Yan Zhang,Bing Li,Jiaxin Wu,Bo Liu,Rui Chen,Jinke Chang

DOI: https://doi.org/10.1109/jiot.2022.3176192

IF: 10.6

2022-11-15

IEEE Internet of Things Journal

Abstract:Industrial Internet of Things (IIoT) has emerged as a prospective technology that improves the productivity and automation level for industrial applications. Devices from cooperative IIoT domains will communicate and collaborate on the increasingly complicated manufacturing tasks. To secure cross-domain device collaborations, we propose combining the blockchain with multifactor authentication. Because the multifactor authentication conforms to IIoT devices’ operation modes and brings higher security levels, and the blockchain technology contributes to building trust among different domains. However, this combined usage still has limitations in terms of the potential loss of factor attack, the storage overhead on the blockchain, and the contradiction between efficiency and privacy preservation. Motivated by these facts, in this article, we develop a privacy-preserving blockchain-based multifactor device authentication protocol for cross-domain IIoT. Specifically, multiple factors are additionally encoded by the hardware fingerprint into random numbers, before being transformed into key materials. The blockchain only stores each domain’s dynamic accumulator, which accumulates derived key materials for devices, thereby reducing the overhead. Moreover, the on-chain accumulator is leveraged to efficiently verify the unlinkable identities of cross-domain IIoT devices. The security of our protocol is formally proved, and the security features and functionalities are, respectively, discussed. A proof-of-concept prototype was implemented to prove the efficiency and reliability. The comparison results indicate that the on-chain storage is greatly reduced. Finally, the smart contract’s performance was evaluated to show scalability.

computer science, information systems,telecommunications,engineering, electrical & electronic

Meng Shen,Huisen Liu,Liehuang Zhu,Ke Xu,Hongbo Yu,Xiaojiang Du,Mohsen Guizani

DOI: https://doi.org/10.1109/jsac.2020.2980916

IF: 16.4

2020-01-01

IEEE Journal on Selected Areas in Communications

Abstract:Industrial Internet of Things (IIoT) is considered as one of the most promising revolutionary technologies to prompt smart manufacturing and increase productivity. With manufacturing being more complicated and sophisticated, an entire manufacturing process usually involves several different administrative IoT domains (e.g., factories). Devices from different domains collaborate on the same task, which raises great security and privacy concerns about device-to-device communications. Existing authentication approaches may result in heavy key management overhead or rely on a trusted third party. Thus, security and privacy issues during communication remain unsolved but imperative. In this paper, we present an efficient blockchain-assisted secure device authentication mechanism BASA for cross-domain IIoT. Specifically, consortium blockchain is introduced to construct trust among different domains. Identity-based signature (IBS) is exploited during the authentication process. To preserve the privacy of devices, we design an identity management mechanism, which can realize that devices being authenticated remain anonymous. Besides, session keys between two parties are negotiated, which can secure the subsequent communications. Extensive experiments have been conducted to show the effectiveness and efficiency of the proposed mechanism.

Libo Feng,Fei Qiu,Kai Hu,Bei Yu,Junyu Lin,Shaowen Yao

DOI: https://doi.org/10.1016/j.future.2024.04.042

IF: 7.307

2024-04-25

Future Generation Computer Systems

Abstract:Device management in the Industrial Internet of Things (IIoT) is complex, especially in a cross-domain context. Trust identity authentication between cross-domain devices is required when devices work together. Existing identity authentication methods can result in heavy key management overhead or be computationally demanding on the device. In this paper, we propose a cross-domain authentication scheme based on blockchain and certificateless signature that can be suitable for IIoT devices. First, smart contracts are used to complete trusted identity verification of devices, which reduces the computing overhead of IIoT devices. Second, a trust value-based access control method is proposed, which can quickly and timely identify malicious authentication and ensure the normal operation of the authentication system. Finally, the validity and safety of our proposed methods are proven by experiments. The experiment results showed that our methods can meet the needs in terms of IIoT device security and blockchain system output performance, and can achieve cross-domain authentication for IIoT devices.

