Robust and Lightweight Key Exchange (LKE) Protocol for Industry 4.0

Industry 4.0 has brought solutions for faster data accessibility, fault identification, performance analysis, and control of machines remotely by managers. Though beneficial but dangerous as the IoT (Internet of Things) nodes communicate over the unsecured wireless medium. The communication over unsecured wireless channel opened enormous ways for the illegitimate nodes to access the information and take control over the industrial machines despite being physically away. These threats can be overpowered with secure sessions; however, the exchange of keys to establish a secure session over a vulnerable channel becomes a challenge. Our approach (LKE) intend to solve this problem. LKE provides a lightweight key exchange platform to the legitimate IoT nodes and prohibit the unauthorized abuses. LKE uses lightweight Elliptic Curve Qu-Vanstone (ECQV) based implicit certificates for trust-building and generating keys among entities. All the messages exchanged are secured to prevent unauthorized access to information and preventing against forgery, replay, modification, impersonation and man-in-the-middle attacks, etc. The proposed scheme is tested on the AVISPA tool and results indicate its trustworthiness and strong resistivity against potential attacks. LKE has less computation and communication complexities due to the utilization of limited cryptographic operations which make it superior in comparison to other state-of-the-work.

[1]  Parikshit N. Mahalle,et al.  Security Issues in IIoT: A Comprehensive Survey of Attacks on IIoT and Its Countermeasures , 2018, 2018 IEEE Global Conference on Wireless Computing and Networking (GCWCN).

[2]  Athanasios V. Vasilakos,et al.  Biometrics-Based Privacy-Preserving User Authentication Scheme for Cloud-Based Industrial Internet of Things Deployment , 2018, IEEE Internet of Things Journal.

[3]  Luca Viganò,et al.  Automated Security Protocol Analysis With the AVISPA Tool , 2006, MFPS.

[4]  Ashok Kumar Das,et al.  Anonymous Lightweight Chaotic Map-Based Authenticated Key Agreement Protocol for Industrial Internet of Things , 2020, IEEE Transactions on Dependable and Secure Computing.

[5]  Ahmed Serhrouchni,et al.  A Survey of Internet of Things (IoT) Authentication Schemes † , 2019, Sensors.

[6]  Cailian Chen,et al.  DoS Attack on Networked Control System: From the Viewpoint on Communication-Control Cost , 2019, 2019 Chinese Automation Congress (CAC).

[7]  Ping Wang,et al.  Measuring Two-Factor Authentication Schemes for Real-Time Data Access in Industrial Wireless Sensor Networks , 2018, IEEE Transactions on Industrial Informatics.

[8]  Joonsang Baek,et al.  An efficient and scalable re-authentication protocol over wireless sensor network , 2011, IEEE Transactions on Consumer Electronics.

[9]  Fengjun Li,et al.  Cyber-Physical Systems Security—A Survey , 2017, IEEE Internet of Things Journal.

[10]  Osama Alfarraj,et al.  Resource Efficient Authentication and Session Key Establishment Procedure for Low-Resource IoT Devices , 2019, IEEE Access.

[11]  Chin-Chen Chang,et al.  A Provably Secure, Efficient, and Flexible Authentication Scheme for Ad hoc Wireless Sensor Networks , 2016, IEEE Transactions on Wireless Communications.

[12]  Alireza Esfahani,et al.  A Lightweight Authentication Mechanism for M2M Communications in Industrial IoT Environment , 2019, IEEE Internet of Things Journal.

[13]  Wu He,et al.  Internet of Things in Industries: A Survey , 2014, IEEE Transactions on Industrial Informatics.

[14]  Mohamed Amine Ferrag,et al.  Authentication Protocols for Internet of Things: A Comprehensive Survey , 2016, Secur. Commun. Networks.

[15]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[16]  Emilio Tissato Nakamura,et al.  A Privacy, Security, Safety, Resilience and Reliability Focused Risk Assessment Methodology for IIoT Systems Steps to Build and Use Secure IIoT Systems , 2018, 2018 Global Internet of Things Summit (GIoTS).

[17]  Nada Golmie,et al.  A Survey on Industrial Internet of Things: A Cyber-Physical Systems Perspective , 2018, IEEE Access.

[18]  Jiankun Hu,et al.  A New Threat Intelligence Scheme for Safeguarding Industry 4.0 Systems , 2018, IEEE Access.

[19]  Ashok Kumar Das,et al.  Lightweight and Physically Secure Anonymous Mutual Authentication Protocol for Real-Time Data Access in Industrial Wireless Sensor Networks , 2019, IEEE Transactions on Industrial Informatics.

[20]  Giuseppe Aceto,et al.  A Survey on Information and Communication Technologies for Industry 4.0: State-of-the-Art, Taxonomies, Perspectives, and Challenges , 2019, IEEE Communications Surveys & Tutorials.

[21]  Fan Wu,et al.  A Robust and Energy Efficient Authentication Protocol for Industrial Internet of Things , 2018, IEEE Internet of Things Journal.

[22]  Peng Liu,et al.  The Effect of IoT New Features on Security and Privacy: New Threats, Existing Solutions, and Challenges Yet to Be Solved , 2018, IEEE Internet of Things Journal.

[23]  Marco Conti,et al.  Data Management in Industry 4.0: State of the Art and Open Challenges , 2019, IEEE Access.

[24]  Wei Xiang,et al.  Internet of Things for Smart Healthcare: Technologies, Challenges, and Opportunities , 2017, IEEE Access.

[25]  Yi Zhang,et al.  Internet-of-Things Security and Vulnerabilities: Taxonomy, Challenges, and Practice , 2018, J. Hardw. Syst. Secur..

[26]  Hokeun Kim,et al.  Authentication and Authorization for the Internet of Things , 2017, IT Professional.

[27]  Wei Ni,et al.  Anatomy of Threats to the Internet of Things , 2019, IEEE Communications Surveys & Tutorials.

[28]  Chang-Sun Shin,et al.  IoT-Based Strawberry Disease Prediction System for Smart Farming , 2018, Sensors.

[29]  Kyung-Sup Kwak,et al.  The Internet of Things for Health Care: A Comprehensive Survey , 2015, IEEE Access.

[30]  Haralambos Mouratidis,et al.  A Security Analysis Method for Industrial Internet of Things , 2018, IEEE Transactions on Industrial Informatics.

[31]  Fan Wu,et al.  A Robust ECC-Based Provable Secure Authentication Protocol With Privacy Preserving for Industrial Internet of Things , 2018, IEEE Transactions on Industrial Informatics.

[32]  Swapnil Paliwal,et al.  Hash-Based Conditional Privacy Preserving Authentication and Key Exchange Protocol Suitable for Industrial Internet of Things , 2019, IEEE Access.

[33]  Lei Shu,et al.  Smart Factory of Industry 4.0: Key Technologies, Application Case, and Challenges , 2018, IEEE Access.

[34]  Mohammed Elkoutbi,et al.  A Dynamic Timestamp Discrepancy against Replay Attacks in MANET , 2011 .

[35]  Andrei Gurtov,et al.  Anonymous Secure Framework in Connected Smart Home Environments , 2017, IEEE Transactions on Information Forensics and Security.