Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

AKAIoTs: authenticated key agreement for Internet of Things

  • 608 Accesses

  • 2 Citations


WSNs are one of the important components in the Internet of Things (IoTs), since they enable gathering and transmitting of data to the cloud server via the Internet medium. Designing an efficient secure cryptography scheme for the IoTs is a challenging task, since sensor node is a resource-constrained device. In this paper, an authentication key agreement scheme is proposed to build a secure channel between WSNs and a cloud server in the IoTs. The proposed scheme has two properties: (1) it has a lightweight computation, and (2) it provides various security properties of key agreement. In addition, it is proven to be secure under computation Diffe–Hellman assumption in the random oracle model. AKAIoTs is implemented using Contiki OS and use Z1 emulator to evaluate time overhead and memory usage. Three different curves; “BN-P158”, “SECG-P160” and “NIST-P192” are used. The implementation results verify that, the proposed scheme is computationally efficient and memory usage between 51 and 52% from total memory of ROM, and between 59 and 62% from total memory of RAM for three different security levels. As a result, curve SECG-P160 might be a good choice to supply security for the IoTs devices, since it consumes reasonable time which result in less power consumption than curve NIST-P192 and more secure than curve BN-P158. Compared with existing relevant schemes, the proposed AKAIoTs is efficient in terms of energy consumption. Moreover, two application scenarios are given to show how the proposed scheme can be applied in the IoTs applications.

This is a preview of subscription content, log in to check access.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12


  1. 1.

    Atzori, L., Iera, A., & Morabito, G. (2010). The internet of things: A survey. Computer Networks, 54(15), 2787–2805.

  2. 2.

    Miorandi, D., Sicari, S., De Pellegrini, F., & Chlamtac, I. (2012). Internet of things: Vision, applications and research challenges. Ad Hoc Networks, 10(7), 1497–1516.

  3. 3.

    Tokognon, C. A., Gao, B., Tian, G. Y., & Yan, Y. (2017). Structural health monitoring framework based on Internet of Things: A survey. IEEE Internet of Things Journal, 4(3), 619–635.

  4. 4.

    Montenegro, G., Kushalnagar, N., Hui, J., & Culler, D. (2007). RFC 4944: Transmission of IPv6 packets over IEEE 802.15.4 networks.

  5. 5.

    Roman, R., & Lopez, J. (2009). Integrating wireless sensor networks and the internet: A security analysis. Internet Research, 19(2), 246–259.

  6. 6.

    Palattella, M. R., Dohler, M., Grieco, A., Rizzo, G., Torsner, J., Engel, T., et al. (2016). Internet of things in the 5G era: Enablers, architecture, and business models. IEEE Journal on Selected Areas in Communications, 34(3), 510–527.

  7. 7.

    Condoluci, M., Araniti, G., Mahmoodi, T., & Dohler, M. (2016). Enabling the IoT machine age with 5G: Machine-type multicast services for innovative real-time applications. IEEE Access, 4, 5555–5569.

  8. 8.

    Wang, L., & Ranjan, R. (2015). Processing distributed internet of things data in clouds. IEEE Cloud Computing, 2(1), 76–80.

  9. 9.

    Mollah, M. B., Azad, M. A. K., & Vasilakos, A. (2017). Security and privacy challenges in mobile cloud computing: Survey and way ahead. Journal of Network and Computer Applications, 84, 38–54.

  10. 10.

    Go, J., & Kim, K. (2001). Wireless authentication protocol preserving user anonymity. SCIS 2001, Japan, January 23–26.

  11. 11.

    ElGamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31(4), 469–472.

  12. 12.

    Miller, V. S. (1985). Use of elliptic curves in cryptography. In Conference on the theory and application of cryptographic techniques (pp. 417–426). Berlin: Springer.

  13. 13.

    Koblitz, N. (1987). Elliptic curve cryptosystems. Mathematics of Computation, 48(177), 203–209.

  14. 14.

