Abstract
Internet of Things (IoT) is an integral part of our daily lives and the security of these devices is paramount. However, IoT devices are often resource constrained, requiring implementations of efficient lightweight security strategy for such environments. In this paper, we propose a novel identity authenticated Key Agreement Scheme (KAS) for IoT environments based on Hyper Elliptic Curve Cryptography (HECC) and Chinese Remainder Theorem (CRT) built on four co-prime integers. The distributed CRT four co-prime based KAS permits multiple shared keys between devices which facilitates a subset construction with much greater device support and having full connectivity till depth four and overall better connectivity till greater depths than its two co-prime counterpart. We develop an efficient authentication mechanism based on HECC that has much smaller key sizes than most existing cryptosystems. The authentication part treats devices identities related to CRT four co-prime KAS as secret information during their exchange and thereby eliminates the well known selective device attack (SDA). We compute the standard resiliency measure, fail(s) with \(s=1\) for our authenticated CRT four co-prime KAS. Proposed scheme are secure against a variety of attacks, including reply attack, impersonation attack, user anonymity. A comparative study with existing schemes in terms of storage, network connectivity, communications overheads, scalability, resiliency and standard security parameters exhibits superiority of our schemes making them more apt during implementations in practical deployment zones.
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs12083-024-01699-7/MediaObjects/12083_2024_1699_Fig1_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs12083-024-01699-7/MediaObjects/12083_2024_1699_Fig2_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs12083-024-01699-7/MediaObjects/12083_2024_1699_Fig3_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs12083-024-01699-7/MediaObjects/12083_2024_1699_Fig4_HTML.png)
Similar content being viewed by others
Availability of supporting data
Not applicable.
Notes
By a “hashed key”, we refer to a key that is obtained by application of a full domain hash function [31] to an existing keys. This ensures revealing of these hashed key from a lower level device does not disclose any information about the parent device’s original key at the level above.
However to get access to information being transmitted, the adversary still need to get hold of the secret keys or break the security of the cryptosystem which we assume to be secure.
References
Ganesan R, Gobi M, Vivekanandan K (2010) A novel digital envelope approach for a secure e-commerce channel. Int J Netw Secur 11(3):121–127
Sarkar P (2023) Strongly-resilient, well connected, non-interactive and gateway-free hierarchical deterministic key agreement schemes using chinese remainder theorem. J Ambient Intell Humaniz Comput 14(5):5817–5836
Cohen H, Frey G, Avanzi R, Doche C, Lange T, Nguyen K, Vercauteren F (2005) Handbook of elliptic and hyperelliptic curve cryptography. CRC Press
Ullah S, Zheng J, Hussain MT, Din N, Ullah F, Farooq MU (2022) A perspective trend of hyperelliptic curve cryptosystem for lighted weighted environments. J Inf Secur Appl 70:103346
Islam SKH, Biswas GP (2011) A more efficient and secure id-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. J Syst Softw 84(11):1892–1898
Xue K, Ma C, Hong P, Ding R (2013) A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. J Netw Comput Appl 36(1):316–323
Mishra D, Vijayakumar P, Sureshkumar V, Amin R, Islam SKH, Gope P (2018) Efficient authentication protocol for secure multimedia communications in iot-enabled wireless sensor networks. Multimed Tools Appl 77:18295–18325
Wu F, Li X, Sangaiah AK, Xu L, Kumari S, Wu L, Shen J (2018) A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks. Futur Gener Comput Syst 82:727–737
Zhang L, Zhao L, Yin S, Chi C-H, Liu R, Zhang Y (2019) A lightweight authentication scheme with privacy protection for smart grid communications. Futur Gener Comput Syst 100:770–778
Sadhukhan D, Ray S, Obaidat MS, Dasgupta M (2021) A secure and privacy preserving lightweight authentication scheme for smart-grid communication using elliptic curve cryptography. J Syst Architect 114:101938
Khan AA, Kumar V, Ahmad M (2022) An elliptic curve cryptography based mutual authentication scheme for smart grid communications using biometric approach. J King Saud Univ- Comput Inf Sci 34(3):698–705
Koblitz N (1989) Hyperelliptic cryptosystems. J Cryptol 1:139–150
Bechkit W, Challal Y, Bouabdallah A (2013) A new class of hash-chain based key pre-distribution schemes for wsn. Comput Commun 36(3):243–255
Biswas C, Dutta R (2023) Implementation of key predistribution scheme in WSN based on binary goppa codes and reed solomon codes with enhanced connectivity and resiliency. J Ambient Intell Humaniz Comput 14(5):5801–5816
Dalai DK, Sarkar P (2020) Bidirectional hash chains generically enhances resilience of key predistribution schemes. IET Wirel Sens Syst 10(4):154–165
Helali A, Msolli A, Maaref H, Mghaieth R (2021) KMPH: key management scheme based on pool-hash for WSN. J Circuits Syst Comput 30(1):21500031–215000314
Msolli A, Ajmi N, Helali A, Gassoumi A, Maaref H, Mghaieth R (2023) New key management scheme based on pool-hash for WSN and iot. J Inf Secur Appl 73:103415
