Skip to main content
SpringerLink
Log in

AKAIoTs: authenticated key agreement for Internet of Things

  • Published:
Wireless Networks Aims and scope Submit manuscript

Abstract

WSNs are one of the important components in the Internet of Things (IoTs), since they enable gathering and transmitting of data to the cloud server via the Internet medium. Designing an efficient secure cryptography scheme for the IoTs is a challenging task, since sensor node is a resource-constrained device. In this paper, an authentication key agreement scheme is proposed to build a secure channel between WSNs and a cloud server in the IoTs. The proposed scheme has two properties: (1) it has a lightweight computation, and (2) it provides various security properties of key agreement. In addition, it is proven to be secure under computation Diffe–Hellman assumption in the random oracle model. AKAIoTs is implemented using Contiki OS and use Z1 emulator to evaluate time overhead and memory usage. Three different curves; “BN-P158”, “SECG-P160” and “NIST-P192” are used. The implementation results verify that, the proposed scheme is computationally efficient and memory usage between 51 and 52% from total memory of ROM, and between 59 and 62% from total memory of RAM for three different security levels. As a result, curve SECG-P160 might be a good choice to supply security for the IoTs devices, since it consumes reasonable time which result in less power consumption than curve NIST-P192 and more secure than curve BN-P158. Compared with existing relevant schemes, the proposed AKAIoTs is efficient in terms of energy consumption. Moreover, two application scenarios are given to show how the proposed scheme can be applied in the IoTs applications.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12

Similar content being viewed by others

References

  1. Atzori, L., Iera, A., & Morabito, G. (2010). The internet of things: A survey. Computer Networks, 54(15), 2787–2805.

    Article  MATH  Google Scholar 

  2. Miorandi, D., Sicari, S., De Pellegrini, F., & Chlamtac, I. (2012). Internet of things: Vision, applications and research challenges. Ad Hoc Networks, 10(7), 1497–1516.

    Article  Google Scholar 

  3. Tokognon, C. A., Gao, B., Tian, G. Y., & Yan, Y. (2017). Structural health monitoring framework based on Internet of Things: A survey. IEEE Internet of Things Journal, 4(3), 619–635.

    Article  Google Scholar 

  4. Montenegro, G., Kushalnagar, N., Hui, J., & Culler, D. (2007). RFC 4944: Transmission of IPv6 packets over IEEE 802.15.4 networks.

  5. Roman, R., & Lopez, J. (2009). Integrating wireless sensor networks and the internet: A security analysis. Internet Research, 19(2), 246–259.

    Article  Google Scholar 

  6. Palattella, M. R., Dohler, M., Grieco, A., Rizzo, G., Torsner, J., Engel, T., et al. (2016). Internet of things in the 5G era: Enablers, architecture, and business models. IEEE Journal on Selected Areas in Communications, 34(3), 510–527.

    Article  Google Scholar 

  7. Condoluci, M., Araniti, G., Mahmoodi, T., & Dohler, M. (2016). Enabling the IoT machine age with 5G: Machine-type multicast services for innovative real-time applications. IEEE Access, 4, 5555–5569.

    Article  Google Scholar 

  8. Wang, L., & Ranjan, R. (2015). Processing distributed internet of things data in clouds. IEEE Cloud Computing, 2(1), 76–80.

    Article  Google Scholar 

  9. Mollah, M. B., Azad, M. A. K., & Vasilakos, A. (2017). Security and privacy challenges in mobile cloud computing: Survey and way ahead. Journal of Network and Computer Applications, 84, 38–54.

    Article  Google Scholar 

  10. Go, J., & Kim, K. (2001). Wireless authentication protocol preserving user anonymity. SCIS 2001, Japan, January 23–26.

  11. ElGamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31(4), 469–472.

    Article  MathSciNet  MATH  Google Scholar 

  12. Miller, V. S. (1985). Use of elliptic curves in cryptography. In Conference on the theory and application of cryptographic techniques (pp. 417–426). Berlin: Springer.

