Contents Introduction
Internet of Things or IoT is influencing our lifestyle from the way we react to the way we behave. IoT devices are progressively assuming a significant role in peoples’ daily lives. IoT devices are tangible, network-connected objects with a range of shapes and features. Devices connected through the internet are rapidly increasing. IoT is a giant network of connected devices. IoT is the interconnection of objects (things) that communicate through networks using various identifying and communication technologies. Furthermore, an increasing number of IoT applications involving group communication influence various important areas of our daily lives. Smart factories, remote healthcare [1], smart homes [2], smart mobility, traffic management, and other areas are some examples. In addition to this, new 5G technology significantly speeds up data transfer and enables further scaling of the connectivity process [3]. The deployment of 5G will result in faster broadband speeds and more reliable mobile networks, as well as a faster pace of progress in smart cities, smart vehicles, and smart manufacturing. These advancements open new opportunities for a wide range of applications involving multiple communicating parties.
Moreover, this promising digital transformation will not be released unless consumers can have confidence in the privacy and security of their data [3]. In fast growing IoT devices dealing with sensitive data e.g., monitoring patient health condition [4], safe communication is our main concern. As a result, it is critical that users maintain control over their data and restrict access to it. Unfortunately, in the past, companies developing IoT devices frequently failed to address this need for security and privacy [3]. IoT devices were commonly deployed without due consideration for security. This resulted in 2016’s greatest Distributed Denial of Service (DDoS) attack, which was carried out by thousands of hijacked IoT devices transformed into a botnet to bring down major Internet services such as Netflix and Spotify [5]. IoT is a heterogeneous interconnection of smart devices across various application domains. The availability of high-speed Internet connectivity alongside complementary advanced technologies such as Big Data, Cloud Computing, and easily accessible, inexpensive electronic devices equipped with new wireless communications standards are responsible for the explosive growth of the number of Internet-connected “things” These exponentially increasing numbers of connected smart devices also contribute to the Internet’s enormous daily data traffic, data storage capacity, and data availability. Therefore, we, the individuals who incorporate IoT into our residences and businesses, should be more concerned about security [3]. As the attack surface is so vast, it is nearly impossible to provide complete security for IoT infrastructure due to its extensive coverage across numerous application domains and large number of heterogeneous devices. Multiple aspects of IoT security have matured, including privacy, authentication, trust, and communications.
It is crucial to boost security by encrypting IoT connection to stop future attacks and better secure users’ data. Developers will find it challenging because group communication (also known as n-to-n communication) is more challenging to encrypt than one-to-one communication. In n-to-n communication, messages must be encrypted for a collection of recipients.
GKM represents a fundamental service in secure group communication schemes. On distributed entities the management of secret keys for secure group communication is known as GKM, which shares among all group members. The shared group key is used to sign and encrypt group messages, authenticate group members and messages, and grant access to group resources and traffic [1], [6], [7].
As a result, the vast number of devices in existence generate enormous quantities of data. Enabling these devices to locally process their data by means of identification and authentication enhances their performance, reduces bandwidth consumption, extends battery life, and mitigates security risks associated with attacks, thereby rendering the devices self-sufficient. To attain this objective, it is imperative that the devices possess a secure mechanism that facilitates the generation, distribution, and revocation of cryptographic keys. The cryptographic strength of this group key and the key management protocol determine the strength of an SGC scheme [2], [8]. The development of secure cryptographic protocols capable of ensuring data and communication privacy is a significant step forward in this effort.
Furthermore, Cryptography security mechanisms are classified as Symmetric and Asymmetric in general. Group Key Management schemes can be classified into three categories: symmetric, asymmetric and hybrid [7]. Although asymmetric key mechanisms are the more powerful and serve as a foundation for establishing secure communication channels between multiple parties, they consume more power as well. It is a critical technology for highly interconnected networks and, as such, is critical for the Internet of Things. Previously affects are made to lighter the cryptographic primitives like Elliptical Curve Cryptography (ECC) and Advanced Encryption Systems (AES) [1], [6], [7], [9], [10], [11], [12] by reducing computational time and cost. These protocols are based on hard problems like IF (Integer Factorization) and DL (Discrete Logarithm). It is decided whether the algorithm is more resistant to attacks or not based on how difficult the problem was taken during the formulation.
The existing group key management schemes are designed based on integer factorization (RSA) [9], [13], [14], [15], [16], [17] or discrete logarithms (ECC) [1], [11], [12], [18], [19], which are vulnerable to quantum computer. Both the number of IoT devices and the performance of quantum computers will grow in the coming years. Both technologies put our current crypto strategies to the test. As a result, post-quantum n-to-n communication encryption is an important area of study. In this case, the development of new schemes, as well as the analysis and comparison of existing schemes, is required. The National Institute of Standards and Technology (NIST) published a report on the need for PQC algorithms in 2016, stating that the need for standardizing the new post quantum cryptosystem had been established for the security of digital communications. Many proposals have been submitted to the National Institute of Standards and Technology (NIST) [20].
On
Certain algorithms, however, may be too inconvenient to use in IoT networks. Cryptography is a critical technology for securing communication in IoT networks. IoT is made up of heterogeneous devices ranging from low to medium power, such as sensors [17], actuators, edge devices, and so on. Dealing with cryptographic techniques in the IoT environment is fraught with difficulties, as it sometimes necessitates lightweight cryptographic solutions. We must be able to integrate new cryptographic schemes with existing protocols like Secure Shell (SSH) or TLS. To do so, designers of post-quantum cryptosystems must consider the following characteristics for IoT use-cases:
Transfer delay caused by encryption and decryption at both ends of the communication line, assuming several devices from large and fast servers to slow and memory limited IoT devices.
Limit the size of public keys and signatures for ultra-low latency.
A network architecture that enables cryptanalysis and the detection of vulnerabilities in a dense IoT network.
Integration with the existing infrastructure is flawless.
The SLR revealed a significant research gap in the investigation of SGC protocols for IoTs, particularly in the context of scenario specific SGC schemes, as evidenced by the limited existing literature identified in Table 2.
The key contribution of this research lies in the identification of critical factors for secure group communication in resource-constrained networks. This includes examining the consequences of recent cryptographic developments, particularly in the context of post-quantum cryptography and the new NIST quantum resistance protocol.
Through the investigation and comparison of 48 different secure group communication schemes with a focus on IoT scenarios, this research article provides valuable insights into effective approaches for managing group keys in resource-constrained networks.
Our study contributes by providing valuable insights into the challenges and unresolved issues surrounding GKM in a variety of use cases and applications applicable to IoT scenarios, considering into factor the opportunities arising from post-quantum security.
By identifying and discussing these open issues, our research aims to guide researchers in developing effective solutions for SGC in diverse situations, leveraging developments made in the field of post-quantum cryptography.
Background
In this section, we provide the necessary context for secure group communication by describing the requirements of SGC and then defining GKM to gain a deeper understanding of the subject.
A. Secure Group Communication
The requirements of secure group communication can be divided into two categories: security requirements and efficiency requirements (as shown in FIGURE 1.)
Security Requirements:
Authentication: Before giving nodes access to the group, an SGC scheme must authenticate their identities. Furthermore, in group communication, a member can be designated as the sender, the receiver, or both. To protect against identity-related attacks, members should be authenticated. Authentication can be accomplished using a group key, a pairwise key, or a certificate [28].
Integrity: It refers to correctness and consistency of group messages. Messages should be forwarded without modification and tempering. To achieve this hashing, digital signatures can used with strong encryption keys [29].
