Resilient Intermediary-Based Key Exchange Protocol for IoT

Due to the limited resources of Internet of Things (IoT) devices, Symmetric Key Cryptography (SKC) is typically favored over resource-intensive Public Key Cryptography (PKC) to secure communication between IoT devices. To utilize SKC, devices need to execute a key exchange protocol to establish a session key before initiating communication. However, existing SKC-based key exchange protocols assume that communication devices have a pre-shared secret or there are trusted intermediaries between them; neither is always realistic in IoT. We introduce a new SKC-based key exchange protocol for IoT devices. While also intermediary based, our protocol fundamentally departs from existing intermediary-based solutions in that intermediaries between two key exchange devices may be malicious, and moreover, our protocol can detect cheating behaviors and identify malicious intermediaries. We prove our protocol is secure under the universally composable model, and show that it can detect malicious intermediaries with probability 1.0. We implemented and evaluated our protocol on different IoT devices. We show that our protocol has significant improvements in computation time and energy cost. Compared to the PKC-based protocols ECDH, DH, and RSA, our protocol is 2.3 to 1,591 times faster on one of the two key exchange devices and 0.7 to 4.67 times faster on the other.