Controlled Privacy-Aware (CPA) Protocol for Machine-to-Machine Communication in Internet of Things

Internet of things (IoT) is buzzword nowadays, and rapid growth of IoT in the market makes the impact in private and public domains. It is a giant network of devices, people, and services. The devices and things are integrated with a variety of sensors generate heterogeneous data, and these devices are connected to the IoT platform. This data is a very important asset of many organizations. There are a variety of applications that carry sensitive data. The security of such applications becomes a challenging responsibility for security researchers due to the resource constraint environment of IoT. There are various aspects of security, but confidentiality of data is one the major aspect that needs to be addressed. In IoT communication, the data traveling from one to another node, there are chances of a replay attack, Man-in-Middle attack, eavesdropping, etc. To overcome these attacks and challenges, there is a need for efficient lightweight algorithms that maintain confidentiality and privacy of data. At the same time, algorithms must efficiently work in a resource constraint environment. This paper presents Controlled Privacy-Aware (CPA) Protocol using elliptic curve cryptography Diffie–Hellman algorithm to exchange key, as well as for encryption and decryption of data to maintain the privacy. This paper presents formal security analysis against the above-mentioned attacks and gives a comparison of performance in terms of computational time with state of art.

[1]  Syam Kumar Pasupuleti,et al.  Lightweight ciphertext-policy attribute-based encryption scheme for data privacy and security in cloud-assisted IoT , 2020 .

[2]  S. Selvakumar,et al.  Prevention of Man-in-the-Middle Attacks Using ID Based Signatures , 2011, 2011 Second International Conference on Networking and Distributed Computing.

[3]  Yi Mu,et al.  Identity-based data storage in cloud computing , 2013, Future Gener. Comput. Syst..

[4]  D. Pharkkavi,et al.  TIME COMPLEXITY ANALYSIS OF RSA AND ECC BASED SECURITY ALGORITHMS IN CLOUD DATA , 2018 .

[5]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[6]  Parikshit N. Mahalle,et al.  Rubik's cube based private key management in wireless networks , 2013, 2013 15th International Conference on Advanced Computing Technologies (ICACT).

[7]  Deepak Gupta,et al.  An efficient Lightweight integrated Blockchain (ELIB) model for IoT security and privacy , 2020, Future Gener. Comput. Syst..

[8]  Ramjee Prasad,et al.  Identity driven capability based access control (ICAC) scheme for the Internet of Things , 2012, 2012 IEEE International Conference on Advanced Networks and Telecommunciations Systems (ANTS).

[9]  Leïla Azouz Saïdane,et al.  PP-NDNoT: On preserving privacy in IoT-based E-health systems over NDN , 2019, 2019 IEEE Wireless Communications and Networking Conference (WCNC).

[10]  Tzu-Yang Hsu,et al.  Privacy-aware and blockchain connected gateways for users to access legacy IoT devices , 2017, 2017 IEEE 6th Global Conference on Consumer Electronics (GCCE).

[11]  Vikas Kaul,et al.  Enhanced Security Algorithm using Hybrid Encryption and ECC , 2014 .

[12]  Guojun Wang,et al.  A context-aware privacy-preserving method for IoT-based smart city using Software Defined Networking , 2019, Comput. Secur..

[13]  Ramjee Prasad,et al.  Identity establishment and capability based access control (IECAC) scheme for Internet of Things , 2012, The 15th International Symposium on Wireless Personal Multimedia Communications.

[14]  Abdelmadjid Bouabdallah,et al.  M2M Security: Challenges and Solutions , 2016, IEEE Communications Surveys & Tutorials.

[15]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[16]  Poonam N. Railkar,et al.  Access Control Schemes for Machine to Machine Communication in IoT: Comparative Analysis and Discussion , 2018, 2018 IEEE Global Conference on Wireless Computing and Networking (GCWCN).

[17]  Xu Huang,et al.  Protecting from Attacking the Man-in-Middle in Wireless Sensor Networks with Elliptic Curve Cryptography Key Exchange , 2010, 2010 Fourth International Conference on Network and System Security.

[18]  Jiguo Yu,et al.  A Privacy Preserving Communication Protocol for IoT Applications in Smart Homes , 2017, IEEE Internet of Things Journal.

[19]  Jin Li,et al.  Identity-Based Encryption with Outsourced Revocation in Cloud Computing , 2015, IEEE Transactions on Computers.