nach oben

The Journal of Supercomputing

Erschienen in:

07.05.2020

A lightweight remote user authentication scheme for IoT communication using elliptic curve cryptography

Erschienen in: The Journal of Supercomputing | Ausgabe 2/2021

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Internet of things (IoT) has become a new era of communication technology for performing information exchange. With the immense increment of usage of smart devices, IoT services become more accessible. To perform secure transmission of data between IoT network and remote user, mutual authentication, and session key negotiation play a key role. In this research, we have proposed an ECC-based three-factor remote user authentication scheme that runs in the smart device and preserves privacy, and data confidentiality of the communicating user. To support our claim, multiple cryptographic attacks are analyzed and found that the proposed scheme is not vulnerable to those attacks. Finally, the computation and communication overheads of the proposed scheme are compared with other existing protocols to confirm that the proposed scheme is lightweight. A formal security analysis using AVISPA simulation tool has been done that confirms the proposed scheme is robust against relevant security threats.

Vorheriger Artikel MDSbSP: a search protocol based on MDS codes for RFID-based Internet of vehicle

Nächster Artikel Augmented reality for dental implant surgery: enhanced ICP

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Ahmed MR, Huang X, Sharma D, Cui H (2012) Wireless sensor network: characteristics and architectures. Int J Electr Comput Energ Electron Commun Eng 6(12):1398–1401

Henze M, Hermerschmidt L, Kerpen D, Häußling R, Rumpe B, Wehrle K (2016) A comprehensive approach to privacy in the cloud-based Internet of Things. Future Gener Comput Syst 56:701–718

Jing Q, Vasilakos VA, Wan J, Lu J, Qiu D (2014) Security of the Internet of Things: perspectives and challenges. Wirel Netw 20(8):2481–2501

Li L (2012) Study on security architecture in the Internet of Things. In: 2012 International Conference on Measurement, Information and Control (MIC), vol 1. IEEE, pp 374–377

Wu F, Xu L, Kumari S, Li X, Shen J, Choo KKR, Das AK (2017) An efficient authentication and key agreement scheme for multi-gateway wireless sensor networks in IoT deployment. J Netw Comput Appl 89:72–85

Amin R, Kumar N, Biswas GP, Iqbal R, Chang RV (2018) A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment. Future Gener Comput Syst 78:1005–1019

Atzori L, Iera A, Morabito G (2010) The internet of things: a survey. Comput Netw 54(15):2787–2805MATH

Jiang Q, Wei F, Fu S, Ma J, Li G, Alelaiwi A (2016) Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy. Nonlinear Dyn 83(4):2085–2101MathSciNetMATH

Wazid M, Das AK, Odelu V, Kumar N, Conti M, Jo M (2018) Design of secure user authenticated key management protocol for generic iot networks. IEEE Internet of Things J 5(1):269–282

10.

Das AK, Goswami A (2015) A robust anonymous biometric-based remote user authentication scheme using smart cards. J King Saud Univ Comput Inf Sci 27(2):193–210

11.

Kumari S, Li X, Wu F, Das AK, Arshad H, Khan MK (2016) A user friendly mutual authentication and key agreement scheme for wireless sensor networks using chaotic maps. Future Gener Comput Syst 63:56–75

12.

Souissi I, Azzouna NB, Said LB (2019) A multi-level study of information trust models in WSN-assisted IoT. Comput Netw 151:12–30

13.

Weber RH (2010) Internet of Things-New security and privacy challenges. Comput Law Secur Rev 26(1):23–30

14.

Gubbi J, Buyya R, Marusic S, Palaniswami M (2013) Internet of Things (IoT): a vision, architectural elements, and future directions. Future Gener Comput Syst 29(7):1645–1660

15.

Chang E, Thomson P, Dillon T, Hussain F (2005) The fuzzy and dynamic nature of trust. In: International Conference on Trust, Privacy and Security in Digital Business. Springer, Berlin, pp 161–174

16.

Yan Z, Zhang P, Vasilakos AV (2014) A survey on trust management for Internet of Things. J Netw Comput Appl 42:120–134

17.

Xue K, Ma C, Hong P, Ding R (2013) A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. J Netw Comput Appl 36(1):316–323

18.

Wang D, Zhang X, Zhang Z, Wang P (2020) Understanding security failures of multi-factor authentication schemes for multi-server environments. Comput Secur 88:101619

19.

Sood SK, Sarje AK, Singh K (2010) An improvement of Wang et al.’s authentication scheme using smart cards. In: 2010 National Conference on Communications (NCC). IEEE, pp 1–5

20.

Song R (2010) Advanced smart card based password authentication protocol. Comput Standards Interfaces 32(5–6):321–325

21.

Chen TH, Hsiang HC, Shih WK (2011) Security enhancement on an improvement on two remote user authentication schemes using smart cards. Future Gener Comput Syst 27(4):377–380

22.

Kumari S, Khan MK (2014) Cryptanalysis and improvement of ‘a robust smart-card-based remote user password authentication scheme’. Int J Commun Syst 27(12):3939–3955

23.

Mishra D, Das AK, Chaturvedi A, Mukhopadhyay S (2015) A secure password-based authentication and key agreement scheme using smart cards. J Inf Secur Appl 23:28–43

24.

Sharma G, Kalra S (2018) A lightweight multi-factor secure smart card based remote user authentication scheme for cloud-IoT applications. J Inf Secur Appl 42:95–106

25.

Porambage QP, Schmitt C, Kumar P, Gurtov A, Ylianttila M (2014) Two-phase authentication protocol for wireless sensor networks in distributed IoT applications. In: Proceedings of IEEE Wireless Communications and Networking Conference (WCNC), Istanbul, Turkey, pp 2728–2733

26.

