A Decentralized and Lightweight Group Key Management Scheme For Iot Using Hybrid Rekeying

The widespread adoption of Internet of Things (IoT) devices in large-scale networks necessitates efficient and secure communication among group members. Group Key Management (GKM) mechanisms are commonly employed in such environments to secure group communications. However, most existing approaches either rely on a centralized entity to manage and rekey the group key, introducing a single point of failure and high overhead, or distribute key management among members using blockchain and asymmetric cryptography. Although these solutions remove the single point of failure, they often incur high computational and energy costs unsuitable for resource-constrained IoT devices. In this paper, we propose a decentralized and lightweight group key management scheme for IoT environments based on a hybrid rekeying mechanism. The proposed approach delegates key management across multiple controller layers to balance the workload and avoid overloading a single entity. It combines PRF-based local key derivation with the Logical Key Hierarchy (LKH) to enable efficient key updates, supporting zero-communication rekeying for join operations and reducing overhead through efficient seed renewal. Security analysis shows that the scheme preserves forward and backward secrecy and resists collusion attacks, while communication complexity analysis demonstrates its efficiency and scalability for large-scale IoT deployments.