PAKIT: Proactive Authentication and Key Agreement Protocol for Internet of Things

Internet of Things (IoT) holds great promise for many life-improving applications like health-care systems. In IoT systems, providing secure authentication and key agreement scheme that considers compromised entities is an important issue. State-of-the-arts tackle this problem, but they fail to address compromised entity attack and have high computation cost. Motivated by these considerations, in this paper, we propose an energy-efficient proactive authentication and key agreement scheme called PAKIT for IoT systems. The security of PAKIT scheme is validated using the ProVerif tool. Moreover, the efficiency of PAKIT is compared with the predecessor schemes proposed for IoT systems. The results of the experiments show that PAKIT is efficient and suitable for real-world IoT applications by utilizing lightweight functions, such as hash and XOR.

[1]  Mohamed Amine Ferrag,et al.  Authentication Protocols for Internet of Things: A Comprehensive Survey , 2016, Secur. Commun. Networks.

[2]  Hsin-Wen Wei,et al.  A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2011, Sensors.

[3]  Kim-Kwang Raymond Choo,et al.  Secure Key Agreement and Key Protection for Mobile Device User Authentication , 2019, IEEE Transactions on Information Forensics and Security.

[4]  Fan Wu,et al.  Cryptanalysis and Improvement of a User Authentication Scheme Preserving Uniqueness and Anonymity for Connected Health Care , 2015, Journal of Medical Systems.

[5]  Yali Liu,et al.  Double verification protocol via secret sharing for low-cost RFID tags , 2019, Future Gener. Comput. Syst..

[6]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[7]  Cheng-Chi Lee,et al.  Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks , 2013, Multimedia Systems.

[8]  Dongho Won,et al.  An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks , 2016, Sensors.

[9]  Bruno Blanchet,et al.  Automatic Verification of Security Protocols in the Symbolic Model: The Verifier ProVerif , 2013, FOSAD.

[10]  Paul F. Syverson,et al.  A taxonomy of replay attacks [cryptographic protocols] , 1994, Proceedings The Computer Security Foundations Workshop VII.

[11]  Pardeep Kumar,et al.  E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks , 2012, Sensors.

[12]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[13]  E. Eugene Schultz A framework for understanding and predicting insider attacks , 2002, Comput. Secur..

[14]  Wei-Chi Ku,et al.  Impersonation Attack on a Dynamic ID-Based Remote User Authentication Scheme Using Smart Cards , 2005, IEICE Trans. Commun..

[15]  Athanasios V. Vasilakos,et al.  Design of secure key management and user authentication scheme for fog computing services , 2019, Future Gener. Comput. Syst..