A Novel Security Scheme Based on Instant Encrypted Transmission for Internet of Things

1School of Computer and Software, Nanjing University of Information Science & Technology, Nanjing 210044, China 2Jiangsu Engineering Center of Network Monitoring, Jiangsu Collaborative Innovation Center on Atmospheric Environment and Equipment Technology, School of Computer and Software, Nanjing University of Information Science & Technology, Nanjing 210044, China 3State Key Laboratory of Information Security, Institute of Information Engineering, China 4College of Computer and Control Engineering, Nankai University, Tianjin 300071, China


Introduction
The Internet of Things (IoT) is a novel network connecting items, such as users, vehicles, and home devices, through electronic tags, sensors, actuators, and interactive software.IoT ensures the connection and communication between the objects by digital means.Scenarios such as intelligent vehicle system and smart home system can be more convenient, comprehensive, and intelligent with the assistance of IoT technology [1,2].
IoT involves collaboration between different levels and various fields of technologies, including hardware, image and video processing, data mining, remote control, data security, and privacy protection [3][4][5][6][7].Experts and scholars have carried out many research achievements on IoT related technologies and their practical applications from many aspects.Note that IoT may involve users' sensitive information, such as behavior habits, identity information, and medical data.Therefore, the data security protection of IoT is particularly important.Various security protocols specially designed for IoT have been proposed to achieve secure communication, ensure data integrity, and secure data sharing in IoT.However, the research of efficient instant secure transmission scheme is still in the exploratory stage.Instant encrypted transmission is a technology that consumes few resources and realizes information security in a short period of time.This kind of technology can be used in many scenes, especially in emergence situations, such as accidents, fires.To better illustrate this demand, the situation when a smart home equipped with IoT is on fire is described in detail [8][9][10][11][12][13][14].
A smart home may be equipped with smoke detection and analysis device, temperature monitor, image and video recognition and analysis device, gas valve control device, window control device, and fire extinguishing device [15].Firstly, it is necessary to find danger at the first time of the fire by means of smoke alarm, temperature monitoring, and video surveillance.Secondly, when the house is on fire, the devices need to collaborate to find out the material for the fire and the factors that may further spread the fire.Finally, the system can decide the state of windows and valves by judging the composition of fire objects and fire situation and control the fire by fire extinguishers and other actuators.Figure 1 is an illustration of how a smart home equipped with IoT is on guard when the house fires.

Motivation of This Paper.
There are some special scenarios in IoT that require the implementation of instant encrypted transmission between two entities.The car accident in the intelligent vehicle system and the fire in the smart home system require rapid transmission of sensitive information.Especially when there is a fire in a home, the camera data obtained from the home and the control instructions for valves, extinguishing devices, and other actuators are very important sensitive data.The security scheme for transmitting these information is not only to ensure the security of data transmission, but also to ensure the timeliness of data.Therefore, it is particularly important to propose a novel security scheme based on instant encrypted transmission for the application of IoT in emergency.

