An Efﬁcient Secure Scheme Based on Hierarchical Topology in the Smart Home Environment

: As the Internet of Things (IoT) has developed, the emerging sensor network (ESN) that integrates emerging technologies, such as autonomous driving, cyber-physical systems, mobile nodes, and existing sensor networks has been in the limelight. Smart homes have been researched and developed by various companies and organizations. Emerging sensor networks have some issues of providing secure service according to a new environment, such as a smart home, and the problems of low power and low-computing capacity for the sensor that previous sensor networks were equipped with. This study classiﬁes various sensors used in smart homes into three classes and contains the hierarchical topology for efﬁcient communication. In addition, a scheme for establishing secure communication among sensors based on physical unclonable functions (PUFs) that cannot be physically cloned is suggested in regard to the sensor’s low performance. In addition, we analyzed this scheme by conducting security and performance evaluations proving to constitute secure channels while consuming fewer resources. We believe that our scheme can provide secure communication by using fewer resources in a smart home environment in the future.


Introduction
Due to the development of the IoT technology, people can receive service via the Internet at any time and from any place [1,2].IoT has been used in various fields, including theoretical technologies.For example, it has been applied in the smart home environment, which provides many services [3][4][5].According to Strategy Analytics, the global smart home market has been growing by 19% on an annual average.It is expected for the scale of the market to reach $115 billion in 2019 [6].In addition, according to Harbor Research, the number of IoT devices to be installed around the world is expected to be 8 billion, and 47% of them are expected to be installed in smart homes.Smart home service is an ESN in which integrates IoT emerging technologies such as autonomous driving, cyber physical system and mobile nodes, and existing sensor networks has been in the limelight [7].Therefore, many of the companies and research institutions have been developing diverse technologies so as to provide better services [8,9].However, a smart home combined with a sensor network still faces problems in terms of low power and security.Various studies have been conducted to solve these issues [10,11].In February 2015, HP indicated in their research reports that most of the smart home IoT devices were weak in encrypting passwords and in the authentication procedures in their research reports.They warned that there was a high possibility of users being exposed to cyber-crime as personal information is Symmetry 2017, 9, 143 2 of 14 required to use smart home IoT devices.In addition, according to Symantec's report on the status of smart home device security, a weakness in authentication exists [12,13].Especially, sensor network topology needs to be taken into account in order to efficiently and securely deliver information while minimizing the electronic consumption of sensors in ESNs.However, various security techniques and topologies for previous sensor networks have not addressed the diverse capabilities of smart home sensors.Therefore, they are inefficient or inappropriate for a low-power sensor network [14][15][16].In this study, we propose a security technique in hierarchical topology for smart home sensor networks that has various capabilities.This study is laid out as follows: Section 2 describes the infrastructure of a smart home, the security requirements for a smart home, and previous research on smart homes.Section 3 describes the mutual authentication proposed in this study and techniques for establishing a security channel in detail.Section 4 provides a security evaluation of the suggested scheme, computing resource analysis, and storage resource analysis.Finally, Section 5 provides our conclusions.

Related Works
In this section, we discuss the smart home infrastructure, features of smart home, and previous related works on these areas.

Infrastructure of a Smart Home
In general, the smart home infrastructure is comprised of a sensor network that has been created with various wireless sensors inside of the home, an AP for connecting the sensor network outside, and a service provider.Figure 1 shows the infrastructure of a typical smart home.Various sensors in the smart home communicate with each other through a sensor network to provide service to, and collect information from, residents.Each of the sensors exchanges information with the service provider through the AP and if a sensor cannot directly reach the AP, it communicates through the other sensors.A smart home sensor network requires a topology for securely and efficiently exchanging information in regards to computing ability and the power capacity of various sensors.However, most of the suggested sensor networks propose various topologies or infrastructures that lack a diversity in sensor ability.Therefore, it is inappropriate to apply them to an actual smart home sensor network.as personal information is required to use smart home IoT devices.In addition, according to Symantec's report on the status of smart home device security, a weakness in authentication exists [12,13].Especially, sensor network topology needs to be taken into account in order to efficiently and securely deliver information while minimizing the electronic consumption of sensors in ESNs.However, various security techniques and topologies for previous sensor networks have not addressed the diverse capabilities of smart home sensors.Therefore, they are inefficient or inappropriate for a low-power sensor network [14][15][16].In this study, we propose a security technique in hierarchical topology for smart home sensor networks that has various capabilities.This study is laid out as follows: Section 2 describes the infrastructure of a smart home, the security requirements for a smart home, and previous research on smart homes.Section 3 describes the mutual authentication proposed in this study and techniques for establishing a security channel in detail.
Section 4 provides a security evaluation of the suggested scheme, computing resource analysis, and storage resource analysis.Finally, Section 5 provides our conclusions.

