A

Seminar Report
on
KEY MANAGEMENT
SCHEMES IN IOT

By
Shreya Sinha (1609131152)

DEPARTMENT OF ELECTRONICS
AND COMMUNICATION
ENGINEERING
JSS ACADEMY OF TECHNICAL EDUCATION
C-20/1 SECTOR-62, NOIDA
[2019-2020]

1
 A
Seminar Report on
KEY
MANAGEMENT
SCHEMES IN IOT
In partial fulfillment of requirements for the degree of
Bachelor of
Technology in
Electronics and
Communication Engineering

SUBMITTED BY:

SHREYA SINHA

Under the Guidance of

Dr. Gayatri Sakya

DEPARTMENT OF ELECTRONICS
AND COMMUNICATION
ENGINEERING
JSS ACADEMY OF TECHNICAL EDUCATION
C-20/1 SECTOR-62, NOIDA
[2019-2020]

2
 CERTIFICATE

Certified that seminar work entitled “Key Management Schemes in Iot” is a bonafide
work carried out in the eight semester by Shreya Sinha in partial fulfilment for the award
of Bachelor of Technology in Electronics and Communication Engineering from JSS
Academy of Technical Education, Noida during the academic year 2019- 2020.

SIGNATURE

Dr. Gayatri Sakya

3
 TABLE OF CONTENTS PAGE NO.

ABSTRACT

CHAPTER 1: IOT 6

1. INTRODUCTION 6
1.1. HISTORY 7
1.2. PROBLEM 9
1.3. PURPOSE 11
1.4. GOAL 11
1.4.1. BENEFITS, ETHICS AND SUSTAINABILITY 12
1.5. METHODOLOGY 12
1.6. DELIMITATIONS 13
2. KEY MANAGEMENT SCHEMES IN IOT 14
2.1. SUPPLY CHAIN ARCHITECTURE 14
2.2. DESIGN REQUIREMENTS 15
2.3. PROPOSED SECURITY MODEL 17
2.4. CASE STUDY AND PERFORMANCE EVALUATION 20
3. KEY MANAGEMENT SCHEMES IN IOT 22
3.1. CLOUD IOT KEY MANAGEMENT 23
3.2. UNION KEY MANAGEMENT 24
3.2.1. UNION KEY MANAGEMENT PROCESS 25
3.3. CLOUD IOT SERVICES 26
3.4. FEDERATED KEY MANAGEMENT 28
4. KEY DISTRIBUTION 27
4.1. KEY DISTRIBUTION IN IOT DEVICES 30
4.2. IOT DEVICE SESSION KEY 31
4.3. ANALYSIS 31
5. CONCLUSION 33
BIBLIOGRAPHY 35

4
 CHAPTER 1. WHAT IS IOT?

1. INTRODUCTION

Internet has been significantly evolved during the past decades. Internet
evolution began with the research on packet switching and ARPANET to
connect several computers in a network. The focus of current research trend
is on making devices accessible and allowing communication between
devices which is known as the main characteristic of so-called the Internet of
Things (IoT).
The Internet of Things is a foundation that connects accessible devices so
that person-to-device and device-to-device communication are made
possible. The Internet of Things is seen as one of Internet general evolution
from a network connecting computers to a network connecting devices. The
main idea of the Internet of Things is to connect and allow communication
with and between devices around us. The devices are usually embedded with
smart components such as sensors, actuators, RFID tag, chips which manage
the communication and allow interaction to provide certain services. The
devices normally have limited resources in term of power, memory, and
computational capability. Some examples of the IoT devices can be found
anywhere as those devices are widely used such as Smart Home devices (e.g.
lighting, thermostat), Smart City devices (e.g. recycle systems, street
lighting), wearable devices (e.g. tracker band), healthcare devices (e.g. uid
management controller), vehicle and computers (e.g. personal tablet,
notebook).

A Wireless Sensor Network (WSN) is a network consists of a number of

sensors which functionalities vary. Sensor development nowadays is
growing rapidly. This will make WSN one of the main application of IoT.

5
 Following the current development of IoT, number of IoT devices is
predicted to be 50 billion in 2020. Considering the number of everyday
devices will be possibly involved in the future, the Internet of Things has
greater threats and risks than what Internet has until now. IoT is vulnerable
to breaches of privacy, physical safety of infrastructures we own (e.g. car,
house, personal computers), cybercrime, and other threats. IoT networks
tends to be dynamic and often consists of vast number of member. In order
to deal with this condition, the group key management shall also be highly
scalable. In this thesis, we provide the implementation and experiment of a
centralized group key management protocol designed for Wireless Sensor
Network where most of the devices have constrained resources. The group
key management implemented in this thesis efficiently manages the group
key when some devices are joining or leaving the group. The performance of
the group key management implemented will be measured and evaluated.

