Cryptology ePrint Archive: Report 2019/911

IoT-Friendly AKE: Forward Secrecy and Session Resumption Meet Symmetric-Key Cryptography

Gildas Avoine and Sébastien Canard and Loïc Ferreira

Abstract: With the rise of the Internet of Things and the growing popularity of constrained end-devices, several security protocols are widely deployed or strongly promoted (e.g., Sigfox, LoRaWAN, NB-IoT). Based on symmetric-key functions, these protocols lack in providing security properties usually ensured by asymmetric schemes, in particular forward secrecy. We describe a 3-party authenticated key exchange protocol solely based on symmetric-key functions (regarding the computations done between the end-device and the back-end network) which guarantees forward secrecy. Our protocol enables session resumption (without impairing security). This allows saving communication and computation cost, and is particularly advantageous for low-resource end-devices. Our 3-party protocol can be applied in a real-case IoT deployment (i.e., involving numerous end-devices and servers) such that the latter inherits from the security properties of the protocol. We give a concrete instantiation of our key exchange protocol, and formally prove its security.

Category / Keywords: cryptographic protocols / Security protocols, Authenticated key exchange, Symmetric-key cryptography, Session resumption, Forward secrecy, Security model, Internet of Things

Original Publication (with major differences): ESORICS 2019

Date: received 8 Aug 2019

Contact author: loic ferreira at orange com

Available format(s): PDF | BibTeX Citation

Version: 20190812:181129 (All versions of this report)

Short URL: ia.cr/2019/911


[ Cryptology ePrint archive ]