An Efficient Privacy Preserving Message Authentication Scheme for Internet-of-Things

As an essential element of the next generation Internet, Internet of Things (IoT) has been undergoing an extensive development in recent years. In addition to the enhancement of people's daily lives, IoT devices also generate/gather a massive amount of data that could be utilized by machine learning and big data analytics for different applications. Due to the machine-to-machine communication nature of IoT, data security and privacy are crucial issues that must be addressed to prevent different cyber attacks (e.g., impersonation and data pollution/poisoning attacks). Nevertheless, due to the constrained computation power and the diversity of IoT devices, it is a challenging problem to develop lightweight and versatile IoT security solutions. In this article, we propose an efficient, secure, and privacy-preserving message authentication scheme for IoT. Our scheme supports IoT devices with different cryptographic configurations and allows offline/online computation, making it more versatile and efficient than the previous solutions.

[1]  Xiong Li,et al.  A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments , 2018, J. Netw. Comput. Appl..

[2]  Biplab Sikdar,et al.  Two-Factor Authentication for IoT With Location Information , 2019, IEEE Internet of Things Journal.

[3]  Ping Wang,et al.  Measuring Two-Factor Authentication Schemes for Real-Time Data Access in Industrial Wireless Sensor Networks , 2018, IEEE Transactions on Industrial Informatics.

[4]  Haiyun Luo,et al.  Statistical en-route filtering of injected false data in sensor networks , 2004, IEEE INFOCOM 2004.

[5]  Yingshu Li,et al.  Collective Data-Sanitization for Preventing Sensitive Information Inference Attacks in Social Networks , 2018, IEEE Transactions on Dependable and Secure Computing.

[6]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[7]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[8]  Jiguo Yu,et al.  A Privacy Preserving Communication Protocol for IoT Applications in Smart Homes , 2016, 2016 International Conference on Identification, Information and Knowledge in the Internet of Things (IIKI).

[9]  Mohsen Guizani,et al.  Deep Learning for IoT Big Data and Streaming Analytics: A Survey , 2017, IEEE Communications Surveys & Tutorials.

[10]  Wu He,et al.  Developing Vehicular Data Cloud Services in the IoT Environment , 2014, IEEE Transactions on Industrial Informatics.

[11]  Ashok Kumar Das,et al.  Lightweight and Physically Secure Anonymous Mutual Authentication Protocol for Real-Time Data Access in Industrial Wireless Sensor Networks , 2019, IEEE Transactions on Industrial Informatics.

[12]  Koutarou Suzuki,et al.  Traceable Ring Signature , 2007, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[13]  Guiling Wang,et al.  Lightweight and Compromise-Resilient Message Authentication in Sensor Networks , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[14]  Masayuki Abe,et al.  1-out-of-n Signatures from a Variety of Keys , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[15]  Jie Ling,et al.  Secure and fine-grained access control on e-healthcare records in mobile cloud computing , 2018, Future Gener. Comput. Syst..

[16]  Yi Mu,et al.  A Privacy-Preserving Fog Computing Framework for Vehicular Crowdsensing Networks , 2018, IEEE Access.

[17]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[18]  Wu He,et al.  Internet of Things in Industries: A Survey , 2014, IEEE Transactions on Industrial Informatics.

[19]  Biplab Sikdar,et al.  Secure Data Provenance for the Internet of Things , 2017, IoTPTS@AsiaCCS.

[20]  Jian Shen,et al.  An untraceable temporal-credential-based two-factor authentication scheme using ECC for wireless sensor networks , 2016, J. Netw. Comput. Appl..

[21]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[22]  Samiran Chattopadhyay,et al.  Chaotic Map-Based Anonymous User Authentication Scheme With User Biometrics and Fuzzy Extractor for Crowdsourcing Internet of Things , 2018, IEEE Internet of Things Journal.

[23]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[24]  Jian Shen,et al.  A Novel Latin-Square-Based Secret Sharing for M2M Communications , 2018, IEEE Transactions on Industrial Informatics.

[25]  Sushil Jajodia,et al.  An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[26]  Biplab Sikdar,et al.  Lightweight and Privacy-Preserving Two-Factor Authentication Scheme for IoT Devices , 2019, IEEE Internet of Things Journal.

[27]  Zohra Binte Sailan,et al.  Hop by Hop Message Authentication and Source Privacy in Wireless Sensor Networks , 2015 .

[28]  Fan Wu,et al.  A Robust ECC-Based Provable Secure Authentication Protocol With Privacy Preserving for Industrial Internet of Things , 2018, IEEE Transactions on Industrial Informatics.

[29]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[30]  Patrick D. McDaniel,et al.  Machine Learning in Adversarial Settings , 2016, IEEE Security & Privacy.