ESOTP: ECC‐based secure object tracking protocol for IoT communication

Abstract

SummaryObjects/tags are generally passes through multiple readers before achieving the final destination within the IoT network. Hence, object identification is a significant issue as some bogus objects may take part for malicious access. Considering this situation, RFID can be used for unique identification and validation of IoT objects. However, it recognizes many objects at the same time and faces limitations like non‐repudiations, injection of fake objects, and unclonability issues. Alternatively, security limitations between tags and readers are analyzed and found that whole communication depends on limited computational resource and simple operations such as hash function, XOR operation, and so forth. Moreover, the communication channel between reader and backend server is secure due to symmetric or asymmetric key encryption algorithms. As the information is exchanged by the tags with readers, a secure path must be maintained among them for safe communication with cloud server. For the development of secure path and verification of objects, ECC‐based Cramer‐Shoup encryption, cryptographic authentication protocol (CAP), and device fingerprinting can be used. To overcome the existing limitations, we are motivated to design an ECC‐based secure object tracking and key exchange protocol that allows the owner device to be offline during communication. This suggested scheme is referred as ESOTP. Several recognized cryptographic attacks are evaluated, the security strength is validated and found that ESOTP is resilient against those attacks. Finally, a comparative study is performed regarding the security features and performance efficiency of ESOTP with other existing schemes and enhanced results are found.