A Secure Three Party Node Authentication and Key Establishment Scheme for the Internet of Things Environment

Secure three party node authentication and key establishment scheme for data exchange in the Internet of Things (IoT) applications enables two resourceconstrained nodes to establish a secure end-to-end communication channel with the help of a data server. Since node in IoT have constraints on resources such as power, memory space and computation ability. Thus may existing key establishment schemes are unable to run IoT applications and many researchers are already working on how to integrate new techniques and efficient approaches into the IoT environment. Recently, Nasiraee and Mohasefi proposed a highly efficient and novel key establishment scheme for Internet-Enable Sensor Networks (IESN) which was adapted to the IoT notion. Nasiraee-Mohasefi’s scheme presented a novel approach where a new node that joins the IoT network is responsible to aggregate interested neighbors’ information and to send a request to the trusted server to get required pairwise session keys. However, we found that Nasiraee- Mohasefi’s scheme has some security and efficiency shortcomings and this paper focuses on preventing the above-mentioned weaknesses of Nasiraee-Mohasefi’s scheme by proposing an improved three party node authentication and key establishment scheme. The results of security proof by BAN logic analysis confirms the proposed scheme provides a considerable gains in power saving while its security properties are ensured for the Internet of Things environment.

[1]  Cheng-Chi Lee,et al.  Toward a secure batch verification with group testing for VANET , 2013, Wirel. Networks.

[2]  Jin Wang,et al.  A Variable Threshold-Value Authentication Architecture for Wireless Mesh Networks , 2014 .

[3]  Xingwei Liu,et al.  Privacy-preserving Communication for VANETs with Conditionally Anonymous Ring Signature , 2015, Int. J. Netw. Secur..

[4]  Cheng-Chi Lee,et al.  A Secure Dynamic Identity Based Authentication Protocol with Smart Cards for Multi-Server Architecture , 2015, J. Inf. Sci. Eng..

[5]  Rodrigo Roman,et al.  On the features and challenges of security and privacy in distributed internet of things , 2013, Comput. Networks.

[6]  Min-Shiang Hwang,et al.  A False Data Report Filtering Scheme in Wireless Sensor Networks : A Survey , 2015 .

[7]  Chun-Ta Li,et al.  A secure and efficient communication scheme with authenticated key establishment and privacy preserving for vehicular ad hoc networks , 2008, Comput. Commun..

[8]  Jian Shen,et al.  A Novel Routing Protocol Providing Good Transmission Reliability in Underwater Sensor Networks , 2015 .

[9]  Athanasios V. Vasilakos,et al.  A survey on trust management for Internet of Things , 2014, J. Netw. Comput. Appl..

[10]  Xiaolei Dong,et al.  4S: A secure and privacy-preserving key management scheme for cloud-assisted wireless body area network in m-healthcare social networks , 2015, Inf. Sci..

[11]  Debiao He,et al.  Improvement on a Smart Card Based Password Authentication Scheme , 2012 .

[12]  Yimin Wang,et al.  ECPB: Efficient Conditional Privacy-Preserving Authentication Scheme Supporting Batch Verification for VANETs , 2016, Int. J. Netw. Secur..

[13]  Cheng-Chi Lee,et al.  A dynamic identity-based user authentication scheme for remote login systems , 2015, Secur. Commun. Networks.

[14]  Bo Dong,et al.  Privacy-Preserving Channel Access for Internet of Things , 2014, IEEE Internet of Things Journal.

[15]  Chun-Ta Li,et al.  A lightweight anonymous routing protocol without public key en/decryptions for wireless ad hoc networks , 2011, Inf. Sci..

[16]  Cristina Alcaraz,et al.  Key management systems for sensor networks in the context of the Internet of Things , 2011, Comput. Electr. Eng..

[17]  Cheng-Chi Lee,et al.  A Chaotic Maps Based Key Agreement and User Anonymity Protocol without Using Smart Cards and Symmetric Key En/Decryptions , 2015 .

[18]  Zhao Wu,et al.  Internet of Things: Hotspot-based Discovery Service Architecture with Security Mechanism , 2015, Int. J. Netw. Secur..

[19]  Pabitra Mohan Khilar,et al.  SIR: a secure and intelligent routing protocol for vehicular ad hoc network , 2015, IET Networks.

[20]  Marko Hölbl,et al.  A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion , 2014, Ad Hoc Networks.

[21]  Hannes Tschofenig,et al.  Securing the Internet of Things: A Standardization Perspective , 2014, IEEE Internet of Things Journal.

[22]  Sherali Zeadally,et al.  Authentication protocol for an ambient assisted living system , 2015, IEEE Communications Magazine.

[23]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[24]  Jamshid B. Mohasefi,et al.  A new three party key establishment scheme: Applicable for internet-enabled sensor networks , 2015, Comput. Electr. Eng..

[25]  Chun-Ta Li,et al.  An efficient biometrics-based remote user authentication scheme using smart cards , 2010, J. Netw. Comput. Appl..

[26]  Chun-Ta Li,et al.  An extended chaotic maps-based keyword search scheme over encrypted data resist outside and inside keyword guessing attacks in cloud storage services , 2015 .

[27]  Cheng-Chi Lee,et al.  Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks , 2013, Multimedia Systems.

[28]  Cheng-Chi Lee,et al.  A Secure RFID Tag Authentication Protocol with Privacy Preserving in Telecare Medicine Information System , 2015, Journal of Medical Systems.

[29]  Debiao He,et al.  Robust Biometrics-Based Authentication Scheme for Multiserver Environment , 2015, IEEE Systems Journal.

[30]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[31]  Naveen K. Chilamkurti,et al.  A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks , 2015, Inf. Sci..

[32]  Cheng-Chi Lee,et al.  A practical RFID authentication mechanism for digital television , 2014, Telecommun. Syst..

[33]  Rajaram Ramasamy,et al.  An Efficient Password Authentication Scheme for Smart Card , 2012, Int. J. Netw. Secur..

[34]  Abbas Jamalipour,et al.  Body Node Coordinator Placement Algorithms for Wireless Body Area Networks , 2015, IEEE Internet of Things Journal.

[35]  Lida Xu,et al.  The internet of things: a survey , 2014, Information Systems Frontiers.

[36]  Cheng-Chi Lee,et al.  An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks , 2013, Sensors.

[37]  Jin Wang,et al.  Mutual Verifiable Provable Data Auditing in Public Cloud Storage , 2015 .

[38]  Debiao He,et al.  Security Analysis of a Dynamic ID-based Authentication Scheme for Multi-server Environment Using Smart Cards , 2013, Int. J. Netw. Secur..

[39]  Maryline Laurent-Maknavicius,et al.  Survey on secure communication protocols for the Internet of Things , 2015, Ad Hoc Networks.