nach oben

Wireless Networks

Erschienen in:

02.01.2021

LAPTAS: lightweight anonymous privacy-preserving three-factor authentication scheme for WSN-based IIoT

verfasst von: Hossein Abdi Nasib Far, Majid Bayat, Ashok Kumar Das, Mahdi Fotouhi, S. Morteza Pournaghi, M. A. Doostari

Erschienen in: Wireless Networks | Ausgabe 2/2021

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Nowadays, wireless sensor networks (WSNs) are essential for monitoring and data collection in many industrial environments. Industrial environments are usually huge. The distances between the devices located in them can be vast; in this case, the Industrial Internet of Things (IIoT) leads to greater productivity and efficiency of industries. Furthermore, the sensor devices in IIoT have limited memory and constrained processing power, and using gateway nodes is inevitable to cover these vast areas and manage communications between industrial sensors. Security threats such as compromised devices, denial of service, and leakage of confidential information can incur hefty expenses and irreparable damage to industrial systems. Hence, in the IIoT hierarchical architecture, anonymous and mutual authentication between users, gateway nodes, and sensor nodes is essential to protect users and the system’s security and privacy. In this article, we propose a lightweight anonymous privacy-preserving three-factor authentication scheme for WSN-Based IIoT (LAPTAS). In LAPTAS, registered users can use their security smartcard to communicate with sensors and access their data. Moreover, the proposed scheme supports sensor node dynamic registration, password and biometric change, and revocation phase. Additionally, we evaluate and verify our scheme’s security formally using the Real-or-Random model and informally with the automatic cryptographic Protocol Verifier tool(ProVerif). Finally, our scheme is simulated by the OPNET network simulator and compared with other similar schemes to ensure that the LAPTAS meets all security and performance requirements.

Vorheriger Artikel Road network layout based multi-hop broadcast protocols for Urban Vehicular Ad-hoc Networks

Nächster Artikel An SDN-based true end-to-end TCP for wireless LAN

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Atzori, L., Iera, A., & Morabito, G. (2010). The Internet of Things: A survey. Computer Networks, 54(15), 2787–2805. https://doi.org/10.1016/j.comnet.2010.05.010, URL https://linkinghub.elsevier.com/retrieve/pii/S1389128610001568.

Al-Turjman, F., & Alturjman, S. (2018). Context-Sensitive Access in Industrial Internet of Things (IIoT) Healthcare Applications. IEEE Transactions on Industrial Informatics, 14(6), 2736–2744. https://doi.org/10.1109/TII.2018.2808190, URL https://ieeexplore.ieee.org/document/8295246/.

Ketshabetswe, L. K., Zungeru, A. M., Mangwala, M., Chuma, J. M., & Sigweni, B. (2019). Communication protocols for wireless sensor networks: A survey and comparison. Heliyon, 5(5), e01591. https://doi.org/10.1016/j.heliyon.2019.e01591, URL https://www.sciencedirect.com/science/article/pii/S2405844018340192#bib3.

Ibrahim, A. (2007). Wireless sensor networks: technology, protocols, and applications. PhD thesis, https://doi.org/10.5860/choice.45-1482, URL https://books.google.fr/books?hl=fa&lr=&id=I3bJGo690SUC&oi=fnd&pg=PR5&ots=omTr2SRsPo&sig=si30JEvL0lVXambHoMp6jWFWvpY&redir_esc=y#v=onepage&q&f=false

Akkaya, K., & Younis, M. (2005). A survey on routing protocols for wireless sensor networks. Ad Hoc Networks, 3(3), 325–349. https://doi.org/10.1016/j.adhoc.2003.09.010, URL https://www.sciencedirect.com/science/article/abs/pii/S1570870503000738.

Akyildiz, I. F., Su, W., Sankarasubramaniam, Y., & Cayirci, E. (2002). Wireless sensor networks: A survey. Computer Networks, 38(4), 393–422. https://doi.org/10.1016/S1389-1286(01)00302-4, URL https://www.sciencedirect.com/science/article/abs/pii/S1389128601003024.

Heinzelman, W. B., Chandrakasan, A. P., & Balakrishnan, H. (2002). An application-specific protocol architecture for wireless microsensor networks. IEEE Transactions on Wireless Communications, 1(4), 660–670. https://doi.org/10.1109/TWC.2002.804190.CrossRef

Wang, Z. (2018). A privacy-preserving and accountable authentication protocol for IoT end-devices with weaker identity. Future Generation Computer Systems, 82, 342–348. https://doi.org/10.1016/j.future.2017.09.042, URL http://linkinghub.elsevier.com/retrieve/pii/S0167739X17307495.

