Volume 13, Number 2

Privacy-Preserving Machine Authenticated Key Agreement for Internet of Things


Beaton Kapito1,3, Mwawi Nyirenda1 and Hyunsung Kim1,2, 1University of Malawi, Malawi, 2Kyungil University, Korea, 3Malawi Adventist University, Malawi


Internet of things (IoT) is the integration of computer-based systems and the physical world in which things interact with each other. Due to heterogeneity and resource-constrained feature of IoT devices, there are many privacy and security challenges resulting in many threat vulnerabilities in IoT environments. After reviewing and analyzing the recent IoT security, privacy, and authentication protocols, we will withdraw research gaps focused on the elimination of human factors in IoT authentication. In order to fill these research gaps, this paper proposes a privacy-preserving machine authenticated key agreement based on IoT, denoted as IoTMAKA. IoTMAKA uses dynamic identity and machine fingerprint to provide security and privacy. Security analysis shows that IoTMAKA provides anonymity and untraceability, provides freshness, and is secure against passive and active attacks. IoTMAKA reduces communication overheads by 20% and computational overheads by 25% on average as compared to the previous related works.


Internet of Things, Authenticated Key Agreement, Privacy, Machine Authentication, Cryptography.