Our Contributions
(i) A special and practical application scenario is discussed: for now, there are no research and discussion on IoT-based smart home fire emergency schemes.Although this scenario rarely occurs, it has important research significance because it is likely to cause personal safety and property damage.In addition, the study of this scenario will be further extended to the design of secure transmission schemes for similar scenarios such as car accidents.
(ii) An instant encrypted transmission method is designed: we have tailored a method for IoT-based smart home environments.The method is mainly aimed at early warning and rescue of fire in the smart home networks.At present, few solutions have been proposed for the transmission of private data under this scenario.
(iii) A security scheme that takes very little time is proposed: the scheme proposed in this paper can help to solve the emergence response issue in the smart home environment.It also can be applied to other scenarios that have strict time requirements for the transmission of encrypted data.
1.2.Related Works.Cloud computing technology [16][17][18] is commonly utilized to solve various problems for IoT, and also brings many security challenges.Many existing security schemes can be applied into IoT with some improvements [19][20][21][22][23]. Sajid et al. [24] present the security challenges of cloud-assisted IoT-based supervisory control and data acquisition systems and also provide the existing best practices and recommendations for improving and maintaining the system security.
In addition, IoT is one of the important technologies for smart grid systems.Chin et al. [25] consider that energy big data needs to be stored thoughtfully and security and blackout warnings should be presented in the first time.So they survey the security threats of energy big data in IoTbased smart grid systems.
Besides, most IoT devices require location services.Location data often contains private information.Chen et al. [26] investigate robustness, security, and privacy issues in location-based services for IoT.Cryptographic solutions for security and privacy of location information and localization and LBSs in IoT are listed and compared to each other in their paper.
Saxena et al. [27] present an authentication protocol for IoT-enabled LTE network.They propose symmetric key algorithms for the efficiency.They claim that the communication overhead of their protocol is also reduced.
Aman et al. [28] propose a physical unclonable function based lightweight mutual authentication protocol for IoT systems.The adaptability of this new technology in IoT remains to be further explored.
Li et al. [29] present a novel key encryption scheme to establish a lightweight mutual authentication protocol for smart city applications.They claim that their protocol has made a trade-off between the efficiency and communication cost without sacrificing the security.
Sciancalepore et al. [30] consider that the significant airtime consumption required to exchange multiple messages and certificates and perform authentication and key agreement which are the most important issues for IoT.So they propose a public key authentication and key agreement scheme for IoT devices with minimal airtime consumption.
Furthermore, IoT is also an important industrial pillar technology in the field of health care in the future.A novel authentication scheme for medicine anticounterfeiting systems with IoT is presented by Wazid et al. [31].The novel scheme is utilized for checking the authenticity of pharmaceutical products.
Parne et al. [32] propose a novel AKA protocol based on security enhanced group for M2M communication in a LTE/LTE-A network utilizing IoT technology.They claim that their novel protocol has better performance in overheads and fulfills security requirements of M2M communication.
Although these solutions proposed and solved many existing IoT security problems, none of them proposed a secure transmission scheme for IoT networks in a smart home environment.Simultaneously, instant encrypted transmissions in emergence situations have also not been considered.

Organization.
The remainder of this paper is organized as follows.Section 2 presents some preliminaries of this paper.Section 3 shows the security models of the novel scheme.Section 4 presents the proposed scheme in detail.Section 5 states the security analysis of the proposed scheme.Section 6 presents the performance analysis of the scheme.Finally, the conclusions are drawn in Section 7.

Preliminaries
In this section, some necessary preliminaries utilized in this paper are listed, including bilinear pairing, system model, and scheme components.
2.1.Bilinear Pairing.G 1 and G 2 are two groups of prime order .G 1 is an additive group, and G 2 is a multiplicative group.Set  as a mapping on The cryptographic bilinear map  satisfies the following properties.

System Model.
The system model of our novel scheme is composed of three roles: KGC, the sender, and the receiver.The meanings of the three roles are introduced as follows.
KGC. KGC is an abbreviation of key generation center.The KGC is responsible for generating important parameters for registering each node in the system, including processing node identity information, generating system public and private keys, and generating a unique identity-based private key for each node.
Sender.The sender can be a sensor, such as an infrared device, a temperature-sensitive device and a pressuresensitive device, or a detector, such as a smoke detector.For instance, in a fire scenario, the sender may need to collect various fire-related data in the room and encrypt the data for transmission to other nodes.
Receiver.The receiver may be various types of actuators such as fire extinguishing devices, smart windows, and gas valves.
The receiver needs to receive the fire-related information sent by the sender and decrypt the relevant information through certain calculations.After real-time data is acquired, corresponding operations are performed according to different situations.

Scheme
Components.This subsection mainly introduces the input and output parameters of the algorithms involved in this scheme.
Registration (ID, 1  ).This phase is run by KGC.The input of this phase is the ID number of the node.The output is an ID-related parameter , a public key  pub , and an ID-related private key .
The output is encrypted message , certification message , and public key for this round .
Implementation( 1 ,  2 ,  2 , , , ).This phase is run by the receiver.The receiver takes  1 ,  2 , his secret key  2 , the encrypted message , the certification parameter , and  as its input.The output is the decrypted message .
The above three main algorithms constitute the main part of our new scheme.

Security Model
In this section, we introduce three security models for our proposed scheme.

