IET Wireless Sensor Systems (Apr 2021)

DEC‐LADE: Dual elliptic curve‐based lightweight authentication and data encryption scheme for resource constrained smart devices

  • Vidya Rao,
  • Prema K. V.

DOI
https://doi.org/10.1049/wss2.12014
Journal volume & issue
Vol. 11, no. 2
pp. 91 – 109

Abstract

Read online

Abstract The fast growth in Internet‐of‐Things (IoT) applications has increased the number of end‐devices communicating over the Internet. As these resource‐constrained devices are connected over the Internet, they are exposed to various security and privacy issues. Traditionally, to provide end‐to‐end security, research efforts have been carried out using elliptic curve cryptography‐based authentication schemes. These existing schemes use a single set of elliptic curve parameters to generate the public and private keys, which are prone to be hacked under intense cryptanalysis. Thereby to increase the security strength the proposed method uses two sets of dynamic elliptic curves for performing digital signature and encryption processes. The method is evaluated on a client‐server model using the Raspberry Pi‐3 device. Herein, the choice of elliptic curves is made random at the client node and the reference of each elliptic curve is exchanged with the server during the key‐exchange process. The choice of elliptic curves is delegated to the client machine to avoid the unwanted delay that would be encounter if server had to choose the curve. This is done because the client senses the data at regular intervals of time and forwards it to the server securely. Experiments were conducted to measure the time taken for hashing function, key generation, signature generation, signature verification, encryption and decryption process. On comparing the proposed DEC‐LADE with cBLAKE2b, an improvement was seen at 13.76%, 2.57%, 18.36%, 6.12%, 9.91% and 6.08% less time, respectively, than LWDSA with mBLAKE2b. Theoretical and real‐time security evaluations are performed for man‐in‐the‐middle attack, replay attack, and a denial‐of‐service attack.

Keywords