{"title":"Resilient Intermediary‐Based Key Exchange Protocol for IoT","authors":"Zhangxiang Hu, Jun Li, Christopher Wilson","doi":"10.1145/3632408","DOIUrl":null,"url":null,"abstract":"Due to the limited resources of Internet of Things (IoT) devices, Symmetric Key Cryptography (SKC) is typically favored over resource-intensive Public Key Cryptography (PKC) to secure communication between IoT devices. To utilize SKC, devices need to execute a key exchange protocol to establish a session key before initiating communication. However, existing SKC-based key exchange protocols assume communication devices have a pre-shared secret or there are trusted intermediaries between them; neither is always realistic in IoT. We introduce a new SKC-based key exchange protocol for IoT devices. While also intermediary-based, our protocol fundamentally departs from existing intermediary-based solutions in that intermediaries between two key exchange devices may be malicious, and moreover, our protocol can detect cheating behaviors and identify malicious intermediaries. We prove our protocol is secure under the universally composable model, and show it can detect malicious intermediaries with probability 1.0. We implemented and evaluated our protocol on different IoT devices. We show our protocol has significant improvements in computation time and energy cost. Compared to the PKC-based protocols ECDH, DH, and RSA, our protocol is 2.3 to 1591 times faster on one of the two key exchange devices and 0.7 to 4.67 times faster on the other.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":3.5000,"publicationDate":"2023-11-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Internet of Things","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3632408","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Due to the limited resources of Internet of Things (IoT) devices, Symmetric Key Cryptography (SKC) is typically favored over resource-intensive Public Key Cryptography (PKC) to secure communication between IoT devices. To utilize SKC, devices need to execute a key exchange protocol to establish a session key before initiating communication. However, existing SKC-based key exchange protocols assume communication devices have a pre-shared secret or there are trusted intermediaries between them; neither is always realistic in IoT. We introduce a new SKC-based key exchange protocol for IoT devices. While also intermediary-based, our protocol fundamentally departs from existing intermediary-based solutions in that intermediaries between two key exchange devices may be malicious, and moreover, our protocol can detect cheating behaviors and identify malicious intermediaries. We prove our protocol is secure under the universally composable model, and show it can detect malicious intermediaries with probability 1.0. We implemented and evaluated our protocol on different IoT devices. We show our protocol has significant improvements in computation time and energy cost. Compared to the PKC-based protocols ECDH, DH, and RSA, our protocol is 2.3 to 1591 times faster on one of the two key exchange devices and 0.7 to 4.67 times faster on the other.