Jianhong Zhang,Yuehai Wang

2019-01-01

Abstract:.As a significant cryptographical primitive, proxy re-signature(PRS) technique is broadly applied to distributed computation, copyright transfer and hidden path transfer because it permits that a proxy translates an entity’s signature into the other entity’s signature on the identical data. Recently, to discard time-consuming pairing operator and intricate certificate-maintenance, Wang et al. proposed two efficient pairing-free ID-based PRS schemes, and declared that their schemes were provably secure in the ROM. Very unluckily, in this investigation, we point out that Wang et al.’s schemes suffer from attacks of universal forgery by analysing their security, i.e., anyone can fabricate a signature on arbitrary file. After the relevant attacks are shown, the reasons which result in such attacks is analyzed. Finally, we discuss the corresponding improved method. Key–Words: ID-based PRS, integer factorization problem, universal forgeability, security attack

Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Zirui Qiao,Yanwei Zhou,Bo Yang,Mingwu Zhang,Tao Wang,Zhe Xia

DOI: https://doi.org/10.1109/jsyst.2021.3131589

IF: 4.802

2021-01-01

IEEE Systems Journal

Abstract:To improve the security of industrial Internet of things (IIoT), several concrete constructions of certificate-based proxy signature (CBPS) scheme without bilinear pairing were proposed in the last few years. However, many previous constructions were found impractical, either fail to meet the claimed security properties or contain design flaws. In particular, in some instances, a malicious proxy signer can claim to be the original signer by forwarding the messages from original signer to any proxy signer, and the receiver cannot determine whether the delegation of signing power has been reused. In this article, we first demonstrate some security issues and design flaws in the previous proposals of CBPS scheme. As follows, to further address the above deficiencies, three new constructions of CBPS scheme with improved security are introduced. In the first two proposals, the delegation validity can be verified by the designated verifier (proxy signer), and the delegation of signing power for the last construct is publicly verifiable (any signer). Furthermore, formal security proofs are given using forking lemma in the random oracle, assuming that the discrete logarithm problem is hard. Compared with the previous CBPS schemes, our constructions are efficient with respect to computation and communication. Finally, we discuss the two necessary conditions for constructing secure CBPS schemes, to avoid security flaws in future research.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Dong Xie,Jinghua Yang,Bin Wu,Weixin Bian,Fulong Chen,Taochun Wang

DOI: https://doi.org/10.1109/tifs.2024.3362589

IF: 7.231

2024-02-17

IEEE Transactions on Information Forensics and Security

Abstract:In a mobile edge computing environment, the computing tasks of resource-constrained IoT devices are often offloaded to mobile edge computing servers for processing. In order to ensure the security of the task offloading process, both parties need to perform mutual authentication and negotiate a session key first. The security defenses in the existing authentication schemes are often only aimed at external attackers, while ignoring the possible malicious behaviors of semi-trusted servers. Furthermore, they cannot effectively take into account the device-side lightweight and security, as well as the load problem of a single registry. In this paper, we propose a new anonymous authentication key agreement scheme that fully considers the resource constraints of terminal devices and the security risks of semi-trusted servers. In the scheme, we use the method of generating pairing information during registration to avoid the server-side directly contacting the user's private information, and support trusted third parties not to participate in the authentication process. In addition, by setting up authentication servers to outsource computing tasks, the device-side can avoid blindly selecting a computing server for task offloading, achieve accurate task assignment and efficient execution of authentication. We use Real-Or-Random model and BAN logic to demonstrate the security of the proposed scheme, and use the ProVerif tool to verify its authenticated reachability and confidentiality. Compared with other schemes with the same structure, this scheme is superior to similar schemes, and has higher security on the basis of ensuring the least amount of computation on the device-side.

computer science, theory & methods,engineering, electrical & electronic

Yongqing Zhu,Zhenyu Guan,Ziyi Wang,Dawei Li,Yawei Wang,Mai Xu

DOI: https://doi.org/10.1109/ispa-bdcloud-socialcom-sustaincom52081.2021.00115

2021-01-01

Abstract:The Internet of Things (IoT) is essentially a network infrastructure which connects smart devices together. However, IoT endpoint devices are widely deployed in a public and unprotected environment. The devices are facing security issues such as identity forgery and illegal access. Hence, in this paper, we propose a lightweight mutual authentication scheme with physically unclonable function(PUF) running in SRAM, which ensures the authenticity of devices and nodes at a low cost. In addition, this scheme has high security for resisting physical cloning attacks, replay attacks, man-in-the-middle attacks, and spoofing attacks. Furthermore, the device needs no more than two complex algorithms to implement proposed authentication, which means the scheme is easy to deploy. This scheme utilizes a distributed architecture with a central server, which adds no additional pressure on the IoT nodes and centres. In this paper, the scheme is proved to be correct, efficient and suitable for IoT scenarios by a prototype implemented with a MSP430V254IPZR MCU, which is widespread in the IoT nowadays.

