A lightweight mutual and transitive authentication mechanism for IoT network

Shukla

Concurrency and Computation

2023

SummaryCloud computing is an emerging paradigm that enables on‐demand data storage without considering the local infrastructure limitations of end‐users. The extensive growth in number of servers, resources, and networks intensifies security and privacy concerns in clouds. This necessitates secure mutual authentication and key agreement mechanism to verify the legitimacy of participating entities. In accordance, several authentication protocols have been designed to authenticate end‐users over insecure channels. This article presents security analysis of recent protocols that claim to render security and privacy features. We demonstrate that Kaur et al.'s protocol is vulnerable to replay attack, Dharminder et al.'s protocol is prone to user traceability and known session‐specific temporary information (KSSTI) attacks, and Bouchaala et al.'s protocol is prone to replay and KSSTI attacks. To withstand the aforementioned attacks, we propose an enhanced protocol based on fuzzy verifier and elliptic curve cryptography for clouds. Our protocol safeguards against security attacks while providing privacy functionalities. The security analysis is illustrated under real‐or‐random model, and correctness is verified under the Scyther security verification tool. Finally, comparative analysis with existing protocols shows that our protocol delivers robust security with reasonable computational and communication overheads than state‐of‐the‐art protocols.

Section: Security Verification Using Scyther Toolmentioning

confidence: 99%

A novel and provably secure mutual authentication protocol for cloud environment using elliptic curve cryptography and fuzzy verifier

Shukla

Concurrency and Computation

2023

“…As in previous work [11][12][13], choose an architecture where authentication is centralized at the gateway. The main advantage of this model is that it makes user authentication more convenient as you can directly interact with the sensor nodes without having to keep sending login messages.…”

Section: Authentication Modelmentioning

confidence: 99%

“…Krishnasrija et al's work [13] uses Chebyshev polynomials to improve security and time efficiency. In particular, their scheme provides transitive authentication to easily scale Iot-networks.…”

Section: Cryptanalysis Of Krishnasrija Et Al's Schemementioning

confidence: 99%

“…In 2020, they proposed an improved version that corrects the shortcomings in Dhillon and Kalra's. Recently, Krishnasrija et al [13] proposed a lightweight mutual and transitive authentication mechanism for Iot network with forward authentication capabilities for devices. The common point of recent works is that they are evaluated and proved based on formal models.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A secure user authentication scheme for crypto-wallet in Iot environment

Truong,

Tran,

Duong

2023

Preprint

As 4.0-revolution makes a extraordinary affect on the way we work in numerous areas, data security is still one of the issues that continuously get extraordinary considerations. Presently, the prevalent environment is internet of things (Iot) since it can connect a huge number of diﬀerent gadgets in an increasingly wide range, and this leads to the risk of information leakage. Besides, the field of crypto-currency is a hot topic with a lot of sophisticated thefts, so the progressively utilization of crypto-wallets should protect the transactions from hurt. Clearly, Iot could bea promising and challenging environment for quick and secure crypto-currency exchanges. Recently, Lee et al proposed a three-factor anonymous user authentication scheme for Iot, and this is an improved result from Dhillon and Kalra’s work. In 2023, Wang et al also proposed a lightweight mutual and transitive authentication mechanism for Iot network. All works are builtfrom highly reliable formal analysis, but we discovered some limitations such as replays or privileged insider attacks in their works. In addition, we propose a secure improvement to provide time-efciency, reasonable energy-consumption as well as more suitable for crypto-wallet applications in Iot environment.

“…This [29] study proposes a mutual and transitive authentication mechanism for intermediate devices and gateways. The session key is verified using BAN logic, and the resilience against critical attacks is verified using the Scyther tool.…”

Section: Introductionmentioning

confidence: 99%

SF-LAP: Secure M2M Communication in IIoT with a Single-Factor Lightweight Authentication Protocol

et al. 2022

Machine-to-machine communication allows smart devices like sensors, actuators, networks, gateways, and other controllers to communicate with one another. The industrial Internet of things (IIoT) has become a vital component. Many industrial devices are connected to perform a task automatically in machine-to-machine communication, but they are not properly secured, allowing an adversary to compromise them against a variety of attacks due to communication system vulnerabilities. Recently, a secure lightweight authentication protocol (SLAP) was proposed by Panda et al. They asserted that every known attack that could happen in the IIoT is deterred by their suggested protocol. In this study, we prove that the SLAP protocol is vulnerable to desynchronization, impersonation, replay, and eavesdropping attacks. To prevent these attacks and enhance that protocol, we need to implement a secure authentication mechanism that ensures the security of communication. This paper proposed a secure M2M Communication in IIoT with a single-factor lightweight authentication protocol (SF-LAP). Single-factor authentication is a simple and secure way to communicate. It uses less power and communication overhead while providing a secure mechanism for conversation. In the machine-to-machine (M2M) scenario, the proposed protocol uses an exclusive-OR operation and a hashing function to ensure secure communication between the sensor and the controller. The proposed mechanism uses a secure preshared key and timestamp technique to protect and safeguard this connection against desynchronization attacks and eavesdropping attacks. We used Burrows Abadi Needham (BAN) Gong, Needham, and Yahalom (GNY) logic, and the automated validation of Internet security protocols applications (AVISPA) tool for formal verification and perform a security analysis as an informal verification to make sure the suggested protocol is secure. Analysis that shows the SF-LAP consumes the least computing and communication overhead and is more secure because it prevents desynchronization and eavesdropping attacks to all of the known attacks that are modification attacks, tracing attacks, impersonation, man-in-the-middle, and replay attacks.