Security Bootstrapping for Secure Join and Binding on the IEEE 802.15.4-Based LoWPAN

The IEEE 802.15.4-based low-data rate wireless personal area network (LoWPAN) is a basic building block of the Internet of Things. When the sensor devices are deployed on the LoWPAN, each of the devices should first join the LoWPAN, allowing for the binding of two or more devices with each other for cooperation; therefore, the join-and-binding protocol should be secured against malicious effects as part of the normal operation of the LoWPAN. Security bootstrapping for the join and binding involves the establishment of a trust relationship so that the devices are joined or bound securely. In this paper, a new, secure join-and-binding protocol is proposed for the IEEE 802.15.4-based LoWPAN. The proposed protocol is different from the previous works in terms of security and efficiency, as it is based on a new security bootstrapping scheme for which device identifiers that are constructed from an elliptic curve Diffie–Hellman public key and a media access control address are used. The proposed protocol is extensively analyzed and compared with previous schemes in terms of security and performance.

[1]  Antonio F. Gómez-Skarmeta,et al.  Towards a Lightweight Authentication and Authorization Framework for Smart Objects , 2014 .

[2]  A. Ray,et al.  Initial Key Distribution for Industrial Wireless Sensor Networks , 2013, 2013 IEEE International Conference on Industrial Technology (ICIT).

[3]  Giuseppe Piro,et al.  On securing IEEE 802.15.4 networks through a standard compliant framework , 2014, 2014 Euro Med Telco Conference (EMTC).

[4]  Sushil Jajodia,et al.  LEAP+: Efficient security mechanisms for large-scale distributed sensor networks , 2006, TOSN.

[5]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[6]  Christer Åhlund,et al.  EAP-Swift: An Efficient Authentication and Key Generation Mechanism for Resource Constrained WSNs , 2015, Int. J. Distributed Sens. Networks.

[7]  Mikael Gidlund,et al.  A solution for industrial device commissioning along with the initial trust establishment , 2013, IECON 2013 - 39th Annual Conference of the IEEE Industrial Electronics Society.

[8]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[9]  Chang-Seop Park,et al.  Key De-Synchronization Attack against Yüksel-Nielson's Key Distribution Protocol for ZigBee Wireless Sensor Networks , 2014, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[10]  Vijay Varadharajan,et al.  Wireless sensor network key management survey and taxonomy , 2010, J. Netw. Comput. Appl..

[11]  Donggang Liu,et al.  Improving key predistribution with deployment knowledge in static sensor networks , 2005, TOSN.

[12]  Giuseppe Piro,et al.  Key Management Protocol with Implicit Certificates for IoT systems , 2015, IoT-Sys@MobiSys.

[13]  Alfred Menezes,et al.  An Efficient Protocol for Authenticated Key Agreement , 2003, Des. Codes Cryptogr..

[14]  Andrei V. Gurtov,et al.  PAuthKey: A Pervasive Authentication Protocol and Key Establishment Scheme for Wireless Sensor Networks in Distributed IoT Applications , 2014, Int. J. Distributed Sens. Networks.

[15]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[16]  Scott A. Vanstone,et al.  Provably Secure Implicit Certificate Schemes , 2002, Financial Cryptography.

[17]  Xing Zhang,et al.  EDDK: Energy-Efficient Distributed Deterministic Key Management for Wireless Sensor Networks , 2011, EURASIP J. Wirel. Commun. Netw..

[18]  Hermann de Meer,et al.  Dynamic key management in wireless sensor networks: A survey , 2013, J. Netw. Comput. Appl..

[19]  Jürgen Schönwälder,et al.  Management of resource constrained devices in the internet of things , 2012, IEEE Communications Magazine.

[20]  Klaus Wehrle,et al.  Towards viable certificate-based authentication for the internet of things , 2013, HotWiSec '13.