Confidentiality: It is a set of rules that limit access and define some restrictions on data. Group messages sent to a group should be limited to that group; only authorized groups can be able to access that data. This can be achieved by different encryption techniques [19].
Rekeying: It refers to the process of updating the session key. Long-term key had more chance to compromise frequently. Every change in membership necessitates rekeying of associated keys. The group key should be revoked immediately if a member’s membership changes. Otherwise, until the group key is updated, the revoked nodes can continue to use the group communication. To reduce the amount of data encrypted with the same keys we modify the encryption key. The different techniques for key update provide options for managing the lifecycle of encryption keys in group communication scenarios. (As shown by Table: 1)
Group Independence: A node keeps a per-group profile that includes security parameters like the group controller address and group key. Because a node may be a member of more than one group, security parameters must be independent so that a compromised group does not have an impact on the other groups.
Quantum Resistant: The emergence of quantum computing may render various classical cryptography primitives susceptible to security breaches. Consequently, it is imperative to devise protocols that exhibit resistance against quantum attacks and guarantee enduring security.
Efficiency Requirements
Scalability: Secure group communication schemes which provide efficiency and security for small groups should be maintained if the group size becomes larger. Most importantly, membership management algorithms must be efficient in a way that group controller can manage multiple requests simultaneously e.g., user joins or leaves activity. Delivery of the group key to large groups must be in reasonable amount of time with reasonable amount of delay, low computational and communication cost [22].
Flexibility: Secure group communication schemes should work well in different types of environments. Support dynamic behavior. Allow adding and removing user at any time [22].
Low Storage, Communication, computation cost: Secure group communication schemes should be efficient in respect to storage, communication, and computational cost. IoT devices are recourse constraints which make us focus on these specific limitations. Memory to store keys is limited so the number of keys used to protect group communication must be low. Computational cost must not be very heavy as sensors inherently have low power CPU. Component’s message exchange rate must be low. In fact, to avoid sensor node energy, drain and thus failure, the SGC scheme must not impose a high communication cost.
B. Topic Conceptual Model
The topic conceptualization provides detailed information on the subject under consideration. To gain a “broader understanding of what is known about a topic,” thinking about the topic conceptualization is required. [32] TABLE 3. exhibits the working definitions of GKM proposed by various authors.
Related Work
GKM in the context of the IoT poses several challenges that researchers have been addressing. One major challenge is the need for highly secure group communication in IoT settings. Multiple studies [8], [22], [23], [24], [25], [26], [27] have been conducted to investigate the various aspects of GKM schemes in IoT environments. Comparing GKM or SGC schemes in terms of security and efficacy, existing research identifies several relevant factors. However, usually, these factors emerge spontaneously, without a systematic comparison of every considered scheme about each factor in depth. In the survey by Piccoli [26], Torraco [25], and Cheikhrouhou [24], the primary focus is on GKM schemes in IoT contexts. While the specific aspects covered are not explicitly stated, it can be inferred that this study provides an in-depth evaluation of the efficacy and suitability of GKM mechanisms for IoT deployments. Torraco [25] summarize multicast group communication use cases and security requirement, but the use cases are not explicitly related to real-world scenarios.
Prantl’s [8] considers factors like Quantum Resistance and SGC schemes, among others by benchmarking pre and post quantum group encryption schemes in IoT settings. The significance of SGC in IoT contexts is highlighted, and the ramifications and difficulties of quantum resistant GKM schemes are investigated. In addition, existing studies either discuss general schemes [25] or concentrate on a particular form of GKM [1], [33]. Piccoli [26] only examine centralized and decentralized schemes, whereas Hanna [23] divides protocols into network independent and network dependent categories. In comparison to our work, Table. 2 provides an overview of the factors used or mentioned by previous studies when evaluating GKM or SGC schemes. In contrast to previous research, our survey examines these factors for each scheme in depth and provides a systematic and exhaustive comparison.
We compare the efficiency of the schemes using the indices storage costs, communication costs, computation costs, key update frequency, and types of employed cryptography. Moreover, we evaluate the security of the schemes in terms of forward and backward secrecy, anti-collision, instant rekeying, message integrity, message confidentiality, member authentication, group independence, and quantum resistance. Only [22] and [27] explicitly address the critical issue of scheme suitability for IoT group Communication.
As compare to [27] 1) This study not only done the systematic comparison of the schemes but also done a SLR adhered to Kitchenham’s guidelines [33] 2) Consider not only 12 but 13 aspects 3) consider quantum resistant security feature, in addition to other security features. 4) Specifically mention the application and usage area considering the real-world resource constraint scenario where GKM is the major concern.
Research Methodology
The SLR method was used to examine studies published between 2013-2023. SLR is divided into three phases: “Planning”, “Conducting”, and “Reporting reviews. This methodological study strictly adhered to Kitchenham’s guidelines [33] for a systematic literature review. The SLR design is made up of a series of steps, as shown in FIGURE: 2. The guidelines for systematic literature review are divided into three phases, as shown in FIGURE: 4
A. Phase 1: Planning the Review
The research questions for this study have been developed in accordance with the current study’s aims and objectives.
1) Research Questions Formulation
RQ 1:
What existing issues in IoT researchers trying to solve related to GKM? Describe GKM primitives.
RQ 2:
Define and Explain different GKM schemes proposed for resource constrained IoT networks.
RQ 3:
What is the application/usage areas?
The aim of these RQs is to obtain insight into the existing challenges associated with IoT-related GKM that researchers are addressing. RQ1 focuses on identifying the specific challenges being addressed, such as key distribution, scalability, constrained environments, and security. RQ2 aims to explore the different GKM schemes proposed for resource constrained IoT networks, highlighting their characteristics and approaches. RQ3 broadens the scope by examining the application areas where GKM is relevant, showcasing the practical importance and impact of effective group key management in various domains.
2) Search Strategy
A predefined electronic search space was created to look for relevant studies. For the literature search, the electronic databases ScienceDirect, Hindawi, MDPI, Springer Link, IEEE Xplore, Google Scholar, and Scopus were used. To gather relevant literature for this investigation, the inclusion and exclusion criteria for the studies were determined. After screening, the dismissals were detected, and mutual agreements among the authors were erased. The retrieved publications were then evaluated to assess and improve the study’s quality [34].
a: Search Keywords
To cover the broader scope of this study, the relevant keywords are pre-defined. To reduce the search for irrelevant studies, Boolean operators such as “AND” and “OR” were used. Table 4: described the search string employed in the study:
b: Data Sources
To begin the Systematic Literature Review, the authors began by searching for related studies using limited search strings and keywords. A comprehensive search of electronic databases was carried out. To find relevant literature for this systematic review, most popular scientific databases were searched. The mentioned keywords in Table 4 are those against which we get relevant results from different databases. The Figure. 2 includes data sources as well as the number of studies extracted from each data source (ScienceDirect, Hindawi, MDPI, Scopus, Google Scholar, and IEEE Xplore).
B. Phase 2: Conducting Review
Selecting studies, inclusion and exclusion criteria, and quality assessment are all part of the review phase.
1) Paper Selection
The screening studies were conducted in accordance with the PRISMA framework and the emerging researcher author consensus. To enhance the quality of existing studies, research was selected according to a predetermined set of rules. The article screening procedure commenced with a verification system and the identification of relevant studies, followed by the elimination of duplicate studies from multiple data sources. Before conducting a comprehensive review of the text, an abstract and introduction-based screening was conducted. Then, studies were evaluated according to the inclusion and exclusion criteria. Finally, a full-text analysis of 48 possible articles was conducted and observed. The sequential selection process is depicted in figures. The PRISMA flowchart displays the total number of studies examined at each research stage (as shown in FIGURE. 3).
