Abstract

Enabling end-to-end secure communication is essential for many Internet-of-Things (IoT) application scenarios. Transport-layer security (TLS) and datagram TLS (DTLS) are the de-facto protocols for communication security in the IP-based IoT. However, the current authentication approaches of TLS are confronted with the heavy overhead and security issues in the resource-constrained IoT scenario. On the other hand, the identity-based cryptography (IBC) becomes an attractive cryptographic solution for the IoT. Unfortunately, the current IBC-based proposals exist the problem of either high communication latency or low level of security. In this article, we propose the first lightweight secure transport protocol called iTLS, which delivers protected data in the first flight with perfect forward secrecy, and provides implicit mutual authentication without certificates. iTLS dynamically generates identity-based early keys before receiving a server response, allowing clients to send the encrypted data without additional round trips. Furthermore, it employs the ephemeral secret ticket to obtain an ephemeral server key in the previous connection. Therefore, the early key established afterward can provide full forward secrecy. Design and implementation in the form of extension make iTLS fully compatible with TLS 1.3 and easy to be converted to a DTLS version. Our evaluation shows that iTLS reduces the network traffic overhead by at least 61.2%, and handshake latency on an ideal network by at least 60% compared to the certificate-based TLS. The results demonstrate iTLS achieves strong adaptability on the low-power and lossy IoT networks.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.