The Internet of Things (IoT) environment is constantly evolving. Many IoT services have emerged, improving living conditions. Smart homes were among the first developments, and smart buildings, smart factories, and smart cities are attracting increasing attention. Smart cities represent the ultimate convergence of the IoT, the Cloud, big data, and mobile technology. Smart homes, buildings, and factories create smart cities. In addition, the IoT finds applications in traffic control, public safety, and medical services, permitting group-based communication. As the scale of service grows, the number of things (devices) constituting the service also increases. However, security vulnerabilities arise in group-based communication environments. A device may require authentication when entering a gateway; to secure environments with large numbers of devices (such as those featuring IoT smart metering), the gateways bear heavy loads. Therefore, efficient authentication of group leaders and devices is essential. Here, we develop a dynamic group authentication and key exchange scheme for group-based IoT smart metering environments which enables efficient communication among secure IoT services. Our group authentication scheme increases the computational efficiency of the group leader and the participating devices, based on a threshold secret sharing technique.
As concern about IoT is increasing recently, various IoT services are being launched. Smart home is closely related to our daily life by combining IoT with user's residential space. Therefore, if an unauthorized user accesses a device inside a Smart home, it can cause more serious damage to user as it is related with daily lives. For instance executing the command allowing unauthenticated access for the internal locking device can be a real harm to user's property like a home invasion. To prevent this problem, this paper introduces 3PAKE Techniques, which provides authenticated Key exchange through Home gateway using Password-based Authenticated Key Exchange(PAKE).
The Internet of Things (IoT) environment consists of numerous devices. In general, IoT devices communicate with each other to exchange data, or connect to the Internet through a gateway to provide IoT services. Most IoT devices participating in the IoT service are lightweight devices, in which the existing cryptographic algorithm cannot be applied to provide security, so a more lightweight security algorithm must be applied. Cryptographic technologies to lighten and provide efficiency for IoT environments are currently being studied a lot. In particular, it is necessary to provide efficiency for computation at a gateway, a point where many devices are connected. Additionally, as many devices are connected, data authentication and integrity should be fully considered at the same time, and thus digital signature schemes have been proposed. Among the recently studied signature algorithms, the certificateless signature (CLS) based on certificateless public key cryptography (CL-PKC) provides efficiency compared to existing public key-based signatures. However, in CLS, security threats, such as public key replacement attacks and signature forgery by the malicious key generation center (KGC), may occur. In this paper, we propose a new signature scheme using CL-PKC in generating and verifying the signature of a message in an IoT environment. The proposed scheme is a certificateless aggregate arbitrated signature, and the gateway aggregates the signatures of messages generated by the device group to reduce the size of the entire signature. In addition, it is designed to be safe from security threats by solving the problems caused by public key replacement attacks and malicious KGC, and adding arbitrated signatures of the gateway to strengthen non-repudiation.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.