Turkanović M, Brumen B, Hölbl M (2014) A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Netw 20:96–112

27.

Amin R, Biswas GP (2016) A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Netw 36:58–80

28.

Kalra S, Sood SK (2015) Secure authentication scheme for IoT and cloud servers. Pervasive Mob Comput 24:210–223

29.

Kumari S, Karuppiah M, Das AK, Li X, Wu F, Kumar N (2018) A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers. J Supercomput 74(12):6428–6453

30.

Chang C-C, Le H-D (2016) A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Trans Wirel Commun 15(1):357–366MathSciNet

31.

Dhillon PK, Kalra S (2017) A lightweight biometrics based remote user authentication scheme for IoT services. J Inf Secur Appl 34:255–270

32.

Souri A, Norouzi M (2019) A state-of-the-art survey on formal verification of the internet of things applications. J Serv Sci Res 11(1):47–67

33.

Challa S, Wazid M, Das AK, Kumar N, Reddy AG, Yoon EJ, Yoo KY (2017) Secure signature-based authenticated key establishment scheme for future IoT applications. IEEE Access 5:3028–3043

34.

Fakroon M, Alshahrani M, Gebali F, Traore I (2020) Secure remote anonymous user authentication scheme for smart home environment. Internet of Things, p 100158

35.

Hussain K, Jhanjhi NZ, Mati-ur-Rahman H, Hussain J, Islam MH (2019) Using a systematic framework to critically analyze proposed smart card based two factor authentication schemes. J King Saud Univ Comput Inf Sci 2019

36.

Shuai M, Yu N, Wang H, Xiong L (2019) Anonymous authentication scheme for smart home environment with provable security. Comput Secur 86:132–146

37.

Hankerson D, Menezes AJ, Vanstone S (2006) Guide to elliptic curve cryptography. Springer, BerlinMATH

38.

Kapoor V, Abraham VS, Singh R (2008) Elliptic curve cryptography. Ubiquity 20:7

39.

Koblitz N (2000) Towards a quarter-century of public key cryptography. Kluwer Academic, DordrechtMATH

40.

Miller VS (1985) Use of elliptic curves in cryptography. In: Conference on the Theory and Application of Cryptographic Techniques. Springer, Berlin, pp 417–426

41.

Stallings W (2006) Cryptography and network security: principles and practices. Pearson Education India

42.

Ray S, Biswas GP (2012) Establishment of ECC-based initial secrecy usable for IKE implementation. In: Proceedings of World Congress on Expert Systems (WCE)

43.

Ray S, Biswas GP (2011) Design of mobile-PKI for using mobile phones in various applications. In: 2011 International Conference on Recent Trends in Information Systems (ReTIS). IEEE, pp 297–302

44.

Ray S, Biswas GP (2012) An ECC based public key infrastructure usable for mobile applications. In: Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology. ACM, pp 562–568

45.

Ray S, Biswas GP, Dasgupta M (2016) Secure multi-purpose mobile-banking using elliptic curve cryptography. Wirel Pers Commun 90(3):1331–1354

46.

Paar C, Pelzl J (2009) Understanding cryptography: a textbook for students and practitioners. Springer, BerlinMATH

47.

Guajardo J, Paar C (1997) Efficient algorithms for elliptic curve cryptosystems. In: Annual International Cryptology Conference. Springer, Berlin, pp 342–356

48.

Moon AH, Iqbal U, Bhat GM (2016) Mutual entity authentication protocol based on ECDSA for WSN. Proc Comput Sci 89:187–192

49.

Lynn B (2007) On the implementation of pairing-based cryptosystems (Doctoral dissertation, Stanford University)

50.

Kilinc HH, Yanik T (2014) A survey of SIP authentication and key agreement schemes. IEEE Commun Surv Tutor 16(2):1005–1023

51.

He D, Gao Y, Chan S, Chen C, Bu J (2010) An enhanced two-factor user authentication scheme in wireless sensor networks. Ad hoc Sens Wirel Netw. 10(4):361–371

52.

Hernández-Ramos JL, Moreno MV, Bernabé JB, Carrillo DG, Skarmeta AF (2015) SAFIR: secure access framework for IoT-enabled services on smart buildings. J Comput Syst Sci 81(8):1452–1463MathSciNet

53.

Viganò L (2006) Automated security protocol analysis with the AVISPA tool. Electron Notes Theor Comput Sci 155:61–86

54.

Reddy G, Das AK, Yoon E, Yoo K (2016) A secure anonymous authentication protocol for mobile services on elliptic curve cryptography. IEEE Access 4:4394–4407

55.

Islam SKH, Amin R, Biswas GP, Farash MS, Li X, Kumari S (2017) An improved three party authenticated key exchange protocol using hash function and elliptic curve cryptography for mobile-commerce environments. J King Saud Univ Comput Inf Sci 29(3):311–324

Titel: A lightweight remote user authentication scheme for IoT communication using elliptic curve cryptography
Publikationsdatum: 07.05.2020
Erschienen in: The Journal of Supercomputing / Ausgabe 2/2021
Print ISSN: 0920-8542
Elektronische ISSN: 1573-0484
DOI: https://doi.org/10.1007/s11227-020-03318-7

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Weitere Artikel der Ausgabe 2/2021

DeepFakE: improving fake news detection using tensor decomposition-based deep neural network

Applying the swept rule for solving explicit partial differential equations on heterogeneous computing systems

Optimal demultiplexer unit design and energy estimation using quantum dot cellular automata

Adoption of human metabolic processes as Data Quality Based Models

An adaptive failure recovery mechanism based on asymmetric routing for data center networks

Augmented reality for dental implant surgery: enhanced ICP