computer science, theory & methods

Guanjie Cheng,Yan Chen,Shuiguang Deng,Honghao Gao,Jianwei Yin

DOI: https://doi.org/10.1109/tcss.2021.3056540

2021-01-01

IEEE Transactions on Computational Social Systems

Abstract:With the ever-increasing requirements of delay-sensitive and mission-critical applications, it becomes a popular research trend to incorporate edge computing in the Internet of Things (IoT) to mitigate the pressure of traditional cloud-based IoT architecture. Edge computing delivers real-time computations and communications for IoT devices by leveraging edge servers deployed close to users, which creates a collaborative edge computing (CEC) paradigm. The capacity of edge servers is beneficial but risky, as vulnerable servers can be exploited to conduct surveillance or perform other nefarious activities. Besides, fake IoT devices would bring security threats and compromise the IoT system. This highlights the necessity of designing a secure and efficient mutual authentication scheme for CEC. In this direction, related works have proposed various authentication mechanisms, but most of them are found unfit due to the absence of decentralization, anonymity, and mobility. Motivated by this fact, we propose a blockchain-based mutual authentication scheme that bridges these gaps. Specifically, blockchain, certificateless cryptography, elliptic curve cryptography, and pseudonym-based cryptography are integrated into our scheme to provide mutual authentication between edge servers and IoT devices. Except for static conditions, both intraedge and interedge authentication are considered. Besides, we elaborate on the key generation procedures and design a session key negotiation mechanism. Extensive experiments and security analyses have been conducted to show the feasibility of the proposed scheme.

Jingnan Dong,Guangxia Xu,Chuang Ma,Jun Liu,Uchani Gutierrez Omar Cliff

DOI: https://doi.org/10.1109/jiot.2023.3296506

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:In Industrial Internet, mutual authentication between enterprises is a prerequisite for establishing reliable upstream and downstream relationships. Existing authentication methods suffer from complicated certificate management and key escrow problems. Moreover, many authentication mechanisms cannot resist common security attacks and have high computational overhead and communication costs. Therefore, this paper proposes a blockchain-based certificate-free cross-domain authentication mechanism for Industrial Internet. By establishing an Ethereum consortium blockchain as the trusted cornerstone among different regions, industrial enterprises in each region generate the user’s private key with the key generation center in the region, thus avoiding the key escrow problem. This consortium blockchain adopts the proof of authority consensus mechanism for scalability and throughput. Industrial enterprises in different regions invoke smart contracts and query other industrial enterprises for mutual authentication and key negotiation. SVO logic proves the proposed scheme achieves the intended authentication goal, and the automated formal verification tool Scyther proves the scheme’s security. In addition, compared with seven related schemes in the last three years, the experimental results show that the proposed scheme has low communication overhead and computational cost in the authentication key negotiation phase. The experiments on the Ethereum consortium blockchain built by Raspberry Pi prove the effectiveness of the proposed scheme. Finally, the comparative analysis of common security properties proves the reliability of the scheme.

computer science, information systems,telecommunications,engineering, electrical & electronic

Kexian Liu,Jianfeng Guan,Xiaolong Hu,Jianli Liu,Hongke Zhang

2024-11-14

Abstract:The growing complexity of Internet of Things (IoT) environments, particularly in cross-domain data sharing, presents significant security challenges. Existing data-sharing schemes often rely on computationally expensive cryptographic operations and centralized key management, limiting their effectiveness for resource-constrained devices. To address these issues, we propose an efficient, secure blockchain-based data-sharing scheme. First, our scheme adopts a distributed key generation method, which avoids single point of failure. This method also allows independent pseudonym generation and key updates, enhancing authentication flexibility while reducing computational overhead. Additionally, the scheme provides a complete data-sharing process, covering data uploading, storage, and sharing, while ensuring data traceability, integrity, and privacy. Security analysis shows that the proposed scheme is theoretically secure and resistant to various attacks, while performance evaluations demonstrate lower computational and communication overhead compared to existing solutions, making it both secure and efficient for IoT applications.

