A lightweight hierarchical key management approach for internet of things

Internet of Things (IoT) as an emerging technology connects a wide range of various elements that have a unique identifier to create an intelligent computing system. Given that most security mechanisms such as encryption and authentication are entirely based on shared keys, key distribution and management play an important role in their performance. In this paper, a lightweight hierarchical key management approach is proposed for IoT technology that is based on the position and remaining energy of nodes and includes three phases, key server selection, nodes clustering, and key generation and distribution. The proposed approach generates shorter and more secure keys due to the use of a hierarchical structure. The conducted simulations in Cooja have validated effectiveness of the proposed approach in comparison to counterpart methods in terms of energy consumption, end-to-end delay, and network lifetime. According to the formal analysis through ROR model and informal security analysis, proposed approach provides perfect forward secrecy, and resists impersonation, man-in-themiddle, replay, and key guessing attacks. Moreover, analysis of time complexity, message complexity, computational cost, and storage cost indicates that overhead of the proposed approach is negligible.