  13. Koblitz, N. (1987). Elliptic curve cryptosystems. Mathematics of Computation, 48(177), 203–209.

    Article  MathSciNet  MATH  Google Scholar 

  14. Hankerson, D., Menezes, A., & Vanstone, S. (2003). Guide to elliptic curve cryptography. Berlin: Springer.

    MATH  Google Scholar 

  15. Abi-Char, P. E., Mhamed, A., & Bachar, E. H. (2007, September). A fast and secure elliptic curve based authenticated key agreement protocol for low power mobile communications. In The 2007 international conference on next generation mobile applications, services and technologies, 2007. NGMAST’07 (pp. 235–240). IEEE.

  16. Benenson, Z., Gedicke, N., & Raivio, O. (2005). Realizing robust user authentication in sensor networks. Real-World Wireless Sensor Networks (REALWSN), 14, 52.

    Google Scholar 

  17. Jiang, C., Li, B., & Xu, H. (2007, May). An efficient scheme for user authentication in wireless sensor networks. In 21st International conference on advanced information networking and applications workshops, 2007, AINAW’07 (Vol. 1, pp. 438–442). IEEE.

  18. Shamir, A. (1984). Identity-based cryptosystems and signature schemes. In Workshop on the theory and application of cryptographic techniques (pp. 47–53). Berlin: Springer, Heidelberg.

  19. Yang, J.-H., & Chang, C.-C. (2009). An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Computers & Security, 28(3), 138–143.

    Article  Google Scholar 

  20. Yoon, E. J., & Yoo, K. Y. (2009). Robust id-based remote mutual authentication with key agreement scheme for mobile devices on ecc. In CSE’09, International conference on computational science and engineering, 2009 (Vol. 2, pp. 633–640). IEEE.

  21. Truong, T. T., Tran, M. T., & Duong, A. D. (2012, March). Improvement of the more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on ECC. In 2012 26th international conference on advanced information networking and applications workshops (WAINA) (pp. 698–703). IEEE.

  22. Debiao, H., Jianhua, C., & Jin, H. (2012). An ID-based client authentication with key agreement protocol for mobile clientserver environment on ECC with provable security. Information Fusion, 13(3), 223–230.

    Article  Google Scholar 

  23. Seo, S. H., Won, J., Sultana, S., & Bertino, E. (2015). Effective key management in dynamic wireless sensor networks. IEEE Transactions on Information Forensics and Security, 10(2), 371–383.

    Article  Google Scholar 

  24. Wang, C., & Zhang, Y. (2015). New authentication scheme for wireless body area networks using the bilinear pairing. Journal of Medical Systems, 39(11), 136.

    Article  Google Scholar 

  25. Wu, L., Zhang, Y., Li, L., & Shen, J. (2016). Efficient and anonymous authentication scheme for wireless body area networks. Journal of Medical Systems, 40(6), 134.

    Article  Google Scholar 

  26. He, D., Zeadally, S., Kumar, N., & Lee, J. H. (2017). Anonymous authentication for wireless body area networks with provable security. IEEE Systems Journal, 11(4), 2590–2601.

    Article  Google Scholar 

  27. Shen, J., Chang, S., Shen, J., Liu, Q., & Sun, X. (2016). A lightweight multi-layer authentication protocol for wireless body area networks. Future Generation Computer Systems, 78, 956–963.

    Article  Google Scholar 

  28. Mollah, M. B., Azad, M. A. K., & Vasilakos, A. (2017). Secure data sharing and Searching at the edge of cloud-assisted Internet of Things. IEEE Cloud Computing, 4(1), 34–42.

    Article  Google Scholar 

  29. Bellare, M., & Rogaway, P. (1993). Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM conference on computer and communications security (pp. 62–73). ACM.

  30. LaMacchia, B., Lauter, K., & Mityagin, A. (2007). Stronger security of authenticated key exchange. In Susilo, W., Liu, J. K., & Mu. Y. (Eds.) International conference on provable security (pp. 1–16). Berlin, Heidelberg: Springer.

    MATH  Google Scholar 

  31. Canetti, R., & Krawczyk, H. (2001). Analysis of key-exchange protocols and their use for building secure channels. In Advances in CryptologyEUROCRYPT 2001 (pp. 453–474). Berlin: Springer.

