Software-defined network aided lightweight group key management for resource-constrained Internet of Things devices

Abstract

Software-Defined Network (SDN) and Network Function Virtualization (NFV) are key enablers for provisioning dynamic, virtual security services on demand. This article, presents a novel Group Key Management scheme for Low-Resource Devices (GKM-LRD) with SDN aided trusted key management server as a central server to provide key management service to groups formed in Internet of Things (IoT) applications. In addition to the group key management scheme, a lightweight packet key-based communication system is proposed to make the data traffic reliable. Packet keys are short sized keys acquiring the lifetime of a packet. Even though the key is short sized, the security strength comes from its short lifetime. The proposed GKM-LRD is evaluated in terms of computation load, communication load, storage and scalability in comparison with the existing group key management schemes. The computation load, communication load and storage load is reduced by 80%, 17.25% and 20% respectively in comparison with the existing system assuring the scheme as lightweight and applicable for IoT devices. The proposed packet key-based communication scheme is compared with an existing Diffie-Hellman based packet key system. The results show the system is comparatively lightweight with computation load reduced by 74.8%. The security analysis of the proposed scheme proves that the scheme ensures forward secrecy, backward secrecy and resistance to man-in-the-middle and replay attacks.