Efficient, Flexible and Secure Group Key Management Protocol for Dynamic IoT Settings
share
Many Internet of Things (IoT) scenarios require communication to and data acquisition from multiple devices with similar functionalities. For such scenarios, group communication in the form of multicasting and broadcasting has proven to be effective. Group Key Management (GKM) involves the handling, revocation, updation and distribution of cryptographic keys to members of various groups. Classical GKM schemes perform inefficiently in dynamic IoT environments, which are those wherein nodes frequently leave or join a network or migrate from one group to another over time. Recently, the `GroupIt' scheme has been proposed for GKM in dynamic IoT environments. However, this scheme has several limitations such as vulnerability to collusion attacks, the use of computationally expensive asymmetric encryption and threats to the backward secrecy of the system. In this paper, we present a highly efficient and secure GKM protocol for dynamic IoT settings, which maintains forward and backward secrecy at all times. Our proposed protocol uses only symmetric encryption, and is completely resistant to collusion attacks. Also, our protocol is highly flexible and can handle several new scenarios in which device or user dynamics may take place, e.g., allowing a device group to join or leave the network or creation or dissolution of a user group, which are not handled by schemes proposed in prior literature. We evaluate the performance of the proposed protocol via extensive mathematical analysis and numerical computations, and show that it outperforms the GroupIt scheme in terms of the communication and computation costs incurred by users and devices.
READ FULL TEXT