  32. Blake-Wilson, S., Johnson, D., & Menezes, A. (1997). Key agreement protocols and their security analysis. In IMA international conference Crytography and coding (pp. 30–45). Berlin: Springer, Heidelberg.

  33. Gorantla, M. C., Boyd, C., & Gonzlez Nieto, J. M. (2008). ID-based one-pass authenticated key establishment. In Proceedings of the sixth Australasian conference on Information security-Volume 81 (pp. 39–46). Australian Computer Society, Inc.

  34. Lee, H., & Lee, Y. (2005). Identity based authenticated key agreement from pairings. Communications-Korean Mathematical Society, 20(4), 849.

    Article  MathSciNet  MATH  Google Scholar 

  35. Certicom Corporation, Remarks on the Security of the Elliptic Curve Cryptosystem (2000), http://www.oocities.org/techphyre/whitepapers/the_elliptic_curve_cryptosystem.pdf.

  36. Bao, F., Deng, R. H., & Zhu, H. (2003). Variations of diffie-hellman problem. In Qing. S., Gollmann. D., & Zhou, J. (Eds.) International conference on information and communications security (pp. 301–312). Berlin, Heidelberg: Springer.

    Chapter  Google Scholar 

  37. Schnorr, C.-P. (1991). Efficient signature generation by smart cards. Journal of Cryptology, 4(3), 161–174.

    Article  MATH  Google Scholar 

  38. Boldyreva, A., Goyal, V., & Kumar, V. (2008). Identity-based encryption with efficient revocation. In Proceedings of the 15th ACM conference on computer and communications security (pp. 417–426). ACM.

  39. Seo, J. H., & Emura, K. (2013). Revocable identity-based encryption revisited: Security model and construction. In Public-key cryptography–PKC (pp. 216–234). Berlin, Heidelberg: Springer.

  40. Crossbow, MICA2 datasheet. Available from http://www.cmtgmbh.de/Produkte/WirelessSensorNetworks/Datenblaetter/MICA2OEM Edition Datasheet.pdf. Accessed May 2017.

  41. Koblitz, N. (1991). CM-curves with good cryptographic properties. In Annual international cryptology conference (pp. 279–287). Berlin, Heidelberg: Springer.

  42. Oliveira, L. B., et al. (2012). Secure-TWS: Authenticating node to multi-user communication in shared sensor networks. The Computer Journal, 55(4), 384–396.

    Article  Google Scholar 

  43. Aranha, D. F., Dahab, R., Lpez, J., & Oliveira, L. B. (2010). Efficient implementation of elliptic curve cryptography in wireless sensors. Advances in Mathematics of Communications, 4(2), 169–187.

    Article  MathSciNet  MATH  Google Scholar 

  44. Barreto, P. S., Galbraith, S. D., higeartaigh, C., & Scott, M. (2007). Efficient pairing computation on supersingular abelian varieties. Designs, Codes and Cryptography, 42(3), 239–271.

    Article  MathSciNet  MATH  Google Scholar 

  45. Oliveira, L. B., Aranha, D. F., Gouva, C. P., Scott, M., Cmara, D. F., Lpez, J., et al. (2011). TinyPBC: Pairings for authenticated identity-based non-interactive key distribution in sensor networks. Computer Communications, 34(3), 485–493.

    Article  Google Scholar 

  46. Gura, N., Patel, A., Wander, A., Eberle, H., & Shantz, S. C. (2004). Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In CHES (Vol. 4, pp. 119–132).

  47. Shim, K.-A., Lee, Y.-R., & Park, C.-M. (2013). EIBAS: An efficient identity-based broadcast authentication scheme in wireless sensor networks. Ad Hoc Networks, 11(1), 182–189.

    Article  Google Scholar 

  48. Shim, K.-A. (2014). S 2 DRP: Secure implementations of distributed reprogramming protocol for wireless sensor networks. Ad Hoc Networks, 19, 1–8.

    Article  Google Scholar 

  49. Xiong, H. (2014). Cost-effective scalable and anonymous certificateless remote authentication protocol. IEEE Transactions on Information Forensics and Security, 9(12), 2327–2339.

    Article  Google Scholar 

  50. Cao, X., Kou, W., Dang, L., & Zhao, B. (2008). IMBAS: Identity-based multi-user broadcast authentication in wireless sensor networks. Computer Communications, 31(4), 659–667.

