Abstract
Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is used in many protocols including SSH, IPsec, SMTPS, and protocols that rely on TLS. In the Internet of Things (IoT), we cannot rely on the PKI architecture to secure communications due to the growing number of connected things. We are proposing to decentralize the encryption keys management while maintaining the property of authentication and secrecy. We use the ability of each node to build a private channel to create a shared key, safe from the eye of an attacker. Our solution provides a solution to build a certificate-less trusted ecosystem for IoT.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)
Smart, N.P.: The discrete logarithm problem on elliptic curves of trace one. J. Cryptol. 12(3), 193–196 (1999)
Nyberg, K., Rueppel, R.A.: Message recovery for signature schemes based on the discrete logarithm problem. In: De Santis, A. (ed.) Workshop on the Theory and Application of of Cryptographic Techniques. LNCS, pp. 182–193. Springer, Heidelberg (1994). https://doi.org/10.1007/BFb005343
Velvindron, L., Baushke, M.: Increase the secure shell minimum recommended Diffie-Hellman modulus size to 2048 bits (2017)
Bormann, C., Ersue, M., Keranen, A.: Terminology for constrained-node networks. Technical report (2014)
Gura, N., Patel, A., Wander, A., Eberle, H., Shantz, S.C.: Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 119–132. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_9
Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). https://doi.org/10.1007/3-540-39799-X_31
Gupta, R., Murty, M.R.: Primitive points on elliptic curves. Compos. Math. 58(1), 13–44 (1986)
Koblitz, N.I.: Introduction to Elliptic Curves and Modular Forms, vol. 97. Springer, Heidelberg (2012). https://doi.org/10.1007/978-1-4612-0909-6
Boneh, D.: The decision Diffie-Hellman problem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 48–63. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054851
Delsarte, P.: Bilinear forms over a finite field, with applications to coding theory. J. Comb. Theory Ser. A 25(3), 226–241 (1978)
Adrian, D., et al.: Imperfect forward secrecy: how Diffie-Hellman fails in practice. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 5–17. ACM (2015)
Lenstra, A.K., Lenstra, H.W., Manasse, M.S., Pollard, J.M.: The number field sieve. In: Lenstra, A.K., Lenstra, H.W. (eds.) The development of the number field sieve. LNM, vol. 1554, pp. 11–42. Springer, Heidelberg (1993). https://doi.org/10.1007/BFb0091537
Housley, R., Ford, W., Polk, W., Solo, D.: Internet x. 509 public key infrastructure certificate and CRL profile. Technical report (1998)
Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. & Priv. 9(3), 49–51 (2011)
Kelley, M.B.: The Stuxnet attack on Irans nuclear plant was far more dangerous than previously thought. Bus. Insid. 20 (2013)
Ellison, C., Schneier, B.: Ten risks of PKI: What you’re not being told about public key infrastructure. Comput. Secur. J. 16(1), 1–7 (2000)
Nat Sakimura, John Bradley, Mike Jones, Breno de Medeiros, and Chuck Mortimore. Openid connect core 1.0 incorporating errata set 1. The OpenID Foundation, specification, 2014
Hardt, D.: The OAuth 2.0 Authorization Framework. https://tools.ietf.org/html/rfc6749
Bradley, J., Denniss, W.: OAuth 2.0 for native apps (2017). https://tools.ietf.org/html/rfc6749
Viehbck, S.: Brute forcing wi-fi protected setup. When poor design meets poor implementation (2011). https://code.google.com/archive/p/reaver-wps/
Murphy, B.F.: Network penetration testing and research (2013)
Lueg, L.: The twilight of wi-fi protected access (2013). https://pyrit.wordpress.com/about/
Lueg, L.: Pyrit code source (2013). https://code.google.com/archive/p/pyrit/
Espressif Systems. Espressif systems SoCs. https://www.espressif.com/en/products/hardware/socs
Damien George. Micropython. https://micropython.org/
Matsumoto, T., Takashima, Y., Imai, H.: On seeking smart public-key-distribution systems (1976–1990). IEICE Trans. 69(2), 99–106 (1986)
Wang, S., Cao, Z., Strangio, M.A., Wang, L.: Cryptanalysis and improvement of an elliptic curve Diffie-Hellman key agreement protocol. IEEE Commun. Lett. 12(2) (2008)
Krawczyk, H.: HMQV: a high-performance secure Diffie-Hellman protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005). https://doi.org/10.1007/11535218_33
Blake-Wilson, S., Menezes, A.: Authenticated Diffe-Hellman key agreement protocols. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 339–361. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48892-8_26
Scott, M.: Authenticated id-based key exchange and remote log-in with simple token and pin number. IACR Cryptology ePrint Archive 2002/164 (2002)
Smart, N.P.: Identity-based authenticated key agreement protocol based on weil pairing. Electron. Lett. 38(13), 630–632 (2002)
Shim, K.: Efficient ID-based authenticated key agreement protocol based on weil pairing. Electron. Lett. 39(8), 653–654 (2003)
Chen, L., Cheng, Z., Smart, N.P.: Identity-based key agreement protocols from pairings. Int. J. Inf. Secur. 6(4), 213–241 (2007)
Shelby, Z., Hartke, K., Bormann, C.: The Constrained Application Protocol (CoAP). https://tools.ietf.org/html/rfc7252
Raza, S., Trabalza, D., Voigt, T.: 6LoWPAN compressed DTLS for CoAP. In: 2012 IEEE 8th International Conference on Distributed Computing in Sensor Systems, pp. 287–289. IEEE (2012)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Kome, I.M.L., Cuppens-Boulahia, N., Cuppens, F., Frey, V. (2019). A Certificate-Less Key Exchange Protocol for IoT. In: Zemmari, A., Mosbah, M., Cuppens-Boulahia, N., Cuppens, F. (eds) Risks and Security of Internet and Systems. CRiSIS 2018. Lecture Notes in Computer Science(), vol 11391. Springer, Cham. https://doi.org/10.1007/978-3-030-12143-3_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-12143-3_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-12142-6
Online ISBN: 978-3-030-12143-3
eBook Packages: Computer ScienceComputer Science (R0)