1.1 HISTORY

Utilization of a symmetric group key shared among group members is one of

the methods that can be used to achieve secure group communication. In
order to possess secure group communication, each device in the network
needs to know the group key. The group key should be updated when needed
or when the group key is compromised. Each group will have entity or
device that is responsible in managing the group key. This entity is called
Key Manager, or sometimes also known as Key Distribution Center (KDC).
Key Manager main tasks include generating group key when needed,
distributing the group key update or also known as rekeying, and manage
and keep the information related to group key. Rekeying is a process of
updating the group key held by the group members. Rekeying process may
happen periodically or when group membership is changed. To
accommodate all possible change in group membership, rekeying is usually
performed when the members are joining or leaving the group. Join case
happens when some new member will join group. Leaving case happens
when some existing member are leaving the group or being evicted from the

6
group. The group key management for network independent case can be
grouped into 3 schemes. The rst type of group key management is centralized
group key management scheme. In centralized scheme, each group will have
only one Key Manager. Since key management process is handled by the
Key Manager, centralized schemes tends to use less memory storage and
computational resource in the other group member. However the Key
Manager needs to be reliable and sometimes becomes the bottleneck in term
of performance and security because group key management functionality is
carried out by single entity. The second type of group key management is
decentralized scheme. In decentralized scheme, network may have more than
one Key Managers to manage the group key. Unlike centralized scheme, the
group key management load is shared to more entities. The group is divided
to smaller subgroups, and each Key Manager takes care of one subgroup.
Decentralized scheme needs to take care of the trust relationship between
each Key Manager and also with the members. The third type of group key
management is distributed scheme. In distributed scheme, the group key is
generated by all group members involve in certain session. This system is
more versatile since there is no specific Key Manager. Distributed scheme
requires more resources as all members needs to run group key management
processed. Key management process may also be disrupted when a member
is compromised or the members of the group in that certain session change.
Each member also needs to keep track which other members are involved in
the key generation. Comparing the three schemes of group key management,
decentralized and distributed schemes are more complicated. Implementing
those schemes will be more difficult in IoT network. In addition, the two
schemes are sometimes less scalable while IoT network has numerous
members and normally change quite rapid. In the other hand, centralized
scheme is suitable for a large group and dynamic group. Centralized scheme
needs less resources on non-Key Manager member side. This makes
centralized scheme is more suitable for IoT devices with constrained
resources. Group key management schemes must satisfy the following
requirements to secure communication in the group:

7
1. Group Key Secrecy Any passive adversary cannot compute the group key
at any time.
2. Forward Secrecy Leaving member that may be compromised cannot
compute the new group key. Any information known by leaving member
should be updated. In effect, the leaving member has no capability in
computing any new information that is legitimate and used within the group.
3. Backward Secrecy Existing member that may be compromised cannot
compute the previous group key.
4. Key Independence Existing member that may be compromised cannot use
any information known to compute the key of other groups.
5. Collusion Resilience Some set of leaving members can cooperate by
sharing information they possess to compute the new group key.

When member m2 is leaving the group, Key Manager sends two messages:
the new group key K+ G encrypted with member m1 key to member m1 and
the new group key K+ G encrypted with member m3 key to member m3.
The storage overhead of basic rekeying protocol is a constant. Each member
only needs to save 2 keys: the group key and its own key. The basic rekeying
protocol is efficient in the case new node is joining. Key Manager only need
to send one broadcast message. But, for the case where the existing member
is leaving, all remaining member needs to be rekeyed. Key Manager needs to
send N messages if the group consists of N members. As IoT network tends
to have enormous number of member, the communication overhead of basic
rekeying protocol for leaving case will be too high. An example of the group
key management protocol is LKH. Logical Key Hierarchy (LKH) associates
the member key as one of the leaf in the logical tree structure. LKH protocol
is dened as below:
1. The root of the logical tree is the group key.
2. Each member has to save the group key, its own key, and intermediate key
in between the member key to the group key.
3. When a member is joining or leaving the group, Key Manager will update
the group key and all the key in between the new or leaving node and the
group key. If the tree is balanced with arity a where a > 1 and the group has

8
 N members, then the tree height will be equal to logaN. The storage overhead
of LKH will be logaN + 1 keys. The storage overhead growths with N. When
a member is joining or leaving, Key Manager needs to update (a.logaN) − 1
keys. This shows the complexity of communication overhead is O(logaN).
Key Manager needs to rekey all member of the group when at least N a
members are compromised. Analysing the two previous protocols examples,
the basic rekeying and LKH protocols are not too scalable based on the
overhead they may have. Therefore, a more efficient protocol is needed. In
this thesis, we will implement an efficient group key management called
GREP, which is proposed in. GREP is denned to efficiently perform the
rekeying process by using centralized scheme. It has constant number of
communication overhead for any number of member of the group for each
joining and leaving cases which makes GREP highly scalable. GREP does
not require a total rekeying for all group members. In order to ensure the
security, GREP employs chronological order of member joining history to
avoid collusion. More detail about GREP will be explained in. Group
Rekeying Protocol (GREP) is implemented in Tmote Sky mote. Tmote Sky
are chosen as it has relatively very limited resource compares to other type of
sensors. The environment used in the implementation is Contiki Operating
System. Contiki OS is an operating system for constrained devices. Contiki
OS has wide range of applications, libraries, and tools that can be used for
IoT devices development. In order to verify the functionality and make
measurement more precise and easier, we use Cooja, a built-in simulation
tools from Contiki. With Cooja, we can simulate and analyse GREP
performance. We also implement the basic rekeying protocol and compare
GREP and basic rekeying protocol results.

