Cryptographically secure privacy-preserving authenticated key agreement protocol for an IoT network: A step towards critical infrastructure protection

The idea of the Internet of Things (IoT) network has been created as a result of the coordination of different developments, constant handling, intellectual capacity, item sensors, and inserted frameworks. Recently, IoT devices have made big impact on industrial critical infrastructures. However, security and privacy of IoT critical infrastructure still, is the big concern. Therefore, to address the vulnerabilities of the existing frameworks, this paper proposes a cryptographically secure privacy-preserving authenticated key agreement scheme for a IoT network through an elliptical curve, which generates a mutual key between the user and the device. The safety review and systematic testing of the system using the Automated Validation of Internet Security Protocols and Applications (AVISPA) method have been carried out to show the protection quality of the system. The quality review reveals that the scheme is lightweight and effective. By comparison, the proposed scheme is found to be comparable to the related works, and the current framework offers additional features such as Key Compromise Impersonate Attack Resistance, Established Session Key Protection, Key Replication Resistance, in addition to existing features.

[1]  B. B. Gupta,et al.  Security in Internet of Things: issues, challenges, taxonomy, and architecture , 2017, Telecommunication Systems.

[2]  Manu Bansal,et al.  A review on lightweight cryptography algorithms for data security and authentication in IoTs , 2017, 2017 4th International Conference on Signal Processing, Computing and Control (ISPCC).

[3]  Manik Lal Das,et al.  Secure and Privacy-Preserving RFID Authentication Scheme for Internet of Things Applications , 2019, Wirel. Pers. Commun..

[4]  Huifang Chen,et al.  A User Authentication Scheme Based on Elliptic Curves Cryptography for Wireless Ad Hoc Networks , 2015, Sensors.

[5]  Zhiming Xu,et al.  An Internet of Things Roaming Authentication Protocol Based on Heterogeneous Fusion Mechanism , 2020, IEEE Access.

[6]  Wajdi Alhakami,et al.  A secure MAC protocol for Cognitive Radio Networks (SMCRN) , 2013, 2013 Science and Information Conference.

[7]  Zhu Xingliang,et al.  A new authentication scheme for Wireless Ad Hoc Network , 2012, 2012 International Conference on Information Management, Innovation Management and Industrial Engineering.

[8]  Mouzhi Ge,et al.  An Efficient Mutual Authentication Scheme for Internet of Things , 2020, Internet Things.

[9]  Tet Hin Yeap,et al.  A Novel Authentication and Key Agreement Scheme for Wireless Mesh Networks , 2009, 2009 Fifth International Joint Conference on INC, IMS and IDC.

[10]  Pardeep Kumar,et al.  Efficient and Anonymous Mutual Authentication Protocol in Multi‐Access Edge Computing (MEC) Environments , 2020 .

[11]  Sattar B. Sadkhan,et al.  A survey on lightweight-cryptography status and future challenges , 2018, 2018 International Conference on Advance of Sustainable Engineering and its Application (ICASEA).

[12]  Qing Zhang,et al.  Security authentication technology based on dynamic Bayesian network in Internet of Things , 2018, J. Ambient Intell. Humaniz. Comput..

[13]  Georges Kaddoum,et al.  Toward Secure and Provable Authentication for Internet of Things: Realizing Industry 4.0 , 2020, IEEE Internet of Things Journal.

[14]  Ping Wang,et al.  Two-factor authentication in industrial Internet-of-Things: Attacks, evaluation and new construction , 2019, Future Gener. Comput. Syst..

[15]  Mohammad S. Obaidat,et al.  An Authenticated Key Exchange Protocol for Multi-Server Architecture in 5G Networks , 2020, IEEE Access.

[16]  Schahram Dustdar,et al.  Towards Resilient Internet of Things: Vision, Challenges, and Research Roadmap , 2019, 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS).

[17]  Ahmed Serhrouchni,et al.  A Survey of Internet of Things (IoT) Authentication Schemes † , 2019, Sensors.

[18]  Maitreyee Dutta,et al.  A Survey of Key Bootstrapping Protocols Based on Public Key Cryptography in the Internet of Things , 2019, IEEE Access.

[19]  Muhammad Usman,et al.  A Provably Secure and Efficient Authenticated Key Agreement Scheme for Energy Internet-Based Vehicle-to-Grid Technology Framework , 2020, IEEE Transactions on Industry Applications.

[20]  Amr Tolba,et al.  TBM: A trust-based monitoring security scheme to improve the service authentication in the Internet of Things communications , 2020, Comput. Commun..

[21]  Eun-Jun Yoon,et al.  Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications , 2017, IEEE Access.

[22]  Evangelina Lara,et al.  Lightweight Authentication Protocol for M2M Communications of Resource-Constrained Devices in Industrial Internet of Things , 2020, Sensors.

[23]  Rida Khatoun,et al.  A Lightweight ECC-Based Authentication Scheme for Internet of Things (IoT) , 2020, IEEE Systems Journal.

[24]  Yuwen Chen,et al.  A Lightweight Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: LightPriAuth , 2018, J. Sensors.

[25]  Zhihua Cui,et al.  A Hybrid BlockChain-Based Identity Authentication Scheme for Multi-WSN , 2020, IEEE Transactions on Services Computing.

[26]  Sheetal Kalra,et al.  A lightweight biometrics based remote user authentication scheme for IoT services , 2017, J. Inf. Secur. Appl..

[27]  Saru Kumari,et al.  Comments on “Toward Secure and Provable Authentication for Internet of Things: Realizing Industry 4.0” , 2020, IEEE Internet of Things Journal.

[28]  Banshidhar Majhi,et al.  CL-AGKA: certificateless authenticated group key agreement protocol for mobile networks , 2020, Wirel. Networks.

[29]  Sheetal Kalra,et al.  Secure authentication scheme for IoT and cloud servers , 2015, Pervasive Mob. Comput..