nach oben

Innovations in Systems and Software Engineering

Erschienen in:

02.08.2023 | Review Article

An improved authentication and key management scheme for hierarchical IoT network using elliptic curve cryptography

verfasst von: Uddalak Chatterjee, Sangram Ray, Dipanwita Sadhukhan, Mou Dasgupta

Erschienen in: Innovations in Systems and Software Engineering | Ausgabe 3/2023

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Internet of Things (IoT) is one of the dominant research topics in recent era. With the advent of Industrial IoT, smart grid, smart home, IoT in Health services that attracts a lot of interest whereas the security of IoT devices attract major concern. Hierarchical IoT Network (HIoTN) consists of various different nodes like gateway, sensor devices and cluster heads connected to each other that provides user an organized hierarchy to use. The user must be able to access information in real-time from the sensor nodes and the messages sent by either sensor nodes or the user through gateway must be protected from malicious users. To provide security in this generic hierarchical IoT network, a scheme is proposed by Wazid et al. that demonstrates a model for secure transmission of messages within the HIoTN system. Wazid et al. proposed the UAKMP model to preserve information security using three-factor (smartcard, password and biometrics) authentication protocol. After analyzing the Wazid et al. scheme it can be determined that the said method is prone to security threats like flooding attack, it is susceptible to attacks such as the stolen verifier, node capture attack, clock synchronization problem, impersonation attack and forward secrecy is not preserved. This work proposes an enhanced authentication and key management system for HIoTN utilizing elliptic curve cryptography to address these security flaws. The proposed system is then examined in light of all pertinent recent attacks, in addition to that an informal as well as formal security investigation is used to demonstrate its safekeeping against such attacks. Additionally, the communication and computation overheads of our suggested method are compared to those of Wazid et al. and other analogous schemes, demonstrating that it produces the best results.

Nächster Artikel Efficiency of oversampling methods for enhancing software defect prediction by using imbalanced data

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Gokhale P, Bhat O, Bhat S (2018) Introduction to IOT. Int Adv Res J Sci Eng Technol 5(1):41–44

Ezechina MA, Okwara KK, Ugboaja CAU (2015) The internet of things: a scalable approach to connecting everything. Int J Eng Sci 4(1):9–12

Kaur S, Singh I (2016) A survey report on internet of things and applications. Int J Comput Sci Trends Technol 4(2):330

Ray S, Biswas GP, Dasgupta M (2016) Secure multi-purpose mobile-banking using elliptic curve cryptography. Wireless Pers Commun 90(3):1331–1354CrossRef

Challa S, Wazid M, Das AK, Kumar N, Reddy AG, Yoon EJ, Yoo KY (2017) Secure signature-based authenticated key establishment scheme for future IoT applications. IEEE Access 5:3028–3043CrossRef

Wazid M, Das AK, Odelu V, Kumar N, Conti M, Jo M (2017) Design of secure user authenticated key management protocol for generic IoT networks. IEEE Internet Things J 5(1):269–282CrossRef

Das AK, Sharma P, Chatterjee S, Sing JK (2012) A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. J Netw Comput Appl 35(5):1646–1656CrossRef

Chatterjee U, Ray.S, (2021) “Cryptanalysis of an authentication and key management scheme in context of generic hierarchical IoT Network. In: Buyya R, De D (eds) Jyotsna Kumar Mandal. International conference on Advanced computing and applications. Singapore, Springer Singapore, pp 13–26

Kahvazadeh S, Souza VB, Masip-Bruin X, Marn-Tordera E, Garcia J, Diaz R. (2017, April). Securing combined fog-to-cloud system through SDN approach. In Proceedings of the 4th Workshop on Cross Cloud Infrastructures & Platforms (pp. 1–6).

10.

Xiong H, Choo KKR, Vasilakos AV (2017) Revocable identity-based access control for big data with verifiable outsourced computing. IEEE Trans Big Data 25:1–3

11.

Gayoso Martinez V., Hernandez Encinas L. and Sanchez Avila C (2009) Elliptic Curve Cryptography Java Platform Implementations. Proceedings of the International Conference on Information Technologies (InfoTech-2009), Bulgaria, Vol.1.

12.

Huifang H, Xinshen J, Guangqiang L (2008) A novel access authentication scheme based on ECC for 3G-WLAN interworking network. Int Conf Comput Sci Softw Eng 5:1237–1241

13.

Leelavathy SR, Prathima C, Revanath CV. (2018) Implementation of RSA Algorithm Using Fog-to-Cloud Computing, ISSN(Online): 2347–2820, Vol. 6, Issue1–2,.

14.

Ray S, Biswas GP (2012). Establishment of ECC-based initial secrecy usable for IKE implementation. In Proceedings of the World Congress on Engineering (Vol. 1).

15.

Ghani A, Mansoor K, Mehmood S, Chaudhry SA, Rahman AU, NajmusSaqib M (2019) Security and key management in IoT-based wireless sensor networks: an authentication protocol using symmetric key. Int J Commun Syst 32(16):e4139CrossRef

16.

Gope P, Hwang T (2016) A realistic lightweight anonymous authentication protocol for securing real-time application data access in wireless sensor networks. IEEE Trans Industr Electron 63(11):7124–7132CrossRef

17.

Lee J, Yu S, Park K, Park Y, Park Y (2019) Secure three-factor authentication protocol for multi-gateway IoT environments. Sensors 19(10):2358. https://doi.org/10.3390/s19102358CrossRef

18.

