Advertisement

Wireless Networks

, Volume 25, Issue 6, pp 3081–3101 | Cite as

AKAIoTs: authenticated key agreement for Internet of Things

  • Mutaz Elradi S. SaeedEmail author
  • Qun-Ying Liu
  • GuiYun Tian
  • Bin Gao
  • Fagen Li
Article

Abstract

WSNs are one of the important components in the Internet of Things (IoTs), since they enable gathering and transmitting of data to the cloud server via the Internet medium. Designing an efficient secure cryptography scheme for the IoTs is a challenging task, since sensor node is a resource-constrained device. In this paper, an authentication key agreement scheme is proposed to build a secure channel between WSNs and a cloud server in the IoTs. The proposed scheme has two properties: (1) it has a lightweight computation, and (2) it provides various security properties of key agreement. In addition, it is proven to be secure under computation Diffe–Hellman assumption in the random oracle model. AKAIoTs is implemented using Contiki OS and use Z1 emulator to evaluate time overhead and memory usage. Three different curves; “BN-P158”, “SECG-P160” and “NIST-P192” are used. The implementation results verify that, the proposed scheme is computationally efficient and memory usage between 51 and 52% from total memory of ROM, and between 59 and 62% from total memory of RAM for three different security levels. As a result, curve SECG-P160 might be a good choice to supply security for the IoTs devices, since it consumes reasonable time which result in less power consumption than curve NIST-P192 and more secure than curve BN-P158. Compared with existing relevant schemes, the proposed AKAIoTs is efficient in terms of energy consumption. Moreover, two application scenarios are given to show how the proposed scheme can be applied in the IoTs applications.

Keywords

Wireless sensor network (WSNs) Elliptic curve cryptography (ECC) Identity-based Authenticated key establishment (AKE) Internet of Things (IoTs) 

Notes

Acknowledgements

The authors would like to thank NSFC (No. 51677020), Xihua University Project (No. szjj2016-093) and FP7 through CONHEALTH project www.conhealth.eu partially funding the research.

