Design and analysis of authenticated key agreement scheme in cloud-assisted cyber-physical systems

Abstract With advancements in engineering and science, the application dimensions of Cyber–Physical System (CPS) are increasing due to their improving efficiency, safety, reliability, usability and autonomy. By providing on-demand access to shared processing resources, cloud computing reduces infrastructure costs. Ensuring quality of service and information privacy and security is important in such environments. In this paper, we design a new authentication scheme related to the cloud-assisted CPS in two directions: (1) authentication between a user and a cloud server, and (2) authentication between a smart meter and a cloud server. In the former situation, any external party (user) can access the information stored in a cloud server provided that the user is legal and has the right to access information. In the later situation, a smart meter and a cloud server authentication is needed for secure communication of data stored in the cloud server. In both cases, both entities first mutually authenticate each other and only after successful authentication with the help of a trusted authority, establish a session key for their future secure communication. The proposed scheme deals with both the cases and provides high security as compared to other related works, which is shown through formal and informal security analysis. In addition, the mutual authentication using the widely-accepted Burrows–Abadi–Needham logic (BAN logic) and also formal security verification using the broadly-used Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool demonstrate further that the scheme is strong in security. Finally, the proposed scheme is shown to be efficient in terms of communication and computation costs as compared to those for other related existing schemes.

[1]  Samiran Chattopadhyay,et al.  Chaotic Map-Based Anonymous User Authentication Scheme With User Biometrics and Fuzzy Extractor for Crowdsourcing Internet of Things , 2018, IEEE Internet of Things Journal.

[2]  Robert Simon Sherratt,et al.  Enhanced three-factor security protocol for consumer USB mass storage devices , 2014, IEEE Transactions on Consumer Electronics.

[3]  Jiang Lu,et al.  Robust Cyber-Physical Systems: Concept, models, and implementation , 2016, Future Gener. Comput. Syst..

[4]  Athanasios V. Vasilakos,et al.  Cyber-physical systems technologies and application - Part II , 2016, Future Gener. Comput. Syst..

[5]  Sudip Misra,et al.  D2P: Distributed Dynamic Pricing Policyin Smart Grid for PHEVs Management , 2015, IEEE Transactions on Parallel and Distributed Systems.

[6]  Palash Sarkar,et al.  A Simple and Generic Construction of Authenticated Encryption with Associated Data , 2010, TSEC.

[7]  Qusay H. Mahmoud,et al.  Cyber physical systems security: Analysis, challenges and solutions , 2017, Comput. Secur..

[8]  Victor I. Chang,et al.  A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment , 2018, Future Gener. Comput. Syst..

[9]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[10]  Athanasios V. Vasilakos,et al.  Cyber-physical systems for Mobile Opportunistic Networking in Proximity (MNP) , 2016, Comput. Networks.

[11]  Fadi Al-Turjman,et al.  Seamless Key Agreement Framework for Mobile-Sink in IoT Based Cloud-Centric Secured Public Safety Sensor Networks , 2017, IEEE Access.

[12]  Ashok Kumar Das,et al.  Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards , 2011, IET Inf. Secur..

[13]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[14]  Fengjun Li,et al.  Cyber-Physical Systems Security—A Survey , 2017, IEEE Internet of Things Journal.

[15]  Fenghua Li,et al.  Towards Smart Card Based Mutual Authentication Schemes in Cloud Computing , 2015, KSII Trans. Internet Inf. Syst..

[16]  Sudip Misra,et al.  Game-theoretic energy trading network topology control for electric vehicles in mobile smart grid , 2015, IET Networks.

[17]  Vanga Odelu,et al.  A Secure Biometrics-Based Multi-Server Authentication Protocol Using Smart Cards , 2015, IEEE Transactions on Information Forensics and Security.

[18]  Xiong Li,et al.  Provably secure biometric-based user authentication and key agreement scheme in cloud computing , 2016, Secur. Commun. Networks.

