QoS-aware and compromise-resilient key management scheme for heterogeneous wireless Internet of Things

The Internet of Things (IOT) is envisioned as a natural evolution of the Internet, promising to enable ubiquitous connections for pervasive objects. The evolutionary merging of heterogeneous wireless networks is inevitable for smooth migration to IOT; for example, in a typical application of IOT-smart homes-there exist sensor-radio frequency identification (RFID) hybrid networks. The communication security between sensor (or RFID tags) and home control center is critical, whereas an appropriate key management scheme is a prerequisite for communication security. In this paper, we propose a compromise resilient key management scheme including key agreement schemes and key evolution policies to tackle existing remarkable asymmetry with respect to computation resources of hybrid networks. In particular, a forward and backward secure key evolution policy with formal proof is proposed. We also propose a quality of service (QoS)-aware enhancement method by measuring several metrics such as data assurance priority, attacking risk, and remaining power percentage. Security parameter negotiation and a tuning method are proposed, based on reactive measurement in real time. Our proposed scheme is built on abstract cryptographic primitives such as trapdoor permutation, pseudorandom function, pseudorandom number generator, one-way function and hash function so as to retain flexibility for concrete options. Security and performance for proposed key agreement schemes and key evolution policies are compared in detail. Three QoS-aware security strategies are proposed: performance first, security second (PFSS); security first, performance second (SFPS); and performance security made balanced (PSMB). Measurement-based negotiation of security parameters is also proposed in terms of algorithm prototype. Copyright (C) 2011 John Wiley & Sons, Ltd.