Public Key Authentication and Key Agreement in IoT Devices With Minimal Airtime Consumption
Open Access
- 18 November 2016
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Embedded Systems Letters
- Vol. 9 (1), 1-4
- https://doi.org/10.1109/les.2016.2630729
Abstract
Computational complexity of public key cryptography over sensor nodes is not anymore a blocking concern in modern devices which natively (and efficiently) support elliptic curve cryptography. The problem has rather shifted toward the significant airtime consumption required to exchange multiple messages and certificates so as to perform authentication and key agreement. This letter addresses such problem by exploiting implicit certificates (elliptic curve Qu-Vanstone). We specifically propose a novel key management protocol (KMP) which suitably integrates implicit certificates with a standard elliptic curve Diffie-Hellman exchange, and performs authentication and key derivation. As confirmed by a proof-of-concept implementation and relevant experimental results, the proposed KMP guarantees maximal airtime savings (up to 86.7%) with respect to conventional approaches, robust key negotiation, fast rekeying, and efficient protection against replay attacks.Keywords
Funding Information
- European Union’s Horizon 2020 Research and Innovation Programme for Project SymbIoTe (688156)
This publication has 11 references indexed in Scilit:
- Towards quantifying the cost of a secure IoT: Overhead and energy consumption of ECC signatures on an ARM-based devicePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2016
- M2M Security: Challenges and SolutionsIEEE Communications Surveys & Tutorials, 2016
- BSD-based elliptic curve cryptography for the open Internet of ThingsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- Key Management Protocol with Implicit Certificates for IoT systemsPublished by Association for Computing Machinery (ACM) ,2015
- Security analysis of TLS authenticationPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2014
- Securing the Internet of Things: A Standardization PerspectiveIEEE Internet of Things Journal, 2014
- Secure Device Pairing: A SurveyIEEE Communications Surveys & Tutorials, 2013
- Recommendation for key management, part 1 :Published by National Institute of Standards and Technology (NIST) ,2012
- Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile2008
- Elliptic Curves in CryptographyPublished by Cambridge University Press (CUP) ,1999