2) Inculsion Criteria
To select primary studies, authors devised and strictly followed inclusion and exclusion criteria. The following are the finalized inclusion criteria for the current study:
Studies must be published in a scholarly journal or presented at a conference.
Studies written exclusively in the English language.
Publication must occur between 2013 and 2023.
Studies focused on Group key management in internet of things.
The primary goal of the study should have been to investigate and explore group key exchange within IoT constraint network.
3) Exclusion Criteria
We have also developed exclusion criteria to narrow the scope.
Keynotes, non-conference presentations, lab reports, tutorial summaries, newspaper articles, online blogs, book chapters, short paper summaries and abstracts.
Studies that are irrelevant or out of scope.
Repetitive/duplicated literature discovered from specified data sources.
Studies that are not conducted in English.
Search strings against which we don’t find any result.
Any schemes that do not adequately define a GKM or fall into none of three categories: centralized, decentralized and distributed.
Papers that do not meet the quality assessment criterion.
4) Quality Assessment
The selected studies were evaluated using the procedure recommended by York University’s Centre for Reviews and Dissemination (CDR) Database of Abstracts of Reviews of Effects (DARE) [35].
The criteria are based on three questions. Each question is score as: - (0,0.5, 1), “0” score indicates that study doesn’t includes the favorable outcomes, “0.5” score indicates that study partially answers the question. “1” score indicates that study includes favorable outcomes. Each paper is assessed against quality assessment question. Table 5 shows the total scores for all selected studies.
QA-1:
Is the study focused on GKM schemes for resource constraint IoT network?
QA-2:
Is the given framework provide solution for rekeying overhead reduction?
QA-3:
Is the result findings in the study is shows relatability with their proposed work?
C. Phase 3: Reporting Review
The reporting review phase includes data extraction, authentication process, and reporting the review, which is described below:
1) Data Extraction
To obtain the necessary information, the studies extracted for this literature review were meticulously examined, and it was determined that the obtained data reflected a consensus among all studies. In the context of this study, the characteristics obtained are the article’s title, the researcher’s name, the year of publication, the publisher and type of study, the application of the analysis, methodology, and the sector and security approach discussed. Data were collected, including the conclusion of the authors.
2) Authentication Process
To confirm the correct selection procedure and avoid inaccuracies in data extraction, research selection, and article “classification,” the recommendations of Kitchenham were adhered to with great care. Uncertainty regarding the “Validation Process”, particularly regarding “research selection,” “incorrect data extraction,” “incorrect classification,” “research method,” and “Author Bias.” As a result, authors in the current study followed Kitchenham’s recommendations. To avoid conflicts, the authors took part in the classification and carefully discussed the studies. The classification results were reached with the author’s mutual agreement and based on recommendations.
Existing Issues in GKM W.R.T IoT
This section refers to our RQ 1:” What existing issues in IoT researchers trying to solve related to group key management? Describe primitives of GKM. ”
Researchers are working to create an architecture that is not only secure but also capable of preventing attacks even if attackers gain access to the system. The WSN is a critical component of the IoT. Sensors are typically limited in memory, battery capacity, and computation power. As a result, it is more efficient to send multicast messages to a group of devices rather than sending unicast messages to individual devices in multiple copies, which consumes more energy. The establishment of a secure group key is a critical feature for providing message integrity, authentication, and confidentiality [19]. New IoT use cases that rely on multicast group communication raise the need for security to protect many devices. Providing dedicated multicast security for constrained IoT environments is critical to the success of IoT services. The efficiency of multicast group communication can be increased. This makes configuring and managing multiple devices at the same time much easier. When a source sends information to a group of recipients in a multicast session, there are numerous challenges such as group privacy and key administration. Security in charge of the session is Group controller (GC) manages authentication, authorization, and access control. Key server (KS) manages the required key material. IP multicast transmission model good at scalability. But the model lacks security measures of access control and protect group communication. Because any receiver can request data without directly contacting the sender which makes sender enable to enforce any access control to manage membership. When IP multicast application is used in IoT use cases, it makes it more difficult to enable access control due to the broadcasting nature of network. Access control is the most crucial security issue in GKM. To get control encryption is needed and to encrypt group communication a shared secret key is used to multiple distributed entities, called group key or TEK. Privacy depends on the safety of group keys. The management of key in group communication is different than managing the key in 1 to 1 communication scenario. The encryption key may be generated through protocol negotiation, such as the Diffie-Hellman key exchange protocol, or it may be generated by one party and then transmitted to the other. The connection is automatically severed, and the encryption key is discarded when one side of a communication disconnects, so key does not need to be updated. But In GKM our main challenge is to assure that all authorized groups have updated keys, as there are multiple receivers. The group communication remains active when a member leaves, and no one can force the departing member to forget the key. So, to prevent ex- members from accessing future communication keys, it must be updated. When a new user joins the group, the group key must also be updated.
Before joining the group, a new member may record the encrypted group communication. To decrypt the stored data, the user joins the group temporarily to obtain the group key. Additionally, data-encryption keys should be regularly replaced. Encrypting a large amount of data with the same key is frowned upon by cryptographers because the data is vulnerable to cryptanalysis attacks. Now GKM includes generate, distribute and update of group key. Resource constraint property of IoT makes GKM a challenge to achieve.
Major problem of group key management in IoT devices are as follows:
A. Group Key Management Primitives
GKM primitive focuses on two things: Primitive requirements and procedures (as shown in Figure. 5).
Most significant group key management scheme which is consider as compatible should has following primitive requirements. They are classified into five types: Performance, Security, QoS (Quality of service), Key management server, and Group Members.
1) Performance Requirement
Robustness: In GKM protocols should have the ability to handle dynamic group size.
1-Affects-N phenomena: Multiple group members are affected when a single membership status changes throughout the join/leave procedure. It decreases network communication iterations.
Availability of services: The operation of key management structures throughout the entire multicast session is unaffected by the failure of a single node.
2) Security Requirements
Forward Secrecy: If a member of a group leaves the group, the member should not be able to obtain any future group key or decode any group message after leaving the group.
Backward secrecy: preventing a new member from decrypting group communication that it has received before joining the group.
3) QoS (Quality of Service)
When multicast services are used, there is minimal packet delay and high packet delivery during communication. The packet delivery ratio is calculated using jitters. It plays an important role in key management, minimizing key changes in key management because it affects packet delivery delays.
4) Key Management Server
The re-keying of the group should not be influenced by the large number of messages, it applies to changes in dynamic groups, and it should not be limited by group size.
The amount of time required to encrypt and decrypt the keys to be used should all be considered for the efficient operation of key management protocols.
5) Group Members
To access the memory quickly and work frequently for the key server, there should be a minimum number of keys required for communication.
B. Group Key Management Procedures
The GKM protocol specifies how the group key is generated, distributed, and updated. The most important part of group key management is ensuring the secure and reliable delivery of keying materials to all legitimate members [22]. To do this, efficient key distribution, generation and updating processes must be implemented. Each of these processes must be considered when designing a key management algorithm in resource-constrained network.
1) Key Generation
Creating all the other keys along with the group key refers to key production phase and assists the key allocation controller in distributing the group key to all genuine receivers.
2) Key Distribution
Key allocation refers to the reliable, efficient, and secure distribution of keying materials to group members. Because group members in wireless networks may be geographically dispersed or move from one location to another, the most important task in group key management is ensuring that the group key is delivered to all legitimate members.
3) Re-Keying
The re-keying process is done to guarantee forward and backward secrecy. Group key and other keys updates. Updated keys sent to the group members. Reducing re-keying costs is more important. Key rekeying is the costliest process out of the three, because it requires the most amount of computation and communication overhead, meaning it requires more time, energy, and resources to generate and distribute the new key.
