Secure lightweight ECC-based protocol for multi-agent IoT systems

The rapid increase of connected devices and the major advances in information and communication technologies have led to great emergence in the Internet of Things (IoT). IoT devices require software adaptation as they are in continuous transition. Multi-agent based solutions offer adaptable composition for IoT systems. Mobile agents can also be used to enable interoperability and global intelligence with smart objects in the Internet of Things. The use of agents carrying personal data and the rapid increasing number of connected IoT devices require the use of security protocols to secure the user data. Elliptic Curve Cryptography (ECC) Algorithm has emerged as an attractive and efficient public-key cryptosystem. We recommend the use of ECC in the proposed Broadcast based Secure Mobile Agent Protocol (BROSMAP) which is one of the most secure protocols that provides confidentiality, authentication, authorization, accountability, integrity and non-repudiation. We provide a methodology to improve BROSMAP to fulfill the needs of Multi-agent based IoT Systems in general. The new BROSMAP performs better than its predecessor and provides the same security requirements. We have formally verified ECC-BROSMAP using Scyther and compared it with BROSMAP in terms of execution time and computational cost. The effect of varying the key size on BROSMAP is also presented. A new ECC-based BROSMAP takes half the time of Rivest-Shamir-Adleman (RSA) 2048 BROSMAP and 4 times better than its equivalent RSA 3072 version. The computational cost was found in favor of ECC-BROSMAP which is more efficient by a factor of 561 as compared to the RSA-BROSMAP.

[1]  Daniel Hagimont,et al.  Evaluation of the Mobile Agents Technology: Comparison with the Client/Server Paradigm , 1999 .

[2]  Devesh C. Jinwala,et al.  A Comparative Analysis of Tools for Verification of Security Protocols , 2010, Int. J. Commun. Netw. Syst. Sci..

[3]  Giancarlo Fortino,et al.  Autonomic and Cognitive Architectures for the Internet of Things , 2015, IDCS.

[4]  Vineet Sahula,et al.  Lightweight security algorithm for low power IoT devices , 2016, 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[5]  Kwangjo Kim,et al.  Enhancements of authenticated multiple key exchange protocol based on bilinear pairings , 2010, Comput. Electr. Eng..

[6]  Jukka Riekki,et al.  Mobile Agents-Based Smart Objects for the Internet of Things , 2014, Internet of Things Based on Smart Objects, Technology, Middleware and Applications.

[7]  Ig Ibert Bittencourt,et al.  A survey of security in multi-agent systems , 2012, Expert Syst. Appl..

[8]  Giancarlo Fortino,et al.  Middlewares for Smart Objects and Smart Environments: Overview and Comparison , 2014, Internet of Things Based on Smart Objects, Technology, Middleware and Applications.

[9]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[10]  Mohamed Jamal Zemerly,et al.  A Novel Hybrid Cellular Automata Based Cipher System for Internet of Things , 2014 .

[11]  Haifeng Li,et al.  Mixed Symmetric Key and Elliptic Curve Encryption Scheme Used for Password Authentication and Update Under Unstable Network Environment , 2017, J. Inf. Hiding Multim. Signal Process..

[12]  W. Marsden I and J , 2012 .

[13]  Erik P. de Vink,et al.  Injective synchronisation: An extension of the authentication hierarchy , 2006, Theor. Comput. Sci..

[14]  Chan Yeob Yeun,et al.  A framework for comparison of trust models for multi agent systems , 2015, 2015 International Conference on Information and Communication Technology Research (ICTRC).

[15]  Mohamed Jamal Zemerly,et al.  Security and privacy framework for ubiquitous healthcare IoT devices , 2015, 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST).

[16]  Zhiqi Shen,et al.  From Internet of Things to Internet of Agents , 2013, 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing.

[17]  Guy Pujolle,et al.  An online security protocol for NFC payment: Formally analyzed by the scyther tool , 2016, 2016 Second International Conference on Mobile and Secure Services (MobiSecServ).

[18]  Yousof Al-Hammadi,et al.  BROSMAP: A Novel Broadcast Based Secure Mobile Agent Protocol for Distributed Service Applications , 2017, Secur. Commun. Networks.

[19]  Wilmuth Müller,et al.  Evaluating the security of mobile agent platforms , 2009, Autonomous Agents and Multi-Agent Systems.

[20]  Andreas Prinz,et al.  Formal Analysis and Model Checking of a Group Authentication Protocol by Scyther , 2016, 2016 24th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing (PDP).

[21]  Mahmoud Al-Qutayri,et al.  A secure mobile agent protocol for vehicular communication systems , 2015, 2015 11th International Conference on Innovations in Information Technology (IIT).

[22]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[23]  Juan Carlos Augusto,et al.  Handbook of Ambient Intelligence and Smart Environments , 2009 .

[24]  Munindar P. Singh,et al.  Agents on the Web: Mobile Agents , 1997, IEEE Internet Comput..

[25]  Kwangjo Kim,et al.  Secure authenticated group key agreement protocol in the MANET environment , 2008, Inf. Secur. Tech. Rep..

[26]  Mohamed Jamal Zemerly,et al.  A new lightweight hybrid cryptographic algorithm for the internet of things , 2012, 2012 International Conference for Internet Technology and Secured Transactions.

[27]  M. J. Zemerly,et al.  Distributed lightweight Kerberos protocol for Mobile Agent Systems , 2011, 2011 IEEE GCC Conference and Exhibition (GCC).

[28]  Fatma Kahri,et al.  Implementation of elliptic curve digital signature algorithm (ECDSA) , 2014, 2014 Global Summit on Computer & Information Technology (GSCIT).

[29]  Wen-Chung Kuo,et al.  An efficient and secure anonymous mobility network authentication scheme , 2014, J. Inf. Secur. Appl..