    Hankerson, D., Menezes, A., & Vanstone, S. (2003). Guide to elliptic curve cryptography. Berlin: Springer.

  15. 15.

    Abi-Char, P. E., Mhamed, A., & Bachar, E. H. (2007, September). A fast and secure elliptic curve based authenticated key agreement protocol for low power mobile communications. In The 2007 international conference on next generation mobile applications, services and technologies, 2007. NGMAST’07 (pp. 235–240). IEEE.

  16. 16.

    Benenson, Z., Gedicke, N., & Raivio, O. (2005). Realizing robust user authentication in sensor networks. Real-World Wireless Sensor Networks (REALWSN), 14, 52.

  17. 17.

    Jiang, C., Li, B., & Xu, H. (2007, May). An efficient scheme for user authentication in wireless sensor networks. In 21st International conference on advanced information networking and applications workshops, 2007, AINAW’07 (Vol. 1, pp. 438–442). IEEE.

  18. 18.

    Shamir, A. (1984). Identity-based cryptosystems and signature schemes. In Workshop on the theory and application of cryptographic techniques (pp. 47–53). Berlin: Springer, Heidelberg.

  19. 19.

    Yang, J.-H., & Chang, C.-C. (2009). An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Computers & Security, 28(3), 138–143.

  20. 20.

    Yoon, E. J., & Yoo, K. Y. (2009). Robust id-based remote mutual authentication with key agreement scheme for mobile devices on ecc. In CSE’09, International conference on computational science and engineering, 2009 (Vol. 2, pp. 633–640). IEEE.

  21. 21.

    Truong, T. T., Tran, M. T., & Duong, A. D. (2012, March). Improvement of the more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on ECC. In 2012 26th international conference on advanced information networking and applications workshops (WAINA) (pp. 698–703). IEEE.

  22. 22.

    Debiao, H., Jianhua, C., & Jin, H. (2012). An ID-based client authentication with key agreement protocol for mobile clientserver environment on ECC with provable security. Information Fusion, 13(3), 223–230.

  23. 23.

    Seo, S. H., Won, J., Sultana, S., & Bertino, E. (2015). Effective key management in dynamic wireless sensor networks. IEEE Transactions on Information Forensics and Security, 10(2), 371–383.

  24. 24.

    Wang, C., & Zhang, Y. (2015). New authentication scheme for wireless body area networks using the bilinear pairing. Journal of Medical Systems, 39(11), 136.

  25. 25.

    Wu, L., Zhang, Y., Li, L., & Shen, J. (2016). Efficient and anonymous authentication scheme for wireless body area networks. Journal of Medical Systems, 40(6), 134.

  26. 26.

    He, D., Zeadally, S., Kumar, N., & Lee, J. H. (2017). Anonymous authentication for wireless body area networks with provable security. IEEE Systems Journal, 11(4), 2590–2601.

  27. 27.

    Shen, J., Chang, S., Shen, J., Liu, Q., & Sun, X. (2016). A lightweight multi-layer authentication protocol for wireless body area networks. Future Generation Computer Systems, 78, 956–963.

  28. 28.

    Mollah, M. B., Azad, M. A. K., & Vasilakos, A. (2017). Secure data sharing and Searching at the edge of cloud-assisted Internet of Things. IEEE Cloud Computing, 4(1), 34–42.

  29. 29.

    Bellare, M., & Rogaway, P. (1993). Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM conference on computer and communications security (pp. 62–73). ACM.

  30. 30.

    LaMacchia, B., Lauter, K., & Mityagin, A. (2007). Stronger security of authenticated key exchange. In Susilo, W., Liu, J. K., & Mu. Y. (Eds.) International conference on provable security (pp. 1–16). Berlin, Heidelberg: Springer.

  31. 31.

    Canetti, R., & Krawczyk, H. (2001). Analysis of key-exchange protocols and their use for building secure channels. In Advances in CryptologyEUROCRYPT 2001 (pp. 453–474). Berlin: Springer.