References

  1. 1.
    Atzori, L., Iera, A., & Morabito, G. (2010). The internet of things: A survey. Computer Networks, 54(15), 2787–2805.zbMATHGoogle Scholar
  2. 2.
    Miorandi, D., Sicari, S., De Pellegrini, F., & Chlamtac, I. (2012). Internet of things: Vision, applications and research challenges. Ad Hoc Networks, 10(7), 1497–1516.Google Scholar
  3. 3.
    Tokognon, C. A., Gao, B., Tian, G. Y., & Yan, Y. (2017). Structural health monitoring framework based on Internet of Things: A survey. IEEE Internet of Things Journal, 4(3), 619–635.Google Scholar
  4. 4.
    Montenegro, G., Kushalnagar, N., Hui, J., & Culler, D. (2007). RFC 4944: Transmission of IPv6 packets over IEEE 802.15.4 networks.Google Scholar
  5. 5.
    Roman, R., & Lopez, J. (2009). Integrating wireless sensor networks and the internet: A security analysis. Internet Research, 19(2), 246–259.Google Scholar
  6. 6.
    Palattella, M. R., Dohler, M., Grieco, A., Rizzo, G., Torsner, J., Engel, T., et al. (2016). Internet of things in the 5G era: Enablers, architecture, and business models. IEEE Journal on Selected Areas in Communications, 34(3), 510–527.Google Scholar
  7. 7.
    Condoluci, M., Araniti, G., Mahmoodi, T., & Dohler, M. (2016). Enabling the IoT machine age with 5G: Machine-type multicast services for innovative real-time applications. IEEE Access, 4, 5555–5569.Google Scholar
  8. 8.
    Wang, L., & Ranjan, R. (2015). Processing distributed internet of things data in clouds. IEEE Cloud Computing, 2(1), 76–80.Google Scholar
  9. 9.
    Mollah, M. B., Azad, M. A. K., & Vasilakos, A. (2017). Security and privacy challenges in mobile cloud computing: Survey and way ahead. Journal of Network and Computer Applications, 84, 38–54.Google Scholar
  10. 10.
    Go, J., & Kim, K. (2001). Wireless authentication protocol preserving user anonymity. SCIS 2001, Japan, January 23–26.Google Scholar
  11. 11.
    ElGamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31(4), 469–472.MathSciNetzbMATHGoogle Scholar
  12. 12.
    Miller, V. S. (1985). Use of elliptic curves in cryptography. In Conference on the theory and application of cryptographic techniques (pp. 417–426). Berlin: Springer.Google Scholar
  13. 13.
    Koblitz, N. (1987). Elliptic curve cryptosystems. Mathematics of Computation, 48(177), 203–209.MathSciNetzbMATHGoogle Scholar
  14. 14.
    Hankerson, D., Menezes, A., & Vanstone, S. (2003). Guide to elliptic curve cryptography. Berlin: Springer.zbMATHGoogle Scholar
  15. 15.
    Abi-Char, P. E., Mhamed, A., & Bachar, E. H. (2007, September). A fast and secure elliptic curve based authenticated key agreement protocol for low power mobile communications. In The 2007 international conference on next generation mobile applications, services and technologies, 2007. NGMAST’07 (pp. 235–240). IEEE.Google Scholar
  16. 16.
    Benenson, Z., Gedicke, N., & Raivio, O. (2005). Realizing robust user authentication in sensor networks. Real-World Wireless Sensor Networks (REALWSN), 14, 52.Google Scholar
  17. 17.
    Jiang, C., Li, B., & Xu, H. (2007, May). An efficient scheme for user authentication in wireless sensor networks. In 21st International conference on advanced information networking and applications workshops, 2007, AINAW’07 (Vol. 1, pp. 438–442). IEEE.Google Scholar
  18. 18.
    Shamir, A. (1984). Identity-based cryptosystems and signature schemes. In Workshop on the theory and application of cryptographic techniques (pp. 47–53). Berlin: Springer, Heidelberg.Google Scholar
  19. 19.
    Yang, J.-H., & Chang, C.-C. (2009). An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Computers & Security, 28(3), 138–143.Google Scholar
  20. 20.
    Yoon, E. J., & Yoo, K. Y. (2009). Robust id-based remote mutual authentication with key agreement scheme for mobile devices on ecc. In CSE’09, International conference on computational science and engineering, 2009 (Vol. 2, pp. 633–640). IEEE.Google Scholar
  21. 21.
    Truong, T. T., Tran, M. T., & Duong, A. D. (2012, March). Improvement of the more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on ECC. In 2012 26th international conference on advanced information networking and applications workshops (WAINA) (pp. 698–703). IEEE.Google Scholar
  22. 22.
    Debiao, H., Jianhua, C., & Jin, H. (2012). An ID-based client authentication with key agreement protocol for mobile clientserver environment on ECC with provable security. Information Fusion, 13(3), 223–230.Google Scholar