Shen, J. J., Chang, S., Shen, J. J., Liu, Q., & Sun, X. (2018). A lightweight multi-layer authentication protocol for wireless body area networks. Future Generation Computer Systems, 78, 956–963. https://doi.org/10.1016/j.future.2016.11.033.CrossRef

10.

Ferrag, M.A., Maglaras, L.A., Janicke, H., Jiang, J., & Shu, L. (2017). Authentication Protocols for Internet of Things: A Comprehensive Survey. Security and Communication Networks 2017:1–41, https://doi.org/10.1155/2017/6562953, URL https://www.hindawi.com/journals/scn/2017/6562953/, arXiv:1612.07206.

11.

Esch, J. (2003). Comparing passwords, tokens, and biometrics for user authentication. Proceedings of the IEEE, 91(12), 2019–2020. https://doi.org/10.1109/JPROC.2003.819605.CrossRef

12.

Barkadehi, M. H., Nilashi, M., Ibrahim, O., Zakeri Fardi, A., & Samad, S. (2018). Authentication systems: A literature review and classification. Telematics and Informatics, 35(5), 1491–1511. https://doi.org/10.1016/j.tele.2018.03.018.CrossRef

13.

Srinivas J, Das AK, Wazid M, Kumar N (2018) Anonymous Lightweight Chaotic Map-Based Authenticated Key Agreement Protocol for Industrial Internet of Things. IEEE Transactions on Dependable and Secure Computing PP(c):1, https://doi.org/10.1109/TDSC.2018.2857811

14.

Da Xu, L., He, W., & Li, S. (2014). Internet of things in industries: A survey. IEEE Transactions on Industrial Informatics, 10(4), 2233–2243.CrossRef

15.

Lamport, L. (1981). Password authentication with insecure communication. Communications of the ACM, 24(11), 770–772. https://doi.org/10.1145/358790.358797.MathSciNetCrossRef

16.

Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090. https://doi.org/10.1109/TWC.2008.080128.CrossRef

17.

Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of ’two-factor user authentication in wireless sensor networks’. Sensors, 10(3), 2450–2459. https://doi.org/10.3390/s100302450.CrossRef

18.

He, D., Gao, Y., Chan, S., Chen, C., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad-Hoc and Sensor Wireless Networks, 10(4), 361–371.

19.

Yeh, H. L., Chen, T. H., Liu, P. C., Kim, T. H., & Wei, H. W. (2011). A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 11(5), 4767–4779. https://doi.org/10.3390/s110504767.CrossRef

20.

Shi, W., & Gong, P. (2013). A new user authentication protocol for wireless sensor networks using elliptic curves cryptography. International Journal of Distributed Sensor Networks, 9, 730831. https://doi.org/10.1155/2013/730831.CrossRef

21.

Choi, Y., Lee, D., Kim, J., Jung, J., Nam, J., & Won, D. (2014). Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors (Switzerland), 14(6), 10081–10106. https://doi.org/10.3390/s140610081.CrossRef

22.

Xue, K., Ma, C., Hong, P., & Ding, R. (2013). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323.CrossRef

23.

He, D., Kumar, N., & Chilamkurti, N. (2015). A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Information Sciences, 321, 263–277. https://doi.org/10.1016/j.ins.2015.02.010.CrossRef

24.

Jiang, Q., Ma, J., Wei, F., Tian, Y., Shen, J., & Yang, Y. (2016). An untraceable temporal-credential-based two-factor authentication scheme using ECC for wireless sensor networks. Journal of Network and Computer Applications, 76, 37–48. https://doi.org/10.1016/j.jnca.2016.10.001, URL https://www.sciencedirect.com/science/article/pii/S1084804516302302?via%3Dihub.

25.

Li, X., Niu, J., Bhuiyan, M. Z. A., Wu, F., Karuppiah, M., & Kumari, S. (2018a). A robust ECC-Based provable secure authentication protocol with privacy preserving for industrial internet of things. IEEE Transactions on Industrial Informatics, 14(8), 3599–3609. https://doi.org/10.1109/TII.2017.2773666, URL https://ieeexplore.ieee.org/abstract/document/8110708.

26.

Li, X., Niu, J., Kumari, S., Wu, F., Sangaiah, A. K., & Choo, K. K. R. (2018b). A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments. Journal of Network and Computer Applications, 103, 194–204. https://doi.org/10.1016/j.jnca.2017.07.001.CrossRef

27.

Das, A. K., Wazid, M., Kumar, N., Vasilakos, A. V., & Rodrigues, J. J. P. C. (2018). Biometrics-Based Privacy-Preserving User Authentication Scheme for Cloud-Based Industrial Internet of Things Deployment. IEEE Internet of Things Journal, 5(6), 4900–4913. https://doi.org/10.1109/JIOT.2018.2877690, URL https://ieeexplore.ieee.org/document/8506419/.

28.