[19]  Xi Fang,et al.  Managing smart grid information in the cloud: opportunities, model, and applications , 2012, IEEE Network.

[20]  Sebastian Mödersheim,et al.  OFMC: A symbolic model checker for security protocols , 2005, International Journal of Information Security.

[21]  Athanasios V. Vasilakos,et al.  On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services , 2017, IEEE Access.

[22]  Cheng-Chi Lee,et al.  Three-factor control protocol based on elliptic curve cryptosystem for universal serial bus mass storage devices , 2013, IET Comput. Digit. Tech..

[23]  Xiong Li,et al.  On the design of a secure user authentication and key agreement scheme for wireless sensor networks , 2017, Concurr. Comput. Pract. Exp..

[24]  R. Nickalls A new approach to solving the cubic: Cardan’s solution revealed , 1993, The Mathematical Gazette.

[25]  Ping Wang,et al.  Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment , 2015, IEEE Transactions on Dependable and Secure Computing.

[26]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[27]  Eun-Jun Yoon,et al.  Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications , 2017, IEEE Access.

[28]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[29]  Seokjun Lee,et al.  Design and implementation of cybersecurity testbed for industrial IoT systems , 2017, The Journal of Supercomputing.

[30]  Athanasios V. Vasilakos,et al.  Secure Biometric-Based Authentication Scheme Using Chebyshev Chaotic Map for Multi-Server Environment , 2018, IEEE Transactions on Dependable and Secure Computing.

[31]  Fadi Al-Turjman,et al.  5G-enabled devices and smart-spaces in social-IoT: An overview , 2017, Future Gener. Comput. Syst..

[32]  Chun-Ta Li,et al.  An efficient biometrics-based remote user authentication scheme using smart cards , 2010, J. Netw. Comput. Appl..

[33]  Sherali Zeadally,et al.  Mobile cloud networking for efficient energy management in smart grid cyber-physical systems , 2016, IEEE Wireless Communications.

[34]  Xiong Li,et al.  Provably secure user authentication and key agreement scheme for wireless sensor networks , 2016, Secur. Commun. Networks.

[35]  Reza Azarderakhsh,et al.  Emerging Embedded and Cyber Physical System Security Challenges and Innovations , 2017, IEEE Trans. Dependable Secur. Comput..

[36]  Chin-Chen Chang,et al.  A Provably Secure, Efficient, and Flexible Authentication Scheme for Ad hoc Wireless Sensor Networks , 2016, IEEE Transactions on Wireless Communications.

[37]  Chun-Ta Li,et al.  A secure and efficient communication scheme with authenticated key establishment and privacy preserving for vehicular ad hoc networks , 2008, Comput. Commun..

[38]  Sherali Zeadally,et al.  Sustainable Transportation Management System for a Fleet of Electric Vehicles , 2015, IEEE Transactions on Intelligent Transportation Systems.

[39]  Ashok Kumar Das,et al.  A dynamic password-based user authentication scheme for hierarchical wireless sensor networks , 2012, J. Netw. Comput. Appl..

[40]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[41]  Qiaoyan Wen,et al.  An efficient and secure mobile payment protocol for restricted connectivity scenarios in vehicular ad hoc network , 2012, Comput. Commun..

[42]  Michail Maniatakos,et al.  Security and Privacy in Cyber-Physical Systems: A Survey of Surveys , 2017, IEEE Design & Test.

[43]  Joonsang Baek,et al.  A Secure Cloud Computing Based Framework for Big Data Information Management of Smart Grid , 2015, IEEE Transactions on Cloud Computing.

[44]  Hua Zhang,et al.  A novel remote user authentication and key agreement scheme for mobile client-server environment , 2013 .

[45]  Ashok Kumar Das,et al.  Secure Authentication Scheme for Medicine Anti-Counterfeiting System in IoT Environment , 2017, IEEE Internet of Things Journal.

[46]  YoHan Park,et al.  Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks , 2016, Sensors.