Internet of Everything. The First EAI International Conference, IoECon 2022, Guimarães, Portugal, September 16-17, 2022, Proceedings

Research Article

Transient Session Key Derivation Protocol for Key Escrow Prevention in Public Key Infrastructure

Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-031-25222-8_9,
    author={Vincent Omollo Nyangaresi and Zaid Ameen Abduljabbar and Ismail Yaqub Maolood and Mustafa A. Al Sibahee and Junchao Ma and Abdulla J. Y. Aldarwish},
    title={Transient Session Key Derivation Protocol for Key Escrow Prevention in Public Key Infrastructure},
    proceedings={Internet of Everything. The First EAI International Conference, IoECon 2022, Guimar\"{a}es, Portugal, September 16-17, 2022, Proceedings},
    proceedings_a={IOECON},
    year={2023},
    month={1},
    keywords={Authentication De-synchronization Key escrow Security Privacy},
    doi={10.1007/978-3-031-25222-8_9}
}
  • Vincent Omollo Nyangaresi
    Zaid Ameen Abduljabbar
    Ismail Yaqub Maolood
    Mustafa A. Al Sibahee
    Junchao Ma
    Abdulla J. Y. Aldarwish
    Year: 2023
    Transient Session Key Derivation Protocol for Key Escrow Prevention in Public Key Infrastructure
    IOECON
    Springer
    DOI: 10.1007/978-3-031-25222-8_9
Vincent Omollo Nyangaresi1, Zaid Ameen Abduljabbar2, Ismail Yaqub Maolood3, Mustafa A. Al Sibahee4, Junchao Ma4,*, Abdulla J. Y. Aldarwish2
  • 1: Faculty of Biological and Physical Sciences, Tom Mboya University
  • 2: Department of Computer Science, College of Education for Pure Sciences, University of Basrah
  • 3: Department of Information and Communication Technology Center (ICTC) – System Information
  • 4: College of Big Data and Internet, Shenzhen Technology University
*Contact email: majunchao@sztu.edu.cn

Abstract

The Internet of Things (IoT) devices have been deployed to realize smart environments such as smart cities, smart homes, smart health and smart grids. In these domains, the IoT devices collect and forward high volumes of sensitive and private data. It is therefore important that security schemes be developed to protect the exchanged data. In this regard, a myriad of authentication protocols have been developed over the recent past. However, these schemes deploy cryptographic primitives that result in extremely high communication, storage and computation complexities. In addition, some of these protocols still have numerous security and privacy issues that render them unsuitable for deployment in an IoT environment. For instance, untraceability, anonymity, key escrow problems and attack vectors such as de-synchronization and forgery attacks are frequently ignored. In this paper, a transient session key derivation protocol is developed to address some of these security and efficiency challenges. The security analysis executed shows that this protocol offers untraceability, device anonymity and perfect forward key secrecy. In addition, it is robust against de-synchronization, known secret key leakage, eavesdropping and forgery attacks. In terms of operational efficiency, this protocol incurs the lowest computation and communication complexities.

Keywords
Authentication De-synchronization Key escrow Security Privacy
Published
2023-01-29
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-031-25222-8_9
Copyright © 2022–2025 ICST
EAI Logo

About EAI

Community

Publish with EAI