Related Works
In this section, we discuss the smart home infrastructure, features of smart home, and previous related works on these areas.

Infrastructure of a Smart Home
In general, the smart home infrastructure is comprised of a sensor network that has been created with various wireless sensors inside of the home, an AP for connecting the sensor network outside, and a service provider.Figure 1 shows the infrastructure of a typical smart home.Various sensors in the smart home communicate with each other through a sensor network to provide service to, and collect information from, residents.Each of the sensors exchanges information with the service provider through the AP and if a sensor cannot directly reach the AP, it communicates through the other sensors.A smart home sensor network requires a topology for securely and efficiently exchanging information in regards to computing ability and the power capacity of various sensors.However, most of the suggested sensor networks propose various topologies or infrastructures that lack a diversity in sensor ability.Therefore, it is inappropriate to apply them to an actual smart home sensor network.

Features of Smart Home
In the smart home environment, it is required to satisfy security demands and have the appropriate topology model to securely and efficiently exchange information among sensors, or between the sensor Symmetry 2017, 9, 143 3 of 14 and service provider.In addition, it is necessary to appropriately utilize various sensor capabilities when using security techniques and to, especially, consider sensors with low resources.

Topology for ESNs in smart homes
Most of the sensors with low computing ability and power are arranged and distributed in wireless sensor networks (WSNs).Therefore, it is required to establish a plan for securely and efficiently delivering information.In order to solve problems in the sensor network, various topologies have been suggested and applied in current services [17][18][19].However, most of the topologies suggested in WSNs did not take particular environments or the various abilities of sensors into consideration.A smart home sensor network is made up of ESNs where the IoT environment and previous sensor network are combined, unlike in existing WSNs.Sensors in a smart home are structured to communicate with an external network through the AP and the available distance of communication and computing abilities are different in each sensor.The topology suggested in the existing WSNs has not taken the smart home environment into account and, hence, is inefficient.In order to efficiently exchange information in the smart home sensor network, a topology that takes the capabilities of various sensors into account is required.

Security
Due to the development of IoT technology, the number of sensors has been exponentially increasing and used in various fields.A smart home is a representative sensor network that is combined with IoT technology in order to distribute diverse sensors in the home so as to provide convenience to the inhabitants.Most of the information collected from these sensors is particular to the users.If they are attacked by malicious attackers, there is a possibility for them to have their privacy significantly invaded, their lives to be threatened, and the loss of property [20].In order to provide users a service that is secure against these threats, smart home sensors shall carry out mutual authentication prior to exchanging information with an external network and establish secure communication by exchanging keys.In addition, they need to be against various malicious attacks, including relay attacks, replay attacks, leaked keys, and forward secrecy [21].In order to establish a secure sensor environment, efficient large-group key (ELK) distribution has been suggested by Tien-Dung et al. [22] and three strategies for securely distributing rekey messages has been proposed by Mohammad et al. [23].However, none of these are appropriate in the smart home environment.Adrian et al. [24] proposed the combining group-key and time-key (CoGKTK) for securing multi-cast techniques in a sensor environment.Wong et al. [25] proposed the usage of statistical group index matching (SGIM), which is not secure against various security threats.

Different sensor performances
A smart home sensor network is comprised of various sensors.For example, sensors installed in large products, such as refrigerators or washing machines, can possess a relatively higher computing ability and power than smaller ones, such as thermometers and pots.Since the capabilities possessed by sensors depend on what their purpose is for a product, the aforementioned environment must be considered for information to be efficiently exchanged in the smart home sensor network.

Low resource
In order for each sensor to securely exchange information in the smart home sensor network, it is required to establish mutual authentication and a security channel among sensors.However, most of the sensors only took size or price into account and used low-capacity chips or small batteries [26][27][28].Sensors installed in small products possess relatively low resources.Sensors with low resources are not able to perform complicated calculations for secure communication and have fewer values to preserve due to having a low storage capacity.Therefore, a lightweight scheme is required so that sensors with low resources can securely communicate.

