Liang Kou,Yiqi Shi,Liguo Zhang,Duo Liu,Qing Yang

DOI: https://doi.org/10.32604/cmc.2019.03760

2019-01-01

Abstract:With the development of computer hardware technology and network technology, the Internet of Things as the extension and expansion of traditional computing network has played an increasingly important role in all professions and trades and has had a tremendous impact on people lifestyle. The information perception of the Internet of Things plays a key role as a link between the computer world and the real world. However, there are potential security threats in the Perceptual Layer Network applied for information perception because Perceptual Layer Network consists of a large number of sensor nodes with weak computing power, limited power supply, and open communication links. We proposed a novel lightweight authentication protocol based on password, smart card and biometric identification that achieves mutual authentication among User, GWN and sensor node. Biometric identification can increase the non-repudiation feature that increases security. After security analysis and logical proof, the proposed protocol is proven to have a higher reliability and practicality.

Xiong Li,Jianwei Niu,Md Zakirul Alam Bhuiyan,Fan Wu,Marimuthu Karuppiah,Saru Kumari

DOI: https://doi.org/10.1109/tii.2017.2773666

IF: 12.3

2017-01-01

IEEE Transactions on Industrial Informatics

Abstract:Wireless sensor networks (WSNs) play an important role in the industrial Internet of Things (IIoT) and have been widely used in many industrial fields to gather data of monitoring area. However, due to the open nature of wireless channel and resource-constrained feature of sensor nodes, how to guarantee that the sensitive sensor data can only be accessed by a valid user becomes a key challenge in IIoT environment. Some user authentication protocols for WSNs have been proposed to address this issue. However, previous works more or less have their own weaknesses, such as not providing user anonymity and other ideal functions or being vulnerable to some attacks. To provide secure communication for IIoT, a user authentication protocol scheme with privacy protection for IIoT has been proposed. The security of the proposed scheme is proved under a random oracle model, and other security discussions show that the proposed protocol is robust to various attacks. Furthermore, the comparison results with other related protocols and the simulation by NS-3 show that the proposed protocol is secure and efficient for IIoT.

Rong Fan,Lingdi Ping,JianQing Fu,Xuezeng Pan

DOI: https://doi.org/10.1109/PACCS.2010.5626600

2010-01-01

Abstract:As wireless sensor networks (WSNs) are susceptible to attacks and sensor nodes have limited resources, designing a secure and efficient user authentication protocol for WSNs is a difficult task. Considering that most future large-scale WSNs follow a two-tiered architecture, we propose an efficient and Denial-of-Service resistant user authentication scheme for two-tiered WSNs, which imposes very light computational load and requires simple operations such as one-way hash function and exclusive-OR operations. In addition, there is a growing requirement for preserving user anonymity recently. Thus we introduce pseudonym identity for each user which is concealed in login messages. And through clever design, our proposed scheme can prevent from smart card breach. Moreover, the security analysis on this scheme demonstrates that our proposed scheme enjoys security attributes such as preventing the various kinds of attacks and user anonymity. Finally, performance analysis shows that our proposed scheme is simple and efficient.

Xiong Li,Jianwei Niu,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1007/978-3-319-62024-4_3

2017-01-01

Abstract:As a typical application of Internet of Things (IoT), wireless sensor networks (WSNs) have been widely used in many fields, such as remote healthcare, to gather data of monitoring area. However, due to open nature of wireless channel and limited computing and storage resource of sensor node, how to guarantee the sensitive sensed data are only be accessed by valid user becomes an important issue. Many user authentication protocols for WSNs have been proposed to address this issue, however, previous work more or less have their own weaknesses. Recently, Gope and Hwang proposed a lightweight anonymity authentication for WSNs, and they claimed that their protocol is secure against most attacks. However, our analysis indicates that their protocol still has some design and security flaws. To address the security issue for WSNs, a user authentication protocol with privacy protection for WSNs has been proposed. The analysis and comparisons results show that the proposed protocol is a robust and security one for WSNs.

