Skip to main content
main-content
Top

Hint

Swipe to navigate through the articles of this issue

Published in: Peer-to-Peer Networking and Applications 2/2022

17-01-2022

A secure IoT-based micro-payment protocol for wearable devices

Authors: Sriramulu Bojjagani, P. V. Venkateswara Rao, Dinesh Reddy Vemula, B Ramachandra Reddy, T. Jaya Lakshmi

Published in: Peer-to-Peer Networking and Applications | Issue 2/2022

Login to get access
share
SHARE

Abstract

Wearable devices are parts of the essential cost of goods sold (COGS) in the wheel of the Internet of things (IoT), contributing to a potential impact in the finance and banking sectors. There is a need for lightweight cryptography mechanisms for IoT devices because these are resource constraints. This paper introduces a novel approach to an IoT-based micro-payment protocol in a wearable devices environment. This payment model uses an “elliptic curve integrated encryption scheme (ECIES)” to encrypt and decrypt the communicating messages between various entities. The proposed protocol allows the customer to buy the goods using a wearable device and send the mobile application’s confidential payment information. The application creates a secure session between the customer, banks and merchant. The static security analysis and informal security methods indicate that the proposed protocol is withstanding the various security vulnerabilities involved in mobile payments. For logical verification of the correctness of security properties using the formal way of “Burrows-Abadi-Needham (BAN)” logic confirms the proposed protocol’s accuracy. The practical simulation and validation using the Scyther and Tamarin tool ensure that the absence of security attacks of our proposed framework. Finally, the performance analysis based on cryptography features and computational overhead of related approaches specify that the proposed micro-payment protocol for wearable devices is secure and efficient.

To get access to this content you need the following product:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 69.000 Bücher
  • über 500 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Testen Sie jetzt 15 Tage kostenlos.

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 50.000 Bücher
  • über 380 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




Testen Sie jetzt 15 Tage kostenlos.

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 58.000 Bücher
  • über 300 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Testen Sie jetzt 15 Tage kostenlos.

