TLS Early Data Resistance to Replay Attacks in Wireless Internet of Things

Transport Layer Security (TLS) is widely used for user authentication and encrypted data transmission in all kinds of networks. In its newly published version, TLS 1.3, a 0- RTT handshake protocol is proposed for session resumptions in low delay networks, which makes it possible to secure the data transmission and protect users from being monitored in wireless Internet of Things (IoTs). However, the 0-RTT TLS handshake protocol is vulnerable to the replay attack. In this paper, we propose a Time-Based One-Time Password (TOTP) empowered TLS encryption algorithm to resist replay attacks during the handshake process, in which we propose to integrate the TOTP into the encryption process of the EarlyData. It can significantly improve the forward secrecy of the 0-RTT handshake protocol and its capacity to resist the replay attack. On the other hand, we make no changes to the interaction process of the standardized 0- RTT handshake protocol to guarantee the compatibility of our proposed scheme, which makes our proposed scheme suitable for large area wireless IoTs. Simulation results show that under the premise of choosing an appropriate TOTP update rate, our proposed scheme can effectively resist replay attacks while ensuring the processing efficiency of the system.