Hanguang Luo,Tao Zou,Chunming Wu,Dan Li,Shunbin Li,Chu

DOI: https://doi.org/10.32604/cmc.2022.027118

2022-01-01

Abstract:In the emerging Industrial Internet of Things (IIoT), authentication problems have become an urgent issue for massive resource-constrained devices because traditional costly security mechanisms are not suitable for them. The security protocol designed for resource-constrained systems should not only be secure but also efficient in terms of usage of energy, storage, and processing. Although recently many lightweight schemes have been proposed, to the best of our knowledge, they are unable to address the problem of privacy preservation with the resistance of Denial of Service (DoS) attacks in a practical way. In this paper, we propose a lightweight authentication protocol based on the Physically Unclonable Function (PUF) to overcome the limitations of existing schemes. The protocol provides an ingenious authentication and synchronization mechanism to solve the contradictions amount forward secrecy, DoS attacks, and resource-constrained. The performance analysis and comparison show that the proposed scheme can better improve the authentication security and efficiency for resource-constrained systems in IIoT.

Xiong Li,Jianwei Niu,Saru Kumari,Fan Wu,Arun Kumar Sangaiah,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1016/j.jnca.2017.07.001

IF: 7.574

2017-01-01

Journal of Network and Computer Applications

Abstract:Internet of Things (IoT) is an emerging technology, which makes the remote sensing and control across heterogeneous network a reality, and has good prospects in industrial applications. As an important infrastructure, Wireless Sensor Networks (WSNs) play a crucial role in industrial IoT. Due to the resource constrained feature of sensor nodes, the design of security and efficiency balanced authentication scheme for WSNs becomes a big challenge in IoT applications. First, a two-factor authentication scheme for WSNs proposed by Jiang et al. is reviewed, and the functional and security flaws of their scheme are analyzed. Then, we proposed a three-factor anonymous authentication scheme for WSNs in Internet of Things environments, where fuzzy commitment scheme is adopted to handle the user's biometric information. Analysis and comparison results show that the proposed scheme keeps computational efficiency, and also achieves more security and functional features. Compared with other related work, the proposed scheme is more suitable for Internet of Things environments.

Yiran Han,Hua Guo,Jianwei Liu,Brou Bernard Ehui,Yapeng Wu,Sijia Li

DOI: https://doi.org/10.1109/jiot.2024.3355228

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:The Industrial Internet of Things (IIoT) is the application of the Internet of Things (IoT) in the industrial field. IIoT allows users to remotely access industrial equipment and the data in it, which also brings certain challenges to the security of industrial data. Authentication and key agreement protocols are very effective security technologies in the matter of protecting industrial data. There is a large amount of research work on authentication protocols in IIoT, but most of the protocols have security weaknesses. Recently, Rafique et al. proposed a multi-factor protocol in IIoT that can accomplish authentication and session key establishment through a gateway. Rafique et al. claimed that their protocol is secure, unfortunately, we carefully analyze the protocol of Rafique et al. and find some security flaws, i.e., it is vulnerable to insider attack and known session-specific temporary information (KSSTI) attack, and unable to provide forward security. We explore the factors of insecurity and propose an enhanced multi-factor secure authentication and key agreement protocol in IIoT. The new protocol improves the security of the protocol while using only symmetric cryptography, hash function, and XOR operation. Formal security analysis and informal security discussions demonstrate that the new protocol is resistant to a variety of known attacks. After performance analysis, our protocol has lower computational cost, and increases no significant communication cost, while providing more secure and robust properties.

computer science, information systems,telecommunications,engineering, electrical & electronic

Zixuan Ding,Qi Xie

DOI: https://doi.org/10.3390/su15075734

IF: 3.9

2023-03-25

Sustainability

Abstract:Wireless sensor networks are a promising application of the Internet of Things in the sustainable development of smart cities, and have been afforded significant attention since first being proposed. Authentication protocols aim to protect the security and confidentiality of legitimate users when accessing and transmitting data. However, existing protocols may suffer from one or more security flaws. Recently, Butt et al. proposed an energy-efficient three-factor authentication protocol for wireless sensor networks. However, their protocol is vulnerable to several attacks, and lacks certain security properties. In this paper, the causes of these design flaws are analyzed. Furthermore, we propose a novel three-factor authentication protocol (password, smart card, and biometric information) for wireless sensor networks in Internet of Things contexts. A dynamic anonymous strategy is designed to prevent privacy disclosure and to resist sensor node capture attacks, tracking attacks, and desynchronization attacks. The Find–Guess model and random oracle model are combined to prove the security of the proposed protocol. A comparative analysis with related schemes shows that the proposed protocol has higher security and is able to maintain a low computational overhead.

environmental sciences,environmental studies,green & sustainable science & technology

