Abstract

Security is a prerequisite of each device that provides physical access to anyone and is logically expose to communication network attacks. The Internet of Things (IoT) must assure energy-saving provision due to the unique characteristics of IoT devices that comprise cost-effective, low power, and data delivery capacity. A Key-based Authentication scheme is a need without creating a bottleneck of communication for security in IoT integration. Security solutions viz., Authentication, Access control, and Key management are essential for the protection of communication in IoT applications. Public Key Cryptography (PKC) encapsulates multiple security functionalities and applications in conventional networks. The proposed Elliptic Curve Cryptography (ECC) Blended Authentication and Session Key Establishment Technique (EBASKET), an enhanced HPAKE scheme secures the IoT device interactions using Hash and Public Key Cryptography conjoined with a Stochastic Number. EBASKET authenticates and establishes Session Key for communicating IoT Devices using ECC that enhances the security resisting Key Disclosure, Man-in-The-Middle (MiTM), Relay threats. It incorporates an Elliptic Curve of 256 bits to achieve the 128 bits security level. EBASKET accomplishes Key Establishment utilizes Nonce as the Fragmentary Key after authenticating the intercommunicating Devices. It decreases the overall delay incurred reducing the communication overhead minimizing the quantity and magnitude of the messages exchange for Authentication. A secure Key Establishment for the Session uses a Stochastic, Hashing function, and ECC. The interactions throughout the Predeploying, Authenticating, and Key Establishing process cause a delay. The performance graph depicts that Key Establishment and authenticating the IoT devices using ECC and reducing communicational cost enhance security than Enhanced, Hybrid, and Lightweight Authentication Schemes.

Highlights

  • INTERNET of Things (IoT) is an environment of interconnected computing and sensors, machine and virtual devices, things, and participants with explicit identification transmit data robotically via the network

  • Security solutions viz., Authentication, Access control, and Key management are essential for the protection of communication in IoT applications

  • The analysis proves the resistance to Privileged Insider, Impersonation, Denial-of-Service (DoS), Replay, and MiTM Attacks

Read more

Summary

INTRODUCTION

INTERNET of Things (IoT) is an environment of interconnected computing and sensors, machine and virtual devices, things, and participants with explicit identification transmit data robotically via the network. Machine-to-machine communications and device and network-based intelligence facilitate industries to digitalize specific functions without relying on traditional or cloud-based implementations and solutions. These attributes offer opportunities for gathering a wide range of data but challenges in modeling the proper data communication, data, and privacy protection [1], [2]. Security solutions viz., Authentication, Access control, and Key management are essential for the protection of communication in IoT applications. Contributions: In the Proposed work EBASKET, the key contributions are: 1) Authenticate the IoT devices with finite resources by incorporating ECC for enhancing security.

RELATED WORKS
Problem Statement
PROPOSED EBASKE SYSTEM
BACKGROUND
PROPOSED SYSTEM MODEL (EBASKE)
Signing-up
Authentication
Key Agreement
Session Key Establishment
PERFORMANCE ANALYSIS

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.