Since an IoT network can connect a vast number of devices with varying functions, each device may communicate with an undetermined number of other devices. Some messages should be sent to multiple devices simultaneously.
When it is necessary to send messages to multiple recipients, group communication can be used in the network to improve efficiency and communication performance. A group key is distributed among group members to ensure secure group communication [9]. Group key refers to the shared encryption key. It is the key upon which the security of group communication relies entirely. Symmetric encryption algorithms are used for encryption of messages within the multicast group member nodes, but the keys used for these encryption processes play a vital role in group key exchange processes. Group key management mechanism has been employed in several works (architecture of multicast centralized).
In summary, this section provides an overview of the current problems and obstacles in the field of IoT group key management. It also examines the fundamental components of GKM and elucidates the essential processes involved in this area. The study offers valuable insights pertaining to the optimal management of group keys in IoT environments that are limited in terms of resources. Specifically, it investigates aspects such as performance, security, QoS, key management server, and group member requirements, all of which are crucial for ensuring effective group key management. This section serves to address RQ 1 by providing a comprehensive outline of the pertinent concerns and identifying the fundamental components of GKM.
Group Key Management Schemes for IoT Networks
This section refers to research question 2: “What type of GKM schemes are proposed for resource constrained IoT networks?”
An IoT network’s group key management should be efficient and highly scalable. Because of the limitations of IoT devices, any operation performed by the devices should not exhaust the device’s resources. Because traditional protocols are insufficient for resource constrained IoT devices, we require faster and lightweight protocols for secure group communications. As a result, group key management should be implemented effectively. The GKM schemes should use the least amount of memory in each device and distribute the group key with the least amount of communication overhead. An IoT network, on the other hand, is often dynamic and has many members. To deal with these circumstances, group key management should be highly scalable. Multicast communication reduces terminal bandwidth, energy consumption, and processing overhead. Secure message delivery within a multicast group can be obtained by establishing a group key among the authorized members [19]. The SCG schemes are classified in three categories: centralized, decentralized and distributed (as shown in FIGURE. 9)
A. Centralized GKM Schemes
This section discusses the performance and security of centralized SGC schemes. The supplementary materials provide a more comprehensive explanation of the functionality of the schemes under consideration. The comparison is presented in three tables. The notation used in these tables is detailed in Table 6. Tables 7 and 8 provide a summary of the performance of centralized schemes. Figure 6 illustrates a comparison of Centralized (GKM) schemes, highlighting the differences in storage, communication, and computation costs. The graph shows the performance characteristics of various GKM schemes and enables a comprehensive evaluation of their viability and effectiveness. The performance characteristics of the given schemes within the given categories are described and compared using asymptotic notation. By assigning low, medium, and high complexities to storage, communication, and computational costs, the notation provides a framework for comparing the scalability and efficiency of each approach. This notation emphasizes the scaling behavior of the costs relative to the input parameters. The asymptotic notation enables a concise and standardized representation of the complexities, thereby facilitating the evaluation and selection of GKM schemes for secure group communication in resource-constrained scenarios within the given category. Tables 7 and 8 illustrate how various schemes achieve varying levels of performance and employ diverse methods. The security aspects of centralized GKM schemes are summarized in Table 9. Some schemes are significantly more efficient than others, but they may pose unacceptable security risks to the group to achieve such results.
In centralized schemes, the group is managed by a centralized trusted entity known as the Group Controller (GC). This includes managing members joining and leaving as well as the renewal of the group key. The GC is the only entity that has control over all components of an SGC scheme [22]. This centralized approach aims to reduce computational costs and storage requirements for group members [61]. The efficiency of symmetric key encryption and the high security of key selection and generation are advantages of centralized schemes [22]. However, the GC is a potential bottleneck and a single point of failure. If the GC of a centralized system fails, the system ceases to function entirely. As the only entity responsible for the entire group, the GC is the primary target of centralized system attacks [22].
XKFS is distinguished by its high storage, communication, and computational costs, which scale linearly with the number of network nodes. Thus, it is better suited for scenarios with fewer nodes and efficient resource management. However, it may not be suitable for networks with numerous users or limited resources.
The CL-EKM scheme is intended to be lightweight and appropriate for dynamic Wireless Sensor Networks (WSN). It facilitates efficient communication for important updates and management when nodes join or leave a cluster, mitigating the effect of compromised nodes. CL-EKM has moderate storage costs but high communication and computation costs, making it more suitable for networks with a moderate number of nodes.
The KMGC plan prioritizes scalability, work efficiency, and the reduction of communication time. Combining master-key and ECC techniques, KMGC reduces the number of keys stored in nodes, increases scalability, and decreases the risk of Denial of Service (DoS) attacks. Additionally, it reduces the amount of energy and time required for crucial negotiations, thereby improving the overall network’s effectiveness. As a result of its high communication and computational costs, it may be limited to large-scale deployments.
The SBSA scheme provides a group key establishment protocol and a special key management protocol for secure one-to-many communication in hardware-restricted networks. SBSA guarantees security and effectiveness, but comes with high storage, communication, and computational costs. Even with a comparatively large number of users, it is ideally suited for situations requiring secure communication.
LGKMCP scheme efficiently manages offline users and variations in group membership. While it incurs high storage costs, its communication and computation costs are low. LGKMCP achieves a balance between storage costs and group administration effectiveness, making it suitable for situations requiring effective group management.
In summary, selecting a centralized GKM scheme includes the consideration of storage, communication, and computational costs, as well as the scheme’s suitability for resource-constrained environments and a large amount of users. XKFS is better suited for scenarios with fewer nodes, whereas CL-EKM, KMGC, SBSA, and LGKMCP can accommodate a greater number of members with variable cost and efficiency tradeoffs. Researchers should evaluate these schemes based on their specific network requirements, considering factors such as scalability, efficiency, security, and resource constraints, to choose the most appropriate GKM scheme.
B. Decentralized GKM Schemes
In this section, we discuss the efficiency and safety of decentralized SGC schemes. The supplementary material provides a more comprehensive explanation of the functionality of the schemes under consideration. Table 6 describes the notation employed in these tables. Tables 10 and 11 illustrate how various schemes achieve varying levels of performance and employ a variety of techniques. Table 12 outlines the security features of decentralized GKM schemes. Figure 7 illustrates a comparison of decentralized (GKM) schemes, highlighting the differences in storage, communication, and computation costs.
Some tasks in decentralized architectures are performed by a central unit, while others require collaboration. These decentralized protocols aim for efficiency as well as fault tolerance [22]. The division of group management among SGC is a very common approach in decentralized schemes. The goal of using SGC schemes is to reduce the problem of concentrating all workloads on a single entity [61]. Another approach is to allocate group key generation to a group controller while group key distribution is done collaboratively by all group members [22].
DBGK and DLGKM-AC are decentralized GKM schemes designed for IoT environments with limited resources. They manage group membership efficiently and assure secure multicast communication. DBGK reduces the rekeying burden caused by dynamic and mobile group membership while preserving both backward and forward secrecy. DLGKM-AC reduces the Key Distribution Center’s (KDC) rekeying burden and offers a scalable IoT architecture that improves overall efficiency.
ABP-MAGKE and LT-SMM provide lightweight and efficient protocols for secure group communication in WSNs with limited resources. ABP-MAGKE concentrates on membership authentication and pairwise shared key distribution, whereas LT-SMM deals with frequent membership changes. Both protocols have minimal communication and computational costs, which reduces the rekeying burden in WSNs.