  32. 32.

    Blake-Wilson, S., Johnson, D., & Menezes, A. (1997). Key agreement protocols and their security analysis. In IMA international conference Crytography and coding (pp. 30–45). Berlin: Springer, Heidelberg.

  33. 33.

    Gorantla, M. C., Boyd, C., & Gonzlez Nieto, J. M. (2008). ID-based one-pass authenticated key establishment. In Proceedings of the sixth Australasian conference on Information security-Volume 81 (pp. 39–46). Australian Computer Society, Inc.

  34. 34.

    Lee, H., & Lee, Y. (2005). Identity based authenticated key agreement from pairings. Communications-Korean Mathematical Society, 20(4), 849.

  35. 35.

    Certicom Corporation, Remarks on the Security of the Elliptic Curve Cryptosystem (2000), http://www.oocities.org/techphyre/whitepapers/the_elliptic_curve_cryptosystem.pdf.

  36. 36.

    Bao, F., Deng, R. H., & Zhu, H. (2003). Variations of diffie-hellman problem. In Qing. S., Gollmann. D., & Zhou, J. (Eds.) International conference on information and communications security (pp. 301–312). Berlin, Heidelberg: Springer.

  37. 37.

    Schnorr, C.-P. (1991). Efficient signature generation by smart cards. Journal of Cryptology, 4(3), 161–174.

  38. 38.

    Boldyreva, A., Goyal, V., & Kumar, V. (2008). Identity-based encryption with efficient revocation. In Proceedings of the 15th ACM conference on computer and communications security (pp. 417–426). ACM.

  39. 39.

    Seo, J. H., & Emura, K. (2013). Revocable identity-based encryption revisited: Security model and construction. In Public-key cryptography–PKC (pp. 216–234). Berlin, Heidelberg: Springer.

  40. 40.

    Crossbow, MICA2 datasheet. Available from http://www.cmtgmbh.de/Produkte/WirelessSensorNetworks/Datenblaetter/MICA2OEM Edition Datasheet.pdf. Accessed May 2017.

  41. 41.

    Koblitz, N. (1991). CM-curves with good cryptographic properties. In Annual international cryptology conference (pp. 279–287). Berlin, Heidelberg: Springer.

  42. 42.

    Oliveira, L. B., et al. (2012). Secure-TWS: Authenticating node to multi-user communication in shared sensor networks. The Computer Journal, 55(4), 384–396.

  43. 43.

    Aranha, D. F., Dahab, R., Lpez, J., & Oliveira, L. B. (2010). Efficient implementation of elliptic curve cryptography in wireless sensors. Advances in Mathematics of Communications, 4(2), 169–187.

  44. 44.

    Barreto, P. S., Galbraith, S. D., higeartaigh, C., & Scott, M. (2007). Efficient pairing computation on supersingular abelian varieties. Designs, Codes and Cryptography, 42(3), 239–271.

  45. 45.

    Oliveira, L. B., Aranha, D. F., Gouva, C. P., Scott, M., Cmara, D. F., Lpez, J., et al. (2011). TinyPBC: Pairings for authenticated identity-based non-interactive key distribution in sensor networks. Computer Communications, 34(3), 485–493.

  46. 46.

    Gura, N., Patel, A., Wander, A., Eberle, H., & Shantz, S. C. (2004). Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In CHES (Vol. 4, pp. 119–132).

  47. 47.

    Shim, K.-A., Lee, Y.-R., & Park, C.-M. (2013). EIBAS: An efficient identity-based broadcast authentication scheme in wireless sensor networks. Ad Hoc Networks, 11(1), 182–189.

  48. 48.

    Shim, K.-A. (2014). S 2 DRP: Secure implementations of distributed reprogramming protocol for wireless sensor networks. Ad Hoc Networks, 19, 1–8.

  49. 49.