    Article  Google Scholar 

  51. Barreto, P. S. L. M., & Naehrig, M. (2006). Pairing-friendly elliptic curves of prime order. In Preneel, B., Tavares, S. (Eds.) Selected Areas in Cryptography SAC 2005, volume 3897 of Lecture notes in computer science (pp. 319–331). Berlin, Heidelberg: Springer.

    Google Scholar 

  52. Certicom Research. Standards for efficient cryptography, SEC 1: Elliptic curve cryptography, September 2000. Version 1.0. http://www.secg.org/SEC1-Ver-1.0.pdf. Accessed March 2017.

  53. National Institute of Standards and Technology. Recommended elliptic curves for federal government use. http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf. Accessed March 2017.

  54. Zolertia, Z1 product, http://zolertia.com/products/z1. Accessed March 2017.

  55. Dunkels, A., & Eriksson, N. The Contiki operating system. Available: http://www.contiki-os.org. Accessed February 2017.

  56. Aranha, D. F., & Gouvêa, C. P. L. Relic is an efficient library for Cryptography. (2013). Cryptography. http://github.com/relic-toolkit/relic.

  57. Daemen, J., & Rijmen, V. (2002). The design of Rijndael: AESthe advanced encryption standard. Berlin: Springer.

    Book  MATH  Google Scholar 

  58. Gellings, C. W. (2009). The smart grid: Enabling energy efficiency and demand response, Lilburn. Lilburn: Fairmont Press.

    Google Scholar 

  59. MSP430 for Utility Metering Applications, available at Texas Instruments, http://focus.ti.com/mcu/docs/mcuorphan.tsp?contentId=31498.

  60. Fouda, M. M., Fadlullah, Z. M., Kato, N., Lu, R., & Shen, X. S. (2011). A lightweight message authentication scheme for smart grid communications. IEEE Transactions on Smart Grid, 2(4), 675–685.

    Article  Google Scholar 

  61. So, H. K. H., Kwok, S. H., Lam, E. Y., & Lui, K. S. (2010, October). Zero-configuration identity-based signcryption scheme for smart grid. In 2010 First IEEE International Conference on smart grid communications (SmartGridComm) (pp. 321–326). IEEE.

  62. Lim, H. W., & Paterson, K. G. (2011). Identity-based cryptography for grid security. International Journal of Information Security, 10(1), 15–32.

    Article  Google Scholar 

  63. Baek, J., Vu, Q. H., Liu, J. K., Huang, X., & Xiang, Y. (2015). A secure cloud computing based framework for big data information management of smart grid. IEEE Transactions on Cloud Computing, 3(2), 233–244.

    Article  Google Scholar 

  64. Wang, J., Jiang, C., Zhang, K., Quek, T. Q., Ren, Y., & Hanzo, L. (2018). Vehicular sensing networks in a smart city: Principles, technologies and applications. IEEE Wireless Communications, 25(1), 122–132.

    Article  Google Scholar 

Download references

Acknowledgements

The authors would like to thank NSFC (No. 51677020), Xihua University Project (No. szjj2016-093) and FP7 through CONHEALTH project www.conhealth.eu partially funding the research.

Author information

Authors and Affiliations

  1. School of Automation Engineering, University of Electronic Science and Technology of China, Chengdu, China

    Mutaz Elradi S. Saeed, Qun-Ying Liu, GuiYun Tian, Bin Gao & Fagen Li

  2. School of Engineering, Newcastle University, Newcastle upon Tyne, UK

    Mutaz Elradi S. Saeed, Qun-Ying Liu, GuiYun Tian & Bin Gao

Authors
  1. Mutaz Elradi S. Saeed
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qun-Ying Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. GuiYun Tian
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bin Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Fagen Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mutaz Elradi S. Saeed.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Saeed, M.E.S., Liu, QY., Tian, G. et al. AKAIoTs: authenticated key agreement for Internet of Things. Wireless Netw 25, 3081–3101 (2019). https://doi.org/10.1007/s11276-018-1704-5

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11276-018-1704-5

Keywords

Search

Navigation