An Improved Authentication Protocol Using Smart Cards for the Internet of Things

Cao, Shouqi; Wanrong, Liu; Cao, Liling; He, Xin; Zhiyong, Ji

doi:10.1109/access.2019.2949649

Cited by 9 publications

(7 citation statements)

References 38 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…as the following is the evidence to proof that: Two numbers of hexadecimal are assumed CE and EF represented as 11001110 and 11101111 in binary respectively, the value x, that is the EXOR of CE and EF, could well be generated by adding CE to EF while performing an exclusive OR function on the two numbers. The process is illustrated, in the manner described below: It is possible to describe EF and CE as polynomial functions 𝑓(𝑘) and 𝑓(𝑥), at Galois Field, to be exact 2 8 (𝐺𝐹(2 8 )), in such a way that: 𝑓(𝑥) = 𝑥 7 + 𝑥 6 + 𝑥 5 + 𝑥 3 + 𝑥 2 + 1 = 𝐸𝐹 ( 18) 𝑓(𝑘) = 𝑥 7 + 𝑥 5 + 𝑥 4 + 𝑥 3 + 𝑥 2 + 𝑥 1 + 1 = 𝐶𝐹 (19) Consequently, 𝑓(𝑥) = 𝑓(𝑘) ⊕ 𝑓(𝑥) = 𝑥 7 + 𝑥 5 + 𝑥 4 + 𝑥 3 + 𝑥 2 + 𝑥 1 + 1 ⊕ 𝑥 7 + 𝑥 5…”

Section: Enhanced Invsubbytes Transformationmentioning

confidence: 99%

“…The majority of these linked objects utilize data communication protocols such as the MQTT protocol to exchange data. This emerging ecosystem introduces new concerns for communication security [6]. Such scenarios end-to-end protection is required, the design of which must take into account the limits of available bandwidth, computing power, memory, and power.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Robust Security Scheme Based on Enhanced Symmetric Algorithm for MQTT in the Internet of Things

et al. 2023

View full text Add to dashboard Cite

Message Queuing Telemetry Transport (MQTT) is expected to be the de facto messaging IoT standard. Therefore, MQTT must achieve efficient security. Nevertheless, the most significant drawback of the MQTT is its lack of protection mechanisms. Meanwhile, the existing approaches have added processing overhead to the devices and are still vulnerable to various attacks. Therefore, this research work presented an integrated scheme known as the Robust Security Scheme (RSS) to protect the MQTT against any exploitations that might result in sophisticated cyberattacks. The proposed RSS employs two cryptosystems:(1) a dynamic variant of the Advanced Encryption Standard (D-AES) and (2) Key-Policy Attribute-Based Encryption (KP-ABE). RSS introduces a new design architecture of the symmetric AES algorithm to encrypt the MQTT payload called D-AES. Additionally, the second part of the proposed hybrid cryptosystem is KP-ABE, which is utilized to cipher the private key of the proposed D-AES to avoid the computation overhead of bilinear maps. The performance of the proposed RSS is measured in terms of processing time and traffic overhead. Additionally, the security aspects are evaluated in terms of balance, avalanche effect, and hamming distance and compared to the existing works in a testbed environment. Results revealed that the proposed D-AES is more promising with improvements than the standard AES algorithm. The proposed scheme achieves polymorphism while maintaining interoperability. RSS exhibited improvements over the standard AES algorithm by 8.75%, 10.45%, and 6.81% in terms of balance, avalanche effect, and hamming distance, respectively.

show abstract

Section: Enhanced Invsubbytes Transformationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

A Robust Security Scheme Based on Enhanced Symmetric Algorithm for MQTT in the Internet of Things

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Nikooghadam and Amintoosi [41] have also suggested an ECC smart card security protocol, which satisfies two-factor mutual authentication at the same time offering key agreement, and showed that this protocol can successfully resist all the attacks. However, Shouqi et al [42] proved that the scheme of Nikooghadam and Amintoosi [41] fails to provide many security functions and cannot defend against many attacks. In addition, the protocol of Nikooghadam and Amintoosi [41] consumes more computational time than Zhao et al's [7] protocol.…”

Section: Literature Reviewmentioning

confidence: 99%

Elliptic Curve Signcryption-Based Mutual Authentication Protocol for Smart Cards

et al. 2020

View full text Add to dashboard Cite

In the modern computing environment, smart cards are being used extensively, which are intended to authenticate a user with the system or server. Owing to the constrictions of computational resources, smart card-based systems require an effective design and efficient security scheme. In this paper, a smart card authentication protocol based on the concept of elliptic curve signcryption has been proposed and developed, which provides security attributes, including confidentiality of messages, non-repudiation, the integrity of messages, mutual authentication, anonymity, availability, and forward security. Moreover, the analysis of security functionalities shows that the protocol developed and explained in this paper is secure from password guessing attacks, user and server impersonation, replay attacks, de-synchronization attacks, insider attacks, known key attacks, and man-in-the-middle attacks. The results have demonstrated that the proposed smart card security protocol reduces the computational overhead on a smart card by 33.3% and the communication cost of a smart card by 34.5%, in comparison to the existing efficient protocols. It can, thus, be inferred from the results that using elliptic curve signcryption in the authentication mechanism reduces the computational cost and communication overhead by a significant amount.

show abstract

“…It is expected that by the end of 2022 will be 20.4 billions of IoT devices connected [7]. This new ecosystem raises new challenges in the security of its communications [8].…”

Section: Introductionmentioning

confidence: 99%

Message Queuing Telemetry Transport (MQTT) Security: A Cryptographic Smart Card Approach

et al. 2020

View full text Add to dashboard Cite

The Message Queuing Telemetry Transport (MQTT) protocol is one of the most extended protocols on the Internet of Things (IoT). However, this protocol does not implement a strong security scheme by default, which does not allow a secure authentication mechanism between participants in the communication. Furthermore, we cannot trust the confidentiality and integrity of data. Lightweight IoT devices send more and more sensible data in areas of Smart Building, Smart City, Smart House, Smart Car, Connected Car, Health Care, Smart Retail, Industrial IoT (IIoT), etc. This makes the security challenges in the protocols used in the IoT particularly important. The standard of MQTT protocol strongly recommends implement it over Transport Layer Security (TLS) instead of plain TCP. Nonetheless, this option is not possible in most lightweight devices that make up the IoT ecosystem. Quite often, the constrained resources of IoT devices prevent the use of secure asymmetric cryptography algorithms implemented by themselves. In this article, we propose making a security schema in MQTT protocol using Cryptographic Smart Cards, for both challenges, the authentication schema and the trusted data confidentiality and data integrity. We carry out this security schema without modifying the standard protocol messages. And finally, we present a time results experiment using an example implementation model with JavaCard library. INDEX TERMS Internet of things (IoT), javacard, message queuing telemetry transport (MQTT), mutual authentication, smart card

show abstract

An Improved Authentication Protocol Using Smart Cards for the Internet of Things

Cited by 9 publications

References 38 publications

A Robust Security Scheme Based on Enhanced Symmetric Algorithm for MQTT in the Internet of Things

A Robust Security Scheme Based on Enhanced Symmetric Algorithm for MQTT in the Internet of Things

Elliptic Curve Signcryption-Based Mutual Authentication Protocol for Smart Cards

Message Queuing Telemetry Transport (MQTT) Security: A Cryptographic Smart Card Approach

Contact Info

Product

Resources

About