Abstract
The Internet of Things (IoT) connects billions of sensors to share and collect data at any time and place. The Advanced Metering Infrastructure (AMI) is one of the most important IoT applications. IoT supports AMI to collect data from smart sensors, analyse and measure abnormalities in the energy consumption pattern of sensors. However, two-way communication in distributed sensors is sensitive and tends towards security and privacy issues. Before deploying distributed sensors, data confidentiality and privacy and message authentication for sensor devices and control messages are the major security requirements. Several authentications and encryption protocols have been developed to provide confidentiality and integrity. However, many sensors in distributed systems, resource constraint smart sensors, and adaptability of IoT communication protocols in sensors necessitate designing an efficient and lightweight security authentication scheme. This paper proposes a Payload Encryption-based Optimisation Scheme for lightweight authentication (PEOS) on distributed sensors. The PEOS integrates and optimises important features of Datagram Transport Layer Security (DTLS) in Constrained Application Protocol (CoAP) architecture instead of implementing the DTLS in a separate channel. The proposed work designs a payload encryption scheme and an Optimised Advanced Encryption Standard (OP-AES). The PEOS modifies the DTLS handshaking and retransmission processes in PEOS using payload encryption and NACK messages, respectively. It also removes the duplicate features of the protocol version and sequence number without impacting the performance of CoAP. Moreover, the PEOS attempts to improve the CoAP over distributed sensors in the aspect of optimised AES operations, such as parallel execution of S-boxes in SubBytes and delayed Mixcolumns. The efficiency of PEOS authentication is evaluated on Conitki OS using the Cooja simulator for lightweight security and authentication. The proposed scheme attains better throughput while minimising the message size overhead by 9% and 23% than the existing payload-based mutual authentication PbMA and basic DTLS/CoAP scheme in random network topologies with less than 50 nodes.
| Original language | English |
|---|---|
| Article number | 534 |
| Journal | Sensors |
| Volume | 22 |
| Issue number | 2 |
| DOIs | |
| Publication status | Published - 1 Jan 2022 |
| Externally published | Yes |
Bibliographical note
Publisher Copyright:© 2022 by the authors. Licensee MDPI, Basel, Switzerland.
Funding
The authors wish to acknowledge the funding contribution from Innovation UK, project UAS Authentication System (UASAS)-Program call Future flight challenge phase 2: Strand 1, fast track development under Grant (No. 75528) and the support from the centre for Autonomous and Cyber-Physical Systems at Cranfield. The proposed work has designed a mutual authentication scheme named Payload Encryption-based Optimisation Scheme for lightweight authentication (PEOS) on the Con- Encryption-based Optimisation Scheme for lightweight authentication (PEOS) on the strained Application Protocol (CoAP). Most of the existing works in CoAP security do Constrained Application Protocol (CoAP). Most of the existing works in CoAP security do not consider the overhead of Datagram Transport Layer Security (DTLS) in resource-constrained smart sensors. The proposed PEOS integrates and optimises some important features of DTLS in CoAP architecture to overcome this issue. It avoids the need to implement DTLS in a separate channel. Moreover, incorporating payload encryption and NACK messages improves the DTLS handshaking and re-transmission processes in PEOS. By removing the duplicate features of the protocol version and sequence number, the overhead is reduced significantly without impacting the performance of CoAP over distributed sensors. The proposed PEOS scheme exploits an Optimised Advanced Encryption Standard (OP-AES). Moreover, the PEOS implemented the parallel execution of S-boxes in SubBytes and delayed Mixcolumns in AES, and it successfully reduced the necaevsosiidtys tohfe acdhdainticoenoafl ksetoyrtargaece raebgiilsittyerasn. dMgoureesosvinerg, athtteacPkEsOinS CimoApPleomveenrtds itshtrei bduytnedamseinc skoerys. gTehneeuratitliioznat piornocoefssto aknedn aavnodiddsy tnhaem chicaknecye ogfe kneeyra ttriaocneapbroilciteys saensdi nguPeEsOsiSngavaottiadcskDs iDnoCSoaAnPd ocovnerfi ddiesntrtiiabluittyeda tsteancskosr.s.T Thheee ufftiicliizeantciyonofofPtEoOkeSnoavnedr ddiysntraimbuictekdeysegnesnoerrsaitniolnigphrtowceesigsehst isne cPuErOityS aavnodidasu tDhDenotSic aantido ncoinsfeidveanlutiaatleitdy oanttaCcoknst. iTkhi eOeSffuicsiienngctyhoefC PoEoOjaS soimveur ldaitsotrr.ibMuoterde- soevnesro, rths einprliogphotwseedigwhot rskecius rciotym apnadre aduwthiethnttihcaeteioxnistiisn egvpalauyaloteadd -obnasCeodnstcikhie OmSe uansidngb atshiec CDoToLjaS sinimthuelasteonr.s oMronreetowvoerr,k tshcee nparoripoo.sFerdo mwotrhke irse scuolmtsp, awreitdh wthiethlatrhgee epxaisytlionagdpsaizyelo, athde-btharsoeudgshcpheumt oefatnhde bparosipco DseTdLSsc ihnetmhee sisenimsopr rnoevtewdobrky s8c.7e%namrioo.r Fertohmanththe arteosuf ltths,e wexitihst itnhge lPabrgMeA pabyylocoands usimzei,n tgh1e5 t5h0romuigcrhopjouut loesf uthned perro5p0onsoedde sscrhaenmdoe mis tiomppolroogvye.d by 8.7% more than that of the existing PbMA by consuming 1550 microjoules under 50 nodes random topology.Author Contributions: N.A. performed the content, Conceptualization, Methodology, Software, Writing—Original draft preparation. S.A.-R. Reviewing—Discussion and feedback—Co-authored the Author Contributions: N.A. performed the content, Conceptualization, Methodology, Software, Writing—Original draft preparation. S.A.-R. Reviewing—Discussion and feedback—Co-authored the manuscript and supervised the research. G.I. Reviewing—Discussion and feedback—Co-supervised the research. All authors have read and agreed to the published version of the manuscript. track development under Grant (No. 75528) and the support from the centre for Autonomous and Cyber-Physical Systems at Cranfield.
| Funders | Funder number |
|---|---|
| Innovation UK | |
| UAS Authentication System | 75528 |
Keywords
- AES
- CoAP
- DTLS
- IoT
- Lightweight
- Payload encryption
- Security
- Sensors