for Datagram Transport Layer Security up to 78% and 89% respectively, fostering this way standard and secure IoT transactions.

An efficient lightweight key exchange algorithm for internet of things applications

International Journal of Electrical and Computer Engineering (IJECE), 2022

Internet of things (IoT) gained wide popularity in recent years, and this is proved by tremendous increase in use of IoT applications worldwide. Distributed IoT applications can be implemented securely with the support of blockchain. By default, blockchain will ensure authentication of involved entities as well as integrity of data. Due to storage restrictions, use of hybrid system is preferred, and this involves cloud server for storage and blockchain for other functionalities. Data kept in cloud has to be encrypted by a strong encryption algorithm. Even though core security objectives are achieved, it is necessary to provide a secure method to exchange the key. Since, the key is the backbone of a security algorithm, protection of the key has to be ensured. In this work, an algorithm is proposed to provide a no-share key exchange between two communicating parties in a resource constrained environment. The same was implemented and compared with conventional key sharing algorithms. Security analysis was formally conducted by using widely accepted automated validation of internet security protocols and applications (AVISPA) tool and the proposed method proved to be secure.

Efficient Key Generation Techniques for Securing IoT Communication Protocols

IETE Technical Review, 2020

Internet of things (IoT) is getting bigger as communication infrastructure and device capabilities are getting improved day-by-day, creating a huge market for IoT devices for commercial as well as personal usage. This paper sheds light on the compromises done by vendors on the grounds of security, resources and flexibility to lure customers with low prices, smaller and fancier designs of IoT device and its consequences. Most of the IoT devices are resource-constrained and hence standardization bodies such as IEEE and IETF gave many protocols for IoT devices which are defined over IoT protocol stack. The degree of security in each layer of IoT protocol stack is discussed and it is found that NFC protocol which operates on physical-data link layer and 6LoWPAN, a network layer protocol, lack proper key management while encrypting the data. A most important part of key management in cryptographic algorithms is key generation and storage (if needed). Different types and methods of key generation techniques are also discussed which might give a solution over a variety of situations combining the level of security requirement and resources available in strengthening the abovementioned communication protocols.

IoT Modes of Operations with Different Security Key Management Techniques: A Survey

International Journal of Safety and Security Engineering, 2021

The internet of things (IoT) has provided a promising opportunity to build powerful systems and applications. Security is the main concern in IoT applications due to the privacy of exchanged data using limited resources of IoT devices (sensors/actuators). In this paper, we present a classification of IoT modes of operation based on the distribution of IoT devices, connectivity to the internet, and the typical field of application. It has been found that the majority of IoT services can be classified into one of four IoT modes: gateway, device to device, collaborative, and centralized. The management of either public or symmetric keys is essential for providing security. In the present paper, we survey different key management protocols concerning IoT, which we further allocate in a map table. The map table is a link between modes of operation and the associated security key management elements. The main target of this mapping table is to help designers select the optimum security te...

Lightweight Security Mechanism over MQTT Protocol for IoT Devices

International Journal of Advanced Computer Science and Applications, 2020

Security is one of the main concerns with regard to the Internet of Things (IoT) networks. Since most IoT devices are restricted in resource and power consumption, it is not easy to implement robust security mechanisms. There are different methods to secure network communications; however, they are not applicable to IoT devices. In addition, most authentication methods use certificates in which signing and verifying certificates need more computation and power. The main objective of this paper is to propose a lightweight authentication and encryption mechanism for IoT constrained devices. This mechanism uses ECDHE-PSK which is the Transport Layer Security (TLS) authentication algorithm over Message Queuing Telemetry Transport (MQTT) Protocol. This authentication algorithm provides a Perfect Forward Secrecy (PFS) feature that makes an improvement in security. It is the first time that this TLS authentication algorithm is implemented and evaluated over the MQTT protocol for IoT devices. To evaluate resource consumption of the proposed security mechanism, it was compared with the default security mechanism of the MQTT protocol and the ECDHE-ECDSA that is a certificate-based authentication algorithm. They were evaluated in terms of CPU utilization, execution time, bandwidth, and power consumption. The results show that the proposed security mechanism outperforms the ECDHE-ECDSA in all tests.

Cost Effective Decentralized Key Management Framework for IoT

Computer Systems Science and Engineering, 2022

Security is a primary concern in communication for reliable transfer of information between the authenticated members, which becomes more complex in a network of Internet of Things (IoT). To provide security for group communication a key management scheme incorporating Bilinear pairing technique with Multicast and Unicast key management protocol (BMU-IOT) for decentralized networks has been proposed. The first part of the proposed work is to divide the network into clusters where sensors are connected to and is administered by cluster head. Each sensor securely shares its secret keys with the cluster head using unicast. Based on these decryption keys, the cluster head generates a common encryption key using bilinear pairing. Any sensor in the subgroup can decrypt the message, which is encrypted by the common encryption key. The remaining part focuses to reduce communication, computation and storage costs of the proposed framework and the resilience against various attacks. The implementation is carried out and results are compared with the existing schemes that have given considerably better results. Thus, the lightweight devices of IoT can provide efficiency and security by reducing their overhead in terms of complexity.

A novel key exchange algorithm for security in internet of things

Indonesian Journal of Electrical Engineering and Computer Science, 2019

Today Internet of things (IoT) interconnects any object possessing sensing and computing capabilities to the internet. In this era, increasing number of electronic devices and applications in Internet of Things (IoT) requires secured communication with low power consumption capabilities. As security is a major challenge in internet of things, it is important to design a key management solution that considers resource constrained nodes and hence key management in public key cryptography is a crucial issue. In this paper, a novel key exchange algorithm was developed and implemented on a low powered “Raspberry pi machine” to realize the overall impact it creates on the device. The performance of the proposed algorithm had shown a great improvement over the popular Diffie Hellman key exchange algorithm and a two-level security for data exchange between the parties is implemented.

Energy-aware key management and access control for the Internet of things

World Wide Web, 2021

The need to establish a secure communication for most applications of Internet of Things (IoT) has become increasingly crucial. Nevertheless, one of the major issues of such networks is how to establish cryptographic keys between all IoT objects to ensure secure data exchange. Several key management schemes have been suggested in the literature to achieve this goal, but they must be revised and innovated, while taking into account the limited resources of IoT objects. Likewise, the IoT presents a system where objects belonging to the physical world, are connected to the Internet, and have the capacity to measure, communicate, and act around all over the world. Nevertheless, some information available to IoT objects is private, hence the need to ensure an access control whose aim is to guarantee that the information be accessible only to those whose the access is allowed. In this paper, we propose a scheme involving two basic modules, namely key management, and access control. The key management module is designed to ensure the symmetric key generation for the IoT objects in a completely distributed manner without resorting to a central authority. In contrast, the access control module is used to impose an access control policy so as to prevent unauthorized access to services provided by a particular IoT object. The latter is ensured thanks to the existing cooperation between the TGOs servers of dierent domains in the IoT. Through assessments based on security analysis, we demonstrate that the proposed scheme is more secure than the existing ones. Simulations were also performed to validate the proposed solution by comparing it with some relevant concurrent schemes. The obtained results are not only encouraging, but also very favorable for the proposed scheme.