SCBA is a decentralized GKM scheme designed specifically for WBANs that ensures secure and efficient communication in medical environments with continuous physiological monitoring. SCBA addresses the need for minimal communication and computational costs, but its specific approach to rekeying is not specified.
DCSGS is a decentralized GKM scheme that is suited for large-scale networks that require secure group communication. It may incur additional storage, communication, and computational costs. In contrast to other schemes, the scheme does not expressly address rekeying overhead.
When evaluating these schemes, researchers must consider specific requirements such as resource limitations, dynamic group membership, secure communication, and rekeying overhead. DBGK and DLGKM-AC are well-suited for resource-constrained IoT environments, whereas ABP-MAGKE and LT-SMM are well-suited for resource-constrained WSNs. SCBA addresses the needs of WBANs, whereas DCSGS focuses on large-scale networks that necessitate secure group communication.
C. Distributed GKM Schemes
In this section, we discuss the efficiency and safety of distributed SGC schemes. The supplementary material provides a more comprehensive explanation of the functionality of the schemes under consideration. Table 6 describes the notation employed in these tables. Tables 13 and 14 illustrate how various schemes achieve varying levels of performance and employ various methods. Table 15 provides a summary of the security features of distributed GKM schemes. Figure 8 illustrates a comparison of distributed (GKM) schemes, highlighting the differences in storage, communication, and computation costs.
In distributed SGC schemes, group members collaborate to manage the group without the assistance of a central authority. Distributed schemes have the benefit of fault tolerance because no single entity is responsible for distributing and generating keys [22]. However, this comes with increased computational costs for group members and other drawbacks, such as increased energy consumption for the devices [22].
For WSNs with limited resources, FMPMAKE, GKPS, and GKAT provide solutions. FMPMAKE emphasizes efficient membership authentication and key establishment, whereas GKPS emphasizes efficient key distribution and secure communication. GKAT, on the other hand, focuses on securing group communication in WSNs with mobile decline, thereby providing increased resistance to node capture attacks. GKAT stands out among these schemes when mobile sinks are present, as it addresses the unique challenges posed by node capture attacks.
In IoTs environments that are dynamic, GROUPIT, GKMSFC, and SGKES offer solutions. GROUPIT accommodates varying memberships and device counts, efficiently managing key updates and ensuring secure communication with IoT devices with limited resources. GKMSFC reduces communication costs and message overhead for fog computing networks. SGKES prioritizes the establishment of secure group keys in IoT environments with heterogeneous devices and dynamic group memberships. GKMSFC stands out in comparison due to its scalability, decreased communication costs, and optimized message overhead. SGKES, on the other hand, offers a specialized solution for IoT environments with heterogeneous devices and dynamic group memberships.
Regarding specific IoTs applications, ITSKM, MIPUF, GKMCA, and GKA stand out. ITSKM addresses group-based communication in low-constrained IoT device-to-device (D2D) networks, specifically in medical assisted living scenarios. MIPUF emphasizes key management in IoT devices that are energy efficient. GKMCA introduces a group key management scheme for clustered IoTs environments, thereby minimizing computational overhead and communication expenses. GKA emphasizes group key agreement with forward secrecy for the distributed Internet of Things environment. ITSKM stands out among these protocols due to its incorporation of physical layer key exchange, which provides an additional layer of security against unauthorized access.
Comparing the provided GKM schemes reveals that each scheme is tailored to specific environments and applications. GKAT offers enhanced resilience to node capture attacks in scenarios with mobile sinks for resource constrained WSNs. GKMSFC excels in terms of scalability, reduced communication costs, and optimized message overhead in dynamic IoT environments, whereas SGKES provides a specialized solution for heterogeneous devices and dynamic group memberships. ITSKM’s incorporation of physical layer key exchange enhances the security and robustness of specific IoT applications. These comparisons emphasize the unique contributions of each scheme to group key management, considering their respective environments’ strengths and benefits.
D. Security Analysis of GKM Schemes
In section II: “Overview of the study” we defined the security requirements for a secure GKM schemes, now this section presents how the selected secure GKM schemes fulfil the security requirement. Table 8, 11, 14 present the comparison of different centralized, decentralized, and distributed GKM schemes in terms of 8 different security factors.
DBGK [36], DCSGS [13] achieves anti-collision by using a unique identifier for each member of the group, which allows messages sent from different members to be distinguishable and identifiable, also guarantees forward and backward secrecy by preventing collusion attacks from unauthorized users or devices. DLGKM-AC [1] employs a hierarchical architecture comprised of one Key Distribution Centre (KDC) and several Sub Key Distribution Centers (SKDCs), while GROUPIT [12], use a device grouping technique and MIPUF [31] using a novel physically unclonable function (PUF) that allows each device to encrypt its data with a unique key though preventing collisions between devices in different groups. ABP-MAGKE [28],FMPMAKE [14],GKPS [17] done a polynomial calculation to authenticate memberships and establish a secret session key among all communication entities. SCBA [4] employs a certificateless biometric authentication process to achieve anti-collision, message confidentiality, member authentication, message integrity, and group independence. This entails using representative features from electrocardiogram (ECG) records as distinct biometric parameters during the authentication procedure, allowing for efficient identification of participating sensors without any collisions between them.
Next, GKAT [63] includes ciphertext retention, hidden attribute authentication, and multi-policy access. IoT terminals use a key algorithm to produce their public and private keys in the proposed edge-cloud collaborative network architecture. The cloud server also verifies the terminals’ private and public keys. Encrypting IoT terminal cryptographic attributes allows the cloud to authenticate them and grant rights for each attribute. The terminal’s permissions are used to encrypt FL model parameters and send them to the edge server as sensitive data. The edge server stores the ciphertext’s decryption parameters for different FL terminal variants.
By segmenting the shared secret key, GKMSFC [47] achieves anti-collision, message confidentiality, member authentication, message integrity, and group independence. Each segment is then divided into two factors, each with its own production mechanism, allowing for quick key updating when a new user joins or leaves the fog node. On the other hand, SBSA [60] achieves all security factors using a special key management mechanism. This involves each node having its own unique session-specific private keys for every broadcast communication session which helps to prevent collisions between different nodes in the network as well as providing secure encryption when sending messages over public networks without compromising user privacy or security.
LGKMCP [62] successfully attains both forward and backward secrecy, thereby guaranteeing the confidentiality of messages. Employing a unique secret key for each user can effectively guarantee both member authentication and message integrity. However, LGKMCP is a centralized key management scheme that relies on the key distribution Centre (KDC) to generate the group key. Consequently, it has no group independence. LGKMCP exhibits a consistent expense for the process of rekeying and upholds a publicly accessible bulletin board to enable instant rekeying.
Further, different schemes maintained their message confidentiality by different techniques, in DLGKM-AC [1] use an efficient key updating process where all keys are completely independent from each other to safeguard data security, while GKPS [17], GROUPIT [12], DCSGS [13], DBGK [36] encryption of all data sent over the network to ensure its privacy. To provide message confidentiality and integrity ABP-MAGKE [28], FMPMAKE [14] uses user authentication process, which allows only authorized members of the group to access messages sent within it. Member Authentication ensures only legitimate members can join a group communication session and message integrity guarantees that no malicious third party has tampered with any exchanged data or messages in transit between two parties.
