Efficient and Strong Symmetric Password Authenticated Key Exchange with Identity Privacy for IoT

Password authenticated key exchange (PAKE) allows two parties with a shared password to establish a session key. In order to provide secure and private communication between devices in an Internet of Things (IoT) environment, PAKE protocol is considered one of the most common and promising security methods. However, many existing PAKE proposals still face challenges in security and efficiency. Firstly, both the terminals of participants may suffer from the compromise attack and pre-computation attack, which will lead to the leakage of password. Secondly, the majority of the existing schemes cannot guarantee participants' identity privacy. Thirdly, most PAKE protocols are not suitable for IoT devices with limited computing capability because of a large number of exponential and pairing operations. To address these issues, we propose a strong symmetric PAKE protocol for IoT devices, which only requires 3 exponentiations per party. The proposed scheme can protect both parties from compromise and pre-computation attacks, in which the password file relies on the identity and random salt. What's more, our protocol guarantees the identity privacy, that is, the transmitted record and password file will not reveal the identity information. We further present a new security model for our protocol, and prove that the proposed scheme is secure under this model. Finally, we show the practicality of our PAKE via experiments and efficiency analysis.