Protection Of Iot Transaction Using Id-Kem Based On Three-Pass Protocol Countermeasure

Vulnerability(s) and attack(s) can occur on the proxy or during translation protocol of secure transport protocols in Constrained Application Protocol (CoAP). Existing security countermeasure deploys Datagram Transport Security layer (DTLS) and Transport Security layer (TLS) between client and server as IoT (Internet of Things) communicating entities. Proxy plays the role of interface between client and Server. It can also decrypt the received message and encrypt data according to the used security transport protocol of the other side. The vulnerability appears during this phase, especially, where the proxy is not confident or supervised by an illegitimate entity. Consequently, passing through the proxy communication node, security services like confidentiality and integrity can easily be compromised. Exploiting advantages of studied cryptographic algorithms, we focus on our customized security objectives regarding proxy element and DTLS-TLS translation. We detail, in this paper, the algorithm and the sequence diagram of secure communication of our proposal adapted for CoAP architecture. As an encryption strategy, we follow the cryptographic envelope principle based on ID-KEM and Three-pass Protocol. As a hypothesis, we assumed that the communication deploys our recent IDMS (Identity management System) contribution for loT, relying on the EAP_OAuth2.0 (Extensible Authentication Protocol and Open Authorization Protocol) protocols via DTLS, as the starting phase in order to keep authentication and authorization services. Finally, we describe the security validation, present our perspectives and conclude our work.