Elliptic Curve Based Cybersecurity Schemes for Publish-Subscribe Internet of Things

The rapid increase in the number of connected things across the globe has been brought about by the deployment of the Internet of things (IoTs) at home, in organizations and industries. The innovation of smart things has been envisioned through various protocols, but the most prevalent protocols are publish-subscribe protocols such as Message Queue Telemetry Transport (MQTT) and Advanced Message Queuing Protocol (AMQP). One of the major concerns in the adoption of such protocols for the IoTs is the lack of security mechanisms as the existing security protocols cannot be adapted due to their large overhead of computations, storage and communications. To address this issue, we propose a lightweight protocol using Elliptic Curve Cryptography (ECC) for IoT security. We present analytical and simulation results, and compare the results to the existing protocols of traditional Internet.

[1]  Ludger Fiege,et al.  Security aspects in publish/subscribe systems , 2004, ICSE 2004.

[2]  Amin Vahdat,et al.  DieCast: Testing Distributed Systems with an Accurate Scale Model , 2008, TOCS.

[3]  Sandeep S. Kumar,et al.  Elliptic Curve Cryptography for Constrained Devices , 2008 .

[4]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[5]  Atul Prakash,et al.  Designing a Publish-Subscribe Substrate for Privacy/Security in Pervasive Environments , 2006, 2006 ACS/IEEE International Conference on Pervasive Services.

[6]  P. Balamuralidhar,et al.  Secure MQTT for Internet of Things (IoT) , 2015, 2015 Fifth International Conference on Communication Systems and Network Technologies.

[7]  Ludger Fiege,et al.  Security aspects in publish\slash subscribe systems , 2004 .

[8]  Vitaly Shmatikov,et al.  Finite-State Analysis of SSL 3.0 , 1998, USENIX Security Symposium.

[9]  M. Ylianttila,et al.  Group Key Establishment for Enabling Secure Multicast Communication in Wireless Sensor Networks Deployed for IoT Applications , 2015, IEEE Access.

[10]  Naveen K. Chilamkurti,et al.  A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography , 2014, Multimedia Tools and Applications.

[11]  Vipul Gupta,et al.  Sizzle: a standards-based end-to-end security architecture for the embedded Internet , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[12]  Mudhakar Srivatsa,et al.  Secure Event Dissemination in Publish-Subscribe Networks , 2007, 27th International Conference on Distributed Computing Systems (ICDCS '07).

[13]  Alexander L. Wolf,et al.  Security issues and requirements for Internet-scale publish-subscribe systems , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[14]  Mudhakar Srivatsa,et al.  EventGuard: A System Architecture for Securing Publish-Subscribe Networks , 2011, TOCS.

[15]  Jian Shen,et al.  A security-enhanced authentication with key agreement scheme for wireless mobile communications using elliptic curve cryptosystem , 2015, The Journal of Supercomputing.

[16]  Tanupriya Choudhury,et al.  Securing the Internet of Things: A proposed framework , 2017, 2017 International Conference on Computing, Communication and Automation (ICCCA).