Previous Studies on Smart Homes
In this section, previous studies related to smart home service and security are reviewed.Alessandro et al. [29] proposed a wireless architecture that estimates the presence, movements, and behaviors of elders who reside in a smart home by monitoring and managing its power.The suggested wireless architecture is a flexible wireless architecture that satisfies user acceptance and system performance through the amount of large-scale data collection and training based on the locations and behaviors of those who reside in the home.In addition, developers can access physical data without having to worry about hardware capabilities by abstracting information that has been collected from different devices through an abstraction layer of a software stack in a multi-platform environment with heterogeneous wireless devices.Therefore, service is provided from the upper layers.In addition, integrated and low-cost wireless architecture has been suggested for guaranteeing two important key points for smart homes in the future: user acceptance and low system complexity.
Vijay et al. [30] have provided network-level protections to monitor network activity and detect suspicious behaviors as a solution for privacy or security problems that snoop, or intrude, on a family's activities.This is necessary because smart home appliances, such as smoke alarms, power switches, and baby monitors, have increased exponentially.In the suggested scheme, software defined networking (SDN) that can dynamically block/quarantine devices based on the home, such as time of day, occupancy, or network activity, and it serves as a dynamic security rule.In addition, they proposed an external entity for the security management provider (SMP) that develops, customizes, and delivers extra safeguards in the network level for users' smart home devices.Therefore, they suggested a three-party architecture comprised of the SMP role, ISP/home-router-vendor role, and customer role that provide security as a service.Debraj et al. [31] proposed a system that can monitor and survey residents according to information collected from WNS in the smart home environment.They installed various sensors at home where actual residents live to monitor their behaviors through smart home sensors and to collect information for six months.The topology and connected information of each sensor was collected in the central station, and this information has been used for households and industry applications.Since this test was performed on an actual residential environment, it was feasible to collect information and analyze them in the setting that was similar to an actual service environment.It was also possible to experiment with and monitor various sensors used in the smart home.
Basma et al. [32] proposed a smart home wireless biometric smart home (WB-SH) design in the use of a wireless sensor network and biometric technologies.WB-SH uses a wireless sensor and actuator network (WSAN) that senses and performs work while operating the smart home.They also used bio-information and reinforced smart home security.In addition, they used sensors with a large amount of power in order to perform the heavy work in accordance with the location of each sensor or power supply source.

Proposed Sensor Network Topology of a Smart Home
Figure 2 shows the hierarchical topology that is suggested in this paper in consideration of the capabilities of various sensors in a smart home environment.Sensor networks in the smart home have been classified into three classes of low-, middle-, and high-class from sensors with low resources to ones with high resources for the capabilities of each sensor.Low-class sensors are the smallest and most affordable.Therefore, they are distributed the most in the smart home.Middle-class sensors are not distributed as widely as low-class sensors.In addition, high-class sensors have the highest capabilities, and one of them is placed in each smart home.These sensors do not communicate with the one that is nearest, but with the closest high-class sensors, in order to exchange information with service providers.For example, low-class sensors only communicate with the closest middle-class sensor, and middle-class sensors only communicate with the nearest low-class and high-class sensors.
Symmetry 2017, 9, 143 5 of 14 Direct communication with the service provider through an AP is only carried out by high-class sensors.Suggested techniques in this paper perform mutual authentication and key agreements, as all the sensors have PUFs, and they implement them for secure communication amongst the layers in each sensor.PUFs are a unique chip that cannot be physically copied.As such, they present a unique challenge-response value.The challenge-response value of each PUF is registered in the server's PUF DB before sensors are distributed to the field [33][34][35][36].Values that are used once are removed from the PUF's DB.Therefore, they cannot be re-used.

Proposed Protocols
A key agreement technique and a mutual authentication for our proposed lightweight hierarchical topology are divided into a provisioning phase, mutual authentication phase, and key agreement phase.In the provisioning phase, sensors in all the classes are registered in the service provider before they are distributed in a smart home.In the mutual authentication and key agreement phases, sensors in each class perform mutual authentication and a key agreement with the service providers and high-class sensors.Low-class sensors are required to go through high-class sensors to communicate with service providers.Therefore, mutual authentication and the key agreement are first performed by high-class sensors.The parameter for the proposed protocol is described in Table 1.

