SINGLETON: A lightweight and secure end-to-end encryption protocol for the sensor networks in the Internet of Things based on cryptographic ratchets

摘要

For many systems, safe connectivity is an important requirement, even if the transmitting machines are resource-constrained. The advent of the Internet of Things (IoT) has also increased the demand for low-power devices capable of connecting with each other or sending data to a central processing site. The IoT allows many applications in a smart environment, such as outdoor activity control, smart energy, infrastructure management, environmental sensing, or cyber-security issues. Security in such situations remains an open challenge because of the resource-constrained design of sensors and objects, or the multi-purpose adversaries may target the process during the life cycle of a smart sensor. This paper discusses widely used protocols that provide safe communications for various applications in IoT and also different attacks are defined. In this paper, to protect the IoT objects and sensors, we propose a comprehensive and lightweight security protocol based on Cryptographic Ratchets. That is, an encrypted messaging protocol using the Double Ratchet Algorithm is defined which we call Singleton, and the implementation of protocol is tested and compared to the implementation of the IoT standard protocols and a post-quantum version of the protocol. Various cryptographic primitives are also evaluated, and their suitability for use in the protocol is tested. The results show that the protocol as the building stone not only enables efficient resource-wise protocols and architectures but also provides advanced and scalable IoT sensors. Our design and analysis demonstrate that Singleton security architecture can be easily integrated into existing network protocols such as IEEE 802.15.4 or OMA LWM2M, which offers several benefits that existing approaches cannot offer both performance and important security services. For chat applications such as WhatsApp, Skype, Facebook Private Messenger, Google Allo, and Signal, a cryptographic ratchet-based protocol provides end-to-end encryption, forward secrecy, backward secrecy, authentication, and deniability.