However, Message integrity guarantees any changes made to transmitted information will be detected so they cannot go unnoticed, DBGK [36] used a ticket-based system. This entails creating tickets, which are sent to each new joining node and must be validated before being accepted into the network. Furthermore, our protocol relies on an Area Key Management Server (AKMS), which oversees authenticating members within its corresponding area to ensure that only valid nodes can join or leave groups without compromising security and privacy requirements. DLGKM-AC [1] Member authentication is done via master token management protocol which ensures that only authorized users can access the system. Message integrity property is ensured with cryptographic techniques such as digital signatures or message authentication codes for verifying messages sent between devices/users within a group communication session. DCSGS Member Authentication verifies each member of a group before allowing them access and Message Integrity checks for errors or tampering with transmitted information.
Next, Group independence allows for multiple groups with overlapping membership without compromising security. It is achieved in DBGK [36] by generating Traffic Encryption Keys with a one-way function (TEKs). This ensures that the data used as an input cannot be retrieved from the resulting output, implying that disclosing one key does not provide an attacker with any additional information needed to retrieve previous, future, or other keys.
Furthermore, invalidating received tickets when a new member joins or existing members leave helps to ensure the security and privacy of all members within each individual group, DLGKM-AC [1] employs a hierarchical structure comprising a single Key Distribution Centre (KDC) and multiple Sub Key Distribution Centers (SKDCs). During the group communication sessions, the SKDCs oversee the administration of the keys linked to each individual user or device. The division of key management responsibilities among multiple entities serves to prevent any one entity from possessing all session keys, thereby enhancing security measures against unauthorized access to ongoing interactions. FMPMAKE [14], ABP-MAGKE [28] employing k-secure key confidentiality. This means that secure transmissions are possible even in groups of varying sizes, allowing multiple users to join and leave the group without interfering with one another’s communications.
Furthermore, Instant Rekey allows users to quickly update their encryption key when needed without having wait all other participants in conversation first, DBGK [36] employing a hierarchical protocol, such as the Logical Key Hierarchy (LKH) [9] or the One-way Function Tree Protocol, which improves on LKH [14]. This approach reduces the number of messages exchanged at the expense of a high computational cost, allowing for quick key updates when member join/leave events or mobility issues within dynamic networks require it. In DCSGS [13] and ABP-MAGKE [28] a distributed key generation protocol is used which enables group members to generate new keys quickly and securely without the need to wait for an external source or administrator, allowing for instant data rekeying in the event of a security breach.
Moreover, all SGC schemes listed in Table 9, 12, 15 employ both symmetric and asymmetric cryptography, which are susceptible to quantum attacks. Symmetric cryptography is influenced by quantum computing. AES and 3DES can be broken by quantum computers. Symmetric cryptography is secure if the key size is raised. For instance, increasing AES’s key size from 128 bits to 256 bits can make it safer against quantum attacks. It is essential to observe, however, that this is only a temporary solution, and that post-quantum cryptography should be considered for long-term security [53].
Finally, forward and backward secrecy properties are guaranteed by preventing collusion attacks against unauthorized users trying to gain access into ongoing communications. SCBA [4] Instant Rekey & Forward/Backward Secrecy properties are enabled through Ciphertext Policy Attribute Based Encryption (CP-ABE) technology which provides dynamic updates when needed ensuring security remains intact even after keys become compromised due revocation etc. DBGK [36] ensure forward secrecy is ensured by invalidating received tickets when a new member joins or an existing one leaves the group, while backward secrecy prevents joining members from accessing communications that occurred before their arrival in the group as well as mobile members not being able decrypt stored messages encrypted with previous traffic encryption keys upon movement from one area another. GKMSFC [47] ensuring both forward and backward security by dividing the shared secret key into segments, which are then split into two factors with their own production mechanism, allowing quick updating when new users join/leave without the need for additional messages from end-users requesting rekeying operations, thereby significantly reducing cost and network load.
This section addresses RQ 2 by investigating various GKM schemes designed for resource-constraint IoT networks. It focuses on the efficiency, scalability, and security features of these schemes. This section examines various GKM schemes, including centralized, decentralized, and distributed approaches, and highlights their respective advantages and disadvantages. In addition, it provides a comparison of these schemes, allowing for a thorough evaluation of their applicability for resource constrained IoT environments.
Group Key Management Applications/Usage Areas
This section refers to Research question 3: “What is the application/usage areas?”
The applications and usage areas of these applications in context of SGC schemes are discussed in this section. In recent years, the IoT has gained appeal among end consumers due to its ubiquitous use and range of applications. Applications of the Internet of Things can be found virtually everywhere, including in industrial control, smart healthcare, smart grid, transportation systems, and logistics [62]. IoT is a self-configuring, intelligent system that can connect to a variety of technologies, such as cloud computing, fog computing, radio frequency identification (RFID), and wireless sensor networks (WSN), to share sensory data and control objects with or without human intervention. Due to the inherent promise of this technology, it has already experienced exponential growth in a vast array of use cases across numerous application areas. As experts from across the world continue to examine its capabilities, there is universal consensus that for IoT to reach its full potential, a network architecture that supports security, privacy, and trust must be implemented.
A. Intelligent Transportation System
An intelligent transportation system (ITS) is a collection of advanced technologies, such as connected vehicles, cloud computing, and the IoT, used to enhance the safety and efficiency of transport networks. ITS systems collect data about traffic conditions using sensors, cameras, and other devices, which can then be analyzed by computers or algorithms for improved decision-making. This reduces traffic congestion on roads and improves road safety by increasing visibility of potential hazards such as accidents and bad weather. In addition, these systems assist in optimizing fuel efficiency by providing real-time information regarding optimal routes based on current traffic conditions. As modern vehicles and communication technologies advanced rapidly, people began to believe that the Intelligent Transportation System (ITS) would be implemented within a decade.
ITS integrates information technology into transportation infrastructure to enhance road safety and traffic flow. Nonetheless, security remains a primary concern for vehicular communication systems (VCSs). With secure group broadcast, this issue can be resolved. Therefore, secure key management schemes are an indispensable network security measure. CAN [63], VANETs and Block chain technology [64] plays an important role in ITS.
1) Controller Area Networks (CANs)
ITS utilizes CAN as an essential technology. It allows separate electronic control units (ECUs) within a vehicle to interact with each other, facilitating the interchange of data and directives. This enables automobiles to be more fuel-efficient by letting systems such as engine control and transmission control operate in concert without human intervention. In addition, CAN can contribute to the improvement of safety features in modern automobiles by providing real-time monitoring capabilities for several components, thereby allowing for the early detection of possible problems before they become severe.
CAN messages are multicast, the protocol must support the generation and updating of group keys. For this purpose, group key exchange protocols are needed. Group key exchange is utilized to exchange cryptographic keys between electronic control units on the CAN bus in a secure manner. Multiple nodes (ECUs) within a network can share and agree upon a common secret, which can then be used for secure communication. Using group extensions of standard key exchange protocols, such as elliptic curve Diffie-Hellman, it is possible to establish secure connections with minimal computational overhead, while still providing robust security guarantees against malicious attackers [63]. Cryptographic key distribution between devices Communicating over a publicly accessible medium is a critical component of secure networked system design. The major security flaws of the CAN bus are a lack of confidentiality and integrity, as well as a lack of access control. For encryption and authentication purposes, all proposed cryptographic methods for protecting the CAN bus require that ECUs share a secret key, also known as a group key.
2) Vehicles AD-HOC Networks (VANETs)
ITS components such as decision-making agents use VANETs data to make intelligent decisions regarding how to reduce traffic and minimize fuel consumption. Group key management is necessary for securing VANET network communications. In the VANET network, group communication occurs when a trusted authority (TA) distributes a group key to all network members. Group keys aid in updating user information when new nodes join or leave the network by distributing updated versions of these keys efficiently without compromising security.
