Lightweight Authenticated-Encryption Scheme for Internet of Things Based on Publish-Subscribe Communication

Abstract

The resource-constrained nature and large-scale adoption of Internet of Things (IoT) have a significant challenge for securing IoT applications. This necessitates a robust and lightweight security architecture and schemes as the existing traditional Internet security architecture and protocols require huge resources and lack of end-to-end security mechanism. In this research, a resource efficient end-to-end security scheme has been proposed by offloading computations and storage of security parameters to fog nodes in the vicinity. In addition, a symmetric-key payload encryption has been used to minimize the overhead of message communication in the resource-contested IoT environment. The analysis shows that the proposed scheme outperforms Transport Layer Security (TLS) in resource usage while it maintains equivalent authenticated end-to-end communication between communicating IoT nodes. The proposed end-to-end security scheme saves more communication bandwidth and incurs less overhead as compared to existing TLS-based security schemes. In particular, the proposed system uses less number of handshakes and achieves a decrease in the number of transmitted messages (approximately 184 bytes as compared to compared TSL message size of 332 bytes) for every handshake. Further, it has been demonstrated through experiments that the proposed security method incurs less overheads as compared to the TLS bandwidth consumption considering a single connection session during message subscription.