  23. 23.
    Seo, S. H., Won, J., Sultana, S., & Bertino, E. (2015). Effective key management in dynamic wireless sensor networks. IEEE Transactions on Information Forensics and Security, 10(2), 371–383.Google Scholar
  24. 24.
    Wang, C., & Zhang, Y. (2015). New authentication scheme for wireless body area networks using the bilinear pairing. Journal of Medical Systems, 39(11), 136.Google Scholar
  25. 25.
    Wu, L., Zhang, Y., Li, L., & Shen, J. (2016). Efficient and anonymous authentication scheme for wireless body area networks. Journal of Medical Systems, 40(6), 134.Google Scholar
  26. 26.
    He, D., Zeadally, S., Kumar, N., & Lee, J. H. (2017). Anonymous authentication for wireless body area networks with provable security. IEEE Systems Journal, 11(4), 2590–2601.Google Scholar
  27. 27.
    Shen, J., Chang, S., Shen, J., Liu, Q., & Sun, X. (2016). A lightweight multi-layer authentication protocol for wireless body area networks. Future Generation Computer Systems, 78, 956–963.Google Scholar
  28. 28.
    Mollah, M. B., Azad, M. A. K., & Vasilakos, A. (2017). Secure data sharing and Searching at the edge of cloud-assisted Internet of Things. IEEE Cloud Computing, 4(1), 34–42.Google Scholar
  29. 29.
    Bellare, M., & Rogaway, P. (1993). Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM conference on computer and communications security (pp. 62–73). ACM.Google Scholar
  30. 30.
    LaMacchia, B., Lauter, K., & Mityagin, A. (2007). Stronger security of authenticated key exchange. In Susilo, W., Liu, J. K., & Mu. Y. (Eds.) International conference on provable security (pp. 1–16). Berlin, Heidelberg: Springer.Google Scholar
  31. 31.
    Canetti, R., & Krawczyk, H. (2001). Analysis of key-exchange protocols and their use for building secure channels. In Advances in CryptologyEUROCRYPT 2001 (pp. 453–474). Berlin: Springer.Google Scholar
  32. 32.
    Blake-Wilson, S., Johnson, D., & Menezes, A. (1997). Key agreement protocols and their security analysis. In IMA international conference Crytography and coding (pp. 30–45). Berlin: Springer, Heidelberg.Google Scholar
  33. 33.
    Gorantla, M. C., Boyd, C., & Gonzlez Nieto, J. M. (2008). ID-based one-pass authenticated key establishment. In Proceedings of the sixth Australasian conference on Information security-Volume 81 (pp. 39–46). Australian Computer Society, Inc.Google Scholar
  34. 34.
    Lee, H., & Lee, Y. (2005). Identity based authenticated key agreement from pairings. Communications-Korean Mathematical Society, 20(4), 849.MathSciNetzbMATHGoogle Scholar
  35. 35.
    Certicom Corporation, Remarks on the Security of the Elliptic Curve Cryptosystem (2000), http://www.oocities.org/techphyre/whitepapers/the_elliptic_curve_cryptosystem.pdf.
  36. 36.
    Bao, F., Deng, R. H., & Zhu, H. (2003). Variations of diffie-hellman problem. In Qing. S., Gollmann. D., & Zhou, J. (Eds.) International conference on information and communications security (pp. 301–312). Berlin, Heidelberg: Springer.Google Scholar
  37. 37.
    Schnorr, C.-P. (1991). Efficient signature generation by smart cards. Journal of Cryptology, 4(3), 161–174.zbMATHGoogle Scholar
  38. 38.
    Boldyreva, A., Goyal, V., & Kumar, V. (2008). Identity-based encryption with efficient revocation. In Proceedings of the 15th ACM conference on computer and communications security (pp. 417–426). ACM.Google Scholar
  39. 39.
    Seo, J. H., & Emura, K. (2013). Revocable identity-based encryption revisited: Security model and construction. In Public-key cryptography–PKC (pp. 216–234). Berlin, Heidelberg: Springer.Google Scholar
  40. 40.
  41. 41.
    Koblitz, N. (1991). CM-curves with good cryptographic properties. In Annual international cryptology conference (pp. 279–287). Berlin, Heidelberg: Springer.Google Scholar
  42. 42.
    Oliveira, L. B., et al. (2012). Secure-TWS: Authenticating node to multi-user communication in shared sensor networks. The Computer Journal, 55(4), 384–396.Google Scholar
  43. 43.
    Aranha, D. F., Dahab, R., Lpez, J., & Oliveira, L. B. (2010). Efficient implementation of elliptic curve cryptography in wireless sensors. Advances in Mathematics of Communications, 4(2), 169–187.MathSciNetzbMATHGoogle Scholar
  44. 44.
    Barreto, P. S., Galbraith, S. D., higeartaigh, C., & Scott, M. (2007). Efficient pairing computation on supersingular abelian varieties. Designs, Codes and Cryptography, 42(3), 239–271.MathSciNetzbMATHGoogle Scholar