3) Blockchain Technology
Blockchain offers Distributed Architecture, Security, and Privacy. It could solve problems like a single point of failure in centralized architecture. The most popular technology eliminates the need for third-party authentication on Peer-to-Peer networks. Active network members validate transactions. Network participants update a ledger with new blocks of transactions to ensure data integrity. In [65], authors address the single point of failure challenge by proposing a blockchain based authenticated group key management protocol for IoT.
Blockchain technology is also essential for Intelligent Transport Systems (ITS) because it provides a secure and dependable method for transmitting encrypted data across network nodes [64]. By spreading keys across heterogeneous domains in a secure manner, this ensures that only authorized users can access information stored on the blockchain and provides greater security than old, centralized techniques. In Intelligent Transportation System’s Vehicular Communication Systems (VCS), group key exchange is required (ITS). This sort of safe key management ensures that only authorized users may access information stored on the chain and provides greater security than previous centralized techniques by spreading keys across diverse domains in a secure fashion. In [64] the suggested framework makes use of blockchain technology to simplify distributed key management and dynamic transaction collecting periods to shorten transfer time during vehicle handoff, making it an appropriate alternative for ITS applications.
The study [64] identifies an unresolved issue that has not yet been addressed. The authors remark that security remains a primary concern in Vehicular Communication Systems (VCS) and present their framework as a potential solution to this problem. However, they recognize that there are further potential solutions for safe key management inside heterogeneous networks that have not been researched or implemented.
B. E-Health Care Management Systems
The widespread use of the IoT creates numerous opportunities for the Electric-health care system (E-HCS). In e- healthcare, IoT applications range from remote monitoring to advanced and intelligent sensors to equipment integration. IoT can be used to track patient health, authentication, and data collection.
1) Wireless Body Area Networks (WBANs)
Wireless body area networks (WBANs), as one of the critical components in the emerging IoT, are capable of monitoring vital physiological and behavioral information of users via wearable sensors, offers great opportunities for the next-generation e-health care systems [4], [66], [67]. This short-range wireless networked device can be placed in, on, or around the body to collect and monitor vital body parameters, which are then transmitted externally to a WLAN, the internet, or a centralized database for processing.
Group key management occurs between the healthcare facility (HC) and the individual controller (PC). The HC is responsible for disseminating important notifications to various patient groups, whereas the PC maintains communication with sensors in a WBAN. During group key management, both parties exchange messages containing secret keys required to encrypt and decrypt network-sent data [66], [67]. Even though many group key agreement schemes have been proposed in recent years, most of these protocols generate a single group’s secret key. In the IoT E-HCS, however, more and more communications involve multiple groups, and users can communicate simultaneously with multiple groups. Consequently, traditional one-at-a-time group key establishment protocols based on public keys have a high computational cost and security vulnerabilities.
The Chinese remainder theorem (CRT) is utilized in [67] the proposed protocol for group key management between the host controller (HC) and the personal controller (PC), which also supports batch key update. CRT expedites encryption and decryption by lowering the number of calculations required to encrypt or decrypt data. Additionally, it minimizes storage needs because fewer keys must be saved on both sides, making it more suitable for resource constrained WBAN systems with restricted power capabilities. The motivation for this [67] proposed sensor association approach is coded cooperative data exchange (CCDE). CCDE is a method for enhancing the efficiency of data flow between numerous network nodes. The authors of [4] assume that the three essential components of the WBANs system are the healthcare center (HC), biological sensors, and the user’s smartphone as personal controller.
The [4] study identifies a problem with group key management that has not yet been resolved. This is the restricted power capability of conventional WBAN sensors, particularly implanted ones. These constraints hinder their widespread applications in medical settings and make it difficult for healthcare facilities to safely distribute important notifications to diverse patient groups. To address this issue, the authors propose a novel practical WBAN system model with group message broadcasting and a secure and efficient group key management protocol with cooperative sensor association; however, this does not yet address all aspects of the issue.
2) Wireless Mobile Environment (WME)
In e-health systems, WME is utilized to offer secure communication between nodes for patient monitoring. Since wireless networks are used to monitor patients’ illnesses and recovery progress, it is crucial that the confidentiality, integrity, and validity of their health records remain protected. Group key exchange is carried out in a mobile wireless environment. This sort of network employs wireless communication technologies, such as cellular networks or Wi-Fi, to facilitate secure communication between nodes for e-health applications. Group key management protocols (GKMPs) are used to create secure channels by providing authentication and data secrecy.
Existing key management protocols cannot securely route these applications due to the resource constraints of wireless mobile environments. Therefore, a novel and improved key management scheme was proposed that aims to provide an efficient solution that minimizes rekeying overhead while ensuring forward and backward secrecy, computational cost, and strong encryption management [68].
This [68] research study proposes a revolutionary master-key management technique for managing keys that enhances the security of healthcare information. The [68] authors also mention some open problem, as additional users join a multicast group, it becomes increasingly challenging for existing protocols and schemes to efficiently manage keys without compromising performance or security. Providing safe communication between healthcare practitioners and patients, as well as assuring data accuracy with minimal delays, is an additional difficulty when employing telemedicine technologies. Lastly, future study might focus on comparing different cryptographic algorithms to identify which offers the most secure form of healthcare communication in resource-constrained wireless mobile situations. Another paper [69] proposes the Healthcare Key Management (HCKM) framework as a solution. This method offers a safe and privacy-preserving key management approach for e-health systems that minimizes the rekeying overhead of group members while ensuring forward and backward secrecy and strong encryption management. There is a need for more efficient authentication and encryption mechanisms, as well as improved methods for handling dynamic group changes such as user handoffs and node evictions.
In [13] authors describe a use case named as Scenario 2: of central hospital providing a free medical treatment to a specific group of patients. They describe that there scheme can be employed in this scenario to fulfil secure group communication. Figure: 11 refers to dynamic group key distribution model.
C. Smart Grid Management System
Utilizing information technology, SMART Grids are altering the conventional services offered by existing electrical grid networks. It maximizes the use of information technology to achieve system efficiency and dependability. In addition to power generation and transmission utilities, smart grids include appliances, meters, sensing devices, and information gateways that function in near real-time [70].
The key components of smart grid technology are as follows:
Supervisory Control and Data Acquisition System (SCADA): This is a system which is used to monitor and control electrical flow. It ensures that electricity is distributed in an efficient and reliable way. It is an essential component of smart grid networks since it assists in the collection and analysis of real-time data from remote places to optimize industrial processes [71].
Advanced Metering Infrastructure (AMI): This is the system that collects, measures, and analyses energy usage data from networks with smart meters.
Communication Networks: These networks allow bidirectional communication between various grid components, including power plants, substations, and consumers. Depending on bandwidth requirements, they could be optical fibers or Ethernet passive optical network.
Software & Hardware Components: These include software applications that manage client accounts, billing systems, etc., as well as hardware components such as routers and switches that enable the safe transfer of data across several nodes in the grid.
GKM is required in AMI and SCADA [74] systems of Smart Grids. Key management is one of the most pressing open issues in smart grids [72]. This necessitates the development of a secure and fast mechanism for access verification of many intelligent gateways and terminal devices. In different research author highlights.
Developing efficient authentication mechanisms for secure communication between various grid components, including SMGWs, consumer consuming/generating devices, etc. [70].
Designing lightweight security techniques for Smart Grids’ wireless sensors with limited resources [70].
Investigating new approaches, such as PUF-based KMS, that have not been thoroughly addressed in the literature [70].
Construct a GKM protocol that can handle collusion assaults, in which a newly added member attacks in collaboration with an eliminated member [71].
Construct a protocol that can handle the dynamic nature of SCADA systems, in which new members can join or leave at any time [71].
