LAKEE: A Lightweight Authenticated Key Exchange Protocol for Power Constrained Devices

The rapid development of IoT networks has led to a research trend in designing effective security features for them. Due to the power-constrained nature of IoT devices, the security features should remain as lightweight as possible. Currently, most of the IoT network traffic is unencrypted. The leakage of smart devices' unencrypted data can come with the significant cost of a privacy breach. To have a secure channel with encrypted traffic, two endpoints in a network have to authenticate each other and calculate a short-term key. They can then communicate through an authenticated and secure channel. This process is referred to as authenticated key exchange (AKE). Although Datagram Transport Layer Security (DTLS) offers an AKE protocol for IoT networks, research has proposed more efficient and case-specific alternatives. This paper presents LAKEE, a straightforward, lightweight AKE protocol for IoT networks. Our protocol employs elliptic curve cryptography for generating a short-term session key. It reduces the communication and computational overhead of its alternatives while maintaining or improving their security strength. The simplicity and low overhead of our protocol make it a fit for a network of constrained devices.