HPAKE: Hybrid Precocious Authentication and Key Establishment in IoT

Abstract

In Internet of Things (IoT), the objects of the physical world communicate with each other through the Sensor Devices via Internet connection. A large number of connected Devices frequently transmit small size data. Machine-to-Machine communication and the information obtained from the devices allow the automation of basic tasks in the Application services. Thus, a restriction of the low-powered devices in IoT and collecting a wide range of data lead to a challenge in designing an appropriate data networking and security. Authentication is the process of determining legitimate communication between the IoT devices. The proposed system, Hybrid Precocious Authentication and Key Establishment (HPAKE) Scheme uses a Hybrid model consisting of Hash Functions and Public Key Encryption along with a Nonce for Machine-to-Machine communication between the IoT devices. The HPAKE enhances the security by authenticating and establishing secure Session Key between the communicating Devices using Elliptic Curve Cryptography (ECC) that eliminates various attacks viz., Eavesdropping, Man- In-The-Middle Attack etc.,. The performance analysis shows the secure Key Distribution using ECC and enhanced authentication while reducing the communication overhead over an Enhanced Authentication and Key Establishment (EAKES6Lo) Scheme and Lightweight Authentication Mechanism (LAM).