nach oben

Wireless Personal Communications

Erschienen in:

16.10.2019

A Multi-factor User Authentication and Key Agreement Protocol Based on Bilinear Pairing for the Internet of Things

verfasst von: Mohammad Nikravan, Akram Reza

Erschienen in: Wireless Personal Communications | Ausgabe 1/2020

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The Internet of Things (IoT) presents a new paradigm of the future internet that intends to provide interactive communication between various processing object via heterogeneous networks. By increasing the IoT usage, establishing the security of IoT becomes a big concern. One of the security related issues is user authentication; that means before a user can access to the IoT nodes, the user and IoT node must authenticate each other. In this paper, a multi-factor user authentication and key agreement protocol, with reasonable computational time, applicable for IoT environments is proposed. To gain access to the services provided by IoT nodes, first, the gateway must authenticate the user and then, with help of the gateway, the IoT node can authenticate the user. The proposed protocol uses elliptic curve cryptography (ECC) and provides: (1) mutual authentication between the user and IOT node; (2) fresh shared session key; (3) multi-factor authentication; (4) several security requirements (i.e., non-repudiation, anonymity and untraceability, etc.). Formal verification of the proposed protocol using Burrows–Abadi–Needham logic shows that the protocol achieves the desired goals. Protocol simulation using Internet Security Protocols and Applications tool proves the security and robustness of the proposed protocol against well-known attacks. Finally, comparing the proposed protocol with other protocols shows that it is efficient in terms of computational time.

Vorheriger Artikel Reconfigurable Transparent All-Dielectric Water-Based Metamaterial for Microstrip Patch Antenna Gain Enhancement

Nächster Artikel Modeling and Performance Analysis of 400 Gbps CO-OFDM Based Inter-satellite Optical Wireless Communication (IsOWC) System Incorporating Polarization Division Multiplexing with Enhanced Detection

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Tsai, C. W., Lai, C. F., & Vasilakos, A. V. (2014). Future internet of things: Open issues and challenges. Wireless Networks,20(8), 2201–2217. https://doi.org/10.1007/s11276-014-0731-0.CrossRef

Roman, R., Zhou, J., & Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things. Computer Networks,57(10), 2266–2279. https://doi.org/10.1016/j.comnet.2012.12.018.CrossRef

Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014). Security of the internet of things: Perspectives and challenges. Wireless Networks,20(8), 2481–2501. https://doi.org/10.1007/s11276-014-0761-7.CrossRef

Wan, J., Chen, M., Xia, F., Di, L., & Zhou, K. (2013). From machine-to-machine communications towards cyber-physical systems. Computer Science and Information Systems,10(3), 1105–1128. https://doi.org/10.2298/CSIS120326018W.CrossRef

Sarvabhatla, M., & Vorugunti, C. S. (2014). A secure biometric‐based user authentication scheme for heterogeneous WSN. In 2014 Fourth international conference of emerging applications of information technology (pp. 367–372). IEEE. https://doi.org/10.1109/eait.2014.23.

Lin, C. H., & Lai, Y. Y. (2004). A flexible biometrics remote user authentication scheme. Computer Standards & Interfaces,27(1), 19–23. https://doi.org/10.1016/j.csi.2004.03.003.CrossRef

An, Y. (2012). Security analysis and enhancements of an effective biometric based remote user authentication scheme using smart cards. BioMed Research International. https://doi.org/10.1155/2012/519723.CrossRef

Khan, S. H., Akbar, M. A., Shahzad, F., Farooq, M., & Khan, Z. (2015). Secure biometric template generation for multi-factor authentication. Pattern Recognition,48(2), 458–472. https://doi.org/10.1016/j.patcog.2014.08.024.CrossRef

Jiang, Q., Ma, J., & Li, G. (2013). An enhanced authentication scheme with privacy preservation for roaming service in global mobility networks. Wireless Personal Communications,68(4), 1477–1491. https://doi.org/10.1007/s11277-012-0535-4.CrossRef

10.

Jiang, Q., Ma, J., Li, G., & Yang, L. (2014). An efficient ticket based authentication protocol with unlinkability for wireless access networks. Wireless Personal Communications,77(2), 1489–1506. https://doi.org/10.1007/s11277-013-1594-x.CrossRef

11.

Zhao, G., Si, X.,Wang, J., Long, X., & Hu, T. (2011). A novel mutual authentication scheme for Internet of Things. In Proceedings of international conference on modelling, identification and control (ICMIC) (pp. 563–566). IEEE. https://doi.org/10.1109/icmic.2011.5973767.

12.

Sood, S., Sarje, A. K., & Singh, K. (2011). A secure dynamic identity based authentication protocol for multi-server architecture. Network and Computer Applications,34(2), 609–618. https://doi.org/10.1016/j.jnca.2010.11.011.CrossRef

13.

Kalra, S., & Sood, S. (2013). Advanced remote user authentication protocol for multi-server architecture based on ECC. Information Security and Applications,18(2), 98–107. https://doi.org/10.1016/j.jisa.2013.07.005.CrossRef

14.

