Skip to main content

Incremental Threshold Scheme Enabled IoT Group Key Management

by Mingyan Li, Samuel C Hollifield, Michael Iannacone
Publication Type
Conference Paper
Book Title
2023 7th Cyber Security in Networking Conference (CSNet)
Publication Date
Page Numbers
123 to 129
Publisher Location
New Jersey, United States of America
Conference Name
IEEE 7th Cyber Security in Networking Conference (CSNet)
Conference Location
Montreal, Canada
Conference Sponsor
IEEE Commumication Society
Conference Date

Cyber landscape evolves rapidly. Internet of Things (IoT) and Edge Computing (EC) have rapidly become an integral part of the modern computing infrastructure. It is expected that there will be more than 50 billion active and connected IoT devices by 2025 [1]. Pervasive IoT/EC creates unprecedented opportunities bridging the gap between previously segregated cyber and physical spaces. However, this progress also brings along new security challenges. IoT devices typically have limited computation, communication, and storage resources. This leads to security architecture designs such as using symmetric keys for group communication. While secure and efficient in stable network settings, symmetric key solutions are ill-adapted for IoT's highly dynamic device mobility behavior and frequent group membership turnover. Whenever IoT members leave a group, the known symmetric keys cannot be made forgotten, posing a serious vulnerability. This leads to frequent re-groupings that require expensive re-authentication, key regeneration, and key redistribution in order to maintain IoT/EC security. We present a novel symmetric key management framework that integrate an Incremental Threshold Scheme (ITS) cryptographical function into communication protocol's key rotation mechanism to allow for secure and efficient symmetric key communication group member node revocation. This ITS-enabled key management framework alleviates the need of frequent and expensive re-grouping and re-keying needed by today's large and dynamic IoT/EC operations. We further applied this ITS-enabled key management framework to a distributed IoT/EC-integrated publish and subscribe framework for applicability validation.