Masaeli N, Javadi HHS, Erfani SH (2020) Key pre-distribution scheme based on transversal design in large mobile fog networks with multi-clouds. J Inf Secur Appl 54:102519
Sarkar P, Baranwal M, Nandi S (2018) Crt-kps: a key predistribution schemes using crt. In: information security and privacy: 23rd australasian conference, ACISP 2018, Wollongong, NSW, Australia, July 11-13, 2018, Proceedings 23, Springer, pp 821-830
Yuan Q, Ma C, Yu H, Bian X (2018) A key pre-distribution scheme based on \(\mu \)-pbibd for enhancing resilience in wireless sensor networks. Sensors 18(5):1539
Bechkit W, Challal Y, Bouabdallah A, Tarokh V (2013) A highly scalable key pre-distribution scheme for wireless sensor networks. IEEE Trans Wireless Commun 12(2):948–959
Modiri V, Javadi HHS, Anzani M (2017) A novel scalable key predistribution scheme for wireless sensor networks based on residual design. Wireless Pers Commun 96:2821–2841
Gope P, Sikdar B (2020) An efficient privacy-preserving authenticated key agreement scheme for edge-assisted internet of drones. IEEE Trans Veh Technol 69(11):13621–13630
Lee D-H, Lee I-Y (2020) A lightweight authentication and key agreement schemes for iot environments. Sensors 20(18):5350
Garg S, Kaur K, Kaddoum G, Rodrigues JJPC, Guizani M (2019) Secure and lightweight authentication scheme for smart metering infrastructure in smart grid. IEEE Trans Industr Inf 16(5):3548–3557
Yu S, Park K (2022) Isg-slas: secure and lightweight authentication and key agreement scheme for industrial smart grid using fuzzy extractor. J Syst Architect 131:102698
Baksi A, Bhasin S, Breier J, Jap D, Saha D (2023) A survey on fault attacks on symmetric key cryptosystems. ACM Comput Surv 55(4):861–8634
Adhikari MR, Adhikari A (2014) Basic modern algebra with applications. Springer
Dalai DK, Sarkar P (2017) Enhancing resilience of KPS using bidirectional hash chains and application on sensornet. In: Yan Z, Molva R, Mazurczyk W, Kantola R (eds) Network and system security - 11th International Conference, NSS 2017, helsinki, finland, august 21–23, 2017, proceedings, vol 10394. Springer, Lecture notes in computer science, pp 683–693
Henry KJ, Paterson MB, Stinson DR (2013) Practical approaches to varying network size in combinatorial key predistribution schemes. In: Lange T, Lauter KE, Lisonek P (eds) selected areas in cryptography - SAC 2013–20th international conference, burnaby, BC, canada, august 14–16, 2013, revised selected papers, vol 8282. Springer, Lecture notes in computer science, pp 89–117
Bellare M, Rogaway P (1993) Entity authentication and key distribution. In: Advances in Crypto-Crypto ’93, 13th annual international cryptology conference. LNCS, Springer, August 22–26
Bag S, Dhar A, Sarkar P (2012) 100% connectivity for location aware code based KPD in clustered WSN: merging blocks. In: Gollmann D, Freiling FC (eds) information security - 15th international conference, ISC 2012, passau, germany, september 19-21, 2012. Proceedings, vol 7483 of Lecture notes in computer science, pp 136–150 Springer
Sarkar P, Sahoo SK, Goswami C, Adhikari A (2022) Connectivity invariant lightweight resiliency improvement strategies for crt-subset scheme. Ad Hoc Netw 129:102803
Kumar A, Pais AR (2019) A new combinatorial design based key pre-distribution scheme for wireless sensor networks. J Ambient Intell Humaniz Comput 10:2401–2416
Shoup V (2004) Sequences of games: a tool for taming complexity in security proofs. Cryptology eprint archive
Das AK, Sharma P, Chatterjee S, Sing JK (2012) A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. J Netw Comput Appl 35(5):1646–1656
Amin R, Islam SKH, Biswas GP, Khan MK, Leng L, Kumar N (2016) Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks. Comput Netw 101:42–62
Jiang Q, Zeadally S, Ma J, He D (2017) Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks. IEEE Access 5:3376–3392
Gao Q, Ma W, Luo W (2018) Key predistribution schemes for wireless sensor networks based on combinations of orthogonal arrays. Ad Hoc Netw 73:40–50
Ruj S, Nayak A, Stojmenovic I (2012) Pairwise and triple key distribution in wireless sensor networks with applications. IEEE Trans Comput 62(11):2224–2237
Acknowledgements
We would like to express our sincere appreciation to the editorial group and the reviewers for their careful reading, beneficial comments, and constructive suggestions for our paper.
Funding
Mr. Chandan Goswami would like to thank the Council of Scientific and Industrial Research (CSIR), India for his research, which is documented in file no. 08/155(0081)/2020-EMR-I. Prof. Avishek Adhikari has been partially funded by the Government of India’s DST-FIST Project, vide sanction order no. SR/FST/MS-I/2019/41.
Author information
Authors and Affiliations
Contributions
The authors of this article made equal contributions.
Corresponding author
Ethics declarations
Competing interests
The authors declare no competing interests.
Ethical approval and consent to participate
We declare that this manuscript is original and has not been published before.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article is part of the Topical Collection: 4 - Track on IoT
Guest Editor: Peter Langendoerfer
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Goswami, C., Adhikari, A., Sahoo, S.K. et al. Authenticated key agreement for IoT network using HECC and CRT four co-primes. Peer-to-Peer Netw. Appl. (2024). https://doi.org/10.1007/s12083-024-01699-7
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s12083-024-01699-7