Ting Yang,Feng Zhai,HaiQing Xu,Wei Li

DOI: https://doi.org/10.1016/j.egyr.2022.02.061

IF: 5.2

2022-07-01

Energy Reports

Abstract:The wireless sensor networks (WSNs) are the core collecting network of the power internet of things (PIoT). With the development of PIoT, higher standards of timeliness and security are required for the data collection work done by the WSNs. In recent years, researchers have proposed a series of lightweight security protocols for identity authentication and data access in resource-constrained systems such as WSNs. But on one hand, these lightweight security protocols do not take into account of needs of the simultaneous access by multiple users, thus will not meet the requirements of PIoT; on the other hand, it does not take the entire process of remote accessing into account when calculating communication efficiency, and cannot fully reflect the advantage in efficiency. Therefore, this paper proposes a PIoT-oriented WSNs communication model based on PIoT’s characteristics such as multi-user, and higher standard of timeliness and security. It also designs a new identity authentication protocol for multi-gateway WSNs. Through the informal security analysis, the protocol proposed in this paper is proved to be more secure and efficient comparing to other multi-user access protocols.

energy & fuels

Fan Wu,Lili Xu,Saru Kumari,Xiong Li

DOI: https://doi.org/10.1007/s12652-016-0345-8

IF: 3.662

2016-01-01

Journal of Ambient Intelligence and Humanized Computing

Abstract:The notion Internet of Things (IoT) means all things in the global network can be interconnected and accessed. Wireless sensor network (WSN) is one of the most important applications of the notion and is widely used in nearly all scopes. In 2014, Hsieh et al. presented an improved authentication scheme for WSNs. But it has several weaknesses, including no session key, lack of mutual authentication and under the insider attack, the off-line guessing attack, the user forgery attack and the sensor capture attack. To avoid the weaknesses, we present a new authentication scheme which is also for WSNs. Then we employ the random oracle model to show the formal proof, and use the protocol analyzing tool Proverif to list the formal verification process. Compared with some recent schemes for WSNs via the aspects of security properties, the proposed scheme overcomes the common problems and fits for the security properties of IoT.

Xingwen Zhao,Dexin Li,Hui Li

DOI: https://doi.org/10.3390/s22197510

IF: 3.9

2022-01-01

Sensors

Abstract:Because the majority of information in the industrial Internet of things (IIoT) is transmitted over an open and insecure channel, it is indispensable to design practical and secure authentication and key agreement protocols. Considering the weak computational power of sensors, many scholars have designed lightweight authentication protocols that achieve limited security properties. Moreover, these existing protocols are mostly implemented in a single-gateway scenario, whereas the multigateway scenario is not considered. To deal with these problems, this paper presents a novel three-factor authentication and key agreement protocol based on elliptic curve cryptography for IIoT environments. Based on the elliptic curve Diffie-Hellman problem, we present a protocol achieving desirable forward and backward secrecy. The proposed protocol applies to single-gateway and is also extended to multigateway simultaneously. A formal security analysis is described to prove the security of the proposed scheme. Finally, the comparison results demonstrate that our protocol provides more security attributes at a relatively lower computational cost.

Lili Xu,Fan Wu

DOI: https://doi.org/10.1007/s13369-019-03752-7

IF: 2.807

2019-01-01

Arabian Journal for Science and Engineering

Abstract:Internet of Things (IoT) is known as a hot topic in current decade. As a widely accepted IoT technology, wireless sensor network (WSN) is employed in fire alarming, agriculture, etc. However, how to devise a secure authentication scheme for WSNs is an open issue. In recent several years, authentication schemes about WSN with multi-gateway architecture have turned up. Unfortunately, security weaknesses may happen in historical schemes. Rather than simply improve the old schemes, we present a lightweight authentication scheme for multi-gateway WSNs in this paper. Based on the place of aim sensor, the process is divided into two cases: visiting sensor in and out of the scope of gateway. After the proof with ProVerif and analysis of the security properties, we deem that our scheme is away from usual attacks. Furthermore, the presented scheme is better than other recent schemes by performance comparison and it is practical by simulation study via the famous tool NS-3.