1.2 PROBLEM
There is currently no implementation of an efficient group key management
especially in Tmote Sky mote which is known to have relatively less
resources compares to other type of sensors. Some group key management
offers improved performance compares to basic rekey protocol, but none of
it is efficient enough in the term of computational and storage overheads. Is

9
 GREP implementation in Tmote Sky possible? Is GREP really efficient?
How is GREP performance if the result is compared with the basic rekeying
protocol?

1.3 PURPOSE

The implementation of GREP protocol that has not been implemented yet.
The result of this thesis is a library of an efficient Chapter 1. Introduction 19
group key management to be used in the IoT. In the end, the performance
evaluation and performance comparison with the basic rekeying protocol are
presented.

1.4 GOAL

The goals to implement GREP and analyse GREP performance. Several

tasks are performed in order to achieve the goal:
1. To implement GREP protocol.
2. To experimentally evaluate and analyse GREP performance in term of
energy consumption, storage overhead and communication overhead. The
deliverables are:
1. The implementation of GREP as non-Key Manager member node.
2. The implementation of modified Border Router in order to allow packet
forwarding to the group.
3. The result of experimentally result of GREP performance.

The results of this thesis are:

1. The implementation of an efficient group key management for IoT
network.
2. Evaluation result of an efficient group key management performance.
3. Analysis about comparison between an efficient group key management
with the conventional rekeying protocol. As the result of this thesis, an
efficient group key management library is available for IoT devices. The
result of this thesis will add more choices for group key management. The

10
protocol enhances the group key management so that the network can
perform secure group communication. By having secure group
communication, we are hoping that the thesis will help reducing the number
of IoT security failure. This thesis implements an efficient protocol that
requires less overall power. This is important because IoT devices are
constrained resource devices. Often each device is running only by battery
power and will not be charged for years. Consider a case where 1000 sensors
are spread in a forest to collect the data about the forest conditions. It will be
difficult to recollect all the sensors again. Because of the power constraint,
an efficient protocol can help saving more energy so that cost for battery
(and even the sensors) and power consumption will be decreased.

1.4.1. BENEFITS, ETHICS AND SUSTAINABILITY

The IoT related topics has become a trend nowadays. A number of IoT
applications are designed and implemented. The implementation presented in
this thesis can be used as one of the tools for securing group communication
in IoT network. The application of this thesis result may become an ethical
discussion if the government should have the access to all data exchanged in
the country. The usage of this thesis outcome allows encrypted data
exchanges in a network using group communication. The data exchanged can
be read only by the users with valid key. If the messages are intercepted, no
one will know the information without knowing the key even for the police.
As for the sustainability, the implementation in this thesis result may not
have significant impact in saving energy.

1.5. METHODOLOGY

The thesis is conducted using Qualitative research method, particularly the

Experimental and the Applied research method. Research methodology used
in this thesis is the Experimental research. In some part of the project, we
need to modify the implementation of an example or a library code and aim
at discovering the best possible outcome then perform an experimental

11
verication to verify. The philosophical theory applied in this thesis is
Positivism. There is measurement that are performed in order to nd proper
data set. The result of this thesis is expected to work in any kind of
environment regardless of the observer. The conclusion are drawn based on
the Deductive approach.

1.6. DELIMITATIONS

The protocol design and analytical overhead analysis is already performed in

and out of the scope of this thesis. In addition, the group controller
mechanism is not discussed. The group controller is assumed to be reliable
and trust-worthy. Therefore, the mechanisms on detecting and reporting
leaving or joining member to the Key Manager is out of the scope. While
GREP uses UDP, 6LowPAN, and RPL, the communication stacks used are
slightly modified, configured and adjusted to assist the measurement process
if not used in the default condition. The configuration and modification (e.g.
disabling TCP, disabling RPL DAO acknowledgement) made should not
affect the performance significantly. The power efficiency related properties
(e.g. duty-cycle) are also out of the scope of this thesis. Power consumption
result is only measured for rekeying process. In order to reduce the
measurement loads, each devices are configured to disable the power saving
option. Each devices has 100% active time and 0% sleep time. Therefore,
each devices are always on ready state to receive, send and process a
message.

