A lightweight authentication scheme for 5G mobile communications: a dynamic key approach

The security of modern IoT Industry 4.0, 5G, 6G, Mobile ad hoc (MANET), narrowband internet of things (NB-IoT) and wireless sensory (WSN) networks and the autonomous computing capabilities of individual devices and self-organizing, greatly influence their applications in smart connected world. To achieve the sufficient security and privacy, autonomous and dynamic adaptive key management scheme and mutual authentication protocols should be provided to validate legitimacies of large number of nodes, users, devices, and servers in 5G networks. To this end, we propose a lightweight cipher approach that enhances the security level of communications and enables authentication and access control scheme that is implemented on a multi-layer communication architecture designed for NB-IoT 5G networks and resolve heterogeneity and scalability issues. It is well known that establishing an efficient cryptographic key generation and management scheme for machine-to-machine (M2M) and device-to-device (D2D) communication for IoT networks in 5G, the purposes of encryption and decryption is severely constrained by computation resources and performance. As a part of the network security, the key management plays a vital role in it. When compared to other schemes in PKI such as public key, pairwise-key and group-based key management, the dynamic-key based security is efficient in resource utilization and scalable which are the two key performance factors for Cloud based IoT/wireless sensory networks. Usually most IoT networks use a less secure communication channel that employs session keys in order to encrypt the communication. Additionally, in most IoT networks the resource consumption is constrained which then results in existing dynamic key generation algorithms being infeasible to run. It is still a challenging problem to securely interconnect and operate IoT protocols between constrained embedded devices. We propose a novel dynamic key generation scheme that takes the entropy and performs various operations to continuously generate a large set of unique keys. This type of key generation model is predominantly suitable for the conditions where the IoT devices cannot rely on constant key negotiation with dedicated servers as well as those devices which cannot reuse existing keys for encryption purposes. Performance evaluation using simulation and case study demonstrates that our dynamic key establishment scheme ensures an enhanced security level while reducing the communication overhead and the average latency for different category of IoT applications in 5G networks.

[1]  Takamichi Saito,et al.  On Compromising Password-Based Authentication over HTTPS , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).

[2]  Dmitry Khovratovich,et al.  Bicliques for Preimages: Attacks on Skein-512 and the SHA-2 family , 2012, IACR Cryptol. ePrint Arch..

[3]  Donggang Liu,et al.  Improving key predistribution with deployment knowledge in static sensor networks , 2005, TOSN.

[4]  Enrico Del Re,et al.  Energy Efficiency Perspectives of PMR Networks , 2017, Inf..

[5]  Cheah Wai Zhao,et al.  Exploring IOT Application Using Raspberry Pi , 2015 .

[6]  Jian Guo,et al.  Preimages for Step-Reduced SHA-2 , 2009, IACR Cryptol. ePrint Arch..

[7]  Dharma P. Agrawal,et al.  Efficient pairwise key establishment and management in static wireless sensor networks , 2005, IEEE International Conference on Mobile Adhoc and Sensor Systems Conference, 2005..

[8]  Paul Thomas,et al.  Efficient DCT-based secret key generation for the Internet of Things , 2019, Ad Hoc Networks.

[9]  Sherali Zeadally,et al.  Lightweight Three-Factor Authentication and Key Agreement Protocol for Internet-Integrated Wireless Sensor Networks , 2017, IEEE Access.

[10]  Mimoza Durresi,et al.  Secure communication architecture for internet of things using smartphones and multi-access edge computing in environment monitoring , 2019, J. Ambient Intell. Humaniz. Comput..

[11]  Sufian Hameed,et al.  Understanding Security Requirements and Challenges in Internet of Things (IoT): A Review , 2019, J. Comput. Networks Commun..

[12]  Andrew P. Martin,et al.  Threat-Based Security Analysis for the Internet of Things , 2014, 2014 International Workshop on Secure Internet of Things.

[13]  Sanggon Lee,et al.  Security Analysis and Improvements of Authentication and Access Control in the Internet of Things , 2014, Sensors.

[14]  Taekyoung Kwon,et al.  A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things , 2020, IEEE Access.

[15]  Aboubaker Lasebae,et al.  Security analysis of the constrained application protocol in the Internet of Things , 2013, Second International Conference on Future Generation Communication Technologies (FGCT 2013).

[16]  Liang Jin,et al.  High-rate secret key generation aided by multiple relays for Internet of Things , 2017 .

[17]  Sriram Sankaran,et al.  Lightweight security framework for IoTs using identity based cryptography , 2016, 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[18]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[19]  Seungmin Rho,et al.  Probabilistic Model for M2M in IoT networking and communication , 2016, Telecommun. Syst..

[20]  Elaine B. Barker,et al.  A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications , 2000 .

[21]  Jingjing Huang,et al.  Dynamic secret key generation exploiting Ultra-wideband wireless channel characteristics , 2015, 2015 IEEE Wireless Communications and Networking Conference (WCNC).

[22]  Subhasish Banerjee,et al.  An efficient mechanism to generate dynamic keys based on genetic algorithm , 2018 .

[23]  Vimal Mohan,et al.  Energy and Performance Analysis of Raspberry Pi with Modern Computing Devices , 2018 .

[24]  Emília Bubeníková,et al.  Validation of IoT secure communication gateway for constrained devices , 2019, 2019 International Conference on Applied Electronics (AE).

[25]  Thomas Shrimpton,et al.  Cryptographic Hash-Function Basics: Definitions, Implications, and Separations for Preimage Resistance, Second-Preimage Resistance, and Collision Resistance , 2004, FSE.

