Enhanced Zero-Knowledge and Identity-Based Authentication with integrated Key Exchange for Internet of Things

Abstract

Sensitive data have to be communicated via secure channels generally set up by using cryptography. This needs an authentic key exchange, which in turn requires an authentication process. However, the Internet of Things (IoT) includes its own challenges and security requirements. This paper introduces a novel signature algorithm and handshake protocol combining a zero-knowledge proof method being based on the graph isomorphism problem with an identity-based scheme to provide authentication with integrated key exchange while meeting the IoT challenges and security requirements. Our approach applies a way to parallelly perform multiple rounds usually needed by zero-knowledge proofs while retaining the same security level. Moreover, we present a graph compression algorithm providing a compression ratio of up to ca. 7:1. Our handshake protocol is resistant to active man in the middle attacks and does not require any public data pre-distribution or secret pre-sharing. Additionally, no third party has to hold any device-specific authentication data. Furthermore, our approach is application-independent and does not require any additional components or procedures. This paper also evaluates the high performance of our approach with regard to multiple affecting factors.