  45. 45.
    Oliveira, L. B., Aranha, D. F., Gouva, C. P., Scott, M., Cmara, D. F., Lpez, J., et al. (2011). TinyPBC: Pairings for authenticated identity-based non-interactive key distribution in sensor networks. Computer Communications, 34(3), 485–493.Google Scholar
  46. 46.
    Gura, N., Patel, A., Wander, A., Eberle, H., & Shantz, S. C. (2004). Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In CHES (Vol. 4, pp. 119–132).Google Scholar
  47. 47.
    Shim, K.-A., Lee, Y.-R., & Park, C.-M. (2013). EIBAS: An efficient identity-based broadcast authentication scheme in wireless sensor networks. Ad Hoc Networks, 11(1), 182–189.Google Scholar
  48. 48.
    Shim, K.-A. (2014). S 2 DRP: Secure implementations of distributed reprogramming protocol for wireless sensor networks. Ad Hoc Networks, 19, 1–8.Google Scholar
  49. 49.
    Xiong, H. (2014). Cost-effective scalable and anonymous certificateless remote authentication protocol. IEEE Transactions on Information Forensics and Security, 9(12), 2327–2339.Google Scholar
  50. 50.
    Cao, X., Kou, W., Dang, L., & Zhao, B. (2008). IMBAS: Identity-based multi-user broadcast authentication in wireless sensor networks. Computer Communications, 31(4), 659–667.Google Scholar
  51. 51.
    Barreto, P. S. L. M., & Naehrig, M. (2006). Pairing-friendly elliptic curves of prime order. In Preneel, B., Tavares, S. (Eds.) Selected Areas in Cryptography SAC 2005, volume 3897 of Lecture notes in computer science (pp. 319–331). Berlin, Heidelberg: Springer.Google Scholar
  52. 52.
    Certicom Research. Standards for efficient cryptography, SEC 1: Elliptic curve cryptography, September 2000. Version 1.0. http://www.secg.org/SEC1-Ver-1.0.pdf. Accessed March 2017.
  53. 53.
    National Institute of Standards and Technology. Recommended elliptic curves for federal government use. http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf. Accessed March 2017.
  54. 54.
    Zolertia, Z1 product, http://zolertia.com/products/z1. Accessed March 2017.
  55. 55.
    Dunkels, A., & Eriksson, N. The Contiki operating system. Available: http://www.contiki-os.org. Accessed February 2017.
  56. 56.
    Aranha, D. F., & Gouvêa, C. P. L. Relic is an efficient library for Cryptography. (2013). Cryptography. http://github.com/relic-toolkit/relic.
  57. 57.
    Daemen, J., & Rijmen, V. (2002). The design of Rijndael: AESthe advanced encryption standard. Berlin: Springer.zbMATHGoogle Scholar
  58. 58.
    Gellings, C. W. (2009). The smart grid: Enabling energy efficiency and demand response, Lilburn. Lilburn: Fairmont Press.Google Scholar
  59. 59.
    MSP430 for Utility Metering Applications, available at Texas Instruments, http://focus.ti.com/mcu/docs/mcuorphan.tsp?contentId=31498.
  60. 60.
    Fouda, M. M., Fadlullah, Z. M., Kato, N., Lu, R., & Shen, X. S. (2011). A lightweight message authentication scheme for smart grid communications. IEEE Transactions on Smart Grid, 2(4), 675–685.Google Scholar
  61. 61.
    So, H. K. H., Kwok, S. H., Lam, E. Y., & Lui, K. S. (2010, October). Zero-configuration identity-based signcryption scheme for smart grid. In 2010 First IEEE International Conference on smart grid communications (SmartGridComm) (pp. 321–326). IEEE.Google Scholar
  62. 62.
    Lim, H. W., & Paterson, K. G. (2011). Identity-based cryptography for grid security. International Journal of Information Security, 10(1), 15–32.Google Scholar
  63. 63.
    Baek, J., Vu, Q. H., Liu, J. K., Huang, X., & Xiang, Y. (2015). A secure cloud computing based framework for big data information management of smart grid. IEEE Transactions on Cloud Computing, 3(2), 233–244.Google Scholar
  64. 64.
    Wang, J., Jiang, C., Zhang, K., Quek, T. Q., Ren, Y., & Hanzo, L. (2018). Vehicular sensing networks in a smart city: Principles, technologies and applications. IEEE Wireless Communications, 25(1), 122–132.Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  • Mutaz Elradi S. Saeed
    • 1
    • 2
    Email author
  • Qun-Ying Liu
    • 1
    • 2
  • GuiYun Tian
    • 1
    • 2
  • Bin Gao
    • 1
    • 2
  • Fagen Li
    • 1
  1. 1.School of Automation EngineeringUniversity of Electronic Science and Technology of ChinaChengduChina
  2. 2.School of EngineeringNewcastle UniversityNewcastle upon TyneUK

Personalised recommendations