Title: Group-IKEv2 for multicast IPsec in the internet of things

Authors: Kiki Rizki; Argyro Lamproudi; Marco Tiloca; Shahid Raza

Addresses: SICS Security Lab, RISE Research Institutes of Sweden, Isafjordsgatan 22, 16440 Kista, Stockholm, Sweden ' SICS Security Lab, RISE Research Institutes of Sweden, Isafjordsgatan 22, 16440 Kista, Stockholm, Sweden ' SICS Security Lab, RISE Research Institutes of Sweden, Isafjordsgatan 22, 16440 Kista, Stockholm, Sweden ' SICS Security Lab, RISE Research Institutes of Sweden, Isafjordsgatan 22, 16440 Kista, Stockholm, Sweden

Abstract: This paper presents Group-IKEv2, a group key management protocol supporting secure group communication based on multicast IPsec. Group-IKEv2 is an adaptation of the IKEv2 protocol for the IPsec suite, and is especially designed to address internet of things (IoT) scenarios composed of resource-constrained devices. Compared to static approaches, Group-IKEv2 enables dynamic and flexible establishment of IPsec group security associations as well as group key material. Also, it integrates the management and renewal of group key material, both on a periodical fashion and upon group membership changes. We have implemented Group-IKEv2 for the Contiki OS and tested it on the OpenMote resource-constrained platform. Our experimental performance evaluation confirms that Group-IKEv2 is affordable and deployable also on constrained IoT devices.

Keywords: security; Group-IKEv2; multicast IPsec; group communication; secure communication; key management; internet of things.

DOI: 10.1504/IJSN.2019.098908

International Journal of Security and Networks, 2019 Vol.14 No.1, pp.10 - 22

Received: 21 Jan 2018
Accepted: 12 Sep 2018
Published online: 09 Apr 2019 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article