[Resource Topic] 2019/911: IoT-Friendly AKE: Forward Secrecy and Session Resumption Meet Symmetric-Key Cryptography

Welcome to the resource topic for 2019/911

Title:
IoT-Friendly AKE: Forward Secrecy and Session Resumption Meet Symmetric-Key Cryptography

Authors: Gildas Avoine, Sébastien Canard, Loïc Ferreira

Abstract:

With the rise of the Internet of Things and the growing popularity of constrained end-devices, several security protocols are widely deployed or strongly promoted (e.g., Sigfox, LoRaWAN, NB-IoT). Based on symmetric-key functions, these protocols lack in providing security properties usually ensured by asymmetric schemes, in particular forward secrecy. We describe a 3-party authenticated key exchange protocol solely based on symmetric-key functions (regarding the computations done between the end-device and the back-end network) which guarantees forward secrecy. Our protocol enables session resumption (without impairing security). This allows saving communication and computation cost, and is particularly advantageous for low-resource end-devices. Our 3-party protocol can be applied in a real-case IoT deployment (i.e., involving numerous end-devices and servers) such that the latter inherits from the security properties of the protocol. We give a concrete instantiation of our key exchange protocol, and formally prove its security.

ePrint: https://eprint.iacr.org/2019/911

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .