Top

Journal of Reliable Intelligent Environments

Published in:

16-01-2020 | Original Article

A secure mutual authentication protocol for IoT environment

Authors: Prabhat Kumar Panda, Sudipta Chattopadhyay

Published in: Journal of Reliable Intelligent Environments | Issue 2/2020

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Rapid development in the field of Internet of Things (IoT) has made it possible to connect many embedded devices to the internet for the sharing of data. Since, the embedded device has limited storage, power, and computational ability, an integration of embedded devices with the large pool of resource such as cloud is required. This integration of technologies is expected to provide extraordinary growth in current and future promising applications of IoT. In this context, the security issues such as authentication and data privacy of devices are major issues of concern. The research motivation of the present work is to propose a secure mutual authentication protocol for IoT and cloud servers based on elliptic curve cryptography. In this work, the security properties of the proposed protocol have been formally verified by using Automated Validation of Internet Security Protocols and Applications tools and informally analyzed and compared with the related protocols in terms of various security attributes such as device privacy, impersonation attack, replay attack, password guessing attack, mutual authentication and so on. Moreover, the performance of the proposed protocol has also been evaluated in terms of computational, communication, storage overhead and total computational time. The security and performance analyses found the supremacy of the proposed protocol over the other related protocols.

previous article Human movement effects on the performance of the RSSI-based trilateration method: adaptive filters for distance compensation

next article Real-time human behaviour monitoring using hybrid ambient assisted living framework

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Atzori L, Lera A, Morabito G (2010) The Internet of Things: a survey. Comput Netw 54:2787–2805MATHCrossRef

Al-Fuqaha A, Guizani M, Mohammadi M, Aledhari M, Ayyash M (2015) Internet of Things: a survey on enabling technologies, protocols, and applications. IEEE Commun Surv Tutor 17(4):2347–2376CrossRef

Kouicem DE, Bouabdallah A, Lakhlef H (2018) Internet of Things security: a top-down survey. Comput Netw 141:199–221CrossRef

Botta A, Donato WD, Persico V, Pescape A (2016) Integration of cloud computing and Internet of things: a survey. Future Gener Comput Syst 56:684–700CrossRef

Sascha M, Sebastian W (2008) Secure communication in microcomputer bus systems for embedded devices. J Syst Archit 54:1065–1076CrossRef

Debiao H, Sherali Z (2015) An analysis of RFID authentication schemes for Internet of Things in healthcare environment using elliptic curve cryptography. IEEE Internet Things J 2(1):72–83CrossRef

Afreen R, Mehrotra SC (2011) A review on elliptic curve cryptography for embedded systems. J Comput Sci Inf Technol 3(3):84–103

Yang J, Chang C (2009) An ID-based remote mutual authentication with key agreement protocol for on elliptic curve cryptosystem. Comput Secur 28:138–143CrossRef

Yoon EJ, Yoo KY (2009) Robust ID-based remote mutual authentication with key agreement protocol for mobile devices on ECC. In: Proceedings of the international conference on computational science and engineering, pp 633–640

10.

Hafizul SK, Biswas GP (2011) A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve crypto systems. J Syst Softw 84(11):1892–1898CrossRef

11.

Chou CH, Tsai KY, Lu CF (2013) Two ID-based authenticated schemes with key agreement for mobile environments. J Supercomput 66(2):973–988CrossRef

12.

Farash MS, Attari MA (2014) A secure and efficient identity-based authenticated key exchange protocol for mobile client–server networks. J Supercomput 69:395–411CrossRef

13.

Liao YP, Hsiao CM (2014) A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol. Ad Hoc Netw 18:133–146CrossRef

14.

Peeters R, Hermans J (2013) Attack on Liao and Hsiao’s Secure ECC based RFID authentication scheme integrated with ID-verifier transfer protocol. Cryptology ePrint Archive. Report 2013/399

15.

Moosavi SR, Nigussie E, Virtanen S, Isoaho J (2014) An elliptic curve-based mutual authentication scheme for RFID implants systems. Procedia Comput Sci 32:198–206CrossRef

16.

Khatwani C, Roy S (2015) Security analysis of ECC based authentication protocols. In: Proceedings of ieee international conference on computational intelligence and communication networks, pp 1167–1172

17.

Abbasinezhad-Mood D, Nikooghadam M (2018) Efficient design of a novel ECC-based public key scheme for medical data protection by utilization of NanoPi fire. IEEE Trans Reliab 67(3):1328–1339CrossRef

18.

Abbasinezhad-Mood D, Nikooghadam M (2018) Efficient anonymous password-authenticated key exchange protocol to read isolated smart meters by utilization of extended chebyshev chaotic maps. IEEE Trans Ind Inf 4(11):4815–4828

19.

Abbasinezhad-Mood D, Ostad-Sharif A, Nikooghadam M (2019) Novel anonymous key establishment protocol for isolated smart meters. IEEE Trans Ind Electron 67(4):2844–2851CrossRef

20.

Alshahrani M, Traore I (2019) Secure mutual authentication and automated access control for IoT smart home using cumulative Keyed-hash chain. J Inf Secur Appl 45:156–175

21.

Li X, Niu J, Bhuiyan MZA, Wu F, Karuppiah M, Kumari S (2018) A robust ECC based provable secure authentication protocol with privacy preserving for Industrial Internet of Things. IEEE Trans Ind Inf 14(8):3599–3609CrossRef

22.

