Key Establishment and Trustful Communication for the Internet of Things

Davi Resner, Antônio Augusto Fröhlich


This work describes a practical solution for the problem of cryptographic key establishment and secure communication in the context of the Internet of Things, in which computational efficiency is a fundamental requirement. A symmetric-key establishment protocol based on AES, Poly1305-AES, time synchronization, Elliptic Curve Diffie-Hellman and sensor IDs is proposed to achieve data confidentiality, authentication, integrity and prevention from replay attacks. Such a protocol was implemented in the EPOS operating system in the form of a network layer that transparently provides trustfulness. Tests were executed on the EPOSMoteII platform and the analysis of the results shows that the implementation is adequate to be used in the scenario of embedded systems with low processing power.


  1. Atzori, L., Iera, A., and Morabito, G. (2010). The internet of things: A survey. Computer Networks, 54(15):2787 - 2805.
  2. Bernstein, D. J. (2005). The poly1305-aes messageauthentication code. In Proceedings of Fast Software Encryption, pages 32-49, Paris, France.
  3. Brown, M., Hankerson, D., López, J., and Menezes, A. (2001). Software implementation of the nist elliptic curves over prime fields. In Naccache, D., editor, Topics in Cryptology - CT-RSA 2001, volume 2020 of Lecture Notes in Computer Science, pages 250-265. Springer Berlin Heidelberg.
  4. Chang, J.-T., Liu, S., Gaudiot, J., and Liu, C. (2010). Hardware-assisted security mechanism: The acceleration of cryptographic operations with low hardware cost. In Performance Computing and Communications Conference (IPCCC), 2010 IEEE 29th International, pages 327 -328.
  5. Elkhodr, M., Shahrestani, S., and Cheung, H. (2013). The internet of things: Visions & challenges. In TENCON Spring Conference, pages 218 - 222.
  6. Fröhlich, A. A., Steiner, R., and Rufino, L. M. (2011). A trustful infrastructure for the internet of things based on eposmote. In 9th IEEE International Conference on Dependable, Autonomic and Secure Computing, pages 63-68, Sydney, Australia.
  7. Fu, X., Graham, B., Bettati, R., and Zhao, W. (2003). Active traffic analysis attacks and countermeasures. In Proceedings of the 2003 International Conference on Computer Networks and Mobile Computing, ICCNMC 7803, pages 31-, Washington, DC, USA. IEEE Computer Society.
  8. Huang, Q., Cukier, J., Kobayashi, H., Liu, B., and Zhang, J. (2003). Fast authenticated key establishment protocols for self-organizing sensor networks. In Proceedings of the 2Nd ACM International Conference on Wireless Sensor Networks and Applications, WSNA 7803, pages 141-150, New York, NY, USA. ACM.
  9. Jinwala, D., Patel, D., Patel, S., and Dasgupta, K. (2009). Replay protection at the link layer security in wireless sensor networks. In Computer Science and Information Engineering, 2009 WRI World Congress on, volume 1, pages 160 -165.
  10. Karlof, C., Sastry, N., and Wagner, D. (2004). Tinysec: a link layer security architecture for wireless sensor networks. In Proceedings of the 2nd international conference on Embedded networked sensor systems, SenSys 7804, pages 162-175, New York, NY, USA. ACM.
  11. Li-ping, Z. and Yi, W. (2009). An id-based key agreement protocol for wireless sensor networks. In 1st International Conference on Information Science and Engineering (ICISE), pages 2542 - 2545.
  12. Luk, M., Mezzour, G., Perrig, A., and Gligor, V. (2007). Minisec: A secure sensor network communication architecture. In Information Processing in Sensor Networks, 2007. IPSN 2007. 6th International Symposium on, pages 479 -488.
  13. Menezes, A., van Oorschot, P., and Vanstone, S. (1996). Handbook of Applied Cryptography. CRC Press.
  14. NSA (2009). The case for elliptic curve cryptography.
  15. Oliveira, P., Okazaki, A. M., and Fröhlich, A. A. (2012). Sincroniza cão de tempo a nível de so utilizando o protocolo ieee1588. In Simpósio Brasileiro de Engenharia de Sistemas Computacionais, Natal, Brazil.
  16. Pan, J., Wang, L., and Ma, C. (2011). Analysis and improvement of an authenticated key exchange protocol. In Bao, F. and Weng, J., editors, Information Security Practice and Experience, volume 6672 of Lecture Notes in Computer Science, pages 417-431. Springer Berlin Heidelberg.
  17. SEC (2000). Standards for Efficient Cryptography, SEC 2: Recommended Elliptic Curve Domain Parameters. Certicom Research.
  18. Sun, H.-M., Chang, S.-Y., Tello, A., and Chen, Y.-H. (2010). An authentication scheme balancing authenticity and transmission for wireless sensor networks. In Computer Symposium (ICS), 2010 International, pages 222 -227.
  19. Suo, H., Wan, J., Zou, C., and Liu, J. (2012). Security in the internet of things: A review. In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on, volume 3, pages 648-651.
  20. Zhou, Y., Fang, Y., and Zhang, Y. (2008). Securing wireless sensor networks: A survey. IEEE Communications Surveys & Tutorials, 10:6-28.

Paper Citation

in Harvard Style

Resner D. and Augusto Fröhlich A. (2015). Key Establishment and Trustful Communication for the Internet of Things . In Proceedings of the 4th International Conference on Sensor Networks - Volume 1: SENSORNETS, ISBN 978-989-758-086-4, pages 197-206. DOI: 10.5220/0005262701970206

in Bibtex Style

author={Davi Resner and Antônio Augusto Fröhlich},
title={Key Establishment and Trustful Communication for the Internet of Things},
booktitle={Proceedings of the 4th International Conference on Sensor Networks - Volume 1: SENSORNETS,},

in EndNote Style

JO - Proceedings of the 4th International Conference on Sensor Networks - Volume 1: SENSORNETS,
TI - Key Establishment and Trustful Communication for the Internet of Things
SN - 978-989-758-086-4
AU - Resner D.
AU - Augusto Fröhlich A.
PY - 2015
SP - 197
EP - 206
DO - 10.5220/0005262701970206