A Forged Sender.
A forged sender may be a sensor node in IoT whose identity information has been stolen.The forged sender can broadcast a wrong message using the identity of the real one.This kind of wrong information can lead to extremely serious consequences.For example, when a house is on fire, an attacker can broadcast some normal monitoring data, which makes the whole system unable to monitor the fire for the first time.In addition, when a house is in a normal state, a forged node will send an "on fire" signal to the whole system, which will also cause irreparable damage to the user.

Man-in-the-Middle (MITM) Attack.
A man-in-themiddle (MITM) attack refers to the situation that a man-inthe-middle intercepts the information sent by the sender and sends the information to the receiver after some malevolent tampering.This can also cause the spread of false information and serious consequences.

An Unregistered
Receiver.An unregistered receiver may have access to private data about the user's family, such as image and video data, which will have a bad impact on the privacy of the user.Besides, once the important timeliness information is received by the unregistered receiver, it is likely to affect the implementation of the IoT emergence measures.

Our Proposed Scheme
In this section, we elaborate on the novel scheme we have proposed.A simple overview of the proposed scheme is presented.On this basis, we describe this scheme in three phases: registration phase, detection phase, and implementation phase.

4.1.
Overview of the Scheme.The overview of the proposed scheme is presented in this subsection.Figure 2 shows the visualization of the new scheme in a concise form.The novel scheme is composed of three phases, which are named registration phase, detection phase, and implementation phase.The registration phase is the initial phase of the scheme.The key generation center (KGC) generates private keys of all sensors/detectors and actuators in the network according to their identity information.Note that some necessary offline calculations are completed at this phase to assist in subsequent phases.We will elaborate on the content of these calculations in the next subsection.The detection phase is actually a sign and encryption phase.The subject of the execution is named the sender in our model.The sender represents sensors such as temperature monitor and detectors such as smoke detector and monitoring camera.These devices are responsible for collecting, editing, and encrypting the transmission of detected fire information.This phase requires the security of the collected data that is related to privacy of the family and the message to be sent out in a very short time.The third phase is named implementation phase.This phase is carried out by actuators such as fire extinguishing devices, smart windows, and gas valves.This phase requires that the encrypted data is cracked and the identity authentication of the sender is completed in the very short time, and the corresponding extinguishing operation should be executed accordingly.Through the above three phases, the scheme we provide can accomplish the fast encrypted transmission of emergence information under the IoT environment and accomplish the prevention and response to emergencies.necessary information from the KGC.KGC first chooses a secret key  for this system and calculates public key of this system  pub = .Generate parameter   related to node 's identity information by hash function  1 :   =  1 (ID  ).The private key of the node  is obtained by the calculation of the parameter   and the private key , and the private key is written to the node memory:  =   .

Detection Phase.
The detection phase actually refers to the process of monitoring the abnormal situation by sensors or detectors and compiling these information into files and encrypting the transmission to other nodes.The specific operation process is illustrated in detail in Figure 3.
The sender chooses a random number , which is a nonzero positive integer, and calculates  = .Then, the sender computes : where  is the random number and  1 is the parameter calculated by KGC with the ID value of the sender.
The sender compiles the monitored data into a file named .XOR operation is performed as follows: The detection result , which is the encrypted data, is obtained according the above calculation.
Finally, a certification parameter  is calculated: where  2 is the parameter computed by KGC according to the identity information of the receiver and  1 represents the secret key of the sender which is generated by KGC.Finally, the sender transmits the encrypted detection result , the certification parameter , and the parameter  to the receiver.

Implementation
Phase.This phase refers to the process of the receiver accepting information and performing related emergence operations.The receiver needs to first authenticate the identity of the node sending the information.
The receiver first computes a assistance parameter : where  1 is the parameter generated by KGC about the identity information if the sender,  pub is the public key of system,  is the parameter sent by the sender, and  2 is its own private key.
The parameter   is restored with the calculation   = (, ).The message about the emergency is computed by  =  ⊕  2 (  ).
Finally, when obtaining the correct information, the receiver will implement related operations according to the real-time information.

Security Analysis
In this section, the correctness of our scheme is firstly shown.Then, the security analysis is presented in aspects of security against a forged sender, MITM attack, and an unregistered receiver.

5.1.
Correctness.The correctness of a scheme is that the calculation process of the design can eventually achieve the desired goal and complete the expected security expectation.For the scheme we have designed, correctness refers to the fact that the sender and the receiver can encrypt and decrypt the information through the methods we design, respectively.
We denote the new  computed by the receiver as   .  can be calculated as follows: Based on the above deduction, it is not difficult to draw the conclusion that the designed scheme is correct.

