To solve the problem regarding the lack of a lightweight and secure authentication and key agreement protocol in the Constrained Application Protocol of the Internet of Things environment, we explore the security flaws and applicability problems in the current related research. Then, we propose a new lightweight authentication and key agreement protocol based on the CoAP framework. The scheme adopts shared secret and elliptic curve public key technology, which ensures the anonymity of the communicators and provides strong security and anti-attack capacity. In terms of security analysis, the Dolev–Yao Adversary model and a security model checking analysis method based on CPN Tools are improved, in order to verify the correctness and security of the proposed scheme. Compared with other schemes, regarding communication overhead, computational cost, and security, the proposed scheme provides a robust and comprehensive security guarantee, although it is not the lightest.
Machine-to-machine (M2M) communication is one of the critical technologies of the industrial Internet of Things (IoT), which consists of sensors, actuators at the edge, and servers. In order to solve the security and availability problems regarding communication between edge devices with constrained resources and servers in M2M communication, in this study we proposed an authentication and session establishment protocol based on physical unclonable functions (PUFs). The scheme does not require clock synchronization among the devices, and it circumvents the situation where the authentication phase has to use a high computational overhead fuzzy extractor due to PUF noise. The protocol contains two message interactions, which provide strong security and availability while being lightweight. The security modelling is based on CPN Tools, which verifies security attributes and attack resistance in the authentication phase. After considering the design of the fuzzy extractor and scalability, the proposed scheme significantly reduces the computational overhead by more than 93.83% in the authentication phase compared with other schemes using PUFs. Meanwhile, under the guarantee of availability, the communication overhead is maintained at a balanced and reasonable level, at least 19.67% lower than the solution using XOR, hashing, or an elliptic curve.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.