Appendix
Available only for authorised users
Literature
1.
go back to reference Challa S, Wazid M, Das AK, Kumar N, Reddy AG, Yoon E-J, Yoo K-Y (2017) Secure signature-based authenticated key establishment scheme for future iot applications. IEEE Access 5:3028–3043 CrossRef Challa S, Wazid M, Das AK, Kumar N, Reddy AG, Yoon E-J, Yoo K-Y (2017) Secure signature-based authenticated key establishment scheme for future iot applications. IEEE Access 5:3028–3043 CrossRef
2.
go back to reference Yeh KH (2016) A secure iot-based healthcare system with body sensor networks. IEEE Access 4:10288–10299 CrossRef Yeh KH (2016) A secure iot-based healthcare system with body sensor networks. IEEE Access 4:10288–10299 CrossRef
3.
go back to reference Chen Y, Xu W, Peng L, Zhang H (2019) Light-weight and privacy-preserving authentication protocol for mobile payments in the context of iot. IEEE Access 7:15210–15221 CrossRef Chen Y, Xu W, Peng L, Zhang H (2019) Light-weight and privacy-preserving authentication protocol for mobile payments in the context of iot. IEEE Access 7:15210–15221 CrossRef
5.
go back to reference Guravaiah K, Velusamy RL (2019) Prototype of home monitoring device using internet of things and river formation dynamics-based multi-hop routing protocol (rfdhm). IEEE Trans Consum Electron 65(3):329–338 CrossRef Guravaiah K, Velusamy RL (2019) Prototype of home monitoring device using internet of things and river formation dynamics-based multi-hop routing protocol (rfdhm). IEEE Trans Consum Electron 65(3):329–338 CrossRef
8.
go back to reference Seneviratne S, Hu Y, Nguyen T, Lan G, Khalifa S, Thilakarathna K, Hassan M, Seneviratne A (2017) A survey of wearable devices and challenges. IEEE Commun Surv Tutorials 19(4):2573–2620 CrossRef Seneviratne S, Hu Y, Nguyen T, Lan G, Khalifa S, Thilakarathna K, Hassan M, Seneviratne A (2017) A survey of wearable devices and challenges. IEEE Commun Surv Tutorials 19(4):2573–2620 CrossRef
9.
go back to reference Das AK, Wazid M, Kumar N, Khan MK, Choo KKR, Park Y (2017) Design of secure and lightweight authentication protocol for wearable devices environment. IEEE J Biomed Health Inform 22(4):1310–1322 CrossRef Das AK, Wazid M, Kumar N, Khan MK, Choo KKR, Park Y (2017) Design of secure and lightweight authentication protocol for wearable devices environment. IEEE J Biomed Health Inform 22(4):1310–1322 CrossRef
11.
go back to reference Das AK, Zeadally S, Wazid M (2017) Lightweight authentication protocols for wearable devices. Comput Electr Eng 63:196–208 CrossRef Das AK, Zeadally S, Wazid M (2017) Lightweight authentication protocols for wearable devices. Comput Electr Eng 63:196–208 CrossRef
12.
go back to reference Kumar D, Grover HS et al (2019) A secure authentication protocol for wearable devices environment using ecc. J Inf Secur Appl 47:8–15 Kumar D, Grover HS et al (2019) A secure authentication protocol for wearable devices environment using ecc. J Inf Secur Appl 47:8–15
13.
go back to reference Liu S, Hu S, Weng J, Zhu S, Chen Z (2016) A novel asymmetric three-party based authentication scheme in wearable devices environment. J Netw Comput Appl 60:144–154 CrossRef Liu S, Hu S, Weng J, Zhu S, Chen Z (2016) A novel asymmetric three-party based authentication scheme in wearable devices environment. J Netw Comput Appl 60:144–154 CrossRef
14.
go back to reference Yohan A, Lo NW, Randy V, Chen SJ, Hsu MY (2016) A novel authentication protocol for micropayment with wearable devices. In ACM Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication, Danang, Viet Nam pp. 1–7 Yohan A, Lo NW, Randy V, Chen SJ, Hsu MY (2016) A novel authentication protocol for micropayment with wearable devices. In ACM Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication, Danang, Viet Nam pp. 1–7
16.
go back to reference Sun DZ, Huai JP, Sun JZ, Zhang JW, Feng ZY (2008) A new design of wearable token system for mobile device security. IEEE Trans Consum Electron 54(4):1784–1789 CrossRef Sun DZ, Huai JP, Sun JZ, Zhang JW, Feng ZY (2008) A new design of wearable token system for mobile device security. IEEE Trans Consum Electron 54(4):1784–1789 CrossRef
17.
go back to reference Corner MD, Noble BD (2005) Protecting file systems with transient authentication. Wireless Netw 11(1–2):7–19 CrossRef Corner MD, Noble BD (2005) Protecting file systems with transient authentication. Wireless Netw 11(1–2):7–19 CrossRef
18.
go back to reference Saravanan K, Yuvaraj D (2010) An new secure mechanism for bluetooth network. In 2010 the 2nd international conference on computer and automation engineering (ICCAE). IEEE1:202–205 Saravanan K, Yuvaraj D (2010) An new secure mechanism for bluetooth network. In 2010 the 2nd international conference on computer and automation engineering (ICCAE). IEEE1:202–205