Na Li,Maode Ma,Hui Wang

DOI: https://doi.org/10.3390/s24041243

IF: 3.9

2024-02-15

Sensors

Abstract:With the increasing demand for a digital world, the Industrial Internet of Things (IIoT) is growing rapidly across various industries. In manufacturing, particularly in Industry 4.0, the IIoT assumes a vital role. It encompasses many devices such as sensing devices, application servers, users, and authentication servers within workshop settings. The security of the IIoT is a critical issue due to wireless networks' open and dynamic nature. Therefore, designing secure protocols among those devices is an essential aspect of IIoT security functionality and poses a significant challenge to the IIoT systems. In this paper, we propose a lightweight anonymous authentication protocol to preserve privacy for IIoT users, enabling secure IIoT communication. The protocol has been validated to demonstrate its comprehensive ability to overcome various vulnerabilities and prevent malicious attacks. Finally, the performance evaluation confirms that the proposed protocol is more effective and efficient than the existing alternatives.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Fan Wu,Xiong Li,Lili Xu,Pandi Vijayakumar,Neeraj Kumar

DOI: https://doi.org/10.1109/jsyst.2020.2981049

IF: 4.802

2020-01-01

IEEE Systems Journal

Abstract:As an important topic of IoT, wireless sensor network (WSN) data transmission is popular nowadays. It is widely accepted that the wireless channel is hazard, and multifactor authentication schemes are proposed to save the hazard of wireless communication circumstance. To overcome the problems, we give a fresh three-factor authentication scheme providing session keys for WSNs. Formal verification given by Proverif illustrates that the new scheme keeps security properties. At the same time, the informal analysis also denotes that the proposed scheme is practical and satisfies general needs, such as counteraction against various attacks and meeting security properties. Compared to some recent similar schemes, the proposed scheme performs better in security and is suitable for application. At last, we use NS-3 for simulation. The results from the simulation show that the scheme can run in IoT environment normally and has practical perspective.

Shihong Zou,Qiang Cao,Ruichao Lu,Chenyu Wang,Guoai Xu,Huanhuan Ma,Yingyi Cheng,Jinwen Xi

DOI: https://doi.org/10.1016/j.comcom.2024.04.011

IF: 5.047

2024-04-09

Computer Communications

Abstract:Smart factory, as an intelligent application of industrial internet of things (IIoT), significantly enhances the efficiency of industrial processes while also reducing resource waste. In a system where security is crucial, the user authentication mechanism is essentially designed to prevent a range of security issues, including production failures caused by illegal intrusions from hackers. To verify the user's identity and ensure data be accessed with a secure session key, a large number of authentication protocols have been provided for IIoT. However, existing newly alternatives show deficiency either in terms of superior performance or robust security. To get a better balance of security and efficiency, this paper designs a robust and effective 3-factor user authentication protocol. Then this paper shows the detailed security analyses and automated verification by the Proverif tool, where the ProVerif tool used in this paper can detect whether the eCK adversary with stronger attack ability can break the protocol, while the general ProVerif can only detect threat of the Dolev-Yao adversary with weaker attack ability to the protocol security. Subsequently, this paper presents performance comparison which indicates that the proposed protocol can be superior to those newly alternatives. Especially, the comparison results show that the computation cost consumed in the proposed protocol can be reduced by 62.2% than the average cost of all six compared alternatives. Lastly, the evaluation results on the energy consumption and the network delay indicate the practicability of proposed protocol for smart factory.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jiaqing Mo,Hang Chen

DOI: https://doi.org/10.1155/2019/2136506

IF: 1.968

2019-01-01

Security and Communication Networks

Abstract:Wireless sensor networks (WSNs) have great potential for numerous domains of application because of their ability to sense and understand unattended environments. However, a WSN is subject to various attacks due to the openness of the public wireless channel. Therefore, a secure authentication mechanism is vital to enable secure communication within WSNs, and many studies on authentication techniques have been presented to build robust WSNs. Recently, Lu et al. analyzed the security defects of the previous ones and proposed an anonymous three-factor authenticated key agreement protocol for WSNs. However, we found that their protocol is vulnerable to some security weaknesses, such as the offline password guessing attack, known session-specific temporary information attack, and no session key backward secrecy. We propose a lightweight security-improved three-factor authentication scheme for WSNs to overcome the previously stated weaknesses. In addition, the improved scheme is proven to be secure under the random oracle model, and a formal verification is conducted by ProVerif to reveal that the proposal achieves the required security features. Moreover, the theoretical analysis indicates that the proposal can resist known attacks. A comparison with related works demonstrates that the proposed scheme is superior due to its reasonable performance and additional security features.