Banerjee S, Odelu V, Das AK, Srinivas J, Kumar N, Chattopadhyay S, Choo KKR (2019) A provably secure and lightweight anonymous user authenticated session key exchange scheme for Internet of Things deployment. IEEE Internet Things J 6(5):8739–8752CrossRef

19.

Azrour M, Mabrouki J, Guezzaz A, Farhaoui Y (2021) New enhanced authentication protocol for internet of things. Big Data Min Analy 4(1):1–9CrossRef

20.

Fang D, Qian Y, Hu RQ (2020) A flexible and efficient authentication and secure data transmission scheme for IoT applications. IEEE Internet Things J 7(4):3474–3484CrossRef

21.

Srinivas J, Das AK, Wazid M, Vasilakos AV (2020) Designing secure user authentication protocol for big data collection in IoT-based intelligent transportation system. IEEE Internet Things J 8(9):7727–7744CrossRef

22.

Ali Z, Chaudhry SA, Mahmood K, Garg S, Lv Z, Zikria YB (2021) A clogging resistant secure authentication scheme for fog computing services. Comput Netw 185:107731CrossRef

23.

Chatterjee U, Ray S, Khan MK, Dasgupta M, Chen CM (2022) An ECC-based lightweight remote user authentication and key management scheme for IoT communication in context of fog computing. Computing 104:1359CrossRef

24.

Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208MathSciNetCrossRefMATH

25.

Miller VS (1985) Use of elliptic curves in cryptography. Conference on the theory and application of cryptographic techniques. Springer Berlin Heidelberg, Berlin, Heidelberg, pp 417–426

26.

Koblitz N (1987) Elliptic curve cryptosystems. Math Comput 48(177):203–209MathSciNetCrossRefMATH

27.

Aleksander Jurisic, Alfred J. (1998) Menezes, “Elliptic Curves and Cryptography,”

28.

Mahmood K, Chaudhry SA, Naqvi H, Kumari S, Li X, Sangaiah AK (2018) An elliptic curve cryptography based lightweight authentication scheme for smart grid communication. Futur Gener Comput Syst 81:557–565CrossRef

29.

Kilinc HH, Yanik T (2013) A survey of SIP authentication and key agreement schemes. IEEE Commun Surv Tutor 16(2):1005–1023CrossRef

30.

Wang F, Zhang Y (2008) A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography. Comput Commun 31(10):2142–2149CrossRef

31.

Chaabouni N, Mosbah M, Zemmari A, Sauvignac C, Faruki P (2019) Network intrusion detection for IoT security based on learning techniques. IEEE Commun Surv Tutor 21(3):2671–2701CrossRef

32.

Anthi E, Williams L, Słowińska M, Theodorakopoulos G, Burnap P (2019) A supervised intrusion detection system for smart home IoT devices. IEEE Internet Things J 6(5):9042–9053CrossRef

33.

Adhikari S, Ray S, Obaidat MS, Biswas GP (2020) Efficient and secure content dissemination architecture for content centric network using ECC-based public key infrastructure. Comput Commun 157:187–203CrossRef

34.

Adhikari S, Ray S (2019) A Lightweight and secure IoT communication framework in content-centric network using elliptic curve cryptography. Recent trends in communication, computing, and electronics. Springer, Singapore, pp 207–216CrossRef

35.

Rangwani D, Sadhukhan D, Ray S, Khan MK, Dasgupta M (2021) An improved privacy preserving remote user authentication scheme for agricultural wireless sensor network. Trans Emerg Tel Technol. https://doi.org/10.1002/ett.4218CrossRef

36.

Chatterjee U, Ray S, Adhikari S, Khan MK, Dasgupta M (2023) Efficient and secure e-voting scheme using elliptic curve cryptography. Sec Priv 6(3):e283

37.

Sadhukhan D, Ray S, Biswas GP, Khan MK, Dasgupta M (2020) A lightweight remote user authentication scheme for IoT communication using elliptic curve cryptography. J Supercomput 77:1114–1151CrossRef

38.

Sowjanya K, Dasgupta M, Ray S, Obaidat MS (2019) An efficient elliptic curve cryptography-based without pairing KPABE for internet of things. IEEE Syst J 14:2154–2163CrossRef

39.

Turkanović M, Brumen B, Hölbl M (2014) A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Netw 20:96–112CrossRef

40.

Fakroon M, Alshahrani M, Gebali F, Traore I (2020) Secure remote anonymous user authentication scheme for smart home environment. Internet Things 9:100158CrossRef

Titel: An improved authentication and key management scheme for hierarchical IoT network using elliptic curve cryptography
verfasst von: Uddalak Chatterjee
Sangram Ray
Dipanwita Sadhukhan
Mou Dasgupta
Publikationsdatum: 02.08.2023
Verlag: Springer London
Erschienen in: Innovations in Systems and Software Engineering / Ausgabe 3/2023
Print ISSN: 1614-5046
Elektronische ISSN: 1614-5054
DOI: https://doi.org/10.1007/s11334-023-00532-3

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 3/2023

Frequent itemset mining using FP-tree: a CLA-based approach and its extended application in biodiversity data

Component level diagnosability of discrete event systems based on observations

TimeLine Depiction: an approach to graphical notation for supporting temporal property specification

Formal modeling of the gPTP clock synchronization algorithm in automotive ethernet

Efficiency of oversampling methods for enhancing software defect prediction by using imbalanced data

Premium Partner