Mobile Networks and Applications

, Volume 22, Issue 5, pp 848–858 | Cite as

Lightweight Cybersecurity Schemes Using Elliptic Curve Cryptography in Publish-Subscribe fog Computing

  • Abebe Abeshu Diro
  • Naveen Chilamkurti
  • Neeraj Kumar


The rapid growth of connected things across the globe has been brought about by the deployment of the Internet of things (IoTs) at home, in organizations and industries. The innovation of smart things is envisioned through various protocols, but the most prevalent protocols are pub-sub protocols such as Message Queue Telemetry Transport (MQTT) and Advanced Message Queuing Protocol (AMQP). An emerging paradigm of communication architecture for IoTs support is Fog computing in which events are processed near to the place they occur for efficient and fast response time. One of the major concerns in the adoption of Fog computing based publish-subscribe protocols for the Internet of things is the lack of security mechanisms because the existing security protocols such as SSL/TSL have a large overhead of computations, storage and communications. To address these issues, we propose a secure, Fog computing based publish-subscribe lightweight protocol using Elliptic Curve Cryptography (ECC) for the Internet of Things. We present analytical proofs and results for resource efficient security, comparing to the existing protocols of traditional Internet.


Cyber security Publish-subscribe systems Internet of things Elliptic curve cryptography Fog computing 



This research was supported by La Trobe University in materials and Finance.


  1. 1.
    Frahim J, Pignataro C, Apcar J, Morrow M (2016) Securing the internet of things: a proposed framework. Accessed July 2016
  2. 2.
    Shen H, Kumar N, He D, Shen J, Chilamkurti N (2016) A security-enhanced authentication with key agreement scheme for wireless mobile communications using elliptic curve cryptosystem. J Supercomput 72(9):3588–3600Google Scholar
  3. 3.
    Zhang Z, Qi Q, Kumar N, Chilamkurti N, Jeong H-Y (2014) A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography. Multimed Tools Appl 74(10):3477–3488CrossRefGoogle Scholar
  4. 4.
    Hankerson D, Vanstone S, Menezes AJ (2003) Guide to elliptic curve cryptography. Springer-Verlag New York, Inc., SecaucusGoogle Scholar
  5. 5.
    Sandeep S (2006) Elliptic curve cryptography for constrained devices. PhD DissertationGoogle Scholar
  6. 6.
    Singh M, Rajan MA, Shivraj VL, Balamuralidhar P (2015) Secure MQTT for Internet of things (IoT). In communication systems and network technologies (CSNT), 2015 fifth International conference on, pp 746–751, 4-6 Apr 2015Google Scholar
  7. 7.
    Porambage P, Braeken A, Schmitt C, Gurtov A, Ylianttila M, Stiller B (2015) Group key establishment for enabling secure multicast communication in wireless sensor networks deployed for IoT applications. In Access, IEEE, vol 3:1503–1511Google Scholar
  8. 8.
    Opyrchal L, Prakash A, Agrawal A (2006) Designing a publish-subscribe substrate for privacy/security in pervasive environments. Proceedings of the 2006 ACS/IEEE International conference on pervasive services, 26–29 June 2006, pp 313–316Google Scholar
  9. 9.
    Wang C, Carzaniga A, Evans D, Wolf AL (2002) Security issues and requirements for Internet-scale publish-subscribe systems. System Sciences, 2002. HICSS. Proceedings of the 35th annual Hawaii International conference on, 2002, pp. 3940–3947Google Scholar
  10. 10.
    Srivatsa M, Liu L, Iyengar A (2011) EventGuard: a system architecture for securing publish-subscribe networks. ACM Trans Comput Syst 29:4Google Scholar
  11. 11.
    Stojemovic I, Wen S (2014) The fog computing paradigm: scenarios and security issues. IEEE federated conference on Computer Science and Information SystemsGoogle Scholar
  12. 12.
    Srivatsa M, Liu L (2007) Secure event dissemination in publish-subscribe networks. In Distributed Computing Systems ConferenceGoogle Scholar
  13. 13.
    Gupta V, Wurm M, Yu Z, Millard M, Fung S, Gura N, Eberle H, Shantz SC (2005) Sizzle: a standards-based end-to-end security architecture for the embedded Internet. Technical Report. Sun Microsystems, Inc., Mountain ViewGoogle Scholar
  14. 14.
    Fiege L, Zeidler A, Buchmann A, Kilian-Kehr R, Mühl G, Darmstadt T (2004) Security aspects in publish/subscribe systems. In third Intl. Workshop on distributed event-based systems (DEBS’04, 2004Google Scholar
  15. 15.
    Yi S, Qin Z, Li Q (2015) Security and privacy issues of fog computing: a survey. International Conference on Wireless Algorithms, Systems and Applications (WASA)Google Scholar
  16. 16.
    Ibrahim M (2016) Octopus: an edge-fog mutual authentication scheme. International Journal of Network Security 18(6):1089-1101Google Scholar
  17. 17.
    Mitchell JC, Shmatikov V, Stern U (1998) Finite-state analysis of SSL 3.0. In: Proceedings of the 7th conference on USENIX security symposium - volume 7 (SSYM'98), vol 7. USENIX Association, Berkeley, pp 16–16Google Scholar
  18. 18.
    Stojmenovic I, Wen S (2014) The Fog computing paradigm: Scenarios and security issues. Computer Science and Information Systems (FedCSIS), 2014 Federated conference on, Warsaw, 2014, pp. 1–8Google Scholar

Copyright information

© Springer Science+Business Media New York 2017

Authors and Affiliations

  • Abebe Abeshu Diro
    • 1
  • Naveen Chilamkurti
    • 1
  • Neeraj Kumar
    • 2
  1. 1.La Trobe UniversityMelbourneAustralia
  2. 2.Thapar UniversityPatialaIndia

Personalised recommendations