Proposed Protocols
A key agreement technique and a mutual authentication for our proposed lightweight hierarchical topology are divided into a provisioning phase, mutual authentication phase, and key agreement phase.In the provisioning phase, sensors in all the classes are registered in the service provider before they are distributed in a smart home.In the mutual authentication and key agreement phases, sensors in each class perform mutual authentication and a key agreement with the service providers and high-class sensors.Low-class sensors are required to go through high-class sensors to communicate with service providers.Therefore, mutual authentication and the key agreement are first performed by high-class sensors.The parameter for the proposed protocol is described in Table 1.All of the sensors are registered in the service provider in the provisioning phase, as shown in Figure 3, before they are deployed in the smart home.In the provisioning phase, it is assumed that communication between the sensor and service provider has already been secured in the provisioning phase.The number of sensor j The number of MS k The number of LS

Provisioning Phase
All of the sensors are registered in the service provider in the provisioning phase, as shown in Figure 3, before they are deployed in the smart home.In the provisioning phase, it is assumed that communication between the sensor and service provider has already been secured in the provisioning phase.

Authentication and Key Agreement Phases
Once the sensors are distributed in a smart home, high-class sensors first perform mutual authentication and a key agreement with service providers.Figure 4 shows the phase of mutual authentication and key agreement between high-class sensors and service providers.Step 1. HS generates a random number Nhs and sends it to SP with its identifier IDhs.

Authentication and Key Agreement Phases
Once the sensors are distributed in a smart home, high-class sensors first perform mutual authentication and a key agreement with service providers.Figure 4 shows the phase of mutual authentication and key agreement between high-class sensors and service providers.The number of sensor j The number of MS k The number of LS

Provisioning Phase
All of the sensors are registered in the service provider in the provisioning phase, as shown in Figure 3, before they are deployed in the smart home.In the provisioning phase, it is assumed that communication between the sensor and service provider has already been secured in the provisioning phase.

Authentication and Key Agreement Phases
Once the sensors are distributed in a smart home, high-class sensors first perform mutual authentication and a key agreement with service providers.Figure 4 shows the phase of mutual authentication and key agreement between high-class sensors and service providers.Step 1. HS generates a random number Nhs and sends it to SP with its identifier IDhs.Step 1. HS generates a random number N hs and sends it to SP with its identifier ID hs .
Step     Step 1. MSj generates a random number Nmsj and sends it to HS with its identifier IDmsj.Step 1. MS j generates a random number N msj and sends it to HS with its identifier ID msj .
Step 2. HS received with N msj from MS j generates a random number N hs and sends ID hs , ID msj , N hs , and N msj to SP.
Step Step 4. HS received with M sp−msj from SP sends C, M sp−msj , and N hs to MS j .
Step Step 7. HS received with M hs−sp from SP decrypts M hs−sp with session key SK hs−sp , and acquires ID msj , N hs , and N sp and authenticates MS j .In addition, N sp acquired by decrypting the M hs−sp is hashed, which creates the session key SK' msj−hs = h(N sp ).N msj is encrypted with the session key SK' msj−hs , while creating V msj−hs = E SK'msj−hs (N hs ).The created V msj-sp is sent to MS j .
Step 8. MS j received with V msj−sp from HS hashes N sp and creates the session key, SK msj−hs and encrypts N hs with the session key SK msj−hs to see if it is consistent with V msj−hs.Step 1. LS k generates the random number N lsk and sends ID lsk , and N lsk to MS j .
Step 2. MS j received with ID lsk , N lsk from LS k generates the random number N msj and sends ID lsk , ID msj , N lsk , and N msj to HS.
Step 3. HS received with ID lsk , ID msj , N lsk , and N msj from MS j generates the random number N hs , and sends ID hs , ID msj , ID hs , N hs , N msj , and N hs to SP.
Step 4. SP received with ID hs , ID msj , ID hs , N hs , N msj , and N hs from HS generates the random numbers N sp1 , N sp2 .In addition, it selects Challenge C from the PUF' lsk DB by computing R' = PUF' lsk (C) and producing the session key SK' lsk−sp = h(R'||N lsk ).In addition, (N lsk ||N msj ||N hs ||N sp1 ||N sp2 ) is encrypted with session key SK' lsk−sp and sends C and V sp−lsk to HS.
Step 5. HS received with C, V sp−lsk from SP sends C, V sp−lsk , and N hs to MS j .
Step 6. MS received with C, V sp−lsk , N hs from HS sends C, V sp−lsk , N hs , and N msj to LS k .
Step ) and sending M sp2 to HS.The used Challenge C and Response R' are removed from the PUF' msj DB.
Step 9. HS received with M sp2 from SP decrypts M sp2 with the session key, SK hs−sp , and acquires M sp1 , ID lsk , N hs , and N sp2 and authenticates LS k .In addition, N sp2 is hashed creating SK' lsk−hs = h(N sp2 ) and encrypting the N hs with session key SK' lsk−hs , while creating V lsk-hs =E SK'lsk−hs (N hs ).M sp1 , V lsk−hs are received by MS j .
Step 10.MS j received with M sp1 , V lsk−hs from HS decrypts M sp1 with the session key SK msj−sp , and acquires ID lsk , N msj, and N sp1 and authenticates LS k .In addition, N sp1 is hashed, which creates the session key SK' lsk−msj = h(N sp1 ), encrypts N msj with the session key SK' lsk−msj , and creates V lsk−msj = E SK'lsk−hs (N msj ).V lsk−msj and V lsk−hs are received by MS j .
Step 11.LS k received with V lsk−msj , V lsk−hs from MS j hashes N sp1 creating the session key SK lsk−msj = h(N sp1 ), encrypts N msj with the session key SK lsk−msj , and encrypts N hs with the session key SK lsk−hs to see if it is identical with V lsk−hs .