Cryptography and Security

Siwei Li,Hui Zhang,Hui Shi,Maode Ma,Cong Wang

DOI: https://doi.org/10.1007/s11227-024-06262-y

IF: 3.3

2024-06-04

The Journal of Supercomputing

Abstract:The distributed authentication of a large number of resource-constrained power terminal devices (PTDs) is crucial for ensuring the security of the power IoT communication. However, existing solutions are inadequate in terms of security (such as vulnerability to single point failures or insider attacks) and communication costs, which do not meet the requirements of the power IoT environment. Therefore, we propose a zero-trust-based mutual authentication scheme in cloud-edge-end collaboration power IoT environment based on blockchain technology. The proposed solution involves deploying a distributed multi-point zero-trust engine around dense PTDs to collect real-time identity information. Through the maintenance of an alliance blockchain, the edge server securely shares and traces identity information, preventing tampering and effectively blocking threats related to lost terminals during authentication. Additionally, a lightweight ECC key management scheme ensures the security of authentication information. The proposed scheme effectively defends against common attacks such as replay attacks and identity forgery attacks through informal security analysis, while its security is evaluated using the Canetti and Krawczyk (CK) adversary models. Performance evaluation results demonstrate that the proposed scheme achieves effectiveness without the compromising required security attributes, which obtains up to 58% improvement 58% improvement in computation delay and a 56.9% improvement in communication costs over previous state-of-the-art methods.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Khalid Mahmood,Salman Shamshad,Muhammad Asad Saleem,Rupak Kharel,Ashok Kumar Das,Sachin Shetty,Joel J P C Rodrigues

DOI: https://doi.org/10.1016/j.jare.2023.09.017

Abstract:Introduction: The Industrial Internet of Things (IIoT) is a technology that connects devices to collect data and conduct in-depth analysis to provide value-added services to industries. The integration of the physical and digital domains is crucial for unlocking the full potential of the IIoT, and digital twins can facilitate this integration by providing a virtual representation of real-world entities. Objectives: By combining digital twins with the IIoT, industries can simulate, predict, and control physical behaviors, enabling them to achieve broader value and support industry 4.0 and 5.0. Constituents of cooperative IIoT domains tend to interact and collaborate during their complicated operations. Methods: To secure such interaction and collaborations, we introduce a blockchain-based cross-domain authentication protocol for IIoT. The blockchain maintains only each domain's dynamic accumulator, which accumulates crucial materials derived from devices, decreasing the overhead. In addition, we use the on-chain accumulator to effectively validate the unlinkable identities of cross-domain IIoT devices. Results: The implementation of the concept reveals the fact that our protocol is efficient and reliable. This efficiency and reliability of our protocol is also substantiated through comparison with state-of-the-art literature. In contrast to related protocols, our protocol exhibits a minimum 22.67% increase in computation cost efficiency and a 16.35% rise in communication cost efficiency. Conclusion: The developed protocol guarantees data transfer security across the domain and thwarts IoT devices from potential physical attacks. Additionally, in order to protect privacy, anonymity and unlinkability are also guaranteed.

Fengqi Li,Hui Xu,Qingqing Song,Lupeng Zhang,Xuefeng Du,Ning Tong,Deguang Wang

DOI: https://doi.org/10.1109/jiot.2023.3308725

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Although combining the Internet of Things (IoT) and industrial scenarios has brought about a technological revolution, it has also caused equipment security issues. Due to the characteristics of Industrial Internet of Things (IIoT) devices with a wide distribution, complex application scenarios, considerable differences in node performance, and device heterogeneity, spoofing attacks and third-party attacks are common. Identity authentication for IIoT devices can solve this dilemma. However, most existing authentication technologies involve a trade-off between traditional centralised certificate issuance and sacrificing device storage resources, resulting in lower efficiency of IIoT device authentication, and the process is complicated. Therefore, ensuring the security and trustworthiness of device identities in the IIoT is imminent. In this paper, we propose an IIoT device authentication scheme based on an editable blockchain, that can solve the problem of the device’s low energy while satisfying the useage needs of large-scale scenarios. In particular, we created a suite of secure, efficient, and innovative technical solutions for this protocol. Firstly, to solve the problem of the authentication difficulty between industrial devices, we propose a lightweight identity authentication protocol called BLMA. Moreover, we propose the vPBFT algorithm and introduce the online and offline signature algorithm to reduce communication overhead and resource consumption between devices. Finally, considering the top security and dynamics of the IIoT environment, we use the chameleon hash function to build a hash chain of authentication results. Extensive simulation and experimental results demonstrate the reliability of our protocol.

computer science, information systems,telecommunications,engineering, electrical & electronic

Fei Tong,Xing Chen,Cheng Huang,Yujian Zhang,Xuemin Shen

DOI: https://doi.org/10.1109/JIOT.2022.3229676

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Multidomain Internet of Things (IoT) is faced with serious domain interoperability (DI) and compatibility issues since different intradomain authorization and authentication (A&A) mechanisms are deployed without the consideration of interdomain A&A. This article proposes a blockchain-assisted scheme to achieve flexible intra- and inter-domain A&A simultaneously and seamlessly. Specifically, we first design a contract-based mutual access control agreement on top of a consortium blockchain, where domain managers can manage their access permission without any trusted parties. Based on the agreement, a secure and privacy-preserving authentication protocol is further proposed by tailoring one-out-of-many proof techniques, which enables IoT devices to anonymously access authorized IoT domains. We additionally design a voting-based protocol by using a threshold-based cryptosystem. The protocol allows domain managers to transparently audit resource access with the assistance of the blockchain. Detailed security analysis demonstrates that the proposed scheme achieves the security properties, such as DI, privacy protection, and accountability. Finally, we develop two proof-of-concept prototypes in a physical testbed and virtual machine, respectively, based on an open-source blockchain platform to show our scheme's efficiency in terms of computation and communication overhead.