[26]  Nikunj Gamit,et al.  An efficient algorithm for dynamic key generation for image encryption , 2015, 2015 International Conference on Computer, Communication and Control (IC4).

[27]  Chih-Cheng Chen,et al.  Mobile Device Based Dynamic Key Management Protocols for Wireless Sensor Networks , 2015, J. Sensors.

[28]  W. D. Grover,et al.  Self-organizing broad-band transport networks , 1997, Proc. IEEE.

[29]  Vijay Kumar Jha,et al.  Secure key-distribution in IoT cloud networks , 2017, 2017 Third International Conference on Sensing, Signal Processing and Security (ICSSS).

[30]  Gang Gan,et al.  Internet of Things Security Analysis , 2011, 2011 International Conference on Internet Technology and Applications.

[31]  Fenghua Li,et al.  Privacy-Oriented Blockchain-Based Distributed Key Management Architecture for Hierarchical Access Control in the IoT Scenario , 2019, IEEE Access.

[32]  David E. Culler,et al.  SPINS: Security Protocols for Sensor Networks , 2001, MobiCom '01.

[33]  Cristina Alcaraz,et al.  Key management systems for sensor networks in the context of the Internet of Things , 2011, Comput. Electr. Eng..

[34]  Hassan N. Noura,et al.  Lightweight and Secure D2D Authentication & Key Management Based on PLS , 2019, 2019 IEEE 90th Vehicular Technology Conference (VTC2019-Fall).

[35]  B. Anand,et al.  A secured multiplicative Diffie Hellman key exchange routing approach for mobile ad hoc network , 2019 .

[36]  Imed Romdhani,et al.  A Decentralized Batch-Based Group Key Management Protocol for Mobile Internet of Things (DBGK) , 2015, 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing.

[37]  Shiju Sathyadevan,et al.  Protean Authentication Scheme – A Time-Bound Dynamic KeyGen Authentication Technique for IoT Edge Nodes in Outdoor Deployments , 2019, IEEE Access.

[38]  Christof Paar,et al.  Understanding Cryptography: A Textbook for Students and Practitioners , 2009 .

[39]  Paul F. Syverson,et al.  A taxonomy of replay attacks [cryptographic protocols] , 1994, Proceedings The Computer Security Foundations Workshop VII.

[40]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[41]  Mauro Conti,et al.  Design of Secure User Authenticated Key Management Protocol for Generic IoT Networks , 2018, IEEE Internet of Things Journal.

[42]  Huy Hoang Ngo,et al.  Dynamic Key Cryptography and Applications , 2010, Int. J. Netw. Secur..

[43]  Adi Shamir,et al.  IoT Goes Nuclear: Creating a Zigbee Chain Reaction , 2017, IEEE Security & Privacy.

[44]  Hisham Dahshan,et al.  Key Management in Web of Trust for Mobile Ad Hoc Networks , 2009, 2009 International Conference on Advanced Information Networking and Applications.

[45]  Manu Bansal,et al.  A review on lightweight cryptography algorithms for data security and authentication in IoTs , 2017, 2017 4th International Conference on Signal Processing, Computing and Control (ISPCC).

[46]  Krishnashree Achuthan,et al.  SDN Framework for Securing IoT Networks , 2017 .

[47]  Fatemeh Afghah,et al.  A Secret Key Generation Scheme for Internet of Things using Ternary-States ReRAM-based Physical Unclonable Functions , 2018, 2018 14th International Wireless Communications & Mobile Computing Conference (IWCMC).

[48]  Wenjing Lou,et al.  LEDS: Providing Location-Aware End-to-End Data Security in Wireless Sensor Networks , 2008, IEEE Trans. Mob. Comput..

[49]  V. N. Sastry,et al.  Fuzzy Extractor and Elliptic Curve Based Efficient User Authentication Protocol for Wireless Sensor Networks and Internet of Things , 2017, Inf..

[50]  Yehuda Lindell,et al.  Introduction to Modern Cryptography, Second Edition , 2014 .

[51]  Himani Agrawal,et al.  A Survey Report on Various Cryptanalysis Techniques , 2013 .

[52]  Hamid Barati,et al.  Dynamic key management algorithms in wireless sensor networks: A survey , 2019, Comput. Commun..

[53]  Ankit Shah,et al.  A Survey of Lightweight Cryptographic Algorithms for IoT-Based Applications , 2018, Smart Innovations in Communication and Computational Sciences.

[54]  Bala Srinivasan,et al.  A Limited-Used Key Generation Scheme for Internet Transactions , 2004, WISA.

[55]  Maede Ashouri-Talouki,et al.  Lightweight and anonymous three-factor authentication and access control scheme for real-time applications in wireless sensor networks , 2019, Peer-to-Peer Netw. Appl..

[56]  Yehuda Lindell,et al.  Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series) , 2007 .

[57]  Hsiao-Hwa Chen,et al.  Selecting key management schemes for WSN applications , 2012, Comput. Secur..

[58]  Huaxiong Wang,et al.  Advanced Meet-in-the-Middle Preimage Attacks: First Results on Full Tiger, and Improved Results on MD4 and SHA-2 , 2010, ASIACRYPT.

[59]  Samiran Chattopadhyay,et al.  A Provably Secure and Lightweight Anonymous User Authenticated Session Key Exchange Scheme for Internet of Things Deployment , 2019, IEEE Internet of Things Journal.

[60]  BuyyaRajkumar,et al.  SDN Enabled QoE and Security Framework for Multimedia Applications in 5G Networks , 2020 .

[61]  David Hutchison,et al.  A survey of key management for secure group communication , 2003, CSUR.