20.
go back to reference Patel R, Kunche A, Mishra N, Bhaiyat Z, Joshi R (2015) Paytooth-a cashless mobile payment system based on bluetooth. Int J Comput Appl 120:24 Patel R, Kunche A, Mishra N, Bhaiyat Z, Joshi R (2015) Paytooth-a cashless mobile payment system based on bluetooth. Int J Comput Appl 120:24
21.
go back to reference Liu W, Liu H, Wan Y, Kong H, Ning H (2016) The yoking-proof-based authentication protocol for cloud-assisted wearable devices. Pers Ubiquit Comput 20(3):469–479 CrossRef Liu W, Liu H, Wan Y, Kong H, Ning H (2016) The yoking-proof-based authentication protocol for cloud-assisted wearable devices. Pers Ubiquit Comput 20(3):469–479 CrossRef
22.
go back to reference Wu F, Li X, Xu L, Kumari S, Karuppiah M, Shen J (2017) A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server. Comput Electr Eng 63:168–181 CrossRef Wu F, Li X, Xu L, Kumari S, Karuppiah M, Shen J (2017) A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server. Comput Electr Eng 63:168–181 CrossRef
23.
go back to reference Gupta A, Tripathi M, Shaikh TJ, Sharma A (2019) A lightweight anonymous user authentication and key establishment scheme for wearable devices. Comput Netw 149:29–42 CrossRef Gupta A, Tripathi M, Shaikh TJ, Sharma A (2019) A lightweight anonymous user authentication and key establishment scheme for wearable devices. Comput Netw 149:29–42 CrossRef
25.
27.
go back to reference Moonsamy V, Batten L (2014) Mitigating man-in-the-middle attacks on smartphones-a discussion of ssl pinning and dnssec. In Proceedings of the 12th Australian Information Security Management Conference.Edith Cowan University pp 5–13 Moonsamy V, Batten L (2014) Mitigating man-in-the-middle attacks on smartphones-a discussion of ssl pinning and dnssec. In Proceedings of the 12th Australian Information Security Management Conference.Edith Cowan University pp 5–13
30.
go back to reference Fahl S, Harbach M, Muders T, Baumgärtner L, Freisleben B, Smith M (2012) Why eve and mallory love android: An analysis of android ssl (in) security. In Proceedings of the 2012 ACM conference on Computer and communications security pp 50–61 Fahl S, Harbach M, Muders T, Baumgärtner L, Freisleben B, Smith M (2012) Why eve and mallory love android: An analysis of android ssl (in) security. In Proceedings of the 2012 ACM conference on Computer and communications security pp 50–61
31.
go back to reference Patel R, Borisaniya B, Patel A, Patel D, Rajarajan M, Zisman A (2010) Comparative analysis of formal model checking tools for security protocol verification. In International Conference on Network Security and Applications. Springer pp 152–163 Patel R, Borisaniya B, Patel A, Patel D, Rajarajan M, Zisman A (2010) Comparative analysis of formal model checking tools for security protocol verification. In International Conference on Network Security and Applications. Springer pp 152–163
32.
go back to reference Pimentel JCL, Monroy R (2008) Formal support to security protocol development: A survey. Computación y Sistemas 12(1):89–108 Pimentel JCL, Monroy R (2008) Formal support to security protocol development: A survey. Computación y Sistemas 12(1):89–108
33.
go back to reference Braghin C, Sharygina N, Barone-Adesi K (2011) A model checking-based approach for security policy verification of mobile systems. Form Asp Comput 23(5):627–648 CrossRef Braghin C, Sharygina N, Barone-Adesi K (2011) A model checking-based approach for security policy verification of mobile systems. Form Asp Comput 23(5):627–648 CrossRef
35.
go back to reference Shi H, Ma W, Yang M, Zhang X (2012) A case study of model checking retail banking system with spin. JCP 7(10):2503–2510 Shi H, Ma W, Yang M, Zhang X (2012) A case study of model checking retail banking system with spin. JCP 7(10):2503–2510
36.
go back to reference Tobarra L, Cazorla D, Cuartero F, Díaz G, Cambronero E (2009) Model checking wireless sensor network security protocols: Tinysec+ leap+ tinypk. Telecommun Syst 40(3–4):91–99 CrossRef Tobarra L, Cazorla D, Cuartero F, Díaz G, Cambronero E (2009) Model checking wireless sensor network security protocols: Tinysec+ leap+ tinypk. Telecommun Syst 40(3–4):91–99 CrossRef
37.
go back to reference Burrows M, Abadi M (1989) A logic of authentication. In Proc R Soc Lond A.The Royal Society 426:233–271 Burrows M, Abadi M (1989) A logic of authentication. In Proc R Soc Lond A.The Royal Society 426:233–271
39.
