research-article

Efficient authentication of resource-constrained IoT devices based on ECQV implicit certificates and datagram transport layer security protocol

Authors:

Kha Tho Nguyen,

John K. ZaoAuthors Info & Claims

SoICT '16: Proceedings of the 7th Symposium on Information and Communication Technology

Pages 173 - 179

https://doi.org/10.1145/3011077.3011108

Published: 08 December 2016 Publication History

SoICT '16: Proceedings of the 7th Symposium on Information and Communication Technology

Efficient authentication of resource-constrained IoT devices based on ECQV implicit certificates and datagram transport layer security protocol

Pages 173 - 179

Abstract
References

Abstract

This paper introduces a design and implementation of a security scheme for the Internet of Things (IoT) based on ECQV Implicit Certificates and Datagram Transport Layer Security (DTLS) protocol. In this proposed security scheme, Elliptic curve cryptography based ECQV implicit certificate plays a key role allowing mutual authentication and key establishment between two resource-constrained IoT devices. We present how IoT devices get ECQV implicit certificates and use them for authenticated key exchange in DTLS. An evaluation of execution time of the implementation is also conducted to assess the efficiency of the solution.

References

[1]

Certicom Research 2013. SEC 4: Elliptic Curve QuVanstone Implicit Certificate Scheme. Standards for Efficient Cryptography Group, Version 1.0 (Jan. 2013).

[2]

Certicom 2004. Explaining Implicit Certificate. Technical Report, Certicom.

[3]

Porambage, P., Shmitt, C., Kumar, P., Gurtov, A. and Ylianttlila M. 2014. Two-phase Authentication Protocol for Wireless Sensor Networks in Distributed IoT Applications. In IEEE Wireless Communications and Networking Conference (WCNC) (Istanbul, Turkey, Apr. 6, 2014), 2728--2733.

[4]

Porambage, P., Kumar, P., Gurtov, A., Ylianttila, M. and Harjula, E. 2013. Certificate based keying scheme for DTLS secured IoT. Internet-Draft: draft-pporamba-dtls-certkey-01. Internet Engineering Task Force (IETF) (Dec. 2013).

[5]

Rescorla, E., Modadugu, N. 2012. Datagram Transport Layer Security Version 1.2. RFC6347. Internet Engineering Task Force (IETF) (Jan. 2012).

[6]

Sciancalepore, S., Capossele, A., Piro, G., Boggia G. and Bianchi, G. 2015. Key management protocol with implicit certificates for IoT systems. In Proceedings of ACM MobiSys 2015 Workshop (Florence, Italy, May 18, 2015).

Digital Library

[7]

Porambage, P., Kumar, P., Schmitt, C., Gurtov A. and Ylianttila, M. 2013. Certificate-based pairwise key establishment protocol for wireless sensor netwoks. In IEEE 16^th International Conference on Computational Science and Engineering (Sydney, Australia, Dec. 2013).

Digital Library

[8]

Fan, X. and Gong, G. 2013. Securing ZigBee Smart Energy Profile 1.x with OpenECC library. In 20^th ACM Conference on Computer and Communications Security (Berlin, Germany, Nov. 2013).

Digital Library

[9]

Kothmayr, T., Schmitt, C., Hu, W., Brünig, M. and Carle. G. 2012. A DTLS based end-to-end security architecture for the internet of things with two-way authentication. In IEEE 37^th Conference on Local Computer Networks (Florida, U.S.A., Oct. 2012).

[10]

ETSI 2015. Architecture Part 1: Analysis of the architectures proposed for consideration by oneM2M. Technical Report: TR 118 502, ETSI Standards (Apr. 2015).

[11]

OneM2M 2015. Security Solutions. Technical Specification: TS 0003, OneM2M Standards (Jan. 2015).

[12]

Blake-Wilson, S., Bolyard, N., Gupta, V., Hawk, C. and Moeller, B. 2006. Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS). RFC4492, Informational. Internet Engineering Task Force (IETF) (May 2006).

[13]

Certicom Research 2009. SEC 1: Elliptic Curve Cryptography. Standards for Efficient Cryptography Group, Version 2.1 (May 2009).

[14]

ITU-T 2012. ITU-T Recommendation X.501, Information Technology - Open Systems Interconnection - The Directory: Models. ITU-T (Oct. 2012).

[15]

Pellikka, J. An open source ECQV implementation. https://github.com/jpellikk/ecqv-keygen (Jun. 20, 2012).

Cited By

Herbst JRüb MSanon SLipps CSchotten H(2024)Medical Data in Wireless Body Area Networks: Device Authentication Techniques and Threat Mitigation Strategies Based on a Token-Based Communication ApproachNetwork10.3390/network40200074:2(133-149)Online publication date: 9-Apr-2024
https://doi.org/10.3390/network4020007
Chen YTso RHsu J(2024)Improved ECQV Implicit Certificates Providing Batch VerificationProceedings of the 2024 6th Blockchain and Internet of Things Conference10.1145/3688225.3688238(101-107)Online publication date: 19-Jul-2024
https://dl.acm.org/doi/10.1145/3688225.3688238
Wijethilaka SKumar Yadav ABraeken ALiyanage M(2024)Blockchain-Based Secure Authentication and Authorization Framework for Robust 5G Network SlicingIEEE Transactions on Network and Service Management10.1109/TNSM.2024.341641821:4(3988-4005)Online publication date: Aug-2024
https://doi.org/10.1109/TNSM.2024.3416418
Show More Cited By