Security against a Forged
Sender.An adversary may compromise a sensor node or a detector node to send some fake alarm message.Identity information of the sender might be stolen.Such sender is called a forged sender.
In our scheme, the adversary can fake one  1 to replace  1 , but he knows nothing about .So the adversary cannot match his fake  1 with  1 =  1 (ID).Therefore, a forged sender cannot send a  that can be verified.

Security against MITM Attack.
If an attacker wants to capture or tamper with the content of the message by intercepting information, he is called a man-in-the-middle.
The attacker can intercept the message (, , ) of our scheme.If he wants to capture the specific message, he needs to decrypt the message .However, he has no chance to know about the parameter , which is a random number generated by the sender during every transmission.It cannot be excluded that he can break the message through the receiver.But in fact, an attacker cannot know any recipient's private key  2 .
In addition, if the attacker wants to tamper with the message, he needs to generate a fake number  to replace the random number  and regenerate .Actually, he know nothing about  1 , so he cannot generate an effective .If he even forges  1 , he will fall into the same embarrassment as the adversary in the previous subsection.
Besides, the attacker can constantly collect the encrypted message ciphertext and the original text sent before the sender.However, since  is a random number which changes in every round, he cannot infer the encrypted information from the previous plaintext and ciphertext.

Security against an Unregistered
Receiver.An unregistered receiver is an unlawful node, but it can receive encrypted information.If the receiver is true and not registered, the sender will not be able to compute encrypted information that matches  2 .Therefore, it does not have the corresponding  2 to decrypt the message.

Performance Analysis
This section is going to discuss the performance of the proposed protocol.The computational cost of different entities in the proposed scheme is shown in Table 1.We take into consideration the computational costs of the sender and the receiver.We consider the cost of collision-resistant hash function, bilinear pairing, scalar multiplication, exclusive-OR, and group exponent.In Table 1, M represents scalar multiplication, P denotes bilinear pairing, E refers to group exponent, H represents collision-resistant hash function operation, and XOR denotes exclusive-OR.By computation, the result comes out that a sender costs 2 scalar multiplications, 1 bilinear pairing, 1 group exponent, 1 collision-resistant hash function operations, and 1 exclusive-OR for sending the message to one receiver.In addition, a receiver costs 1 scalar multiplications, 1 bilinear pairing, 1 collision-resistant hash function operations, and 1 exclusive-OR to rebuild the message.The efficiency of the proposed scheme is simulated on GNU Multiple Precision Arithmetic (GMP) library and Pairing-Based Cryptography (PBC) library (https://crypto .stanford.edu/pbc/).We utilize C language on a Linux system with Ubuntu 16.04 TLS, a 2.60 GHz Intel(R) Xeon(R) CPU E5-2650 v2, and 8 GB of RAM.The results are illustrated in Figures 4 and 5.It is not difficult to see that both the sender's and the receiver's computational costs will increase as the number of the other party increases.The increasing trend of the sender's cost due to the increase in the number of the other party is slower.Although our experiments simulate a large number of nodes, the number of nodes in a smart home network is actually very limited.Therefore, we find that the new scheme we propose costs very limited time to transmit emergence data.Combining this scheme with efficient data analysis and instruction dispatching algorithms can achieve response to emergencies in a smart home environment.

Conclusion
In this paper, we propose a novel scheme based on instant encrypted transmission for IoT-based smart home system.The three phases of the registration phase, the detection phase, and the implementation phase constitute the main part of the overall scheme.The simulation by PBC shows that our novel scheme enables the transfer of important data in a very short period of time while protecting the privacy of data.

Figure 2 :
Figure 2: Overview of the proposed scheme.
Scheme.The details of the proposed scheme are shown in this subsection.4.2.1.Registration Phase.The registration phase mainly refers to the process of each node in the network obtaining the Sender Receiver w = e(P, P) xq 1

Figure 3 :
Figure 3: The detection and implementation phase of the scheme.

Figure 4 :
Figure 4: The time cost of a sender when the number of receiver grows.

Figure 5 :
Figure 5: The time cost of a receiver when the number of sender grows.