Cybersecurity in the Internet of Things: A Perspective on Cryptographic Schemes and Protocols

Abstract

This thesis addresses two problems associated with the cybersecurity in the Internet of Things (IoT). The first problem relates to the security of IoT applications. To address this problem, we have developed key exchange protocols and a secure communication protocol. We further enhanced key exchange and secure communication in the IoT applications by presenting a mutual authentication and key derivation protocol, key exchange framework, and a key bootstrapping protocol. The goal is to develop secure and efficient cryptographic schemes and protocols for enhancing the security of IoT applications. The second problem relates to the privacy of IoT applications. Our approach to this problem involves designing an identity-based credentials mechanism that provides privacy enhancement in the IoT. In this thesis, we also present results that cover both problems by investigating their semantic connection. Firstly, we develop a cybersecurity framework to certify the security and privacy of an IoT application. Secondly, we develop a lightweight key establishment scheme that reason about the security and privacy of devices in the IoT application. Thirdly, we present CyRA, a real-time risk-based security assessment framework for cyber attacks prevention in Industrial IoT (IIoT) applications. Lastly, we develop Xyreum, a high-performance and scalable blockchain to strengthen the security and privacy in the IIoT. The final results in the thesis cover implementation of our solutions and case studies related to cryptographic protocols. We implement our solutions and conduct some experiments. The results show that our solutions are efficient and applicable to the IoT. As a proof of concept, we fix some real-world protocols used in the IoT. The outcome of every fix of a protocol is presented as an enhancement of the protocol, thus confirming the beneficial use of our solutions.