Scyther Validated Session Key Establishment in IoT

摘要

Key agreement is a bed rock of all security services and primitives. Asymmetric cryptography is a widely adopted method for negotiating a session key over an insecure communication channel. The usage of asymmetric cryptography for key agreement based on elliptical curve cryptography in IoT is of considerable research interest. This owning to the fact that ECC based cryptography is computational less intense than traditional cryptography. The computational effectiveness makes it suitable for resource constraint devices used in IOT and smart city application. In this paper, a de-facto key exchange protocol, Elliptical Curve Diffie-Hellman(ECDH) is evaluated and formally validated .The limitations of ECDH are also pointed out. A session key agreement scheme based on elliptical curve cryptography has been suggested. The scheme has also been simulated in Scyther to validate it against various attacks.