Security Analysis
Suggested techniques have classified each of the sensors into three classes depending on the capabilities of computing ability and battery life, while constituting a hierarchical topology and performing the mutual authentication and key agreement phases amongst sensors and between the sensor and service provider.In addition, our suggested techniques are secure against keys being leaked, forward secrecy, eavesdropping, and replay attacks by malicious attackers, and they are highly secure and efficient compared to other methods.Therefore, they support the row resource sensor environment.

Performance Analysis
Table 2 shows whether our proposed method, and other existing schemes, support the topology for ESNs, whether they are designed to address security while taking the low resources of the device Symmetry 2017, 9, 143 10 of 14 with small computing power and battery life into account, and whether different sensor performances are also considered.

Topology for ESNs in Smart Homes:
The suggested topology for ESNs in smart homes has been classified into three classes depending on the capability of the sensors to be installed in the home to constitute the hierarchical topology.Sensors in each layer tend to have a shorter communication distance and perform fewer computing calculations in descending order from high-to low-class.Therefore, it has solved the issue of inefficiency in previous sensor networks which only communicated with adjacent sensors without considering sensor capability, while making topology control easier by designating the targets that are to be communicated with in the sensors in each layer.
Different Sensor Performances: Due to the development of IoT technology, various sensors have been developed, and these sensors have been distributed and used in a smart home environment with diverse capabilities.In order to efficiently utilize the various capabilities of sensors, we classified our proposed authentication techniques into three layers depending on their capabilities.Sensors with lower resources were designed to perform fewer computing calculations and consume less memory space than those with higher resources.For example, low-class sensors are made up of one sensor with relatively high resources and a security channel.However, high-class sensors communicate with multiple sensors with low security resources by differentiating the distribution of calculations in each class.
Low Resources: Most of the sensors in a smart home tend to have a relatively low computing ability or power than existing computing devices.Therefore, security techniques used in the existing computing devices are not appropriate.Our technique considers the low resources of sensors by utilizing PUFs for establishing mutual authentication and a security channel.In addition, a secret value needed to establish a security channel was minimally required for small storage space in a sensor.

Security Analysis
Table 3 shows how secure our proposed method and other existing schemes are against various security threats.Leaked Key: Sensors in each class share a session key with service providers and the sensors of other classes in order to establish a security channel with the service provider.When each sensor shares a session key with a service provider, the Response R value of the PUFs registered in the service provider in advance is used.PUFs have a unique challenge-response value.Therefore, it is not possible to infer a session key between a sensor and service provider.When sharing a session key among sensors in other classes, each sensor shares the secret value for creating a session key through a security channel that has been established with the service provider.This makes it possible to prevent malicious attackers from hacking the key.
Forward Secrecy: Malicious attackers might attempt to steal the current session key used in the communication between the sensor and service provider or amongst sensors and restore the information exchanged in the past by inferring previous session keys.However, sensors in each class establish a security channel with the service provider.The session key used at this time utilizes a unique response value of PUFs that is not re-used.Therefore, it is not possible to infer a past session key with the current session key.In addition, since the current session key amongst sensors is created by a secret value generated randomly by the service provider, it is not possible to infer a past session key even if the current session key is stolen.
Mutual Authentication: Each sensor in the smart home environment is required to establish a security channel through mutual authentication to securely exchange information.Our technique uses PUFs in each sensor to perform mutual authentication with the service provider and, through the service provider, in the communication amongst the three suggested layer-based classes.Therefore, it is possible to establish a security channel.
Eavesdropping: Malicious attackers eavesdrop on the information exchanged between a smart home sensor and service provider or amongst sensors in the smart home.They steal sensitive information or use it for malicious purposes.With our proposed technique, the information exchanged in plain text only includes the Challenge C value that is not re-used, the ID of the sensor and the service provider, and the random number created by each sensor and service provider.Therefore, malicious attackers cannot steal important information through eavesdropping.In addition, our technique is secure against forward secrecy and keys being leaked.Therefore, it is not possible to acquire information from an encrypted message.
Replay Attack: Information exchanged in plain text amongst sensors, or between the sensor and service provider, can be stolen by malicious attackers and used for a replay attack.However, our technique uses the challenge-response system of PUFs that cannot be re-used.Therefore, it is not possible to re-use an authentication message between the sensor and service provider.In addition, an authentication message among devices in each class uses a random value, which makes a replay attack impossible.

