MAKE-IT—A Lightweight Mutual Authentication and Key Exchange Protocol for Industrial Internet of Things

Continuous development of the Industrial Internet of Things (IIoT) has opened up enormous opportunities for the engineers to enhance the efficiency of the machines. Despite the development, many industry administrators still fear to use Internet for operating their machines due to untrusted nature of the communication channel. The utilization of internet for managing industrial operations can be widespread adopted if the authentication of the entities are performed and trust is ensured. The traditional schemes with their inherent security issues and other complexities, cannot be directly deployed to resource constrained network devices. Therefore, we have proposed a strong mutual authentication and secret key exchange protocol to address the vulnerabilities of the existing schemes. We have used various cryptography operations such as hashing, ciphering, and so forth, for providing secure mutual authentication and secret key exchange between different entities to restrict unauthorized access. Performance and security analysis clearly demonstrates that the proposed work is energy efficient (computation and communication inexpensive) and more robust against the attacks in comparison to the traditional schemes.

[1]  Chin-Chen Chang,et al.  A Provably Secure, Efficient, and Flexible Authentication Scheme for Ad hoc Wireless Sensor Networks , 2016, IEEE Transactions on Wireless Communications.

[2]  Houbing Song,et al.  Security of the Internet of Things: Vulnerabilities, Attacks, and Countermeasures , 2019, IEEE Communications Surveys & Tutorials.

[3]  D. Humphreys Mining productivity and the fourth industrial revolution , 2019, Mineral Economics.

[4]  Ingrid Moerman,et al.  A Survey of LoRaWAN for IoT: From Technology to Application , 2018, Sensors.

[5]  Gurjot Singh Gaba,et al.  Robust and Lightweight Mutual Authentication Scheme in Distributed Smart Environments , 2020, IEEE Access.

[6]  Ashok Kumar Das,et al.  Lightweight and Physically Secure Anonymous Mutual Authentication Protocol for Real-Time Data Access in Industrial Wireless Sensor Networks , 2019, IEEE Transactions on Industrial Informatics.

[7]  Ingrid Moerman,et al.  LoRa indoor coverage and performance in an industrial environment: Case study , 2017, 2017 22nd IEEE International Conference on Emerging Technologies and Factory Automation (ETFA).

[8]  K. V. Prema,et al.  Light-weight hashing method for user authentication in Internet-of-Things , 2019, Ad Hoc Networks.

[9]  Fan Wu,et al.  A Robust and Energy Efficient Authentication Protocol for Industrial Internet of Things , 2018, IEEE Internet of Things Journal.

[10]  Mikael Gidlund,et al.  A Central Intrusion Detection System for RPL-Based Industrial Internet of Things , 2019, 2019 15th IEEE International Workshop on Factory Communication Systems (WFCS).

[11]  Alireza Esfahani,et al.  A Lightweight Authentication Mechanism for M2M Communications in Industrial IoT Environment , 2019, IEEE Internet of Things Journal.

[12]  Tommy Svensson,et al.  Uplink Multiuser MIMO-OFDM System in the Presence of Phase Noises, Power Imbalance, and Correlation , 2018, Wirel. Commun. Mob. Comput..

[13]  Swapnil Paliwal,et al.  Hash-Based Conditional Privacy Preserving Authentication and Key Exchange Protocol Suitable for Industrial Internet of Things , 2019, IEEE Access.

[14]  Parikshit N. Mahalle,et al.  Security Issues in IIoT: A Comprehensive Survey of Attacks on IIoT and Its Countermeasures , 2018, 2018 IEEE Global Conference on Wireless Computing and Networking (GCWCN).

[15]  John Mattsson,et al.  Requirements for a Lightweight AKE for OSCORE , 2019 .

[16]  V. Balaji Internet of Things in Industry: A Survey of Technology, Applications and Future Directions , 2019, International Journal for Research in Applied Science and Engineering Technology.

[17]  Zhiyuan Zheng,et al.  Safeguarding Building Automation Networks: THE-Driven Anomaly Detector Based on Traffic Analysis , 2017, 2017 26th International Conference on Computer Communication and Networks (ICCCN).

[18]  J. Bilbao,et al.  Energy and coverage study of LPWAN schemes for Industry 4.0 , 2017, 2017 IEEE International Workshop of Electronics, Control, Measurement, Signals and their Application to Mechatronics (ECMSM).