Wang, F., Xu, G., & Xu, G. (2019). A provably secure anonymous biometrics-based authentication scheme for wireless sensor networks using chaotic map. IEEE Access, 7, 101596–101608. https://doi.org/10.1109/access.2019.2930542.CrossRef

29.

Kumar, D., Singh, H. K., & Ahlawat, C. (2020). A secure three-factor authentication scheme for wireless sensor networks using ECC. Journal of Discrete Mathematical Sciences and Cryptography, 23(4), 879–900. https://doi.org/10.1080/09720529.2019.1627072, URL https://www.tandfonline.com/doi/full/10.1080/09720529.2019.1627072.

30.

Vinoth, R., Deborah, L.J., Vijayakumar, P., & Kumar, N. (2020). Secure Multi-factor Authenticated Key Agreement Scheme for Industrial IoT. IEEE Internet of Things Journal XX(X):1–10, https://doi.org/10.1109/JIOT.2020.3024703, URL https://ieeexplore.ieee.org/document/9199812/.

31.

Schwab, K. (2017). The fourth industrial revolution (First U.S. edition). Crown Business.

32.

Meng, Z., Wu, Z., Muvianto, C., & Gray, J. (2016). A data-oriented m2m messaging mechanism for industrial iot applications. IEEE Internet of Things Journal, 4(1), 236–246.CrossRef

33.

Alshahrani, M., & Traore, I. (2019). Secure mutual authentication and automated access control for IoT smart home using cumulative Keyed-hash chain. Journal of Information Security and Applications, 45, 156–175. https://doi.org/10.1016/j.jisa.2019.02.003.CrossRef

34.

Fotouhi, M., Bayat, M., Das, A. K., Far, H. A. N., Pournaghi, S. M., & Doostari, M. A. (2020). A lightweight and secure two-factor authentication scheme for wireless body area networks in health-care IoT. Computer Networks, 177, 107333. https://doi.org/10.1016/j.comnet.2020.107333.CrossRef

35.

Dolev, D., & Yao, A. (1983). On the security of public key protocols. IEEE Transactions on information theory, 29(2), 198–208.MathSciNetCrossRef

36.

Wazid, M., Das, A.K., Odelu, V., Kumar, N., & Susilo, W. (2017). Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment. IEEE Transactions on Dependable and Secure Computing, https://doi.org/10.1109/TDSC.2017.2764083, URL http://ieeexplore.ieee.org/document/8070995/.

37.

Dodis, Y., Ostrovsky, R., Reyzin, L., & Smith, A. (2008). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM Journal on Computing, 38(1), 97–139. https://doi.org/10.1137/060651380.MathSciNetCrossRefMATH

38.

Carper, T., & Hemmo, D. (2002). Smart card memory management system and method. US Patent 6,480,935

39.

Hamann, E.M., & Kaisser, M. (2001). Storing data objects in a smart card memory. US Patent 6,296,191.

40.

Abdalla, M., Fouque, P. A., & Pointcheval, D. (2006). Password-based authenticated key exchange in the three-party setting. IEE Proceedings: Information Security, 153(1), 27–39. https://doi.org/10.1049/ip-ifs:20055073, URL http://link.springer.com/10.1007/978-3-540-30580-4_6.

41.

Srinivas, J., Das, A. K., Kumar, N., & Rodrigues, J. J. P. C. (2019). TCALAS: Temporal credential-based anonymous lightweight authentication scheme for internet of drones environment. IEEE Transactions on Vehicular Technology, 68(7), 6903–6916. https://doi.org/10.1109/TVT.2019.2911672.CrossRef

42.

Wazid, M., Das, A. K., Odelu, V., Kumar, N., & Susilo, W. (2017). Secure remote user authenticated key establishment protocol for smart home environment. IEEE Transactions on Dependable and Secure Computing,. https://doi.org/10.1109/TDSC.2017.2764083.CrossRef

43.

Wazid, M., Das, A. K., Kumar, N., Vasilakos, A. V., & Rodrigues, J. J. P. C. (2019). Design and analysis of secure lightweight remote user authentication and key agreement scheme in internet of drones deployment. IEEE Internet of Things Journal, 6(2), 3572–3584.CrossRef

44.

Odelu, V., Das, A. K., & Goswami, A. (2015). A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Transactions on Information Forensics and Security, 10(9), 1953–1966.CrossRef

45.

Safkhani, M., Bagheri, N., Kumari, S., Tavakoli, H., Kumar, S., & Chen, J. (2020). RESEAP: An ECC based authentication and key agreement scheme for IoT applications. IEEE Access, https://doi.org/10.1109/access.2020.3034447.

46.

Kocher, P., Jaffe, J., & Jun, B. (1999). Differential power analysis. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 1666, 388–397. https://doi.org/10.1007/3-540-48405-1_25.CrossRefMATH

47.

Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552. https://doi.org/10.1109/TC.2002.1004593.MathSciNetCrossRefMATH

48.

Daynes, L.P., & Czajkowski, G.J. (2007). Multi-level undo of main-memory and volatile resources. US Patent 7,234,076.

49.

Huang, X., Xiang, Y., Chonka, A., Zhou, J., & Deng, R. H. (2011). A generic framework for three-factor authentication: Preserving security and privacy in distributed systems. IEEE Transactions on Parallel and Distributed Systems, 22(8), 1390–1397. https://doi.org/10.1109/TPDS.2010.206, URL http://doi.ieeecomputersociety.org/10.1109/.

50.

Blanchet, B. (2016). Modeling and Verifying Security Protocols with the Applied Pi Calculus and ProVerif. Foundations and Trends® in Privacy and Security, 1(1–2), 1–135. https://doi.org/10.1561/3300000004.CrossRef

51.

Blanchet, B. (2014). Automatic verification of security protocols in the symbolic model: The verifier proverif. In: Lecture notes in computer science (including subseries lecture notes in artificial intelligence and lecture notes in bioinformatics) (pp. 54–87). Cham: Springer.

52.

Cheval, V., & Blanchet, B. (2013). Proving more observational equivalences with proverif. in: International conference on principles of security and trust (pp. 226–246). Cham: Springer.MATH

53.

Abdi, H. (2019). hossein73/proverif. URL https://github.com/hossein73/proverif/blob/develop/LAPTASAuthenticationSchemeWithPrivacyPreservingIIoT.pv.

54.

Lee, H., Kang, D., Ryu, J., Won, D., Kim, H., & Lee, Y. (2020). A three-factor anonymous user authentication scheme for Internet of Things environments. Journal of Information Security and Applications, 52, 102494. https://doi.org/10.1016/j.jisa.2020.102494.CrossRef

55.

Dai, W. (2019, April 28). Weidai11/cryptopp. Crypto++ Library is a free C++ class library of cryptographic schemes. https://github.com/weidai11/cryptopp

56.

Dang, Q.H. (2015). Secure Hash Standard. Tech. rep., National Institute of Standards and Technology, Gaithersburg, MD, https://doi.org/10.6028/NIST.FIPS.180-4, URL https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf

57.

Challa, S., Das, A. K., Odelu, V., Kumar, N., Kumari, S., Khan, M. K., et al. (2018). An efficient ECC-based provably secure three-factor user authentication and key agreement protocol for wireless healthcare sensor networks. Computers and Electrical Engineering, 69, 534–554. https://doi.org/10.1016/j.compeleceng.2017.08.003.CrossRef

58.

Rivest, R. L., Hellman, M. E., Anderson, J. C., & Lyons, J. W. (1992). Responses to NIST’s proposal. Communications of the ACM, 35(7), 41–54. https://doi.org/10.1145/129902.129905.CrossRef

59.

Zhu, C., Yang, O. W., Aweya, J., Ouellette, M., & Montuno, D. Y. (2002). A comparison of active queue management algorithms using the opnet modeler. IEEE Communications Magazine, 40(6), 158–167.CrossRef

60.

Cao, C., Zuo, Y., & Zhang, F. (2018). Research on comprehensive performance simulation of communication ip network based on opnet. In: 2018 International Conference on Intelligent Transportation, Big Data & Smart City (ICITBS), IEEE, pp 195–197.

61.

Salah, K., Calyam, P., & Buhari, M. (2008). Assessing readiness of ip networks to support desktop videoconferencing using opnet. Journal of Network and Computer Applications, 31(4), 921–943.CrossRef

Titel: LAPTAS: lightweight anonymous privacy-preserving three-factor authentication scheme for WSN-based IIoT
verfasst von: Hossein Abdi Nasib Far
Majid Bayat
Ashok Kumar Das
Mahdi Fotouhi
S. Morteza Pournaghi
M. A. Doostari
Publikationsdatum: 02.01.2021
Verlag: Springer US
Erschienen in: Wireless Networks / Ausgabe 2/2021
Print ISSN: 1022-0038
Elektronische ISSN: 1572-8196
DOI: https://doi.org/10.1007/s11276-020-02523-9

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2021

Lightweight Feistel structure based hybrid-crypto model for multimedia data security over uncertain cloud environment

Salp swarm algorithm and phasor measurement unit based hybrid robust neural network model for online monitoring of voltage stability

Analysis and modelling the effects of mobility, Churn rate, node’s life span, intermittent bandwidth and stabilization cost of finger table in structured mobile P2P networks

An SDN-based true end-to-end TCP for wireless LAN

Equality test with an anonymous authorization in cloud computing

A comprehensive review of cooperative MIMO WSN: its challenges and the emerging technologies