Yeh, H. L., Chen, T. H., Liu, P. C., Kim, T. H., & Wei, H. W. (2011). A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors,11(5), 4767–4779. https://doi.org/10.3390/s110504767.CrossRef

15.

Shi, W., & Gong, P. (2013). A new user authentication protocol for wireless sensor networks using elliptic curves cryptography. Distributed Sensor Networks,9(4), 1–7. https://doi.org/10.1155/2013/730831.CrossRef

16.

Choi, Y., Lee, D., Kim, J., Jung, J., Nam, J., & Won, D. (2014). Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors,14(6), 10081–10106. https://doi.org/10.3390/s140610081.CrossRef

17.

Xue, K., Ma, C., Hong, P., & Ding, R. (2013). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Network and Computer Applications,36(1), 316–323. https://doi.org/10.1016/j.jnca.2012.05.010.CrossRef

18.

Jiang, Q., Ma, J., Lu, X., & Tian, Y. (2015). An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Networking and Applications,8(6), 1070–1081. https://doi.org/10.1007/s12083-014-0285-z.CrossRef

19.

Turkanović, M., Brumen, B., & Hölbl, M. (2014). A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Networks,20, 96–112. https://doi.org/10.1016/j.adhoc.2014.03.009.CrossRef

20.

Amin, R., & Biswas, G. P. (2016). A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Networks,36, 58–80. https://doi.org/10.1016/j.adhoc.2015.05.020.CrossRef

21.

Kalra, S., & Sood, S. K. (2015). Secure authentication scheme for IoT and cloud servers. Pervasive and Mobile Computing,24, 210–223. https://doi.org/10.1016/j.pmcj.2015.08.001.CrossRef

22.

Chang, C. C., Wu, H. L., & Sun, C. Y. (2017). Notes on ‘secure authentication scheme for IoT and cloud servers’. Pervasive and Mobile Computing,38, 275–278. https://doi.org/10.1016/j.pmcj.2015.12.003.CrossRef

23.

Lee, J. K., Ryu, S. R., & Yoo, K. Y. (2002). Fingerprint-based remote user authentication scheme using smart cards. Electronics Letters,38(12), 554–555. https://doi.org/10.1049/el:20020380.CrossRef

24.

Chang, C. C., & Lin, I. C. (2004). Remarks on fingerprint-based remote user authentication scheme using smart cards. ACM SIGOPS Operating System Review,38(4), 91–96. https://doi.org/10.1145/1031154.1031165.CrossRef

25.

Das, A. K., & Goswami, A. (2015). A robust anonymous biometric-based remote user authentication scheme using smart cards. King Saud University-Computer and Information Sciences,27(2), 193–210. https://doi.org/10.1016/j.jksuci.2014.03.020.CrossRef

26.

Burrows, M., Abadi, M., & Needham, R. (1990). A logic of authentication. ACM Transactions on Computer Systems,8(1), 18–36. https://doi.org/10.1145/77648.77649.CrossRefMATH

27.

Huang, X., Xiang, Y., Chonka, A., Zhou, J., & Deng, R. H. (2011). A generic framework for three-factor authentication: Preserving security and privacy in distributed systems. IEEE Transactions on Parallel and Distributed Systems,22(8), 1390–1397. https://doi.org/10.1109/TPDS.2010.206.CrossRef

28.

Kothmayr, T., Schmitt, C., Hu, W., Brünig, M., & Carle, G. (2012). A DTLS based end‐to‐end security architecture for the internet of things with two‐way authentication. In Proceedings of 37th conference on local computer networks workshops (pp. 956–963). IEEE. https://doi.org/10.1109/lcnw.2012.6424088.

29.

Jiang, Q., Kumar, N., Ma, J., Shen, J., & He, D. (2016). A privacy-aware two-factor authentication protocol based on elliptic curve cryptography for wireless sensor networks. Network Management. https://doi.org/10.1002/nem.1937.CrossRef

30.

Shamir, A. (1985). Identity-based cryptosystems and signature schemes. In Proceedings of CRYPTO’84 on advances in cryptology (Vol. 196, pp. 47–53). Springer. https://doi.org/10.1007/3-540-39568-7_5.

31.

Boneh, D., & Franklin, M. (2001). Identity-based encryption from the Weil pairing. In Annual international cryptology conference—CRYPTO 2001 (pp. 213–229). Springer. https://doi.org/10.1007/3-540-44647-8_13.CrossRef

32.

Gentry, C., Peikert, C., & Vaikuntanathan, V. (2008). Trapdoors for hard lattices and new cryptographic constructions. In Proceedings of 14th ACM annual symposium on theory of computing (pp. 197–206). ACM. https://doi.org/10.1145/1374376.1374407.

33.

Das, M. L., Saxena, A., Gulati, V. P., & Phatak, D. B. (2006). A novel remote user authentication scheme using bilinear pairings. Computers & Security,25(3), 184–189. https://doi.org/10.1016/j.cose.2005.09.002.CrossRef

34.

Chou, J. S., Chen, Y., & Lin, J. Y. (2005). Improvement of Manik et al.’s remote user authentication scheme. http://eprint.iacr.org/2005/450.pdf.

35.

Goriparthi, T., Das, M.L., Negi, A., & Saxena, A. (2006). Cryptanalysis of recently proposed Remote User Authentication Schemes. Cryptology ePrint Archive. http://eprint.iacr.org/2006/028.pdf.

36.

Fang, G., & Huang, G. (2006). Improvement of recently proposed remote user authentication schemes. Cryptology ePrint Archive. http://eprint.iacr.org/2006/200.pdf.

37.

Vallent, T. F., & Kim, H. (2013). Three factor authentication protocol based on bilinear pairing. In: Multimedia and ubiquitous engineering, Lecture notes in electrical engineering (Vol. 240, pp. 253–259). Springer. https://doi.org/10.1007/978-94-007-6738-6_32.

38.

Hsu, C. L., Chuang, Y. H., & Kuo, C. (2015). A novel remote user authentication scheme from bilinear pairings via internet. Wireless Personal Communications,83(1), 163–174. https://doi.org/10.1007/s11277-015-2386-2.CrossRef

39.

Luo, M., & Zhao, H. (2015). An authentication and key agreement mechanism for multi-domain wireless networks using certificateless public-key cryptography. Wireless Personal Communications,81(2), 779–798. https://doi.org/10.1007/s11277-014-2157-5.CrossRef

40.

Tsai, J. L., & Lo, N. W. (2015). Provably secure and efficient anonymous ID-based authentication protocol for mobile devices using bilinear pairings. Wireless Personal Communications,83(2), 1273–1286. https://doi.org/10.1007/s11277-015-2449-4.CrossRef

41.

Bakhtiari-Chehelcheshmeh, S., & Hosseinzadeh, M. (2017). A new certificateless and secure authentication scheme for ad hoc networks. Wireless Personal Communications,94(4), 2833–2851. https://doi.org/10.1007/s11277-016-3721-y.CrossRef

42.

Boyen, X. (2003). Multipurpose identity-based signcryption. In Proceedings of 23rd annual international conference on cryptology (CRYPTO’03) (Vol. 2729, pp. 383–399). Springer. https://doi.org/10.1007/978-3-540-45146-4_23.CrossRef

43.

Barreto, P. S., Libert, B., McCullagh, N., & Quisquater, J. J. (2005). Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. In International conference on the theory and application of cryptology and information security (pp. 515–532). Springer. https://doi.org/10.1007/11593447_28.

44.

Vigano, L. (2006). Automated security protocol analysis with the AVISPA tool. Electronic Notes in Theoretical Computer Science,155, 61–86. https://doi.org/10.1016/j.entcs.2005.11.052.CrossRef

45.

Barreto, P. S. L. M., Kim, H. Y., Lynn, B., & Scott, M. (2002). Efficient algorithms for pairing-based cryptosystems. In Proceedings of 22nd annual international conference on cryptography (Vol. 2242, pp. 354–369). Springer. https://doi.org/10.1007/3-540-45708-9_23.CrossRef

46.

Hafizul, S. K., & Biswas, I. G. P. (2015). Design of two-party authenticated key agreement protocol based on ECC and self-certified public keys. Wireless Personal Communications,82(4), 2727–2750. https://doi.org/10.1007/s11277-015-2375-5.CrossRef

47.

Shim, K. A., Lee, Y. R., & Park, C. M. (2013). EIBAS: An efficient identity-based broadcast authentication scheme in wireless sensor networks. Ad Hoc Networks,11(1), 182–189. https://doi.org/10.1016/j.adhoc.2012.04.015.CrossRef

48.

Dolev, D., & Yao, A. C. (1983). On the security of public key protocols. IEEE Transactions on Information Theory,29(2), 198–208. https://doi.org/10.1109/TIT.1983.1056650.MathSciNetCrossRefMATH

Titel: A Multi-factor User Authentication and Key Agreement Protocol Based on Bilinear Pairing for the Internet of Things
verfasst von: Mohammad Nikravan
Akram Reza
Publikationsdatum: 16.10.2019
Verlag: Springer US
Erschienen in: Wireless Personal Communications / Ausgabe 1/2020
Print ISSN: 0929-6212
Elektronische ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-019-06869-y

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence_ieS/© Springer Fachmedien Wiesbaden GmbH, Search Icon, Banner Hanser, Strompreise/© vejaa / stock.adobe.com, Bunte Männchen, die Kunden darstelle, werden von einem riesigen Magneten angezogen. /© Oleksiy Mark, Dr. Daniel Schneider/© Fraunhofer IESE, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 1/2020

Low-Voltage Flipped Voltage Follower Cell Based Current Mirrors for High Frequency Applications

Towards Coverage-Aware Fuzzy Logic-Based Faulty Node Detection in Heterogeneous Wireless Sensor Networks

Feature Selection Ranking and Subset-Based Techniques with Different Classifiers for Intrusion Detection

DRP: Dynamic Routing Protocol in Wireless Sensor Networks

Dual-Band Linearly Polarized Integrated Dielectric Resonator Antenna for Wi-MAX Applications

Gaining Insight into Sustainable Telecommunications Infrastructure: A Case of Aerosol Retention over Sokoto, Nigeria

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.