Abstract
The ecosystem for an Internet of Things (IoT) generally comprises endpoint clients, network devices, and cloud servers. Thus, data transfers within the network present multiple security concerns. The recent boom in IoT applications has accelerated the need for a network infrastructure that provides timely and safe information exchange services. A shortcoming of many existing networks is the use of static key authentication. To enable the use of automatic key update mechanisms in IoT devices and enhance security in lightweight machine-to-machine (M2M) communications, we propose a key update mechanism, namely, double OTP (D-OTP), which combines both one-time password (OTP) and one-time pad to achieve an IoT ecosystem with theoretically unbreakable security. The proposed D-OTP was implemented into the Constrained Application Protocol (CoAP) through the commonly used libcoap library. The experimental results revealed that an additional 8.93% latency overhead was required to obtain an unbreakable guarantee of data transfers in 100 CoAP communication sessions.
Highlights
Business opportunities in the Internet of Things (c.f., IoT in Appendix A) industry are increasing rapidly, and according to a report by International Data Corporation (IDC)FutureScapes [1], among the 10 fields predicted to lead in the industry, security is ranked highest
To create performance overhead for the key without repeats, we developed a fourth policy, in which the key is updated by our designed NR-pseudorandom number generator (PRNG) once “per Constrained Application Protocol (CoAP) io” process (Per-IO-NrPrng)
We demonstrated that the double one-time password (OTP) (D-OTP) mechanism can be a feasible solution that provides guaranteed unbreakable security when a limited number of transmissions are being made or when latency is not a concern in lightweight M2M communications
Summary
Business opportunities in the Internet of Things (c.f., IoT in Appendix A) industry are increasing rapidly, and according to a report by International Data Corporation (IDC)FutureScapes [1], among the 10 fields predicted to lead in the industry, security is ranked highest. IoT security-related concerns must be carefully discussed and addressed. Developing a network infrastructure that can adequately guarantee security and meet the requirements of lightweight machine-to-machine (M2M) transmissions in wireless networks remains a challenge for researchers and developers [2]. An increase in potential applications of the IoT has necessitated acceleration in the development of a network infrastructure to meet the demands of massive machine-type communication for the tremendous number of IoT devices. Efforts toward achieving a secure IoT ecosystem are moving toward development of an infrastructure that can support massive connections and diverse applications without sacrificing information security. In a wireless network, such as Wi-Fi [14], each device encrypts the traffic datagram by deriving its encryption key from a PSK.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