How to protect the secrecy, integrity, and authentication of multicast communications while employing publish-subscribe topologies.
How to efficiently distribute GKs in large clusters with numerous nodes and subgroups, update, or revoke keys safely, and maintain security and performance [73].
Data privacy and protection against malicious assaults, such as man-in-the-middle and replay attacks, continue to present obstacles [74].
1) Wireless Sensor Networks (WSNs)
WSNs are networks of small devices that use radio waves or other communication technologies to share environmental data. These sensors monitor temperature, humidity, air quality, and more, making them essential to smart grid systems [73]. WSN data is distinct from most data transmitted in digital communication applications. In [29] WSN gateways are connected to brokers that provide multicast communications through UDP, allowing us to use MQTT for their strategy and evaluate its effectiveness on a testbed comprised of Raspberry PIs and Wi-Fi dongles representing distributed IEDs connected to the server serving as the control center.
Typically, sensors are lacks in memory, battery, and computation power [74]. Therefore, it is more efficient to send multicast messages to a group of devices than to send multiple copies of a unicast message to a device. To secure multicast group communication messages, an efficient key establishment and distribution scheme that preserves the communication’s integrity, authenticity, and confidentiality is necessary. The sensor nodes within a wireless sensor network typically exchange data for analysis. This communication exchange is capable of being unicast, broadcast, or multicast (as shown in FIGURE. 12).
Unicast Communication:
This type of information transfer is useful when 1-to-1 transmission is required. This is a very common type of data transfer over a network.
Broadcast Communication: Broadcast transmission involves the transmission of data from one or more senders to all receivers within the same network or between networks. This type of transmission is useful for network management packets, such as ARP (Address Resolution Protocol) and RIP (Routing Information Protocol), in which the data must be visible to all devices.
Broadcast Communication: Multicasting involves multiple senders and multiple receivers for data transfer [47]. Multicast enables servers to simulate and route single copies of data streams to hosts that request them. Multicasting is associated with lower transfer speed utilization in the system for applications such as information replication, task of assignments and sending of orders to a specific group of sensors, inquiries to many sensors, etc.
D. Air Traffic Management
ATM is the system that controls air traffic in controlled airspace. Monitoring and managing aircraft movements, guaranteeing their safe separation while optimizing their flight paths for efficient travel. The International Civil Aviation Organization (ICAO) establishes global standards for ATM systems, with each nation implementing these standards in accordance with local needs and legislation [75]. The primary elements of an ATM system are communication, navigation, and surveillance technology, as well as operational procedures that ensure flight safety, such as route planning and conflict resolution tactics.
The main components of ATM are [76]:
Communication technologies:
It allows air traffic controllers and pilots to communicate with one another. This comprises voice radio in addition to data link systems like the LDACS. It is an air/ground communications system that enables the modernization of ATM. It satisfies special requirements for the L-band environment and ATM applications, making it suitable for use in the modernization of air traffic management systems [75].
Navigation technologies: It provides information regarding an aircraft’s position relative to other objects or geographical characteristics. Included are GPS navigation devices and instrument landing system beacons for precise airport approaches.
Surveillance technologies: It enables ground control operators to monitor an aircraft’s location relative to its flight plan path or designated airspace boundaries using radar tracking or Automatic Dependent Surveillance – Broadcast technology (ADS–B).
1) L-Band Digital Aeronautical Communication System (LDACS)
Due to the rising amount of air traffic, the current aeronautical communication technologies have reached their limits. To digitalize formerly analogue systems and prepare them for future demands, a process of modernization is undergoing [75]. As part of this transition, the LDACS was developed to replace legacy analogue voice communications to provide secure communication channels for critical infrastructures by implementing Mutual Authentication and Key Establishment protocols as well as Group Key Management procedures that permit authorized users within an LDACS cell or network to access data securely.
GKM is essential since it aids in securing LDACS control channel communications. GKM entails the use of cryptographic mechanisms, such as Mutual Authentication and Key Establishment procedures, to safeguard the data being communicated across a network or among a group of users against unauthorized access [77]. By employing these security measures, LDACS can provide robust cybersecurity when deployed in key infrastructures such as the aviation and aeronautics industries. In [77] this study, author investigate GKM techniques for LDACS control channels and how they promote secure communication within these networks. However, the application of security mechanisms such as GKM approaches on a group-by-group basis, which could provide further protection against hostile actors and illegal access attempts, has not yet been studied. In addition, it investigates how Chinese Remainder Theorem-based algorithms can be implemented in an LDACS system while accounting for their higher message size needs [77].
Regarding LDACS control channels, there are several possible future paths that could be studied [77]. These include deeper research on the implementation of GKM procedures and how they can provide enhanced security against malicious actors and unauthorized access attempts. In addition, it would be advantageous to research new cryptographic algorithms that may give better performance than solutions based on the Chinese Remainder Theorem while still offering appropriate security for these networks [77].
In short, our investigation into multiple areas of application revealed distinct obstacles and prospective remedies pertaining to protecting group communication and managing cryptographic keys. Although certain challenges have been addressed in previous research papers, there remain unresolved aspects that offer potential for further research and development.
Conclusion
This study conducted an SLR to examine the factors associated with secure group communication in IoT settings. This study concentrated on the existing challenges that researchers in the field of IoT are endeavoring to address with respect to GKM. We examined several GKM approaches that have been put forth for IoT networks that are limited in resources. Based on our examination of 48 studies conducted from 2013 to 2022, it was determined that the majority of GKM schemes utilize conventional cryptographic methods. However, these techniques are insufficient in mitigating the security risks that arise in IoT settings, particularly considering quantum attacks.
The results of our study emphasize the necessity of implementing GKM solutions that are resistant to quantum attacks in the context of IoT settings. The present study identified the domains of application and utilization that involve significant GKM concerns, underscoring the criticality of devising and sustaining robust security frameworks. Through the exploration of these research inquiries, we aim to illuminate the obstacles and constraints inherent in current GKM methodologies, while also establishing a basis for subsequent investigations within this domain.
In brief, our research enhances comprehension of the challenges associated with GKM in the context of the IoT, provides a comprehensive examination of GKM primitives, and investigates various GKM approaches developed for IoT networks with limited resources. The research highlights the importance of implementing quantum-safe measures in IoT settings. It is anticipated that this study will provide guidance to cryptographers in the creation and upkeep of robust security protocols. Subsequent investigations in this domain ought to prioritize the creation and assessment of GKM schemes that are impervious to quantum attacks, while considering the distinct limitations and prerequisites of IoT implementations.
Limitations and Future Extension
Post-quantum cryptography is a relatively new field that is presently being researched and developed by the private sector, government security agencies, and the academic community; consequently, its foundations are still being established. Such a circumstance involves that the advancement of the mentioned fields and their application to IoT present significant challenges. With the advent of quantum computing, traditional cryptographic tools become susceptible to assault, necessitating the development of post-quantum cryptographic tools. Successful post-quantum IoT cryptosystems can improve the security of a variety of fields whose applications heavily rely on resource-constrained and battery-dependent IoT devices, such as home automation [2], [80], smart transportation [66], smart grids [72], [74], [76] and industrial IoT [81], etc.
In future extensions of this work, we intend to concentrate on designing resource-constrained devices and low-bandwidth environment-specific efficient scheme implementations. In addition, we plan to investigate the security analysis of these schemes in the Quantum Random Oracle Model (QROM) to evaluate their resistance to quantum attacks. By incorporating quantum computing principles into our security analysis, we can obtain valuable insight into the robustness and quantum resistance of our proposed schemes. These future extensions will contribute to the development of secure and possible group key management solutions for resource-constrained networks.