A Lightweight Privacy-Preserving Communication Protocol for Heterogeneous IoT Environment

While Internet-of-Things (IoT) significantly facilitates the convenience of people’s daily life, the lack of security practice raises the risk of privacy-sensitive user data leakage. Securing data transmission among IoT devices is therefore a critical capability of IoT environments such as Intelligent Connected Vehicles, Smart Home, Intelligent City and so forth. However, cryptographic communication scheme is challenged by the limited resource of low-cost IoT devices, even negligible extra CPU usage of battery-powered sensors would result in dramatical decrease of the battery life. In this paper, to minimize the resource consumption, we propose a communication protocol involving only the symmetric key-based scheme, which provides ultra-lightweight yet effective encryptions to protect the data transmissions. Symmetric keys generated in this protocol are delegated based on a chaotic system, i.e., Logistic Map, to resist against the key reset and device capture attacks. We semantically model such protocol and analyze the security properties. Moreover, the resource consumption is also evaluated to guarantee runtime efficacy.

[1]  Zongjian He,et al.  An ultra-lightweight white-box encryption scheme for securing resource-constrained IoT devices , 2016, ACSAC.

[2]  Tao Jiang,et al.  Toward Pre-Empted EV Charging Recommendation Through V2V-Based Reservation System , 2021, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[3]  Erik P. de Vink,et al.  Injective synchronisation: An extension of the authentication hierarchy , 2006, Theor. Comput. Sci..

[4]  Mauro Conti,et al.  SCIoT: A Secure and sCalable End-to-End Management Framework for IoT Devices , 2018, ESORICS.

[5]  Sherali Zeadally,et al.  Taxonomy and analysis of security protocols for Internet of Things , 2018, Future Gener. Comput. Syst..

[6]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[7]  Tom Chothia,et al.  TRAKS: A Universal Key Management Scheme for ERTMS , 2017, ACSAC.

[8]  Shibo He,et al.  DRAIM: A Novel Delay-Constraint and Reverse Auction-Based Incentive Mechanism for WiFi Offloading , 2020, IEEE Journal on Selected Areas in Communications.

[9]  Sy-Yen Kuo,et al.  Key Management in Internet of Things via Kronecker Product , 2017, 2017 IEEE 22nd Pacific Rim International Symposium on Dependable Computing (PRDC).

[10]  Tim Güneysu,et al.  Compact Implementation and Performance Evaluation of Hash Functions in ATtiny Devices , 2012, CARDIS.

[11]  Ashok Kumar Das ECPKS: An Improved Location-Aware Key Management Scheme in Static Sensor Networks , 2008, Int. J. Netw. Secur..

[12]  Victor C. M. Leung,et al.  Energy consumption optimization for self‐powered IoT networks with non‐orthogonal multiple access , 2019, Int. J. Commun. Syst..

[13]  Mohsen Guizani,et al.  Vcash: A Novel Reputation Framework for Identifying Denial of Traffic Service in Internet of Connected Vehicles , 2019, IEEE Internet of Things Journal.

[14]  Hongxin Hu,et al.  On the Safety of IoT Device Physical Interaction Control , 2018, CCS.

[15]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[16]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[17]  Frank Piessens,et al.  VulCAN: Efficient Component Authentication and Software Isolation for Automotive Control Networks , 2017, ACSAC.

[18]  Donald E. Eastlake,et al.  US Secure Hash Algorithms (SHA and HMAC-SHA) , 2006, RFC.

[19]  Chen Qian,et al.  Collaborative Validation of Public-Key Certificates for IoT by Distributed Caching , 2019, IEEE INFOCOM 2019 - IEEE Conference on Computer Communications.

[20]  Lei Yang,et al.  A multi-cloud based privacy-preserving data publishing scheme for the internet of things , 2016, ACSAC.

[21]  Zhen Xu,et al.  ConnSpoiler: Disrupting C&C Communication of IoT-Based Botnet Through Fast Detection of Anomalous Domain Queries , 2020, IEEE Transactions on Industrial Informatics.

[22]  P. Tobin,et al.  Chaos-based cryptography for cloud computing , 2016, 2016 27th Irish Signals and Systems Conference (ISSC).

[23]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[24]  Frank Piessens,et al.  Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 , 2017, CCS.

