Privacy-Preserving Machine Authenticated Key Agreement for Internet of Things

Beaton Kapito; Mwawi Nyirenda; Hyunsung Kim; Beaton Kapito; Mwawi Nyirenda; Hyunsung Kim

doi:10.5121/ijcnc.2021.13206

Volume 13, Number 2

Privacy-Preserving Machine Authenticated Key Agreement for Internet of Things

Authors

Beaton Kapito^1,3, Mwawi Nyirenda¹ and Hyunsung Kim^1,2, ¹University of Malawi, Malawi, ²Kyungil University, Korea, ³Malawi Adventist University, Malawi

Abstract

Internet of things (IoT) is the integration of computer-based systems and the physical world in which things interact with each other. Due to heterogeneity and resource-constrained feature of IoT devices, there are many privacy and security challenges resulting in many threat vulnerabilities in IoT environments. After reviewing and analyzing the recent IoT security, privacy, and authentication protocols, we will withdraw research gaps focused on the elimination of human factors in IoT authentication. In order to fill these research gaps, this paper proposes a privacy-preserving machine authenticated key agreement based on IoT, denoted as IoTMAKA. IoTMAKA uses dynamic identity and machine fingerprint to provide security and privacy. Security analysis shows that IoTMAKA provides anonymity and untraceability, provides freshness, and is secure against passive and active attacks. IoTMAKA reduces communication overheads by 20% and computational overheads by 25% on average as compared to the previous related works.

Keywords

Internet of Things, Authenticated Key Agreement, Privacy, Machine Authentication, Cryptography.

Archives