12
 CHAPTER 2 : Key Management for Secure Internet
of Things (IoT) Data in Cloud Computing

2.1. SUPPLY CHAIN ARCHITECTURE

First of all, we will provide a definition of the supply chain and an overview
of its architecture. The supply chain is a networked system presenting a
business process including various businesses. A supply chain includes a set
of partners like the supplier, the manufacturer, the distributor, the retailer and
the end customer. All these entities work collaborate in the aim of fulfilling
the objectives of a business life cycle. The role of the supplier is to supply
the raw material for manufacturers. The manufacturer uses production
facilities produce the commodities. The distributer buys a huge quantity of
the produced items from the manufacturer in order to sell it to the retailer.
The later uses the items sold from the distributor to offer a commodity or
service to the end customers. At the end point the customer buys the items
from a retailer by going to a store or using a channel such as e-commerce etc.
Since this work present a new security architecture that focus on the
topology of the network for supply chain management, we first searched for
previous work or studies on this subject.

However, we could not find any previous work that present a new topology
of the supply chain in key management. Instead, we could identify works on
business based suply chain design or some proposals on security model for
access control in a supply chain. So, we tried to have a look on security
architectures and key management schemes in the internet of things, in
sensor networks, etc. Some of the proposed architectures are for the clustered
wireless sensors network like the hierarchical key management scheme
presented by Yi Zhang et al. who tried to ameliorate the security and
survivability. Divya et. al presented a key management scheme that depends
on the hamming distance between the nodes. the authors of presented a fuzzy
controller for dynamic window. Some other schemes are based on pairing
like the one presented by by Kuiwu and Shize. This scheme includes four

13
types of keys. The authors of presented a concentric clustering scheme. In
this scheme, Jung and Chung tried to reduce energy consumption but they
didn’t succeed because of the transmitted data. Kalpana Sharma et al.
proposed a key management scheme based on a security and hierarchical
routing protocol for sensor networks. A public key based scheme is proposed
in the work of Samant et al.. This scheme uses Elliptic curve cryptography
(ECC) to provide an efficient Diffie-Hellman based scheme. Ganesh et al
partitions the nodes into clusters that include a cluster head node. This
scheme based on dynamic clustering tried to offer a better energy efficiency
and packet reception rate. We mentioned previously the elliptic curve
cryptography that is able to generate efficient and smaller keys. For these
reasons, Xiaojiang Du et al. [13] proposed ECC based key management
scheme.

In addition to the efficiency and security weaknesses in these key

management schemes and the associated architectures based on clutters, P2P,
pairing, etc, the proposed architecture still unable to fulfil the business
requirements of supply chain. The objectives of business life cycle depends
on entities relationships. In a supply chain network, a security architecture
shouldn’t depends on a P2P or pairing schemes. Also, a cluster or centralized
architecture seem to be not productive in a supply chain network.
Furthermore, the used architecture should manage efficiently and securely
the relations in the supply
chain.

2.2 DESIGN REQUIREMENTS

In this section, we will list the set of requirements that should be fulfilled by
any security architecture for an IoT based supply chain. A supply chain
architecture network should fulfill a set of design requirements that enable it
to avoid some performance issues in the business services. These
requirements presented by a set of the most common parameters in the
evaluation of security architecture and the used key management scheme.

14
 Thus, they can be related to the security or the efficiency that depend on the
constraints of nodes and networking in the supply chain.

 Scalability: In an IoT based supply chaiin, the number of deployed connected

objects can be in the order of thousands or even more. Also, during business
life cycle, the items may join or leave. A security architecture and the used
key management scheme should be scalable to the different supply chain
sizes without affecting its security and efficiency.
 Bandwidth: The bandwidth consumption depends on the size and the number
of the exchanged messages during the key management processes.

 Energy: The key management includes many processes that can consume a
huge amount of energy. This consumption depends on number of keys and
the associated computational procedure.

 Node revocation: A security architecture should be able to detect a

compromised node in the supply chain. This architecture should also be
flexible in order to revoke these nodes promptly from the supply chain. This
requirement is important to avoid any deviating the supply chain behavior
caused by the compromised node (This node can inject false data or modify
the trusted ones).

 Collusion resistance: This attack consists on compromising a number of

nodes in the supply chain. Then, the attacker make the compromised nodes
collude and collaboratively reveal the network keys. So to prevent an
adversary capture the entire supply chain, the security architecture should
avoid the collusion of new arrived and compromised nodes.

 Resilience : An adversary can physically attack a node in the supply chain

and try to retrieve important and secure data from its memory. So the
resilience is the ability of the architecture to avoid this node capture. This
requirement is related to the impact of one node that is captured on the whole

15
supply chain. It is the possibility of compromising a network starting from a
single compromised node.

