Lightweight collaborative key establishment scheme for the Internet of Things

This work addresses new security issues in the Internet of Things (IoT). The heterogeneous nature of IoT communications and imbalance in resource capabilities between IoT entities make it challenging to provide the required end-to-end secured connections. Clarifying how existing security protocols can be adapted to fulfill these new challenges still has to be improved. A direct use of existing key exchange schemes between two IoT entities may be unfeasible unless both entities be able to run the resource consuming cryptographic primitives required to bootstrap them – thus leaving aside a whole class of resource-constrained devices. In this paper, we revisit existing end-to-end security standards and key establishment schemes and discuss their limitations considering the specific scenarios of the IoT. Later, we propose novel collaborative approaches for key establishment designed to reduce the requirements of these existing security protocols. A constrained device may delegate its heavy cryptographic load to less constrained nodes in neighborhood exploiting the spatial heterogeneity of IoT environment. We demonstrate through a performance analysis that our collaborative key establishment solution allows for a reduction in energy consumption at the constrained device by up to 80% in comparison with existing key establishment schemes.