go back to reference Kim M, Lee J, Yu S, Park K, Park Y, Park Y (2019) A secure authentication and key establishment scheme for wearable devices. In 2019 28th International Conference on Computer Communication and Networks (ICCCN).IEEE pp 1–2 Kim M, Lee J, Yu S, Park K, Park Y, Park Y (2019) A secure authentication and key establishment scheme for wearable devices. In 2019 28th International Conference on Computer Communication and Networks (ICCCN).IEEE pp 1–2
40.
go back to reference Santosa GB, Budiyanto S (2019) New design of lightweight authentication protocol in wearable technology. Telkomnika 17(2):561–572 CrossRef Santosa GB, Budiyanto S (2019) New design of lightweight authentication protocol in wearable technology. Telkomnika 17(2):561–572 CrossRef
41.
go back to reference Gupta V, Gupta S, Chang S, Stebila D (2002) Performance analysis of elliptic curve cryptography for ssl. In Proceedings of the 1st ACM workshop on Wireless security, Atlanta, GA, USA pp. 87–94 Gupta V, Gupta S, Chang S, Stebila D (2002) Performance analysis of elliptic curve cryptography for ssl. In Proceedings of the 1st ACM workshop on Wireless security, Atlanta, GA, USA pp. 87–94
42.
go back to reference Lo NW, Yohan A (2020) Ble-based authentication protocol for micropayment using wearable device. Wirel Pers Commun pp. 1–22 Lo NW, Yohan A (2020) Ble-based authentication protocol for micropayment using wearable device. Wirel Pers Commun pp. 1–22
43.
go back to reference Alese BK, Philemon E, Falaki SO (2012) Comparative analysis of public-key encryption schemes. Int J Eng Technol 2(9):1552–1568 Alese BK, Philemon E, Falaki SO (2012) Comparative analysis of public-key encryption schemes. Int J Eng Technol 2(9):1552–1568
44.
go back to reference Mohit P, Amin R, Karati A, Biswas G, Khan MK (2017) A standard mutual authentication protocol for cloud computing based health care system. J Med Syst 41(4):50 CrossRef Mohit P, Amin R, Karati A, Biswas G, Khan MK (2017) A standard mutual authentication protocol for cloud computing based health care system. J Med Syst 41(4):50 CrossRef
45.
go back to reference Yeh KH, Su C, Choo KKR, Chiu W (2017) A novel certificateless signature scheme for smart objects in the internet-of-things. Sensors 17(5):1001 CrossRef Yeh KH, Su C, Choo KKR, Chiu W (2017) A novel certificateless signature scheme for smart objects in the internet-of-things. Sensors 17(5):1001 CrossRef
46.
go back to reference Gallagher P, Director A (1995) Secure hash standard (shs). FIPS PUB 180:183 Gallagher P, Director A (1995) Secure hash standard (shs). FIPS PUB 180:183
50.
go back to reference Cremers CJF (2008) The Scyther tool: Automatic verification of security protocols, Computer Aided Verification 5423:414-418 Cremers CJF (2008) The Scyther tool: Automatic verification of security protocols, Computer Aided Verification 5423:414-418
51.
go back to reference Cremers CJF (2006) Scyther: Semantics and verification of security protocols. Eindhoven University of Technology Eindhoven, Netherlands Cremers CJF (2006) Scyther: Semantics and verification of security protocols. Eindhoven University of Technology Eindhoven, Netherlands
52.
go back to reference Cremers CJ (2008) The scyther tool: Verification, falsification, and analysis of security protocols. In International Conference on Computer Aided Verification. Springer pp 414–418 Cremers CJ (2008) The scyther tool: Verification, falsification, and analysis of security protocols. In International Conference on Computer Aided Verification. Springer pp 414–418
53.
go back to reference Meier S, Schmidt B, Cremers C, Basin D (2013) The tamarin prover for the symbolic analysis of security protocols. In International Conference on Computer Aided Verification. Springer pp 696–701 Meier S, Schmidt B, Cremers C, Basin D (2013) The tamarin prover for the symbolic analysis of security protocols. In International Conference on Computer Aided Verification. Springer pp 696–701
54.
go back to reference Team T et al (2020) Tamarin-prover manual. Accessed 14 Feb 2019 Team T et al (2020) Tamarin-prover manual. Accessed 14 Feb 2019
Metadata
Title
A secure IoT-based micro-payment protocol for wearable devices
Authors
Sriramulu Bojjagani
P. V. Venkateswara Rao
Dinesh Reddy Vemula
B Ramachandra Reddy
T. Jaya Lakshmi
Publication date
17-01-2022
Publisher
Springer US
Published in
Peer-to-Peer Networking and Applications / Issue 2/2022
Print ISSN: 1936-6442
Electronic ISSN: 1936-6450
DOI
https://doi.org/10.1007/s12083-021-01242-y

Other articles of this Issue 2/2022

Peer-to-Peer Networking and Applications 2/2022 Go to the issue

Premium Partner