Abstract
The security of modern IoT Industry 4.0, 5G, 6G, Mobile ad hoc (MANET), narrowband internet of things (NB-IoT) and wireless sensory (WSN) networks and the autonomous computing capabilities of individual devices and self-organizing, greatly influence their applications in smart connected world. To achieve the sufficient security and privacy, autonomous and dynamic adaptive key management scheme and mutual authentication protocols should be provided to validate legitimacies of large number of nodes, users, devices, and servers in 5G networks. To this end, we propose a lightweight cipher approach that enhances the security level of communications and enables authentication and access control scheme that is implemented on a multi-layer communication architecture designed for NB-IoT 5G networks and resolve heterogeneity and scalability issues. It is well known that establishing an efficient cryptographic key generation and management scheme for machine-to-machine (M2M) and device-to-device (D2D) communication for IoT networks in 5G, the purposes of encryption and decryption is severely constrained by computation resources and performance. As a part of the network security, the key management plays a vital role in it. When compared to other schemes in PKI such as public key, pairwise-key and group-based key management, the dynamic-key based security is efficient in resource utilization and scalable which are the two key performance factors for Cloud based IoT/wireless sensory networks. Usually most IoT networks use a less secure communication channel that employs session keys in order to encrypt the communication. Additionally, in most IoT networks the resource consumption is constrained which then results in existing dynamic key generation algorithms being infeasible to run. It is still a challenging problem to securely interconnect and operate IoT protocols between constrained embedded devices. We propose a novel dynamic key generation scheme that takes the entropy and performs various operations to continuously generate a large set of unique keys. This type of key generation model is predominantly suitable for the conditions where the IoT devices cannot rely on constant key negotiation with dedicated servers as well as those devices which cannot reuse existing keys for encryption purposes. Performance evaluation using simulation and case study demonstrates that our dynamic key establishment scheme ensures an enhanced security level while reducing the communication overhead and the average latency for different category of IoT applications in 5G networks.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Abdmeziem MR, Tandjaoui D, Romdhani I (2015) A decentralized batch-based group key management protocol for mobile internet of things (DBGK). In: IEEE international conference on computer and information technology; ubiquitous computing and communications; dependable, autonomic and secure computing; pervasive intelligence and computing, Liverpool, 2015, pp 1109–1117. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.166
Adavoudi-Jolfaei A, Ashouri-Talouki M, Aghili SF (2019) Lightweight and anonymous three-factor authentication and access control scheme for real-time applications in wireless sensor networks. Peer Peer Netw Appl 12(1):43–59
Akshay S, Vishnukumar B, Mohan V, Anand MS (2018) Energy and Performance Analysis of Raspberry Pi with Modern Computing Devices. Int J Eng Technol 7(4.36):777–779
Alcaraz C, Lopez J, Roman R, Chen HH (2012) Selecting key management schemes for WSN applications. Comput Secur 31(8):956–966
Alghamdi TA, Lasebae A, Aiash M (2013) Security analysis of the constrained application protocol in the internet of things. In: Second international conference on future generation communication technologies (FGCT 2013). London, pp 163–168. https://doi.org/10.1109/FGCT.2013.6767217
Anderson R (2020) Security engineering: a guide to building dependable distributed systems. Wiley, New York, pp 1–18