[19]  Eric Rescorla,et al.  Compact TLS 1.3 , 2019 .

[20]  Wu He,et al.  Internet of Things in Industries: A Survey , 2014, IEEE Transactions on Industrial Informatics.

[21]  Yanan Zhao,et al.  Efficient and Provably Secure Certificateless Parallel Key-Insulated Signature Without Pairing for IIoT Environments , 2020, IEEE Systems Journal.

[22]  Fan Wu,et al.  A Robust ECC-Based Provable Secure Authentication Protocol With Privacy Preserving for Industrial Internet of Things , 2018, IEEE Transactions on Industrial Informatics.

[23]  Dirk Pesch,et al.  TS-LoRa: Time-slotted LoRaWAN for the Industrial Internet of Things , 2020, Comput. Commun..

[24]  Po-Wen Chi,et al.  A Lightweight Compound Defense Framework Against Injection Attacks in IIoT , 2018, 2018 IEEE Conference on Dependable and Secure Computing (DSC).

[25]  Hayrettin Evirgen,et al.  A Survey on LoRaWAN Architecture, Protocol and Technologies , 2019, Future Internet.

[26]  Nuno Pereira,et al.  Formal security analysis of LoRaWAN , 2019, Comput. Networks.

[27]  Andrei Gurtov,et al.  Anonymous Secure Framework in Connected Smart Home Environments , 2017, IEEE Transactions on Information Forensics and Security.

[28]  Athanasios V. Vasilakos,et al.  Biometrics-Based Privacy-Preserving User Authentication Scheme for Cloud-Based Industrial Internet of Things Deployment , 2018, IEEE Internet of Things Journal.

[29]  Luca Viganò,et al.  Automated Security Protocol Analysis With the AVISPA Tool , 2006, MFPS.

[30]  Nuno Pereira,et al.  Security Risk Analysis of LoRaWAN and Future Directions , 2018, Future Internet.

[31]  Francesca Palombini,et al.  Ephemeral Diffie-Hellman Over COSE (EDHOC) , 2019 .

[32]  Fernando Boavida,et al.  Industrial IoT Monitoring: Technologies and Architecture Proposal , 2018, Sensors.

[33]  Michele Luvisotto,et al.  On the Use of LoRaWAN for Indoor Industrial IoT Applications , 2018, Wirel. Commun. Mob. Comput..

[34]  Naveed Islam,et al.  An Energy-Efficient and Secure Routing Protocol for Intrusion Avoidance in IoT-Based WSN , 2019, Energies.

[35]  Gurjot Singh Gaba,et al.  Robust and Lightweight Key Exchange (LKE) Protocol for Industry 4.0 , 2020, IEEE Access.

[36]  Song Han,et al.  Industrial Internet of Things: Challenges, Opportunities, and Directions , 2018, IEEE Transactions on Industrial Informatics.

[37]  Nuno Pereira,et al.  Analysis of LoRaWAN v1.1 security: research paper , 2018, SmartObjects@MobiHoc.

[38]  Ali A. Yassin,et al.  Low-Overhead Remote User Authentication Protocol for IoT Based on a Fuzzy Extractor and Feature Extraction , 2019, IEEE Access.

[39]  Shahid Mumtaz,et al.  Massive Internet of Things for Industrial Applications: Addressing Wireless IIoT Connectivity Challenges and Ecosystem Fragmentation , 2017, IEEE Industrial Electronics Magazine.

[40]  Fan Wu,et al.  A Lightweight Authentication Scheme for Multi-gateway Wireless Sensor Networks Under IoT Conception , 2019, Arabian Journal for Science and Engineering.

[41]  Anindya Maiti,et al.  Security and Privacy Challenges in Upcoming Intelligent Urban Micromobility Transportation Systems , 2020, AutoSec@CODASPY.

[42]  Ismail Butun,et al.  Detecting Intrusions in Cyber-Physical Systems of Smart Cities : Challenges and Directions , 2019 .

[43]  Emilio Tissato Nakamura,et al.  A Privacy, Security, Safety, Resilience and Reliability Focused Risk Assessment Methodology for IIoT Systems Steps to Build and Use Secure IIoT Systems , 2018, 2018 Global Internet of Things Summit (GIoTS).

[44]  Adi Shamir,et al.  The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations , 2019, 2019 IEEE Symposium on Security and Privacy (SP).