Abstract
Security is a significant problem for communications in many scenarios in Internet of Things (IoT), such as military applications, electronic payment, wireless reprogramming of smart devices and so on. To protect communications, a secret key shared by the communicating parties is often required. Authenticated key exchange (AKE) is one of the most widely used methods to provide two or more parties communicating over an open network with a shared secret key. It has been studied for many years. A large number of protocols are available by now. The majority of existing AKE protocols require the two communicating parties execute equivalent computational tasks. However, many communications take place between two devices with significantly different computational capabilities, such as a cloud center and a mobile terminal, a gateway and a sensor node, and so on. Most available AKE protocols do not perfectly match these scenarios. To further address the security problem in communications between parties with fairly unbalanced computational capabilities, this thesis studies AKE protocols with unbalanced computational requirements on the communicating parties. We firstly propose a method to unbalance computations in the Elliptic Curve Diffie-Hellman (ECDH) key exchange scheme. The resulting scheme is named as UECDH scheme. The method transfers one scalar multiplication from the computationally limited party to its more powerful communicating partner. It significantly reduces the computational burden on the limited party since scalar multiplication is the most time-consuming operation in the ECDH scheme. When applying the UECDH scheme to design AKE protocols, the biggest challenge is how to achieve authentication. Without authentication, two attacks (the man-in-the-middle attack and the impersonation attack) can be launched to the protocols. To achieve authentication, we introduce different measures that are suitable for a variety of use cases. Based on the authentication measures, we propose four suites of UECDH-based AKE protocols. The security of the protocols is discussed in detail. We also implement prototypes of these protocols and similar protocols in international standards including IEEE 802.15.6, Transport Layer Security (TLS) 1.3 and Bluetooth 5.0. Experiments are carried out to evaluate the performance. The results show that in the same experimental platform, the proposed protocols are more friendly to the party with limited computational capability, and have better performance than similar protocols in these international standards.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.