Alcaide A, Palomar E, Montero-Castillo J, Ribagorda A (2013) Anonymous authentication for privacy-preserving IoT target-driven applications. Comput Secur 37:111–123CrossRef

23.

Lin X-J, Sun L, Qu H (2015) Insecurity of an anonymous authentication for privacy-preserving IoT target-driven applications. Comput Secur 48:142–149CrossRef

24.

Dhillon PK, Kalra S (2017) Secure multi-factor remote user authentication scheme for Internet of Things environments. Int J Commun Syst 6:e3323CrossRef

25.

Ostad-Sharif A, Arshad H, Nikooghadam M, Abbasinezhad-Mood D (2019) Three party secure data transmission in IoT networks through design of a lightweight authenticated key agreement scheme. Future Gener Comput Syst 100:82–892CrossRef

26.

Waquar A, Raza A, Abbas H, Khan MK (2013) A framework for preservation of cloud users’ data privacy using dynamic reconstruction of metadata. J Netw Comput Appl 36:235–248CrossRef

27.

Distefano S, Merlino G, Puliafito A (2015) A utility paradigm for IoT: the sensing cloud. Pervasive Mob Comput 20:127–144CrossRef

28.

Persson P, Angelsmark O (2015) Calvin—merging cloud and IoT. Procedia Comput Sci 52:210–217CrossRef

29.

Stergiou C, Psannis KE, Kim B-G, Gupta B (2018) Secure integration of IoT and cloud computing. Future Gener Comput Syst 78:964–975CrossRef

30.

Chatterjee S, Samaddar SG (2020) A robust lightweight ECC-based three-way authentication scheme for IoT in cloud. In: Elçi A, Sa P, Modi C, Olague G, Sahoo M, Bakshi S (eds) Smart computing paradigms: new progresses and challenges Advances in intelligent systems and computing, vol 767. Springer, Singapore

31.

Kalra S, Sood SK (2015) Secure authentication scheme for IOT and cloud servers. Pervasive Mob Comput 24:210–223CrossRef

32.

Chang C-C, Wu H-L, Sun C-Y (2017) Notes on secure authentication scheme for IOT and cloud servers. Pervasive Mob Comput 38:275–278CrossRef

33.

Wang K-H, Chen C-M, Fang W, Wu T-Y (2017) A secure authentication scheme for internet of things. Pervasive Mob Comput 42:15–26CrossRef

34.

Kumari S, Karuppiah M, Das AK (2018) A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers. J Supercomput 74:6428–6453CrossRef

35.

Bhubaneswari S, Ananth NV (2018) Enhanced mutual authentication scheme for cloud of things. Int J Pure Appl Math 119(15):1571–1583

36.

Hankerson D, Menezes A, Vanstone S (2004) Guide to elliptic curve cryptography. Springer, New YorkMATH

37.

Mahto D, Khan DA, Yadav DK (2016) Security analysis of elliptic curve cryptography and RSA. In: Proceedings of the world congress on engineering, pp 1–4

38.

Wu F, Xu L, Kumari S, Li X (2018) An improved and provably secure three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Netw Appl 11(1):1–20CrossRef

39.

Panda PK, Chattopadhyay S (2019) An improved authentication and security scheme for LTE/LTE-a networks. J Ambient Intell Hum Comput. https://doi.org/10.1007/s12652-019-01248-8 CrossRef

40.

Vigano L (2006) Automated security protocol analysis with the AVISPA tool. Electron Notes Theor Comput Sci 155:61–86CrossRef

41.

[Online]. AVISPA: automated validation of internet security protocols and applications. Accessed Jan (2018). http://www.avispaproject.org/

42.

Wazid M, Das AK, Odelu V, Kumar N, Conti M, Jo M (2018) Design of secure user authenticated key management protocol for generic IoT networks. IEEE Internet Things J 5(1):269–282CrossRef

43.

Dolev D, Yao AC (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208MathSciNetMATHCrossRef

44.

Secure hash standard (1995) Nat. Inst. Standards Technol. (NIST), USA, Tech. Rep. FIPS PUB: 180-1

45.

Panda PK, Chattopadhyay S (2019) A modified PKM environment for the security enhancement of IEEE 802.16e. Comput Standard Interface 61:107–120CrossRef

46.

Challa S, Wazid M, Das AK, Kumar N, Reddy AG, Yoon E-J, Yoo K-Y (2017) Secure signature based authenticated key establishment scheme for future IOT applications. IEEE Access 5:3028–3043CrossRef

Title: A secure mutual authentication protocol for IoT environment
Authors: Prabhat Kumar Panda
Sudipta Chattopadhyay
Publication date: 16-01-2020
Publisher: Springer International Publishing
Published in: Journal of Reliable Intelligent Environments / Issue 2/2020
Print ISSN: 2199-4668
Electronic ISSN: 2199-4676
DOI: https://doi.org/10.1007/s40860-020-00098-y

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 2/2020

Real-time human behaviour monitoring using hybrid ambient assisted living framework

A smart cooking device for assisting cognitively impaired users

Human movement effects on the performance of the RSSI-based trilateration method: adaptive filters for distance compensation

Editorial

Premium Partner