Paper 2019/911
IoT-Friendly AKE: Forward Secrecy and Session Resumption Meet Symmetric-Key Cryptography
Gildas Avoine, Sébastien Canard, and Loïc Ferreira
Abstract
With the rise of the Internet of Things and the growing popularity of constrained end-devices, several security protocols are widely deployed or strongly promoted (e.g., Sigfox, LoRaWAN, NB-IoT). Based on symmetric-key functions, these protocols lack in providing security properties usually ensured by asymmetric schemes, in particular forward secrecy. We describe a 3-party authenticated key exchange protocol solely based on symmetric-key functions (regarding the computations done between the end-device and the back-end network) which guarantees forward secrecy. Our protocol enables session resumption (without impairing security). This allows saving communication and computation cost, and is particularly advantageous for low-resource end-devices. Our 3-party protocol can be applied in a real-case IoT deployment (i.e., involving numerous end-devices and servers) such that the latter inherits from the security properties of the protocol. We give a concrete instantiation of our key exchange protocol, and formally prove its security.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Major revision. ESORICS 2019
- Keywords
- Security protocolsAuthenticated key exchangeSymmetric-key cryptographySession resumptionForward secrecySecurity modelInternet of Things
- Contact author(s)
- loic ferreira @ orange com
- History
- 2019-08-12: received
- Short URL
- https://ia.cr/2019/911
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/911,
author = {Gildas Avoine and Sébastien Canard and Loïc Ferreira},
title = {{IoT}-Friendly {AKE}: Forward Secrecy and Session Resumption Meet Symmetric-Key Cryptography},
howpublished = {Cryptology {ePrint} Archive, Paper 2019/911},
year = {2019},
url = {https://eprint.iacr.org/2019/911}
}