Antonakakis M, April T, Bailey M, Bernhard M, Bursztein E, Cochran J, Kumar D (2017) Understanding the mirai botnet. In: 26th {USENIX} security symposium ({USENIX} Security 17), pp 1093–1110
Aoki K, Guo J, Matusiewicz K, Sasaki Y, Wang L (2009) Preimages for step-reduced SHA-2. In: International conference on the theory and application of cryptology and information security, IACR Cryptol. ePrint Arch., pp 578–597
Atamli AW, Martin A (2014) Threat-based security analysis for the internet of things. In: International workshop on secure internet of things. Wroclaw, pp 35–43. https://doi.org/10.1109/SIoT.2014.10
Banerjee S, Odelu V, Das AK, Srinivas J, Kumar N, Chattopadhyay S, Choo KKR (2019) A provably secure and lightweight anonymous user authenticated session key exchange scheme for Internet of Things deployment. IEEE Internet Things J 6(5):8739–8752
Bassham LE, Rukhin AL, Soto J, Nechvatal JR, Smid ME, Barker EB, Heckert NA (2010) Sp 800–22 rev. 1a. “A statistical test suite for random and pseudorandom number generators for cryptographic applications”, Technical Report. National Institute of Standards & Technology, pp 1–131
Bernstein DJ (2005) Understanding brute force. In: Workshop Record of ECRYPT STVL Workshop on Symmetric Key Encryption, eSTREAM report, pp 1–10
Bhardwaj I, Kumar A, Bansal M (2017) A review on lightweight cryptography algorithms for data security and authentication in IoTs. In: 4th international conference on signal processing, computing and control (ISPCC). Solan, pp 504–509. https://doi.org/10.1109/ISPCC.2017.8269731
Chen CL, Chen CC, Li DK (2015) Mobile device based dynamic key management protocols for wireless sensor networks. J Sens. https://doi.org/10.1155/2015/827546
Cheng Y, Agrawal DP (2005) Efficient pairwise key establishment and management in static wireless sensor networks. In: IEEE international conference on mobile adhoc and sensor systems conference. Washington, DC, pp 7–550. https://doi.org/10.1109/MAHSS.2005.1542842
Chunka C, Goswami RS, Banerjee S (2018) An efficient mechanism to generate dynamic keys based on genetic algorithm. Secur Priv. https://doi.org/10.1002/spy2.37
Dahshan H, Irvine J (2009) Key management in web of trust for mobile ad hoc networks. In: International conference on advanced information networking and applications. Bradford, pp 363–370. https://doi.org/10.1109/AINA.2009.76
Durresi M, Subashi A, Durresi A, Barolli L, Uchida K (2019) Secure communication architecture for internet of things using smartphones and multi-access edge computing in environment monitoring. J Ambient Intell Human Comput 10(4):1631–1640
Gan G, Lu Z, Jiang J (2011) Internet of things security analysis. In: International conference on internet technology and applications. Wuhan, pp 1–4. https://doi.org/10.1109/ITAP.2011.6006307
Grover WD (1997) Self-organizing broad-band transport networks. Proc IEEE 85(10):1582–1611
Guo J, Ling S, Rechberger C, Wang H (2010) Advanced meet-in-the-middle preimage attacks: first results on full tiger, and improved results on MD4 and SHA-2. In: Abe M (ed) Advances in cryptology - ASIACRYPT 2010. https://doi.org/10.1007/978-3-642-17373-8_4
Hameed S, Khan FI, Hameed B (2019) Understanding security requirements and challenges in internet of things (IoT): a review. J Comput Netw Commun. https://doi.org/10.1155/2019/9629381
Huang J, Jiang T (2015) Dynamic secret key generation exploiting ultra-wideband wireless channel characteristics. In: IEEE wireless communications and networking conference (WCNC). New Orleans, LA, pp 1701–1706. https://doi.org/10.1109/WCNC.2015.7127724
Jiang Q, Zeadally S, Ma J, He D (2017) Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks. In: IEEE Access, vol 5, pp 3376–3392. https://doi.org/10.1109/ACCESS.2017.2673239
Kaltz J, Lindell Y (2008) Introduction to modern cryptography: principles and protocols. Chapman & Hall/CRC Cryptography and Network Security, pp 1–598