2.3. PROPOSED SECURITY MODEL

The security model is the virtual shape of a network presenting the logical
paths of secured messages and key management. This section will present
the logical architecture proposed to secure the supply chain.
A. A new trust model for IoT-based SCA When defining the type of
protection in a supply chain, we should specify a trust model. The trust
model presents the security level and the relation of various network entities.
The proposed architecture is a tree-based architecture, in which each
business group builds its own tree network including nodes representing
companies that belong to a business phase in the supply chain. The identifier
of each node is the hash value of the manager number assigned to the hosting
company. Our architecture has a tree topology that connects the nodes
representing the companies subscribing to the supply chain network,
belonging to different business phases. Figure illustrates a tree-based
network where each supply chain part owns its own tree network including
only nodes belonging to the involved companies. This figure presents three
supply chain phases: manufacturing (includes the manufacturers),
distribution (includes distributors), retailing (includes retailers) and end
users. According to the type and the products of supply chain, these phases
can be changed, we can add for example add the suppling phase While
within each supply chain phase (manufacturing, distribution, retailing), the
companies relation has a tree shape. Each company constructs with its
internal entities its own tree. The companies of the next supply chain phase
derivate from the trees of previous phase. So we have an intra-tree in each
company, intra tree for each supply chain phase and inter tree that relates the
different phases. Each tree has a unique security key that will be used to
secure all the communications between the tree nodes. In a classical P2P
protocol, each node has its own security key that is used in every
communication with other nodes. With our architecture, we try to optimize

16
the number of used key in the supply chain and manage the different entities
and companies relations. Our proposed security architecture is based on the
inherent security information that can be retrieved from the root key. The key
management in our architecture will be detailed in the upcoming section. B.
Implementation using Merckle trees The biggest issue of our proposed
architecture is the key management scheme. Our architecture assumes a
public key that belongs to the whole tree. It must be guaranted that using this
one key, the nodes of a tree can communicate efficiently and securely. To be
able to implement our tree based architecture, a key management scheme
that enable us to reduce the amount and the size of the used keys in the
supply chain by using a unique, short and secure key for every tree is needed.
Therefore, Merkle presented in his Merkle Signature Scheme (MSS), in
which one public key is used to sign many messages. The Merkle signature
scheme uses one public key to sign a limited

17
number of packets or messages. The main characteristic of this number that it
should be a power of two. So, let’s denote the number of possible messages
as M = 2m. When generating the public key (denoted key.pub), the first step
is to compute the public keys Pi and private keys Si of 2m one-time
signatures [15]. hi = H(Pi)is the computed hah value associated to each
public key Pi, where 1 i 2m. The Merkle Tree is build using these obtained
hash values hi . In this Merkle tree, ai ,j presents a node in the tree, where the
level of the node denoted i. In our case, we considered the distance from the
node to a leaf as the level of node. Hereafter, the level of the root of the tree
is i = m and the level of a leaf in the tree is i = 0. In addition, it is noteworthy
that all nodes having the same level are numbered from the left to the right,
hence the leftmost node of a level j is aj ,0. Each node in our Merkle tree is
presented by the the hash value of the concatenation of its two children. So
that, a1,0 = H(a0,0 ||a0,1 ) and a2,0 = H(a1,0 ||a1,1 ). But, the leafs of a
binary tree is the hash values hj , so in the merkle tree ai ,j=hj . To this end,
we consider the case illustrated in Figure 2 where m = 3 . In this tree, we
have 2 m = 23 = 8 leafs and 2 m+1 − 1 = 24 − 1 = 15 nodes. As mentionned
in the figure, the root of the tree is am,0 which is the public key (key.pub) of
the merkle sinature scheme.

18
2.4. CASE STUDY AND PERFORMANCE EVALUATION

Our proposed secure architecture, based on a tree model using Merkle tree
scheme. This architecture implements a set of requirements. To evaluate our
tree architecture based on the proposed Merkle, we will consider a case
study. The meat industry is a sustainable food supply chain. This type of
supply chains are responsible for raw materials treatment to get final
products, in addition to the management of recovery systems to enable all
post life processing. The meat industry can present a good scenario for our
security architecture. Thus, meat supply chain includes generally four
principal phases:

• Farmers/livestock: The farmers supplies the raw materials to this supply

chain. They are connected to the production entities and typically placed
close to them. So, the farmer can present the root for a tree that connects the
farmer with different producers.

• Production: This phase includes the slaughterhouse and meat treatment.

The meat processing covers the animal and vegetable aromas reception and

19
the cutting of meat. Inside this phase, we can construct a tree that start from
the point reception of meat, the division of the meat and the passage of the
portions in different production steps.

• Distribution: The distribution phase presents one of the most proliferating

trees that start from a production point to the labelling departements and
packaging areas. in its way to the final consumers, this pphase includes also
the temperature-controlled stock and the shipment.

• Sales: The retailers and the direct consumers build another tree of trees that
include the restaurants, the canteens, the housewives, and any entity that will
consume the meat. Within this food supply chain, the events and the
messages, that trace the meat paths, flow in a tree of trees. This trees may
present a small part of a company, a whole company or companies’ network.
Each tree has a unique key generated using Merkle scheme. In this section,
we evaluate the efficiency of this system and explain under which
assumption(s) the different efficiency properties are ensured. The table
below summarizes the different requirements where R1, R2, R3, R4, R5, R6,
R7, denote scalability, memory, bandwidth, energy, node revocation,
collusion resistance, resilience respectively.

• Scalability: A tree architecture provides substantial scalability.Also, the use

of a unique key for the whole tree that includes many nodes enable the
network to to handle a growing number of nodes. using the Merkle tree, 2 80
signatures can be generated using only one key.