Computing Resource Analysis
Table 4 provides the computing resource analysis when low-class sensors, middle-class sensors, a high-class sensor, and a service provider were applied in the provisioning phase and authentication and key agreement phases in our proposed technique.It is assumed that the number of low-class sensors is K, the number of middle-class sensors is J, and the number of sensors connected to each middle-class sensors is k (k < K).The number of low-class sensors, K, was assumed to be greater than the number of middle-class sensors, J (J < K).The low-class sensor with the lowest computing power in the classes and SP do not perform complicated computations.They only compute PUFs() n times in the initial registration procedures the most.A middle-class sensor with mid-computing power only performs the calculation k times more than a low-class sensor, except for PUFs() computation.In addition, a high-class sensor and service provider are equipped with enough computing resources and perform more calculations than low-and middle-class sensors.In addition, the most complicated calculation is for decryption in the use of the matching key, which is mostly by the high-class sensor and SP.Calculation was dispersed in the order of low-class sensor, middle-class sensor, high-class sensor, and SP depending on computing resources.Mutual authentication and the security channel were established with the minimum number of calculations.

Storage Resource Analysis
Table 5 provides the analysis of storage resources, which are required in the provisioning phase and authentication and key agreement phase in our technique.Each of the sensors and service providers have DI, Challenge C, Response R, session key (SK), message (M), verification value (V), and a random number (N) for each phase.A low-class sensor with the lowest storage capacity has the smallest ID as it possesses its own ID, higher-class IDs, and the IDs of the SP.High-class sensors have the additional IDs of lower-class sensors that require a greater storage capacity.SP has the IDs of all the sensors.Sensors in each class, except for SP, compute PUFs() for mutual authentication by saving one Challenge C and one Response R. SP possesses Challenge C and Response R in all the sensors.SK is required in each communication interval.Therefore, low-class sensors only save the three session keys needed for communication with high-class sensors.High-class sensors and service providers possess the additional session keys needed for communication with low-class sensors.High-class sensors and service providers store more of the message (M), verification value (V), and random number (N) due to there being more targets to communicate with than low-class sensors.Storage resources were allocated in the order of low-class sensor, middle-class sensor, high-class sensor, and SP, depending on the capacity of the storage resource.Low-class sensors with the smallest amount of storage resources are equipped with the minimum amount of storage capacity.

Conclusions
A smart home is a form of technology that can collect and analyze the information of those who reside there by using various sensors and emerging technologies.Emerging technologies have been combined with IoT, which has resulted in creating smart home service as a new field of ESNs.As such, various companies and research institutions around the world have been proceeding with research and development.Most of the sensors in this service are equipped with low-power and low-computing ability.Therefore, it is very important to deliver sensing information without placing a burden on the sensor, which is why topology control is required.In this study, sensors with low resources and sensors with diverse capabilities operating in the smart home were considered and classified into low-, middle-, and high-class, depending on their ability to constitute the hierarchical topology.Therefore, in this study, we have proposed a technique for ensuring secure communication, and consuming low computing and storage resources with PUF while efficiently utilizing the abilities of the sensors.In addition, our technique has been evaluated to be secure against various security

Figure 1 .
Figure 1.Existing topology in a smart home sensor network.

Figure 1 .
Figure 1.Existing topology in a smart home sensor network.
Symmetry 2017, 9, 143 5 of 14 closest middle-class sensor, and middle-class sensors only communicate with the nearest low-class and high-class sensors.Direct communication with the service provider through an AP is only carried out by high-class sensors.Suggested techniques in this paper perform mutual authentication and key agreements, as all the sensors have PUFs, and they implement them for secure communication amongst the layers in each sensor.PUFs are a unique chip that cannot be physically copied.As such, they present a unique challenge-response value.The challenge-response value of each PUF is registered in the server's PUF DB before sensors are distributed to the field[33][34][35][36].Values that are used once are removed from the PUF's DB.Therefore, they cannot be re-used.