Index Terms

Efficient authentication of resource-constrained IoT devices based on ECQV implicit certificates and datagram transport layer security protocol
1. Networks
  1. Network protocols
    1. Transport protocols
2. Security and privacy
  1. Cryptography
    1. Key management
    2. Public key (asymmetric) techniques
  2. Network security
    1. Security protocols

Recommendations

RFC 7925: Transport Layer Security (TLS) / Datagram Transport Layer Security (DTLS) Profiles for the Internet of Things
A Lightweight Authentication Protocol using Implicit Certificates for Securing IoT Systems
Abstract
IoT’s population is converging at a rate exceeding the population rate of many countries. IoT environment consist of many heterogeneous entities which are interconnected, controlled and monitored through internet. One of the most challenging tasks ...
RFC 7525: Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

SoICT '16: Proceedings of the 7th Symposium on Information and Communication Technology

December 2016

442 pages

ISBN:9781450348157

DOI:10.1145/3011077

General Chairs:
Nguyen Manh Hung
NTT University, Vietnam
,
Huynh Quyet Thang
HUST, Vietnam
,
Program Chairs:
Luc De Raedt
KULeuven, Belgium
,
Yves Deville
UCLouvain, Belgium
,
Marc Bui
EPHE, France
,
Truong Thi Dieu Linh
HUST, Vietnam
,
Publications Chairs:
Dinh Viet Sang
HUST, Vietnam
,
Nguyen Hong Phuong
HUST, Vietnam
,
Nguyen Thi Oanh
HUST, Vietnam

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 December 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Ministry of Science and Technology, Taiwan

Conference

SoICT '16

SoICT '16: Seventh International Symposium on Information and Communication Technology

December 8 - 9, 2016

Ho Chi Minh City, Vietnam

Acceptance Rates

SoICT '16 Paper Acceptance Rate 58 of 132 submissions, 44%;

Overall Acceptance Rate 147 of 318 submissions, 46%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

36
Total Citations
View Citations
576
Total Downloads

Downloads (Last 12 months)27
Downloads (Last 6 weeks)2

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Herbst JRüb MSanon SLipps CSchotten H(2024)Medical Data in Wireless Body Area Networks: Device Authentication Techniques and Threat Mitigation Strategies Based on a Token-Based Communication ApproachNetwork10.3390/network40200074:2(133-149)Online publication date: 9-Apr-2024
https://doi.org/10.3390/network4020007
Chen YTso RHsu J(2024)Improved ECQV Implicit Certificates Providing Batch VerificationProceedings of the 2024 6th Blockchain and Internet of Things Conference10.1145/3688225.3688238(101-107)Online publication date: 19-Jul-2024
https://dl.acm.org/doi/10.1145/3688225.3688238
Wijethilaka SKumar Yadav ABraeken ALiyanage M(2024)Blockchain-Based Secure Authentication and Authorization Framework for Robust 5G Network SlicingIEEE Transactions on Network and Service Management10.1109/TNSM.2024.341641821:4(3988-4005)Online publication date: Aug-2024
https://doi.org/10.1109/TNSM.2024.3416418
Borgohain PChoudhury H(2024)An AKA protocol for 5G-assisted D2D communication in Out-of-Coverage scenarioJournal of Network and Computer Applications10.1016/j.jnca.2024.104025232(104025)Online publication date: Dec-2024
https://doi.org/10.1016/j.jnca.2024.104025
Höglund JBouget SFuruhed MPreuß Mattsson JSelander GRaza S(2024)AutoPKI: public key infrastructure for IoT with automated trust transferInternational Journal of Information Security10.1007/s10207-024-00825-z23:3(1859-1875)Online publication date: 1-Jun-2024
https://dl.acm.org/doi/10.1007/s10207-024-00825-z
Wijethilaka SYadav ABraeken ALiyanage M(2023)A Novel Blockchain-based Decentralized Multi-party Certificate Management Framework2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom60117.2023.00186(1361-1368)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TrustCom60117.2023.00186
Krivokapic BTomovic SRadusinovic I(2023)Authenticated Key Exchange in Underwater Acoustic Sensor Networks based on Implicit Certificates: Performance Analysis2023 27th International Conference on Information Technology (IT)10.1109/IT57431.2023.10078623(1-4)Online publication date: 15-Feb-2023
https://doi.org/10.1109/IT57431.2023.10078623
Malik MKamaldeep Dutta MGranjal J(2023)L-ECQV: Lightweight ECQV Implicit Certificates for Authentication in the Internet of ThingsIEEE Access10.1109/ACCESS.2023.326166611(35517-35540)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3261666
Basic FSteger CKofler R(2022)Poster: Establishing Dynamic Secure Sessions for Intra-Vehicle Communication Using Implicit CertificatesProceedings of the 2022 INTERNATIONAL CONFERENCE ON EMBEDDED WIRELESS SYSTEMS AND NETWORKS10.5555/3578948.3578969(196-197)Online publication date: 2-Dec-2022
https://dl.acm.org/doi/10.5555/3578948.3578969
Ahanger TTariq UIbrahim AUllah IBouteraa YGebali F(2022)Securing IoT-Empowered Fog Computing Systems: Machine Learning PerspectiveMathematics10.3390/math1008129810:8(1298)Online publication date: 14-Apr-2022
https://doi.org/10.3390/math10081298
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten