End-to-end secure group communication for the Internet of Things

Abstract

Abstract The remarkable growth of the Internet of Things (IoT) has given rise to application areas where it is crucial to secure the endpoints, to guarantee users privacy and even safety. In this context, secure group communication among low-cost devices is a fundamental and challenging research question. Namely, the limited computational resources of nodes, uncertain periods of connectivity, and potentially large number of connected devices make it impractical to apply established solutions to IoT settings. This paper specifies a security protocol, named Sharelock, that provides end-to-end security and confidentiality of messages exchanged by groups of communicating nodes. The protocol establishes long-term security for nodes communicating through untrusted edge servers and scales to large groups of nodes by using cryptographic primitives that are not only applicable to low-cost devices, but also suitable for post-quantum cryptography. The protocol is designed to support the exchange and storage of generic messages among nodes, thereby making it appropriate for a wide range of IoT applications.