University of Oulu

Braeken, A., Liyanage, M. & Jurcut, A.D. Wireless Pers Commun (2019) 106: 345. https://doi.org/10.1007/s11277-019-06165-9

Anonymous lightweight proxy based key agreement for IoT (ALPKA)

Saved in:
Author: Braeken, An1; Liyanage, Madhusanka2,3; Jurcut, Anca Delia4
Organizations: 1Industrial Sciences Department (INDI), Vrije Universiteit Brussel, Brussels, Belgium
2School of Computer Science, University College Dublin, Ireland, Dublin, Ireland
3Centre for Wireless Communications, University of Oulu, Oulu, Finland
4School of Computer Science, University College Dublin, Dublin, Ireland
Format: article
Version: accepted version
Access: embargoed
Persistent link: http://urn.fi/urn:nbn:fi-fe2019081524242
Language: English
Published: Springer Nature, 2019
Publish Date: 2020-02-13
Description:

Abstract

The Internet of Things (IoT) technologies interconnect a broad range of network devices, differing in terms of size, weight, functionality, and resource capabilities. The main challenge is to establish the required security features in the most constrained devices, even if they are unknown to each other and do not share common pre-distributed key material. As a consequence, there is a high need for scalable and lightweight key establishment protocols. In this paper, we propose a key agreement protocol between two IoT devices without prior trust relation, using solely symmetric key based operations, by relying on a server or proxy based approach. This proxy is responsible for the verification of the authentication and the key agreement between the IoT devices, without being capable of deriving the established session key. We propose two versions. The first version does not require interactive input from the key distribution center to the proxy, but is not resistant if a compromised user and proxy are collaborating. The second version on the other hand is collision resistant, but needs an interactive key distribution center. In addition, we add the interesting features of anonymity and unlinkability of the sender and receiver in both protocol versions. The security properties of the proposed protocol are verified by using formal verification techniques.

see all

Series: Wireless personal communications
ISSN: 0929-6212
ISSN-E: 1572-834X
ISSN-L: 0929-6212
Volume: 106
Issue: 2
Pages: 345 - 364
DOI: 10.1007/s11277-019-06165-9
OADOI: https://oadoi.org/10.1007/s11277-019-06165-9
Type of Publication: A1 Journal article – refereed
Field of Science: 213 Electronic, automation and communications engineering, electronics
Subjects:
Funding: This work has been performed under the framework of COST Action CA15127 (RECODIS) and CA16226 (SHELD-ON) projects.
Copyright information: © Springer Science+Business Media, LLC, part of Springer Nature 2019. This is a post-peer-review, pre-copyedit version of an article published in Wireless Pers Commun. The final authenticated version is available online at: https://doi.org/10.1007/s11277-019-06165-9.