Katz J, Lindell Y (2014) Introduction to modern cryptography. CRC Press, Boca Raton, pp 1–15
Kendhe AK, Agrawal H (2013) A survey report on various cryptanalysis techniques. Int J Soft Comput Eng 3(2):287–293
Khovratovich D, Rechberger C, Savelieva A (2012) Bicliques for preimages: attacks on skein-512 and the SHA-2 family. In Proceedings of the 19th international conference on Fast Software Encryption (FSE'12). Springer-Verlag, Berlin, Heidelberg, pp 244–263. https://doi.org/10.1007/978-3-642-34047-5_15
Korenda AR, Afghah F, Cambou B (2018) A secret key generation scheme for internet of things using ternary-states ReRAM-based physical unclonable functions. In: IEEE International Wireless Communications & Mobile Computing Conference (IWCMC), pp 1261–1266
Krishnan P, Najeem JS, Achuthan K (2018) SDN framework for securing IoT networks. In: Kumar N, Thakre A (eds) Ubiquitous communications and network computing UBICNET 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 218. Springer, Cham. https://doi.org/10.1007/978-3-319-73423-1_11
Krishnan P, Jose PG, Jain K, Achuthan K, Buyya R (2020) SDN enabled QoE and security framework for multimedia applications in 5G networks. ACM transactions on multimedia computing, communications, and applications (TOMM). https://doi.org/10.1145/3377390
Kumar Y, Munjal R, Sharma H (2011) Comparison of symmetric and asymmetric cryptography with existing vulnerabilities and countermeasures. Int J Comput Sci Manag Stud 11(03):60–63
Kungpisdan S, Le PD, Srinivasan B (2004) A limited-used key generation scheme for internet transactions. In: Proceedings of the 5th international conference on Information Security Applications (WISA’04). Springer-Verlag, Berlin, Heidelberg, pp 302–316. https://doi.org/10.1007/978-3-540-31815-6_25
Liu D, Ning P (2005) Improving key predistribution with deployment knowledge in static sensor networks. ACM Trans Sens Netw 1(2):204–239
Ma M, Shi G, Li F (2019) Privacy-oriented blockchain-based distributed key management architecture for hierarchical access control in the IoT scenario. In: IEEE access, vol 7. pp 34045–34059. https://doi.org/10.1109/ACCESS.2019.2904042
Manjula T, Anand B (2019) A secured multiplicative Diffie Hellman key exchange routing approach for mobile ad hoc network. J Ambient Intell Human Comput. https://doi.org/10.1007/s12652-019-01612-8
Margelis G, Fafoutis X, Oikonomou G, Piechocki R, Tryfonas T, Thomas P (2019) Efficient DCT-based secret key generation for the internet of things. Ad Hoc Netw 92(2019):1–13
Maurya AK, Sastry VN (2017) Fuzzy extractor and elliptic curve based efficient user authentication protocol for wireless sensor networks and Internet of Things. Information 8(4):1–38
Melki R, Noura HN, Chehab A (2019) Lightweight and secure D2D authentication & key management based on PLS. In: IEEE 90th vehicular technology conference (VTC2019-Fall). Honolulu, HI, USA, pp 1–7. https://doi.org/10.1109/VTCFall.2019.8891531
Moharana SR et al (2017) Secure key-distribution in IoT cloud networks. In: Third international conference on sensing, signal processing and security (ICSSS). pp 197–202
Ndibanje B, Lee HJ, Lee SG (2014) Security analysis and improvements of authentication and access control in the internet of things. Sensors 14(8):14786–14805
Ngo HH, Wu X, Le PD, Wilson C, Srinivasan B (2010) Dynamic key cryptography and applications. IJ Netw Secur 10(3):161–174
Paar C, Pelzl J (2009) Understanding cryptography: a textbook for students and practitioners. Springer, New York, pp 1–182
Paul A, Rho S (2016) Probabilistic model for M2M in IoT networking and communication. Telecommun Syst 62(1):59–66
Peniak P, Bubeníková E (2019) Validation of IoT secure communication gateway for constrained devices. In: International conference on applied electronics (AE). Pilsen, Czech Republic, pp 1–5. https://doi.org/10.23919/AE.2019.8866990