Hsiao-Ling Wu,Chin-Chen Chang,Yao-Zhu Zheng,Long-Sheng Chen,Chih-Cheng Chen

DOI: https://doi.org/10.3390/s20195604

IF: 3.9

2020-09-30

Sensors

Abstract:The Internet of Things (IoT) is currently the most popular field in communication and information techniques. However, designing a secure and reliable authentication scheme for IoT-based architectures is still a challenge. In 2019, Zhou et al. showed that schemes pro-posed by Amin et al. and Maitra et al. are vulnerable to off-line guessing attacks, user tracking attacks, etc. On this basis, a lightweight authentication scheme based on IoT is proposed, and an authentication scheme based on IoT is proposed, which can resist various types of attacks and realize key security features such as user audit, mutual authentication, and session security. However, we found weaknesses in the scheme upon evaluation. Hence, we proposed an enhanced scheme based on their mechanism, thus achieving the security requirements and resisting well-known attacks.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Yi Li,Yuling Tian

DOI: https://doi.org/10.1109/jsyst.2022.3152561

IF: 4.802

2022-01-01

IEEE Systems Journal

Abstract:In recent years, wireless sensor networks (WSNs) have been extensively used in many fields, which provide great convenience for peoples daily work and life. With the popularity of WSNs, peoples demands for related authentication protocols are developing in a comprehensive and perfect direction, and relevant designs are focusing more on two aspects: security and performance. However, current research cannot avoid the problem that security and efficiency are not compatible. Some studies use time-consuming cryptographic structures for security, while most lightweight schemes are designed without considering certain security properties, such as perfect forward secrecy, the resistance to known session-specific temporary information attack, etc. In our view, this conflict can be resolved by using lightweight cryptography primitives with special attention to protocol vulnerabilities and ever-evolving security requirements of people. By abandoning all unnecessary cryptographic structures, we propose a comprehensive lightweight three-factor authentication protocol with various security requirements, including adaptive privacy preservation, which is suitable for the user-friendly scenario in the WSN. Through security analysis, real-or-random (ROR) model proof, Automated Validation of Internet Security Protocols and Applications experimental verification, and security aspect comparison, it is proved that our protocol is superior in the security aspect. The performance experiment under MIRACL library shows that this study has advantages in performance compared with other recent research.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Brou Bernard Ehui,Yiran Han,Hua Guo,Jianwei Liu

DOI: https://doi.org/10.23919/jcin.2022.9815201

2022-01-01

Journal of Communications and Information Networks

Abstract:Due to the resource-constrained of Internet of things (IoT) devices, the traditional cryptography protocols are not suitable for IoT environments. When they can be implemented, their performances often are not acceptable. As a result, a lightweight protocol is required to cope with these challenges. To address security challenges in IoT networks, we present a lightweight mutual authentication protocol for IoT. The protocol aims to provide a secure mutual authentication mechanisms between the sensor node and gateway using a lightweight cryptography algorithms. The protocol is relied on two main shared secret keys, a permanent key (κ p ) used for encrypting messages during the mutual authentication phase and an update key (κ u ) used for the communication session. The session key is constantly updated after a pre-defined session time (sess time i ) by using the previous session information. We used a lightweight cryptography mechanisms that includes symmetric-key cryptography, hash-based message authentication code (HMAC), and hash function to design the protocol. We analyze the protocol using the Barrows-Abadi-Needham (BAN)-logic method and the results show that the proposed scheme has good security and performance compared to existing related protocols. It can provide a secure mutual authentication mechanism in the IoT environment.

Xiong Li,Jieyao Peng,Mohammad S. Obaidat,Fan Wu,Muhammad Khurram Khan,Chaoyang Chen

DOI: https://doi.org/10.1109/jsyst.2019.2899580

IF: 4.802

2020-01-01

IEEE Systems Journal

Abstract:The Internet of Things (IoT) enables all objects to connect to the Internet and exchange data via different emerging technologies, which makes the intelligent identification and management a reality. Wireless sensor networks (WSNs), as a crucial basis of IoT, have been applied in many fields like smart health care and smart transportation. With the development of WSNs, data security has attracted more and more attention, and user authentication is a popular mechanism to ensure the information security of WSNs. Recently, many authentication mechanisms for wireless medical sensor networks (WMSNs) have been proposed, but most of the protocols cannot achieve the features of local password change and forward secrecy while resisting stolen smart card attack. To enhance the security based on previous work, an ECC-based secure three-factor authentication protocol with forward secrecy for WMSN is proposed in this paper. It utilizes a fuzzy commitment scheme to handle the biometric information. Meanwhile, fuzzy verifier and honey_list techniques are used to solve the contradiction of local password verification and mobile device lost attack. The security of our protocol is evaluated by provable security, Proverif tool, and information analysis. Besides, the comparisons with the relevant protocols are given, and the results indicate that our protocol is robust and secure for WMSN systems.