    Xiong, H. (2014). Cost-effective scalable and anonymous certificateless remote authentication protocol. IEEE Transactions on Information Forensics and Security, 9(12), 2327–2339.

  50. 50.

    Cao, X., Kou, W., Dang, L., & Zhao, B. (2008). IMBAS: Identity-based multi-user broadcast authentication in wireless sensor networks. Computer Communications, 31(4), 659–667.

  51. 51.

    Barreto, P. S. L. M., & Naehrig, M. (2006). Pairing-friendly elliptic curves of prime order. In Preneel, B., Tavares, S. (Eds.) Selected Areas in Cryptography SAC 2005, volume 3897 of Lecture notes in computer science (pp. 319–331). Berlin, Heidelberg: Springer.

  52. 52.

    Certicom Research. Standards for efficient cryptography, SEC 1: Elliptic curve cryptography, September 2000. Version 1.0. http://www.secg.org/SEC1-Ver-1.0.pdf. Accessed March 2017.

  53. 53.

    National Institute of Standards and Technology. Recommended elliptic curves for federal government use. http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf. Accessed March 2017.

  54. 54.

    Zolertia, Z1 product, http://zolertia.com/products/z1. Accessed March 2017.

  55. 55.

    Dunkels, A., & Eriksson, N. The Contiki operating system. Available: http://www.contiki-os.org. Accessed February 2017.

  56. 56.

    Aranha, D. F., & Gouvêa, C. P. L. Relic is an efficient library for Cryptography. (2013). Cryptography. http://github.com/relic-toolkit/relic.

  57. 57.

    Daemen, J., & Rijmen, V. (2002). The design of Rijndael: AESthe advanced encryption standard. Berlin: Springer.

  58. 58.

    Gellings, C. W. (2009). The smart grid: Enabling energy efficiency and demand response, Lilburn. Lilburn: Fairmont Press.

  59. 59.

    MSP430 for Utility Metering Applications, available at Texas Instruments, http://focus.ti.com/mcu/docs/mcuorphan.tsp?contentId=31498.

  60. 60.

    Fouda, M. M., Fadlullah, Z. M., Kato, N., Lu, R., & Shen, X. S. (2011). A lightweight message authentication scheme for smart grid communications. IEEE Transactions on Smart Grid, 2(4), 675–685.

  61. 61.

    So, H. K. H., Kwok, S. H., Lam, E. Y., & Lui, K. S. (2010, October). Zero-configuration identity-based signcryption scheme for smart grid. In 2010 First IEEE International Conference on smart grid communications (SmartGridComm) (pp. 321–326). IEEE.

  62. 62.

    Lim, H. W., & Paterson, K. G. (2011). Identity-based cryptography for grid security. International Journal of Information Security, 10(1), 15–32.

  63. 63.

    Baek, J., Vu, Q. H., Liu, J. K., Huang, X., & Xiang, Y. (2015). A secure cloud computing based framework for big data information management of smart grid. IEEE Transactions on Cloud Computing, 3(2), 233–244.

  64. 64.

    Wang, J., Jiang, C., Zhang, K., Quek, T. Q., Ren, Y., & Hanzo, L. (2018). Vehicular sensing networks in a smart city: Principles, technologies and applications. IEEE Wireless Communications, 25(1), 122–132.

Download references


The authors would like to thank NSFC (No. 51677020), Xihua University Project (No. szjj2016-093) and FP7 through CONHEALTH project www.conhealth.eu partially funding the research.

Author information

Correspondence to Mutaz Elradi S. Saeed.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Saeed, M.E.S., Liu, Q., Tian, G. et al. AKAIoTs: authenticated key agreement for Internet of Things. Wireless Netw 25, 3081–3101 (2019). https://doi.org/10.1007/s11276-018-1704-5

Download citation


  • Wireless sensor network (WSNs)
  • Elliptic curve cryptography (ECC)
  • Identity-based
  • Authenticated key establishment (AKE)
  • Internet of Things (IoTs)