Perrig A, Szewczyk R, Tygar JD, Wen V, Culler DE (2002) SPINS: security protocols for sensor networks. Wirel Netw 8(5):521–534
Rafaeli S, Hutchison D (2003) A survey of key management for secure group communication. ACM Comput Surv 35(3):309–329
Ren K, Lou W, Zhang Y (2008) LEDS: Providing location-aware end-to-end data security in wireless sensor networks. IEEE Trans Mob Comput 7(5):585–598
Riddhi N, Gamit N (2015) An efficient algorithm for dynamic key generation for image encryption. In: International conference on computer, communication and control (IC4). Indore, pp 1–5. https://doi.org/10.1109/IC4.2015.7375690
Rogaway P, Shrimpton T (2004) Cryptographic hash-function basics: definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. In: International workshop on fast software encryption, pp 371–388
Roman R, Alcaraz C, Lopez J, Sklavos N (2011) Key management systems for sensor networks in the context of the Internet of Things. Comput Electr Eng 37(2):147–159
Ronen E, Shamir A, Weingarten AO, O’Flynn C (2017) IoT goes nuclear: creating a zigbee chain reaction. In: IEEE symposium on security and privacy (SP). San Jose, CA, pp 195–212. https://doi.org/10.1109/SP.2017.14
Rukhin A, Soto J, Nechvatal J, Smid M, Barker E (2001) A statistical test suite for random and pseudorandom number generators for cryptographic applications. Booz-allen and hamilton inc mclean va, Special Publication (NIST SP) - 800-22 Rev 1a, pp 1–164
Saito T, Hatsugai R, Kito T (2006) On compromising password-based authentication over HTTPS. In: 20th international conference on advanced information networking and applications, Vol 1 (AINA'06). Vienna, pp 869–874. https://doi.org/10.1109/AINA.2006.244
Sankaran S (2016) Lightweight security framework for IoTs using identity based cryptography. In: International conference on advances in computing, communications and informatics (ICACCI). Jaipur, pp 880–886. https://doi.org/10.1109/ICACCI.2016.7732156
Sathyadevan S, Achuthan K, Doss R, Pan L (2019) Protean authentication scheme – A time-bound dynamic keyGen authentication technique for IoT edge nodes in outdoor deployments. In: IEEE Access, vol 7. pp 92419–92435. https://doi.org/10.1109/ACCESS.2019.2927818
Shah A, Engineer M (2019) A survey of lightweight cryptographic algorithms for IoT-based applications. In: Tiwari S, Trivedi M, Mishra K, Misra A, Kumar K (eds) Smart innovations in communication and computational sciences. Advances in intelligent systems and computing, vol 851. Springer, Singapore. https://doi.org/10.1007/978-981-13-2414-7_27
Shin S, Kwon T (2020) A privacy-preserving authentication, authorization, and key agreement scheme for wireless sensor networks in 5G-integrated internet of things. In: IEEE access, vol 8. pp 67555–67571. https://doi.org/10.1109/ACCESS.2020.2985719
Syverson P (1994) A taxonomy of replay attacks [cryptographic protocols]. In: Proceedings the computer security foundations workshop VII. Franconia, NH, USA, pp 187–191. https://doi.org/10.1109/CSFW.1994.315935
Wazid M, Das AK, Odelu V, Kumar N, Conti M, Jo M (2017) Design of secure user authenticated key management protocol for generic IoT networks. IEEE Internet Things J 5(1):269–282
Xiao S, Guo Y, Huang K, Jin L (2017) High-rate secret key generation aided by multiple relays for Internet of Things. Electron Lett 53(17):1198–1200
Yousefpoor MS, Barati H (2019) Dynamic key management algorithms in wireless sensor networks: a survey. Comput Commun. https://doi.org/10.1016/j.comcom.2018.11.005
Zhao CW, Jegatheesan J, Loon SC (2015) Exploring iot application using raspberry pi. Int J Comput Netw Appl 2(1):27–34
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Pothumarti, R., Jain, K. & Krishnan, P. A lightweight authentication scheme for 5G mobile communications: a dynamic key approach. J Ambient Intell Human Comput (2021). https://doi.org/10.1007/s12652-020-02857-4
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s12652-020-02857-4