• Memory: The use of our tree architecture enable the supply chain to reduce
the amount of public keys and their sizes. Hence, we can reduce the memory
requirements.

• Bandwidth: The key eneration and key establishment processes require an

important amount of exchanged messages. But, with our tree architecture and

20
the Merkle scheme, many trade offs between signature size, leafs number
and speed can be made.

• Energy: In a tree with 2 80 leafs,the public key generation has an enormous

calculation cost. But, the trade off between signature size and cost can be
also made. Thus, we can use four smaller trees of 2 20 leafs instead of one
big tree of 2 80 .

• Node revocation: In our tree architecture, the used key of each node
depends on the tree key. So, any compromised node can be detected
immediately and the node can be revoked and the tree rebuilt thanks to our
flexible architecture (Key update will be part of our future work.)

• Collusion resistance: One of the most advantage of the Merkle is that the
security scheme stays secure even if the conventional signature schemes
become insecure.
• Resilience: The key of the tree can not be deduced from a node key. That’s
why, a single compromised node can not compromise the whole tree. We
have no established and proved results regarding the performance and the
efficiency of our security architecture and the used key management scheme.
This is because of the absence of a real implementation in an IoT based
supply chain. There are also no implemented security architecture presented
in the literature for IoT based supply chain. It is however important to note
that our proposed architecture theoretically promises better performance and
also greater robustness than the classical P2P architecture.

21
CHAPTER 3. KEY MANAGEMENT SCHEMES IN
IOT

3.1. CLOUD IOT KEY MANAGEMENT

Federated key management works together with other computer systems.

This will be mentioned when you agree, which means that other applications
Includes how to get keys from burr. This is a cancer to protect sensitive data
in the cloud. Key aspects of key management needed before luxury and lack
of key association ability Limit usability.
Currently, the system cannot perform federated key management. This
details how encryption keys are handled. Need to look. That is, the
encryption key is always the only expression. It has additional information
related to the key for the star. Yes
For example, the tape drive encrypts the stored data. When you get the key to
reconcile, with the encrypted data. Get the unique key identifier
stored. Encrypted data. In order to decrypt the tape drive device is encrypted
Key matching the key identifier found with the data. Requires.Therefore, this
study is the key to get the correct key. Cloud instead of a key identifier that
contains information about the server. Decomputing considers federated keys
based on proxy key server do.

3.2. UNION KEY MANAGEMENT METHOD

In the cloud environment, the point-to-point method is required in various

places.
Who wants what data, Is able to safely transfer data to. The authentication
process is complicated and there are many keys used for this.
Management is inefficient.
The many-to-many method is the traditional Internet and the next-generation
Internet in one network, like Virtual that controls to act like a neural tissue
Cloud computing as a grid, a supercomputer It is a supported model.

22
This study is IoT application based on many-to-many method.
Cloud Computing Plan for Activating Stage of Service Trying to design a
key for supporting sensor data
All. The many-to-many method for authentication per sensor data party
Proxy Key Server in Cloud Environment
Server: PKS) as a federated key for these servers.
The sensor data authentication process for each party starts.

3.3. UNION KEY GENERATION PROCESS

Yonhap key considering IoT characteristics is used for many sensor data.
Easy to add and remove keys, as well as reduce key generation And proxies
that help reduce communication overhead City proceeds from the key
server. In a cloud computing environment Adaptable proxy key servers are
per cloud. I have my server and share the key information as a federated key.

23
The union key shared the secret key s through the following process.
All.
1.The secret s between the following parties p 1 , ..., p n
To share.
-Some t <n / 2 party has any information about s
Do not lose.
-A group of t + 1 parties can recover the secret s
All.
2. The trusted broker chooses any polynomial a (X).
-a (X) ∈ F q [X], order t and a (0) = s
3. Share s i = a (i) for p i .
4. t + 1 of a given set U is secret s = a (0) = ∑ j
, U λ j a j Share and restore.
-λ i is the Lagrangian coefficient for U.

24
Cloud service of Cloud A as shown in Fig.2 The provider (Cloud Service
Provider: CSP) is a proxy. When you ask Key Server A for sensor data party
authentication,
Proxy key server A is the proxy key server B in cloud B.
Communicate with the sensor data party as a result of the federated key
To authenticate.

3.4. CLOUD IOT SERVICE

After completing the authentication process, as shown in Fig. 3, web service

Starts moving sensor data from device to device.
Network because sensor nodes are randomly placed
It is difficult to obtain topology information in advance. So stand
Gathers sensor data for services that require a service broker
Request the creation of a federated key from the proxy key server. Union
Key
Proxy key server A, which is requested to generate, generates a federated key
After that, associate key with other cloud proxy key server B
Share information.
According to the request of sensor data from the cloud service provider
La Proxy Key Server A and Proxy Key Server B
As a result, the federated key results are sent through the service
Send to the cloud service provider. Cloud service
The service provider checks the authenticated sensor data, and
Proceed with bis.

