As an Internet of things (IoT) technology, the ZigBee has a wide range of applications in home automation, smart energy, commercial building automation, personal, home and hospital care, telecom, and wireless sensor. The ZigBee standard has the advantage of high reliability, which is based on the security of authentication key agreement protocol, namely, the SKKE protocol. In the ZigBee standard, this protocol based on shared symmetric-key is applied on the security protocol level. It is a full symmetric-key key agreement with key confirmation scheme, while the key confirmation mechanism is provided by a message authentication coding mechanism. In this paper, we consider the security of the SKKE protocol. In the random Oracle model, we reduce the security of the SKKE protocol to the collision of the hash function and the HMAC function and the indistinguishability between the output of the random Oracle and a random number. We also give a theoretical proof with the game-based method. To our knowledge, there is no research on the provable security of the ZigBee protocol at this stage, so it is helpful to promote further research of the ZigBee protocol security.
Security and Privacy for Edge-Assisted Internet of Things Security Proof for the SKKE Protocol