Figure 2 .
Figure 2. Proposed hierarchical topology in a smart home sensor network.

Figure 2 .
Figure 2. Proposed hierarchical topology in a smart home sensor network.

Figure 3 .
Figure 3. Sensor provisioning phase.Step 1. Sensori sends their IDi to SP. Step 2. SP confirms ID received from Sensori and generates n challenge values to create PUFi DB in the Sensori and sends them to Sensori.Step 3. Sensori received Challenge C1…n from SP and computes Response R1…n in correspondence with C1…n by using the PUFi chip that it owns and sends them to SP. Step 4. SP received with Response R1…n from Sensori maps C1…n and Response R1…n in 1:1 and stores them in the PUFi DB for a challenge-response with Sensori in the future.

Figure 4 .
Figure 4. Authentication and key agreement phase for a high-class sensor.

Figure 3 .
Figure 3. Sensor provisioning phase.Step 1. Sensori sends their IDi to SP. Step 2. SP confirms ID received from Sensori and generates n challenge values to create PUFi DB in the Sensori and sends them to Sensori.Step 3. Sensori received Challenge C1…n from SP and computes Response R1…n in correspondence with C1…n by using the PUFi chip that it owns and sends them to SP. Step 4. SP received with Response R1…n from Sensori maps C1…n and Response R1…n in 1:1 and stores them in the PUFi DB for a challenge-response with Sensori in the future.

Figure 4 .
Figure 4. Authentication and key agreement phase for a high-class sensor.

Figure 4 .
Figure 4. Authentication and key agreement phase for a high-class sensor.

Step 3 .
2. SP received with N hs and ID hs from HS generates the random number N sp and selects Challenge C from the PUF' hs DB that is relevant to ID hs .In addition, it computes the Response R' value corresponding to Challenge C from PUF' hs (C) and hashes (R'||N hs ) to create session key SK' hs−sp = h(R'||N hs ).Then, SP connects the N hs received from HS and N sp to compute V sp−hs = E SK'hs−sp (N hs ||N sp ) the value that is encrypted with SK' hs−sp and sends SK' hs−sp to Hs. HS received with C, N sp , V sp−hs from SP computes PUF hs (C) and the R value and connects R and N hs to hash them and create the session key, SK hs-sp = h(R'||N hs ).If the V sp−hs received from HS is identical with the encrypted value with SK hs−sp in connection with N sp and N hs , HS authenticates SP.In addition, the verification value, V hs−sp = D SKhs−sp (C), is calculated by encrypting the C received from SP with SK hs−sp and is sent to SP. Step 4. SP received with V hs−sp from HS encrypts C with SK' hs−sp , and if E SK'hs−sp (C) is consistent with V hs−sp , HS is authenticated.In addition, the used Challenge C and Response R' values are removed from the PUF' hs DB.

Figure 5
Figure5shows the mutual authentication and key agreement phases between a middle-class sensor and a service provider, and between a middle-class sensor and a high-class sensor.

Step 2 .
SP received with Nhs and IDhs from HS generates the random number Nsp and selects Challenge C from the PUF'hs DB that is relevant to IDhs.In addition, it computes the Response R' value corresponding to Challenge C from PUF'hs(C) and hashes (R'||Nhs) to create session key SK'hs−sp = h(R'||Nhs).Then, SP connects the Nhs received from HS and Nsp to compute Vsp−hs = ESK'hs−sp(Nhs||Nsp) the value that is encrypted with SK'hs−sp and sends SK'hs−sp to Hs. Step 3. HS received with C, Nsp, Vsp−hs from SP computes PUFhs(C) and the R value and connects R and Nhs to hash them and create the session key, SKhs-sp = h(R'||Nhs).If the Vsp−hs received from HS is identical with the encrypted value with SKhs−sp in connection with Nsp and Nhs, HS authenticates SP.In addition, the verification value, Vhs−sp = DSKhs−sp(C), is calculated by encrypting the C received from SP with SKhs−sp and is sent to SP. Step 4. SP received with Vhs−sp from HS encrypts C with SK'hs−sp, and if ESK'hs−sp(C) is consistent with Vhs−sp, HS is authenticated.In addition, the used Challenge C and Response R' values are removed from the PUF'hs•DB.

Figure 5
Figure5shows the mutual authentication and key agreement phases between a middle-class sensor and a service provider, and between a middle-class sensor and a high-class sensor.