25
3.5. FEDERATED KEY MANAGEMENT

The proxy key server is not between two entities (devices) A and B.
Two important key distributions for data communication Do it. One only
knows from Object A and Proxy Key Server. This is the distribution of the
new key to be used by the discarded entity A. The other is the proxy key
server, by objects A and B. This is the distribution of the session key to be
used. This key distribution is exclusive Changing the use of exclusive OR
and hash functions Do it with a bath. The distribution of the new key to
object A is. It is based on a master key used only for this purpose. As shown
in Table 1, the application services of the two devices. The new keys needed
for message encryption are A k , B k ,
New to proxy key server for application services
The key is K t , the temporary value for object A is A n , for object B
One temporary value is B n , and the temporary key server's temporary value
is K n .
Display.

26
27
CHAPTER 4. KEY DISTRIBUTION

4.1 KEY DISTRIBUTION FOR IOT DEVICES

The following is a new application service for object A.

It is a fortune-distribution process.
O 1. amps → PKS: amps n
2.PKS → O A : K t ,
A k ⊕H (MK, A n , K t ),
H (A k , K t ), K n
O 3. A → PKS: H (A k , K n )
4.PKS → O A : H (A k , A n )
As above, the proxy key server delivers it to entity A.
To achieve this, the application service of two devices with the master key
MK
A new key Ak , which is required for message encryption Create A t and
create a temporary value. Object A is Mars. The new key K t is given by
knowing the Turkey key and the temporary value A n .
Therefore, x = H (MK, A n , K t ) can be generated. Said, x⊕ (A k ⊕H
(MK, A n , K t A from)) k to recover the
To use it. Entity A is A k ⊕H (MK, A n ,The message is intercepted by an
invalid region that has been replaced for K t ).
H (A k , K t ) to check all. In other words, whether A k is the key the proxy
key server is trying to send to check. Message encryption for application
services on two devices. The new key K t required for serves two purposes
All. First, the message of object A for application service A k ⊕H (MK) can
be read without K t , and H (MK) is H (MK) is used to recover the keys later.
Discovering is as useful as discovering the master key. Each different
K t is generated whenever H (MK, K t ) is generated. Since he has the value
of he finds H (MK, K t ). It is not useful. Second, K t is the data transmission
Data is not separated or replaced by other data. It combines message
elements to protect. There is a ticket.

28
4.2 IOT DEVICE SESSION KEY

Object A and the proxy key server use the new key. Before requesting a
message response for the application service. And, H (A k , K t ) can be
excluded. Check for A k
The function is embedded in the next message for the application service.
All. IoT authentication means that a proxy key server communicates between
two entities.Check out how to distribute the session key used forgive. To
provide confidentiality between two entities in IoT,
The proxy key server provides temporary values and session keys for each
object.
After creating, the move proceeds as follows.
1.O A → O B : A, H (A k , B), A n
O 2. B → PKS: A, B, H (B k , A, K, H (A k ,
B), A n ), A n , B n
3.PKS → O B : H (B k , A, B n ) ⊕SK, H (B k , A,
B n , SK), H (A k , B, C) ⊕SK, H (A k , B, A n
, SK)
O 4. B → O A : H (A k , B, A n ) ⊕SK, H (A k , B,
A n , SK)
For data confidentiality between two devices, key movement. The sequence
is object A to object B, object B to proxy key Proceeds to the server. The
proxy key server is on objects A and B. You need to send the session key SK
to the New keys A k and B k are generated from the proxy key server.
All. Entity A and B are H (A k , B, A n ) and H (B k , A, B n ) can be
encoded. H (A k ,B, A n , SK) and H (B k , A, B n , SK) Ensure that the
undisturbed and valid session key has been recovered
To be identified by individuals A and B. Objects A and B can recover the
same session key, so It has a general session key.

29
4.3. ANALYSIS

The proposed key management system is a cloud service resource Data and
key data synchronization of the cloud proxy key server. It is possible to paint
and to simulate the proposed algorithm. It is assumed that the performance is
periodic. This study is large For IoT data protection in loud computing Key
management efficiency by proposing proxy key server management. Union
key of cloud proxy key server to increase castle Proposed. Union key of
cloud proxy key server The role possibilities were analyzed as shown in
Table 2. Table
2 is the study found in Cloud Foundry [14] and J.
Park et al. [15] and R. Hummen et al. [16] year
Spatial complexity of spheres, scalability of key management, scheduling,
Key withdrawal resistance and network safety were compared and analyzed
All. In spatial complexity, r is the number of neighboring sensor nodes, and t
is required.
Time required to perform the withdrawal of the obtained sensor node. J.
Park et al. [15] show mutual authentication between IoT devices.
Symmetric key authentication and session key agreement agreement system

