Group-Oriented Range-Bound Key Agreement for Internet of Things Scenarios

Abstract

Authenticating the Internet-of-Things (IoT) devices in mobile systems is extremely challenging, because there will be billions of the IoT devices. Most existent proposals only focus on reducing the number of interactions to reduce the authentication overhead. However, there are several critical issues that need to be tackled. In this paper, we address the aggregated authentication overhead issue, the secure key agreement challenges, and the homogeneous trust and authorization issue in the mobile-system-based IoT scenarios. Based on the range-bound key assignment technique and our grouping mechanism, we propose the group-oriented-range-bound authenticated key agreement to solve these challenges. The main contributions are threefold. First, it drastically reduces the aggregated authentication overhead. Second, it greatly improves the security properties of the key agreement. Third, it facilitates the service providers the fine-grained control of the authentication delegation. To the best of our knowledge, the scheme demands the least authentication overhead among its counterparts; it is the first key agreement scheme that deals specifically with the homogeneous trust and authorization issue and facilitates the dynamic and adaptive authentication delegation. The security properties of the key agreement schemes are verified using a formal security verification tool, the AVISPA, and are analytically proved.