Xinchao Wang,Wei Wang,Cheng Huang,Ping Cao,Youwen Zhu,Qihui Wu

DOI: https://doi.org/10.1109/jsyst.2023.3345370

IF: 4.802

2024-03-19

IEEE Systems Journal

Abstract:Identity authentication is an essential element for industrial Internet of Things (IIoT), which guarantees secure access control for various devices. Existing authentication schemes face some security threats, including temporary secret leakage attack, key recovery attack, and forgery attack. In this article, we introduce a blockchain-based certificateless conditional anonymous authentication (BCCA) scheme specifically designed for IIoT. To optimize the authentication efficiency, BCCA employs elliptic curve design to avoid the relatively time-consuming bilinear pairing operation. Additionally, we introduce a precomputation strategy, allowing users to prepare essential materials in advance, and one-time verification support for batch signatures is applied, thus reducing authentication latency. To further enhance the security, random verification checksums are employed to counter key recovery attack, and a combination of long-term and short-term secrets is used to mitigate temporary secret leakage attack. Simulation results demonstrate that our scheme has advantages in both security and computational cost.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Weiming Tong,Luyao Yang,Zhongwei Li,Xianji Jin,Liguo Tan

DOI: https://doi.org/10.3390/s24031035

IF: 3.9

2024-02-06

Sensors

Abstract:To address the complexities, inflexibility, and security concerns in traditional data sharing models of the Industrial Internet of Things (IIoT), we propose a blockchain-based data sharing and privacy protection (BBDSPP) scheme for IIoT. Initially, we characterize and assign values to attributes, and employ a weighted threshold secret sharing scheme to refine the data sharing approach. This enables flexible combinations of permissions, ensuring the adaptability of data sharing. Subsequently, based on non-interactive zero-knowledge proof technology, we design a lightweight identity proof protocol using attribute values. This protocol pre-verifies the identity of data accessors, ensuring that only legitimate terminal members can access data within the system, while also protecting the privacy of the members. Finally, we utilize the InterPlanetary File System (IPFS) to store encrypted shared resources, effectively addressing the issue of low storage efficiency in traditional blockchain systems. Theoretical analysis and testing of the computational overhead of our scheme demonstrate that, while ensuring performance, our scheme has the smallest total computational load compared to the other five schemes. Experimental results indicate that our scheme effectively addresses the shortcomings of existing solutions in areas such as identity authentication, privacy protection, and flexible combination of permissions, demonstrating a good performance and strong feasibility.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Zhong Cao,Xudong Wen,Shan Ai,Wenli Shang,Sha Huan

DOI: https://doi.org/10.1038/s41598-024-76065-x

IF: 4.6

2024-10-22

Scientific Reports

Abstract:The Industrial Internet of Things (IIoT) is recognized as one of the revolutionary technologies driving smart manufacturing and improving productivity. As manufacturing processes grow increasingly intricate, the entire manufacturing ecosystem encompasses multiple managed IoT domains. Within this highly interconnected environment, devices from diverse domains must collaborate, leading to considerable apprehensions about the security and privacy of device-to-device communications. Current authentication methods encounter several challenges. Traditional authentication schemes overly rely on trusted third parties, rendering them susceptible to external attacks or internal spoofing. This susceptibility gives rise to a range of security and privacy concerns. In response to these challenges, this paper aims to contribute to a more secure and efficient service scheme for smart factories by devising a blockchain-based distributed IoT architecture. The proposed scheme introduces a federated blockchain to establish trust among different domains, thereby enabling secure connections between devices in distinct domains. Through security analysis, it is proved that the proposed authentication scheme has integrity, mutual authentication, scalability, and resistance to four attacks. Furthermore, efficiency analysis experiments show that our scheme is feasible for smart factories, and as the number of peer nodes increases, the performance and efficiency of the blockchain network become better.