30
Spatial complexity is required, so the number of neighboring sensor nodes
and sensors
O (r 2 × t 2 ), since it is proportional to the time required to withdraw the
node ,
R. Hummen et at is a gateway for authentication.
This requires prior authentication, session retrieval, and handshake
delegation.
Therefore, O (r × t + 3t), the proposed plan is a cloud proxy.
Spatial complexity as O (r) by federated key of city key server
It can be seen that is low. Scheduling is a cloud environment
The proposed proposal by using a proxy key server is large.
It is superior to and studies that are not a loud environment is a certified
device to improve performance
Key management scalability is low because session key line calculation is
required and to reduce the authentication overhead of the device.
Check key management through pre-authentication and session retrieval at
the gateway. While the growth is low, the proposed plan is cloud computing
Key management scalability with federated key management of proxy key
server. It can be seen that it is high. The proposed study in key resilience
resistance is an autonomous proxy High with key server key management, to
attempt authentication
Each time a new random number is generated and used for authentication,
Low, is less due to the device's handshake delegation
It authenticates with resources, but there is a burden on the number of
sessions.
In network safety, shows mutual authentication between devices.
Provides session key consent, but the participating devices for authentication
are not
We need to assume that we are sharing Milky safely, is pre-authentication at
the gateway for authentication, three
The recovery is done, but the stability of the handshake delegation is not
guaranteed.

31
Incomplete However, the proposed study is Proactive key recovery of proxy
key servers over network connections. And updates ensure its safety.

32
CHAPTER 5. CONCLUSION

This report presents a new key management scheme for an IoT based supply
chain. Our proposal presents a secure scalable and distributed architecture
that has a tree topology. Motivated by the sprawling nature of supply chain
based, we were able to arrange this internet of the things based environment
in a tree architecture. This arrangement is the core contribution of this work.
We have proposed it to improve the supply chain communications and
relations. In addition to the design and performance requirements detailed in
the paper, our proposed model implements also Merkle tree as a key
management scheme. So that, another important merit of this paper is that
every tree in the supply chain uses one and unique key. Furthermore, our
architecture is more optimized in terms of security and performance, hence
more scalable and more suitable for future IoT based supply chains. In the
future work, we will focus on the implementation and simulation of our
supply chain proposed architecture. Hence, we will be able to assess the
performance of our proposal and test its security based on the requirements
defined in this paper. This architecture can be then ameliorated by
implementing an access control model or key updating protocol and
compared to the other solutions that have been presented in the literature.
This necessity of IoT security and its data

With the rapid growth of the company, the solution to cloud computing
Stand design. This has already done a lot of data processing.
Call this at the present time as you approach with wood computing
We proposed a key management that can be exchanged. Proxies proposed
The federated key management of the key server is achieved through
multiple security systems.
Reduce servers and management required for centralized monitoring
Can be. And other additional key-related information technology
Without, upgrade and restore the most recent key for security
You can date. Such key management is rapidly moving forward
Secure IoT sensor data for cloud computing in cloud computing

33
Support.

34
 BIBLIOGRAPHY

[1] A Sajid, H Abbas, and K Saleem, "Cloud-assisted IoT-based SCADA systems security:
a review of the state of the art and future challenges," IEEE Access, vol. 4 pp. 1375~1384,
Mar. 2016.
[2] Atzori, Luigi, Antonio Iera, and Giacomo Morabito, “The internet of things: A survey,”
Science Direct journal of Computer Networks, vol.54, no.15, pp.2787–2805,May 2010.
[3] Yinghui H. and Guanyu L., “Descriptive models for internet of things,” IEEE
International Conference on Intelligent. Control and Information Processing, pp. 483- 486,
Aug. 2010.
[4] Yuxi Liu and Guohui Zhou, “Key technologies and applications of internet of things,”
IEEE Fifth International Conference on Intelligent Computation Technology and
Automation, pp. 197-200, Jan. 2012.
[5] Huansheng N. and Ziou Wang, “Future internet of things architecture: Like neural
system or social organization Framework?,” IEEE Communication Letters, vol. 15, no. 4,
pp. 461-463, Apr. 2011.
[6] A. Perrig, D. Song, and J.D. Tygar. “ELK, A new protocol for efficient large-group key
distribution,” in Proceeding of the IEEE Symposium on Security and Privacy (IEEE S&P),
pp. 247-262, 2001.
[7] S. Setia, S. Koussih, S. Jajodia, and E.Harder, “Kronos: a scal-able group re-keying
approach for secure multicast,” in Proceedings of the IEEE Symposium on Security and
Privacy (IEEE S&P), pp. 215 - 228, Jan. 2000.
[8] A. T. Sherman and D. A. Mcgrew, “Key establish-ment in large dynamic groups using
one-way function trees,” IEEE Transactions on Software Engineering, vol. 29, no. 5, pp.
444-458, May 2003.
[9] Y. R. Yang, X. S. Li, X. B. Zhang, and S. S. Lam, “Reliable group rekeying: a
performance analysis,” in Proceeding of ACM SIGCOMM’01, pp. 27-38, Aug. 2001.[10]
X. B. Zhang, S. S. Lam, D. Y. Lee, and Y. R. Yang, “Protocol design for scalable and
reliable group rekeying,” IEEE/ACM Transactions on Net-working, vol. 11, no.

35