Abstract

Internet of things (IoT), is the interconnection via the Internet of computing devices embedded in everyday objects, enabling them to send and receive data. The communication is through the internet hence susceptible to security and privacy attacks. Consequently, authenticated key agreement (AKA) of communicating entities in IoT is of paramount importance as a security and privacy credential. However, IoT devices are resource constrained, hence implementation of heavy security and privacy features becomes a challenge. Research on AKA in IoT has been done since year 2006. Current research trends on AKA is together with forward secrecy (FS) feasibility, which ensures that future SKsremain safe even if the long term master keys get compromised. However, most of research use public key cryptosystems to achieve FS, which requires heavy computations that is not good for the resource constrained IoT environment. The main purpose of this Thesis is to devise a new machine AKA with FS for IoT, denoted as M2MAKA-FS. To design M2MAKA FS, we devise a new lightweight FS framework first, which does not rely on the public key cryptosystem but based on a hash chain. The security and privacy building blocks of M2MAKA-FS and the FS framework are symmetric key cryptosystem, one-way hash function, fuzzy commitment and challenge-response mechanism. Results of formal security and privacy analysis show that M2MAKA-FS provides mutual authentication, SKagreement with FS, anonymity and unlinkability and is resilient against various active attacks. Performance analysis shows that M2MAKA-FS achieves lightweight requirement for IoT environments compared to the related protocols.

More details

School	: School of Natural and Applied Sciences
Issued Date	: 2023

Download full document