A Multi-factor User Authentication and Key Agreement Protocol Based on Bilinear Pairing for the Internet of Things

The Internet of Things (IoT) presents a new paradigm of the future internet that intends to provide interactive communication between various processing object via heterogeneous networks. By increasing the IoT usage, establishing the security of IoT becomes a big concern. One of the security related issues is user authentication; that means before a user can access to the IoT nodes, the user and IoT node must authenticate each other. In this paper, a multi-factor user authentication and key agreement protocol, with reasonable computational time, applicable for IoT environments is proposed. To gain access to the services provided by IoT nodes, first, the gateway must authenticate the user and then, with help of the gateway, the IoT node can authenticate the user. The proposed protocol uses elliptic curve cryptography (ECC) and provides: (1) mutual authentication between the user and IOT node ; (2) fresh shared session key ; (3) multi - factor authentication; (4) several security requirements (i.e., non-repudiation, anonymity and untraceability, etc.). Formal verification of the proposed protocol using Burrows–Abadi–Needham logic shows that the protocol achieves the desired goals. Protocol simulation using Internet Security Protocols and Applications tool proves the security and robustness of the proposed protocol against well-known attacks. Finally, comparing the proposed protocol with other protocols shows that it is efficient in terms of computational time.

[1]  Hyunsung Kim,et al.  Three Factor Authentication Protocol Based on Bilinear Pairing , 2013, MUE.

[2]  Jia-Lun Tsai,et al.  Provably secure and efficient anonymous ID-based authentication protocol for mobile devices using bilinear pairings , 2015, Wirel. Pers. Commun..

[3]  Paulo S. L. M. Barreto,et al.  Efficient and Provably-Secure Identity-Based Signatures and Signcryption from Bilinear Maps , 2005, ASIACRYPT.

[4]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[5]  Ruhul Amin,et al.  A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks , 2016, Ad Hoc Networks.

[6]  Georg Carle,et al.  A DTLS based end-to-end security architecture for the Internet of Things with two-way authentication , 2012, 37th Annual IEEE Conference on Local Computer Networks - Workshops.

[7]  Peng Gong,et al.  A New User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2013, Int. J. Distributed Sens. Networks.

[8]  Xavier Boyen,et al.  Multipurpose Identity-Based Signcryption (A Swiss Army Knife for Identity-Based Cryptography) , 2003, CRYPTO.

[9]  Peilin Hong,et al.  A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks , 2013, J. Netw. Comput. Appl..

[10]  Chu-Hsing Lin,et al.  A flexible biometrics remote user authentication scheme , 2004, Comput. Stand. Interfaces.

[11]  Rodrigo Roman,et al.  On the features and challenges of security and privacy in distributed internet of things , 2013, Comput. Networks.

[12]  Kyung-Ah Shim,et al.  EIBAS: An efficient identity-based broadcast authentication scheme in wireless sensor networks , 2013, Ad Hoc Networks.

[13]  Ashutosh Saxena,et al.  A novel remote user authentication scheme using bilinear pairings , 2006, Comput. Secur..

[14]  Hong Zhao,et al.  An Authentication and Key Agreement Mechanism for Multi-domain Wireless Networks Using Certificateless Public-Key Cryptography , 2014, Wireless Personal Communications.

[15]  G. P. Biswas,et al.  Design of Two-Party Authenticated Key Agreement Protocol Based on ECC and Self-Certified Public Keys , 2015, Wireless Personal Communications.

[16]  Robert H. Deng,et al.  A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[17]  J. K. Lee,et al.  Fingerprint-based remote user authentication scheme using smart cards , 2002 .

[18]  Jianfeng Ma,et al.  An Efficient Ticket Based Authentication Protocol with Unlinkability for Wireless Access Networks , 2014, Wireless Personal Communications.

[19]  Hsin-Wen Wei,et al.  A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2011, Sensors.

[20]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[21]  Kuldip Singh,et al.  A secure dynamic identity based authentication protocol for multi-server architecture , 2011, J. Netw. Comput. Appl..

[22]  Jingcheng Wang,et al.  A novel mutual authentication scheme for Internet of Things , 2011, Proceedings of 2011 International Conference on Modelling, Identification and Control.

[23]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[24]  Ashok Kumar Das,et al.  A robust anonymous biometric-based remote user authentication scheme using smart cards , 2015, J. King Saud Univ. Comput. Inf. Sci..

[25]  Jianfeng Ma,et al.  An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks , 2015, Peer-to-Peer Netw. Appl..

[26]  Younghwa An,et al.  Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards , 2012, Journal of biomedicine & biotechnology.

[27]  Chin-Chen Chang,et al.  Notes on "Secure authentication scheme for IoT and cloud servers" , 2017, Pervasive Mob. Comput..

[28]  Chin-Chen Chang,et al.  Remarks on fingerprint-based remote user authentication scheme using smart cards , 2004, OPSR.

[29]  Luca Viganò,et al.  Automated Security Protocol Analysis With the AVISPA Tool , 2006, MFPS.

[30]  Donghoon Lee,et al.  Security Enhanced User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2014, Sensors.

[31]  Marko Hölbl,et al.  A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion , 2014, Ad Hoc Networks.

[32]  Chandra Sekhar Vorugunti,et al.  A Secure Biometric-Based User Authentication Scheme for Heterogeneous WSN , 2014, 2014 Fourth International Conference of Emerging Applications of Information Technology.

[33]  Paulo S. L. M. Barreto,et al.  Efficient Algorithms for Pairing-Based Cryptosystems , 2002, CRYPTO.

[34]  Chien-Lung Hsu,et al.  A Novel Remote User Authentication Scheme from Bilinear Pairings Via Internet , 2015, Wireless Personal Communications.

[35]  Sheetal Kalra,et al.  Advanced remote user authentication protocol for multi-server architecture based on ECC , 2013, J. Inf. Secur. Appl..

[36]  Feng Xia,et al.  From machine-to-machine communications towards cyber-physical systems , 2013, Comput. Sci. Inf. Syst..

[37]  Mehdi Hosseinzadeh,et al.  A New Certificateless and Secure Authentication Scheme for Ad hoc Networks , 2017, Wirel. Pers. Commun..

[38]  Athanasios V. Vasilakos,et al.  Future Internet of Things: open issues and challenges , 2014, Wireless Networks.

[39]  Muhammad Ali Akbar,et al.  Secure biometric template generation for multi-factor authentication , 2015, Pattern Recognit..

[40]  Athanasios V. Vasilakos,et al.  Security of the Internet of Things: perspectives and challenges , 2014, Wireless Networks.

[41]  Yalin Chen,et al.  Improvement of Manik et al.¡¦s remote user authentication scheme , 2005, IACR Cryptol. ePrint Arch..

[42]  Sheetal Kalra,et al.  Secure authentication scheme for IoT and cloud servers , 2015, Pervasive Mob. Comput..

[43]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[44]  Craig Gentry,et al.  Trapdoors for hard lattices and new cryptographic constructions , 2008, IACR Cryptol. ePrint Arch..

[45]  Jianfeng Ma,et al.  An Enhanced Authentication Scheme with Privacy Preservation for Roaming Service in Global Mobility Networks , 2012, Wireless Personal Communications.

[46]  Jianfeng Ma,et al.  A privacy‐aware two‐factor authentication protocol based on elliptic curve cryptography for wireless sensor networks , 2017, Int. J. Netw. Manag..