multidisciplinary sciences

Yue Wang,Tingyu Che,Xiaohu Zhao,Tao Zhou,Kai Zhang,Xiaofei Hu

DOI: https://doi.org/10.3390/s22093426

2022-04-30

Abstract:Due to the competitive relationship among different smart factories, equipment manufacturers cannot integrate the private information of all smart factories to train the intelligent manufacturing equipment fault prediction model and improve the accuracy of intelligent manufacturing equipment fault detection. The use of a low fault recognition rate model for smart factories will cause additional losses for them. In this work, we propose a blockchain-based privacy information security sharing scheme in Industrial Internet of Things (IIoT) to solve the sharing problem of private information in smart factories. Firstly, we abstract smart factories as edge nodes and build decentralized, distributed trusted blockchain networks based on Ethereum clients on simulated edge devices and propose an Intelligent Elliptic Curve Digital Signature Algorithm (IECDSA) to guarantee the ownership of shared information by edge nodes. Secondly, we propose the Reputation-based Delegated Proof of Stake (RDPoS) consensus algorithm to improve the security and reliability of the Delegated Proof of Stake (DPoS) consensus algorithm. Furthermore, we design and implement an incentive mechanism based on information attributes to increase the motivation of edge nodes to share information. Finally, the proposed solution is simulated. Through theoretical and simulation experiments, it is proved that the blockchain-based privacy information security sharing scheme in IIoT can improve the enthusiasm of edge nodes to share information on the premise of ensuring the security of information sharing.

Chao Li,Hui Yang,Zhengjie Sun,Qiuyan Yao,Bowen Bao,Jie Zhang,Athanasios V. Vasilakos

DOI: https://doi.org/10.1109/jiot.2022.3200854

IF: 10.6

2022-12-24

IEEE Internet of Things Journal

Abstract:The Industrial Internet of Things (IIoT) is considered to be one of the most promising revolutionary technologies to increase productivity. With the refined development of manufacturing, the entire manufacturing process is split up into several areas of IoT production. Devices from different domains cooperate to perform the same task, which cause security problems in interacted communication among them. Existing authentication methods cause heavy key management overhead or rely on a trusted third party. It is imperative to protect privacy and ensure the credibility of the device during device interaction. This article proposes a federated hierarchical trust interaction scheme (FHTI) for the cross-domain industrial IoT. It builds a low-privacy network platform through blockchain and protects the data privacy of the IIoT. A hierarchical trust mechanism based on federated detection is designed to realize the unified trust evaluation of cross-domain devices. A trusted cross-domain method based on device trust value is designed to ensure the security and trustworthiness of cross-domain devices. The simulation results show that the FHTI scheme can improve the speed of identity authentication and the detection accuracy of malicious devices.

computer science, information systems,telecommunications,engineering, electrical & electronic

Hu Xiong,Yan Wu,Chuanjie Jin,Saru Kumari

DOI: https://doi.org/10.1109/jiot.2020.2999510

IF: 10.6

2020-12-01

IEEE Internet of Things Journal

Abstract:The Industrial Internet of Things (IIoT) is expected to provide a promising opportunity to revolutionize the production operation of the existing industrial systems by leveraging smart devices. Due to the untrusted nature of communication channels, ensuring data authenticity is a critical challenge. Besides, devices' privacy and communication heterogeneity raise crucial concerns about the IIoT applications since the existing authentication protocols for the IIoT environment face the potential threats of privacy leakage and cannot achieve secure communication between heterogeneous industrial systems. To address these challenges, this article proposes an efficient privacy-preserving authentication protocol for heterogeneous systems in IIoT using proxy resignature. The presented protocol not only provides heterogeneous communication between ID-based and certificateless-based cryptosystems but also achieves various security requirements. The security of our protocol has been proven based on the extended Computational Diffie–Hellman (eCDH) assumption in the random oracle model. The experimental simulation demonstrates that our protocol is feasible for the IIoT-based environment.

computer science, information systems,telecommunications,engineering, electrical & electronic

Zheng Zhang,Liang Huang,Renzhong Tang,Tao Peng,Lihang Guo,Xingwei Xiang

DOI: https://doi.org/10.1109/case48305.2020.9216817

2020-01-01

Abstract:Industrial Internet of Things (IIoT) is regarded as a promising transformation technology for manufacturing industry. We expect the information flow through along the process of material flow, gauging and collective devices feed IIoT platform with essential data. AI and big data analytical techniques can then be used to process the data to support a series of decision-making. Users at both managerial and operational levels can take actions accordingly, which significantly improve management efficiency in one organization, enhance supply chain coordination, and attract investment, etc. Powerful as bigdata and AI technology, they cannot operate without data. In centralized, third-party-managed IIoT platform, few manufactures are willing to share their critical data. This study extends IIoT framework with blockchain technology to provide a solution for trustless data sharing. The solution embeds encrypted ledger to avoid credential data tampering, employs m- in-n-out smart contracts to secure data exchange, and utilizes consensus mechanism to improve cyber security. The proposed framework integrates blockchain with IIoT to operate the entire industrial data exchange in a decentralized network, namely Industrial Blockchain of Things (IBoT).

