Terminal independent security token derivation scheme for ultra-dense IoT networks

Abstract

The Fifth Generation (5G) networks deploy base station ultra-densification to boost data rates, capacities, reliability, energy efficiency as well as the reduction of communication latencies. To increase quality of service as well as quality of experience, a large number of Internet of Things (IoT) communications are relayed over 5G networks. For enhanced pervasive computing, most of the devices in 5G-IoT networks are continuously connected to the network, exchanging massive and sensitive data. Therefore, there is need to protect these networks from both privacy and security attacks. As a result, many security protocols have been presented in literature. Unfortunately, IoT devices are heterogeneous in nature with diverse communication and security architectures. These issues render privacy and security protection extremely challenging. Consequently, majority of the conventional protocols fail to fully address privacy and security issues in 5G-IoT networks. Particularly, user collusion, de-synchronization and side-channeling attacks are ignored in most of the security protocols. On the other hand, some of the developed protocols achieve salient security but at extremely high computation, storage and communication complexities. In this paper, an elliptic curve and biometric based security token derivation scheme is presented. Formal security analysis using Burrows–Abadi–Needham (BAN) logic shows the negotiation of a session key between the communicating parties. On the other hand, informal security analysis shows that this scheme is secure under all the Canetti- Krawczyk (CK) threat model assumptions. In terms of efficiency, the comparative performance evaluation carried out shows that this protocol has the least communication and computation complexities among other related protocols.