Figure 5 .
Figure 5. Authentication and key agreement phase for a middle-class sensor.

Step 2 .
HS received with Nmsj from MSj generates a random number Nhs and sends IDhs, IDmsj, Nhs, and Nmsj to SP. Step 3. SP received with IDhs, IDmsj, Nhs, and Nmsj from HS generates a random number Nsp and selects Challenge C from the PUF'msj DB.In addition, R' is computed from PUF'msj(C), which creates the session key SK'msj−sp from h(R'||Nmsj).In addition, (Nmsj||Nhs||Nsp) is encrypted with session key SK'msj−sp and sends Msp-msj = ESK'msj−sp(Nmsj||Nhs||Nsp) with C to HS.

Figure 5 .
Figure 5. Authentication and key agreement phase for a middle-class sensor.

3 .
SP received with ID hs , ID msj , N hs , and N msj from HS generates a random number N sp and selects Challenge C from the PUF' msj DB.In addition, R' is computed from PUF' msj (C), which creates the session key SK' msj−sp from h(R'||N msj ).In addition, (N msj ||N hs ||N sp ) is encrypted with session key SK' msj−sp and sends M sp-msj = E SK'msj−sp (N msj ||N hs ||N sp ) with C to HS.

Figure 6 14 Step 4 .
Figure6shows the mutual authentication and key agreement phases between a low-class sensor and service provider, between a low-class sensor and middle-class sensor, and between a low-class sensor and high-class sensor.

Figure 6
Figure6shows the mutual authentication and key agreement phases between a low-class sensor and service provider, between a low-class sensor and middle-class sensor, and between a low-class sensor and high-class sensor.

Figure 6 .
Figure 6.Authentication and key agreement phase for a low-class sensor.Figure 6. Authentication and key agreement phase for a low-class sensor.

Figure 6 .
Figure 6.Authentication and key agreement phase for a low-class sensor.Figure 6. Authentication and key agreement phase for a low-class sensor.
HS and SP are authenticated.In addition, V msj−sp = E SKmsj−sp (C||N sp ) is created by encrypting (C||N sp ) with the session key SK msj−sp and sends V msj−sp to SP through HS.Step 6. SP received with V msj−sp from MS j through HS encrypts(C||N sp ) with the session key SK' msj−sp .If E SK'msj−sp (C||N sp ) is consistent with V msj−sp , MS j is authenticated.In addition, (ID msj ||N hs ||N sp ) is encrypted with the session key, SK' hs−sp and sends M hs−sp = E SK'hs−sp (ID msj ||N hs ) to HS.The used Challenge C and Response R' are removed from PUF' msj DB.
5. MS j received with C, M sp−msj , N hs from HS computes R = PUF msj (C) and creates session key SK msj-sp = h(R||N msj ).N msj , N hs , and N sp are acquired after decrypting M sp−msj with session key SK msj−sp , and if N hs , which is received in plain text, is identical with N hs acquired through 7. LS k received with C, V sp−lsk , N hs , and N msj from MS j hashes R and N lsk acquired by computing R = PUF lsk (C) and creates the session key SK lsk−sp = h(R||N lsk ).In addition, M sp1 is decrypted by SK lsk−sp while acquiring N lsk , N msj , N hs , N sp1 , and N sp2 .If N hs and N msj acquired by decrypting N hs , N msj and M sp1 are identical, MS , HS, and SP are authenticated.(C||N sp1 ||N sp2 ) is encrypted with the session key SK lsk-sp , which creates the V lsk-sp =E SKmsj−sp (C||N sp1 ||N sp2 ) and sends V lsk−sp to SP through MS j and HS.Step 8. SP received with V lsk−sp through MS j and HS from LS k encrypts (C||N sp1 ||N sp2 ) with SK' lsk−sp and authenticates LS k if E SK'lsk−sp (C||N sp1 ||N sp2 ) and V lsk−sp are identical.In addition, (ID lsk ||N msj ||N sp1 ) is encrypted with the session key SK' hs−sp , creating M sp1 = E SK'msj−sp (ID lsk ||N msj ||N sp1 ), and (M sp1 ||ID lsk ||N hs ||N sp2 ) is encrypted with the session key SK' hs−sp creating M sp2 = E SK'hs−sp (M sp1 ||ID lsk ||N hs ||N sp2

Table 2 .
Comparative performance analysis between smart home schemes.

Table 3 .
Comparative security analysis between sensor schemes.

Table 4 .
Comparative computing resource analysis between communication objects.

Table 5 .
Comparative storage resource analysis between communication objects.