Yiran Han,Hua Guo,Jianwei Liu,Brou Bernard Ehui,Yapeng Wu,Sijia Li

DOI: https://doi.org/10.1109/jiot.2024.3355228

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:The Industrial Internet of Things (IIoT) is the application of the Internet of Things (IoT) in the industrial field. IIoT allows users to remotely access industrial equipment and the data in it, which also brings certain challenges to the security of industrial data. Authentication and key agreement protocols are very effective security technologies in the matter of protecting industrial data. There is a large amount of research work on authentication protocols in IIoT, but most of the protocols have security weaknesses. Recently, Rafique et al. proposed a multi-factor protocol in IIoT that can accomplish authentication and session key establishment through a gateway. Rafique et al. claimed that their protocol is secure, unfortunately, we carefully analyze the protocol of Rafique et al. and find some security flaws, i.e., it is vulnerable to insider attack and known session-specific temporary information (KSSTI) attack, and unable to provide forward security. We explore the factors of insecurity and propose an enhanced multi-factor secure authentication and key agreement protocol in IIoT. The new protocol improves the security of the protocol while using only symmetric cryptography, hash function, and XOR operation. Formal security analysis and informal security discussions demonstrate that the new protocol is resistant to a variety of known attacks. After performance analysis, our protocol has lower computational cost, and increases no significant communication cost, while providing more secure and robust properties.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xingxing Chen,Qingfeng Cheng,Weidong Yang,Xiangyang Luo

DOI: https://doi.org/10.1007/s11704-023-2595-x

IF: 2.6688

2024-01-23

Frontiers of Computer Science

Abstract:With the widespread use of network infrastructures such as 5G and low-power wide-area networks, a large number of the Internet of Things (IoT) device nodes are connected to the network, generating massive amounts of data. Therefore, it is a great challenge to achieve anonymous authentication of IoT nodes and secure data transmission. At present, blockchain technology is widely used in authentication and s data storage due to its decentralization and immutability. Recently, Fan et al. proposed a secure and efficient blockchain-based IoT authentication and data sharing scheme. We studied it as one of the state-of-the-art protocols and found that this scheme does not consider the resistance to ephemeral secret compromise attacks and the anonymity of IoT nodes. To overcome these security flaws, this paper proposes an enhanced authentication and data transmission scheme, which is verified by formal security proofs and informal security analysis. Furthermore, Scyther is applied to prove the security of the proposed scheme. Moreover, it is demonstrated that the proposed scheme achieves better performance in terms of communication and computational cost compared to other related schemes.

computer science, information systems, theory & methods, software engineering

Qingyang Zhang,Xiaolong Zhou,Hong Zhong,Jie Cui,Jiaxin Li,Debiao He

DOI: https://doi.org/10.1109/tifs.2024.3451357

IF: 7.231

2024-09-11

IEEE Transactions on Information Forensics and Security

Abstract:Several authentication and key agreement (AKA) schemes have been proposed to ensure secure communication in the Industrial Internet of Things (IIoT). However, most of these schemes face two primary problems. First, they cannot resist various attacks, such as impersonation and device capture attacks. Second, these schemes overlook the resource-constrained IIoT devices, failing to guarantee lightweight overhead for device operations. Therefore, we propose a novel and efficient AKA scheme. Utilizing the chameleon hash function and physical unclonable function, the proposed scheme implements a lightweight overhead for both authentication parties while maintaining the overhead of the gateway within a reasonable range. Furthermore, we implement device anonymity based on lightweight operations such as hash and XOR. In addition, we perform a rigorous security analysis using the widely accepted Real-Or-Random model, BAN logic, and Proverif tool. Finally, through heuristic analysis and experiments, we substantiate that our scheme surpasses the compared schemes in terms of both security attributes and system overhead.

computer science, theory & methods,engineering, electrical & electronic