Skip to main content
SpringerLink
Log in

A Certificate-Less Key Exchange Protocol for IoT

  • Conference paper
  • First Online:
Risks and Security of Internet and Systems (CRiSIS 2018)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 11391))

Included in the following conference series:

  • 848 Accesses

Abstract

Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is used in many protocols including SSH, IPsec, SMTPS, and protocols that rely on TLS. In the Internet of Things (IoT), we cannot rely on the PKI architecture to secure communications due to the growing number of connected things. We are proposing to decentralize the encryption keys management while maintaining the property of authentication and secrecy. We use the ability of each node to build a private channel to create a shared key, safe from the eye of an attacker. Our solution provides a solution to build a certificate-less trusted ecosystem for IoT.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  2. Smart, N.P.: The discrete logarithm problem on elliptic curves of trace one. J. Cryptol. 12(3), 193–196 (1999)

    Article  MathSciNet  MATH  Google Scholar 

  3. Nyberg, K., Rueppel, R.A.: Message recovery for signature schemes based on the discrete logarithm problem. In: De Santis, A. (ed.) Workshop on the Theory and Application of of Cryptographic Techniques. LNCS, pp. 182–193. Springer, Heidelberg (1994). https://doi.org/10.1007/BFb005343

    Chapter  MATH  Google Scholar 

  4. Velvindron, L., Baushke, M.: Increase the secure shell minimum recommended Diffie-Hellman modulus size to 2048 bits (2017)

    Google Scholar 

  5. Bormann, C., Ersue, M., Keranen, A.: Terminology for constrained-node networks. Technical report (2014)

    Google Scholar 

  6. Gura, N., Patel, A., Wander, A., Eberle, H., Shantz, S.C.: Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 119–132. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_9

    Chapter  MATH  Google Scholar 

  7. Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). https://doi.org/10.1007/3-540-39799-X_31

    Chapter  Google Scholar 

  8. Gupta, R., Murty, M.R.: Primitive points on elliptic curves. Compos. Math. 58(1), 13–44 (1986)

    MathSciNet  MATH  Google Scholar 

  9. Koblitz, N.I.: Introduction to Elliptic Curves and Modular Forms, vol. 97. Springer, Heidelberg (2012). https://doi.org/10.1007/978-1-4612-0909-6

    Book  MATH  Google Scholar 

  10. Boneh, D.: The decision Diffie-Hellman problem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 48–63. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054851

    Chapter  Google Scholar 

  11. Delsarte, P.: Bilinear forms over a finite field, with applications to coding theory. J. Comb. Theory Ser. A 25(3), 226–241 (1978)

    Article  MathSciNet  MATH  Google Scholar 

  12. Adrian, D., et al.: Imperfect forward secrecy: how Diffie-Hellman fails in practice. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 5–17. ACM (2015)

    Google Scholar 

  13. Lenstra, A.K., Lenstra, H.W., Manasse, M.S., Pollard, J.M.: The number field sieve. In: Lenstra, A.K., Lenstra, H.W. (eds.) The development of the number field sieve. LNM, vol. 1554, pp. 11–42. Springer, Heidelberg (1993). https://doi.org/10.1007/BFb0091537

    Chapter  MATH  Google Scholar 

  14. Housley, R., Ford, W., Polk, W., Solo, D.: Internet x. 509 public key infrastructure certificate and CRL profile. Technical report (1998)

    Google Scholar 

  15. Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. & Priv. 9(3), 49–51 (2011)

    Article  Google Scholar 

  16. Kelley, M.B.: The Stuxnet attack on Irans nuclear plant was far more dangerous than previously thought. Bus. Insid. 20 (2013)

    Google Scholar 

  17. Ellison, C., Schneier, B.: Ten risks of PKI: What you’re not being told about public key infrastructure. Comput. Secur. J. 16(1), 1–7 (2000)

    Google Scholar 

  18. Nat Sakimura, John Bradley, Mike Jones, Breno de Medeiros, and Chuck Mortimore. Openid connect core 1.0 incorporating errata set 1. The OpenID Foundation, specification, 2014