[25]  Hae Young Noh,et al.  Do You Feel What I Hear? Enabling Autonomous IoT Device Pairing Using Different Sensor Types , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[26]  Pan Li,et al.  Efficient Secure Outsourcing of Large-Scale Convex Separable Programming for Big Data , 2019, IEEE Transactions on Big Data.

[27]  Lihua Yin,et al.  Searching Activity Trajectories with Semantics , 2019, Journal of Computer Science and Technology.

[28]  Song Guo,et al.  Secure Multimedia Big Data in Trust-Assisted Sensor-Cloud for Smart City , 2017, IEEE Communications Magazine.

[29]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, ACM Trans. Inf. Syst. Secur..

[30]  Ivan Martinovic,et al.  Device Pairing at the Touch of an Electrode , 2018, NDSS.

[31]  Victor C. M. Leung,et al.  Multi-Method Data Delivery for Green Sensor-Cloud , 2017, IEEE Communications Magazine.

[32]  Blase Ur,et al.  Rethinking Access Control and Authentication for the Home Internet of Things (IoT) , 2018, USENIX Security Symposium.

[33]  B. K. Mishra,et al.  Secure communication using TPC and chaotic encryption , 2015, 2015 International Conference on Information Processing (ICIP).

[34]  Jiguo Yu,et al.  A Privacy Preserving Communication Protocol for IoT Applications in Smart Homes , 2016, 2016 International Conference on Identification, Information and Knowledge in the Internet of Things (IIKI).

[35]  Vitaly Shmatikov,et al.  Situational Access Control in the Internet of Things , 2018, CCS.

[36]  Yuanyuan Yang,et al.  Heracles: Scalable, Fine-Grained Access Control for Internet-of-Things in Enterprise Environments , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[37]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[38]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1992, Inf. Comput..

[39]  Ashok Kumar Das A random key establishment scheme for multi-phase deployment in large-scale distributed sensor networks , 2012, International Journal of Information Security.

[40]  David A. Basin,et al.  Strong Invariants for the Efficient Construction of Machine-Checked Protocol Security Proofs , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[41]  Peng Liu,et al.  Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms , 2018, USENIX Security Symposium.

[42]  Victor C. M. Leung,et al.  Towards Pricing for Sensor-Cloud , 2020, IEEE Transactions on Cloud Computing.

[43]  Saman A. Zonouz,et al.  CPAC: securing critical infrastructure with cyber-physical access control , 2016, ACSAC.

[44]  Wafaa S. Sayed,et al.  Design of a generalized bidirectional tent map suitable for encryption applications , 2015, 2015 11th International Computer Engineering Conference (ICENCO).

[45]  Patrick D. McDaniel,et al.  IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT , 2019, NDSS.

[46]  Donald E. Eastlake,et al.  US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF) , 2011, RFC.

[47]  Habib Youssef,et al.  A collaborative key management scheme for distributed smart objects , 2018, Trans. Emerg. Telecommun. Technol..

[48]  Dongwen Zhang,et al.  Nei-TTE: Intelligent Traffic Time Estimation Based on Fine-Grained Time Derivation of Road Segments for Smart City , 2020, IEEE Transactions on Industrial Informatics.

[49]  Sohail A Hirani Energy Consumption of Encryption Schemes in Wireless Devices , 2003 .

[50]  Arwa Alrawais,et al.  A secure and verifiable outsourcing scheme for matrix inverse computation , 2017, IEEE INFOCOM 2017 - IEEE Conference on Computer Communications.

[51]  Donald E. Eastlake,et al.  US Secure Hash Algorithm 1 (SHA1) , 2001, RFC.

[52]  David E. Culler,et al.  JEDI: Many-to-Many End-to-End Encryption and Key Delegation for IoT , 2019, USENIX Security Symposium.

[53]  Jiguo Yu,et al.  IoT Applications on Secure Smart Shopping System , 2017, IEEE Internet of Things Journal.

[54]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[55]  Victor C. M. Leung,et al.  Social Sensor Cloud: Framework, Greenness, Issues, and Outlook , 2018, IEEE Network.

[56]  Miguel Morales-Sandoval,et al.  Elliptic Curve Lightweight Cryptography: A Survey , 2018, IEEE Access.