Faster Authenticated Key Agreement With Perfect Forward Secrecy for Industrial Internet-of-Things

Industrial Internet-of-Things (IIoT) is the basis of Industry 4.0, which extends Internet connectivity beyond traditional computing devices like computers and smartphones to the physical world for improving efficiency and accuracy while reducing the production cost. However, there are tremendous security threats to IIoT, such as IIoT device hijacking and data leaks. Therefore, a lightweight authenticated key agreement (AKA) protocol is commonly applied to establish a session key for securing the communication between IIoT devices. To protect the previous session keys from being compromised, perfect forward secrecy (PFS) has been one of the most important security properties of AKA. In this article, we present an efficient PFS-enabled AKA protocol for IIoT systems, which is developed based on a new dynamic authentication credential (DAC) framework, without using any public-key cryptographic primitives. It is worth noting that our protocol is also faster than the state-of-the-art DAC-based AKA protocols with PFS. Moreover, we give the formal security result of the proposed protocol in the random oracle model.

[1]  Vanga Odelu,et al.  A Secure Biometrics-Based Multi-Server Authentication Protocol Using Smart Cards , 2015, IEEE Transactions on Information Forensics and Security.

[2]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[3]  Fan Wu,et al.  A Robust ECC-Based Provable Secure Authentication Protocol With Privacy Preserving for Industrial Internet of Things , 2018, IEEE Transactions on Industrial Informatics.

[4]  Maode Ma,et al.  A Mutual Authentication and Key Establishment Scheme for M2M Communication in 6LoWPAN Networks , 2016, IEEE Transactions on Industrial Informatics.

[5]  Chao Liu,et al.  On the security of a provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks , 2018, Int. J. Distributed Sens. Networks.

[6]  Peilin Hong,et al.  A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks , 2013, J. Netw. Comput. Appl..

[7]  Pascal Lafourcade,et al.  Formal Analysis of Security Properties on the OPC-UA SCADA Protocol , 2016, SAFECOMP.

[8]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[9]  Fan Wu,et al.  A Robust and Energy Efficient Authentication Protocol for Industrial Internet of Things , 2018, IEEE Internet of Things Journal.

[10]  Eun-Jun Yoon,et al.  Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications , 2017, IEEE Access.

[11]  Cas J. F. Cremers,et al.  Secure Authentication in the Grid: A Formal Analysis of DNP3: SAv5 , 2017, ESORICS.

[12]  Ashok Kumar Das,et al.  A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks , 2016, Peer-to-Peer Netw. Appl..

[13]  Chenyu Wang,et al.  An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks , 2017, Sensors.

[14]  Ahmad-Reza Sadeghi,et al.  Security and privacy challenges in industrial Internet of Things , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[15]  Junyu Lai,et al.  A Novel Authenticated Key Agreement Protocol With Dynamic Credential for WSNs , 2019, ACM Trans. Sens. Networks.

[16]  Fan Wu,et al.  A Lightweight Authentication Scheme for Multi-gateway Wireless Sensor Networks Under IoT Conception , 2019, Arabian Journal for Science and Engineering.

[17]  Mauro Conti,et al.  A secure user authentication and key-agreement scheme using wireless sensor networks for agriculture monitoring , 2017, Future Gener. Comput. Syst..

[18]  Haralambos Mouratidis,et al.  A Security Analysis Method for Industrial Internet of Things , 2018, IEEE Transactions on Industrial Informatics.

[19]  Branka Vucetic,et al.  A Lightweight Security and Privacy-Enhancing Key Establishment for Internet of Things Applications , 2018, 2018 IEEE International Conference on Communications (ICC).

[20]  Khalil El-Khatib,et al.  Securing modbus transactions using hash-based message authentication codes and stream transmission control protocol , 2013, 2013 Third International Conference on Communications and Information Technology (ICCIT).

[21]  Muhammad Khurram Khan,et al.  Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks , 2016, Comput. Networks.

[22]  Sherali Zeadally,et al.  Fog Computing for 5G Tactile Industrial Internet of Things: QoE-Aware Resource Allocation Model , 2019, IEEE Transactions on Industrial Informatics.

[23]  Zheng Yang,et al.  Authenticated key exchange with synchronized state , 2014, Secur. Commun. Networks.

[24]  Xiong Li,et al.  A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments , 2018, J. Netw. Comput. Appl..

[25]  Ping Wang,et al.  Two-factor authentication in industrial Internet-of-Things: Attacks, evaluation and new construction , 2019, Future Gener. Comput. Syst..

[26]  David Pointcheval,et al.  Password-Based Authenticated Key Exchange in the Three-Party Setting , 2005, Public Key Cryptography.

[27]  Song Han,et al.  Industrial Internet of Things: Challenges, Opportunities, and Directions , 2018, IEEE Transactions on Industrial Informatics.

[28]  Zheng Yang,et al.  Simpler Generic Constructions for Strongly Secure One-round Key Exchange from Weaker Assumptions , 2017, Comput. J..

[29]  Mauro Conti,et al.  Design of Secure User Authenticated Key Management Protocol for Generic IoT Networks , 2018, IEEE Internet of Things Journal.

[30]  Paul C. van Oorschot,et al.  CROO: A Universal Infrastructure and Protocol to Detect Identity Fraud , 2008, ESORICS.

[31]  Fagen Li,et al.  AKAIoTs: authenticated key agreement for Internet of Things , 2019, Wirel. Networks.

[32]  Dieter Hogrefe,et al.  Security analysis and improvement of a mutual authentication and key agreement solution for wireless sensor networks using chaotic maps , 2018, Trans. Emerg. Telecommun. Technol..

[33]  Chin-Chen Chang,et al.  A Provably Secure, Efficient, and Flexible Authentication Scheme for Ad hoc Wireless Sensor Networks , 2016, IEEE Transactions on Wireless Communications.

[34]  Xiong Li,et al.  A privacy-preserving and provable user authentication scheme for wireless sensor networks based on Internet of Things security , 2017, J. Ambient Intell. Humaniz. Comput..

[35]  Elias Levy Crossover: Online Pests Plaguing the Offline World , 2003, IEEE Secur. Priv..

[36]  Pekka Abrahamsson,et al.  Security challenges in IoT development: a software engineering perspective , 2017, XP Workshops.

[37]  Yuwen Chen,et al.  A Lightweight Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: LightPriAuth , 2018, J. Sensors.

[38]  Mihir Bellare,et al.  Provably secure session key distribution: the three party case , 1995, STOC '95.

[39]  Xiong Li,et al.  Provably secure user authentication and key agreement scheme for wireless sensor networks , 2016, Secur. Commun. Networks.

[40]  Donghoon Lee,et al.  Security Enhanced User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2014, Sensors.

[41]  Li Li,et al.  Signature-based three-factor authenticated key exchange for internet of things applications , 2017, Multimedia Tools and Applications.

[42]  Xiong Li,et al.  A new and secure authentication scheme for wireless sensor networks with formal proof , 2017, Peer-to-Peer Netw. Appl..

[43]  Zheng Yang,et al.  SignORKE: improving pairing-based one-round key exchange without random oracles , 2017, IET Inf. Secur..