    Google Scholar 

  19. Hardt, D.: The OAuth 2.0 Authorization Framework. https://tools.ietf.org/html/rfc6749

  20. Bradley, J., Denniss, W.: OAuth 2.0 for native apps (2017). https://tools.ietf.org/html/rfc6749

  21. Viehbck, S.: Brute forcing wi-fi protected setup. When poor design meets poor implementation (2011). https://code.google.com/archive/p/reaver-wps/

  22. Murphy, B.F.: Network penetration testing and research (2013)

    Google Scholar 

  23. Lueg, L.: The twilight of wi-fi protected access (2013). https://pyrit.wordpress.com/about/

  24. Lueg, L.: Pyrit code source (2013). https://code.google.com/archive/p/pyrit/

  25. Espressif Systems. Espressif systems SoCs. https://www.espressif.com/en/products/hardware/socs

  26. Damien George. Micropython. https://micropython.org/

  27. Matsumoto, T., Takashima, Y., Imai, H.: On seeking smart public-key-distribution systems (1976–1990). IEICE Trans. 69(2), 99–106 (1986)

    Google Scholar 

  28. Wang, S., Cao, Z., Strangio, M.A., Wang, L.: Cryptanalysis and improvement of an elliptic curve Diffie-Hellman key agreement protocol. IEEE Commun. Lett. 12(2) (2008)

    Google Scholar 

  29. Krawczyk, H.: HMQV: a high-performance secure Diffie-Hellman protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005). https://doi.org/10.1007/11535218_33

    Chapter  Google Scholar 

  30. Blake-Wilson, S., Menezes, A.: Authenticated Diffe-Hellman key agreement protocols. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 339–361. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48892-8_26

    Chapter  Google Scholar 

  31. Scott, M.: Authenticated id-based key exchange and remote log-in with simple token and pin number. IACR Cryptology ePrint Archive 2002/164 (2002)

    Google Scholar 

  32. Smart, N.P.: Identity-based authenticated key agreement protocol based on weil pairing. Electron. Lett. 38(13), 630–632 (2002)

    Article  MATH  Google Scholar 

  33. Shim, K.: Efficient ID-based authenticated key agreement protocol based on weil pairing. Electron. Lett. 39(8), 653–654 (2003)

    Article  MathSciNet  Google Scholar 

  34. Chen, L., Cheng, Z., Smart, N.P.: Identity-based key agreement protocols from pairings. Int. J. Inf. Secur. 6(4), 213–241 (2007)

    Article  Google Scholar 

  35. Shelby, Z., Hartke, K., Bormann, C.: The Constrained Application Protocol (CoAP). https://tools.ietf.org/html/rfc7252

  36. Raza, S., Trabalza, D., Voigt, T.: 6LoWPAN compressed DTLS for CoAP. In: 2012 IEEE 8th International Conference on Distributed Computing in Sensor Systems, pp. 287–289. IEEE (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. IMT Atlantique, 2 Rue de la Châtaigneraie, 35576, Cesson Sévigné, France

    Ivan Marco Lobe Kome, Nora Cuppens-Boulahia & Frédéric Cuppens

  2. Orange Labs, 4 rue du Clos Courtel, 35510, Cesson Sévigné, France

    Ivan Marco Lobe Kome & Vincent Frey

Authors
  1. Ivan Marco Lobe Kome
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nora Cuppens-Boulahia
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Frédéric Cuppens
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Vincent Frey
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Ivan Marco Lobe Kome , Nora Cuppens-Boulahia , Frédéric Cuppens or Vincent Frey .

Editor information

Editors and Affiliations

  1. University of Bordeaux, Talence, France

    Akka Zemmari

  2. University of Bordeaux, Talence, France

    Mohamed Mosbah

  3. IMT Atlantique, Brest, France

    Nora Cuppens-Boulahia

  4. IMT Atlantique, Brest, France

    Frédéric Cuppens

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kome, I.M.L., Cuppens-Boulahia, N., Cuppens, F., Frey, V. (2019). A Certificate-Less Key Exchange Protocol for IoT. In: Zemmari, A., Mosbah, M., Cuppens-Boulahia, N., Cuppens, F. (eds) Risks and Security of Internet and Systems. CRiSIS 2018. Lecture Notes in Computer Science(), vol 11391. Springer, Cham. https://doi.org/10.1007/978-3-030-12143-3_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-12143-3_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-12142-6

  • Online ISBN: 978-3-030-12143-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation