Authenticated key agreement protocols for dew-assisted IoT systems

Dew computing is complementing fog and cloud computing by offering the first layer of connection for any IoT device in the field. Typically, data are stored locally in the dew servers in cases when for instance Internet is not available. Therefore, dedicated authentication and key agreement protocols need to be developed in order to guarantee secure communication without the online presence of a trusted third party. First, a complete and clear presentation on the attack model and the required security features for dew computing scenarios are provided. Next, the relation with client-server security schemes is explained and two particular criteria are identified that need to be addressed in these schemes in order to serve as security scheme for dew computing. It is shown how a recently published client-server authentication scheme, satisfying these two criteria, can be extended with a key agreement feature, resulting in a very efficient authentication and key agreement scheme for a dew computing scenario. The obtained scheme outperforms from a security point of view the currently available alternatives and behaves in a similar line with respect to computational and communication efforts. More in particular, severe security vulnerabilities are demonstrated for a recently proposed dedicated dew computing authentication and key agreement protocol.