A Secure Three Party Node Authentication and Key Establishment Scheme for the Internet of Things Environment

Secure three party node authentication and key establishment scheme for data exchange in the Internet of Things (IoT) applications enables two resource-constrained nodes to establish a secure end-to-end communication channel with the help of a data server. Since node in IoT have constraints on resources such as power, memory space and computation ability. Thus may existing key establishment schemes are unable to run IoT applications and many researchers are already working on how to integrate new techniques and efficient approaches into the IoT environment. Recently, Nasiraee and Mohasefi proposed a highly efficient and novel key establishment scheme for Internet-Enable Sensor Networks (IESN) which was adapted to the IoT notion. Nasiraee-Mohasefi's scheme presented a novel approach where a new node that joins the IoT network is responsible to aggregate interested neighbors' information and to send a request to the trusted server to get required pairwise session keys. However, we found that Nasiraee-Mohasefi's scheme has some security and efficiency shortcomings and this paper focuses on preventing the above-mentioned weaknesses of Nasiraee-Mohasefi's scheme by proposing an improved three party node authentication and key establishment scheme. The results of security proof by BAN logic analysis confirms the proposed scheme provides a considerable gains in power saving while its security properties are ensured for the Internet of Things environment.