Jianhua Li,Jiong Jin,Lingjuan Lyu,Dong Yuan,Yingying Yang,Longxiang Gao,Chao Shen

DOI: https://doi.org/10.48550/arXiv.2011.06325

2020-11-12

Abstract:Numerous resource-limited smart objects (SOs) such as sensors and actuators have been widely deployed in smart environments, opening new attack surfaces to intruders. The severe security flaw discourages the adoption of the Internet of things in smart living. In this paper, we leverage fog computing and microservice to push certificate authority (CA) functions to the proximity of data sources. Through which, we can minimize attack surfaces and authentication latency, and result in a fast and scalable scheme in authenticating a large volume of resource-limited devices. Then, we design lightweight protocols to implement the scheme, where both a high level of security and low computation workloads on SO (no bilinear pairing requirement on the client-side) is accomplished. Evaluations demonstrate the efficiency and effectiveness of our scheme in handling authentication and registration for a large number of nodes, meanwhile protecting them against various threats to smart living. Finally, we showcase the success of computing intelligence movement towards data sources in handling complicated services.

Cryptography and Security,Networking and Internet Architecture

Abubaker Wahaballa

DOI: https://doi.org/10.3390/electronics11213445

IF: 2.9

2022-10-26

Electronics

Abstract:After the great success of mobile wallets, the Internet of Things (IoT) leaves the door wide open for consumers to use their connected devices to access their bank accounts and perform routine banking activities from anywhere, anytime, and with any device. However, consumers need to feel safe when interacting with IoT-based payment systems, and their personal information should be protected as much as possible. Unlike what is usually found in the literature, in this paper, we introduce two lightweight and secure IoT-based payment protocols based on an identity-based signature scheme. We adopt a server-aided verification technique to construct the first scheme. This technique allows to outsource the heavy computation overhead on the sensor node to a cloud server while maintaining the user's privacy. The second scheme is built upon a pairing-free ECC-based security protocol to avoid the heavy computational complexity of bilinear pairing operations. The security reduction results of both schemes are held in the Random Oracle Model (ROM) under the discrete logarithm and computational Diffie–Hellman assumptions. Finally, we experimentally compare the proposed schemes against each other and against the original scheme on the most commonly used IoT devices: a smartphone, a smartwatch, and the embedded device Raspberry Pi. Compared with existing schemes, our proposed schemes achieve significant efficiency in terms of communication, computational and storage overheads.

engineering, electrical & electronic,computer science, information systems,physics, applied

Yicheng Yu,Liang Hu,Jianfeng Chu

DOI: https://doi.org/10.3390/sym12010150

2020-01-01

Symmetry

Abstract:The integration of Internet of things (IoT) and cloud computing technology has made our life more convenient in recent years. Cooperating with cloud computing, Internet of things can provide more efficient and practical services. People can accept IoT services via cloud servers anytime and anywhere in the IoT-based cloud computing environment. However, plenty of possible network attacks threaten the security of users and cloud servers. To implement effective access control and secure communication in the IoT-based cloud computing environment, identity authentication is essential. In 2016, He et al. put forward an anonymous authentication scheme, which is based on asymmetric cryptography. It is claimed that their scheme is capable of withstanding all kinds of known attacks and has good performance. However, their scheme has serious security weaknesses according to our cryptanalysis. The scheme is vulnerable to insider attack and DoS attack. For overcoming these weaknesses, we present an improved authentication and key agreement scheme for IoT-based cloud computing environment. The automated security verification (ProVerif), BAN-logic verification, and informal security analysis were performed. The results show that our proposed scheme is secure and can effectively resist all kinds of known attacks. Furthermore, compared with the original scheme in terms of security features and performance, our proposed scheme is feasible.

Dongfeng Fang,Yi Qian,Rose Qingyang Hu

DOI: https://doi.org/10.1109/jiot.2020.2970974

IF: 10.6

2020-04-01

IEEE Internet of Things Journal

Abstract:Internet-of-Things (IoT) applications have been rapidly deployed into pervasive environment, where both challenges and opportunities abound. On the one hand, a large number of IoT devices and their rich functions contribute significant volumes of data, which has brought tremendous convenience to the daily lives of end users. On the other hand, the heterogeneous IoT devices and a large amount of private information transmitted through networks also bring serious security and privacy issues. It is a big challenge to model IoT systems and trust relationships between different entities with a large number of heterogeneous IoT devices. In this article, we study a general IoT system architecture with consideration of heterogeneous IoT devices. Different trust models are proposed and analyzed based on the trust relationships between different entities in the IoT system. We propose a flexible and efficient authentication scheme with a consideration of heterogeneous IoT devices based on the least trust-required model. The proposed scheme provides security and privacy to resource-limited IoT devices flexibly and efficiently by utilizing IoT devices with better storage and computational ability. Moreover, secure data transmission is presented with contextual privacy and data integrity services. The proposed scheme achieves not only the mutual authentication, initial session key agreement, and data integrity but also anonymity, contextual privacy, forward security, end-to-end security, and key escrow resilience. Security analysis is presented to provide verification of the proposed protocol and security objectives. Moreover, performance evaluation is presented with comparison to the other schemes in terms of security features, computational overhead, and communication overhead. The performance comparisons show that our proposed scheme provides flexible and efficient security by consideration of heterogeneous IoT devices. With the higher proportion of resource-limited IoT devic-s, our proposed scheme outperforms other similar schemes.

computer science, information systems,telecommunications,engineering, electrical & electronic

Lejun Zhang,Minghui Peng,Weizheng Wang,Zilong Jin,Yansen Su,Huiling Chen

DOI: https://doi.org/10.1002/ett.4315

IF: 3.6

2021-06-06

Transactions on Emerging Telecommunications Technologies

Abstract:<p>With the rapid development of Internet of Things (IoT) technology, IoT devices have been widely used to collect physiological health data and provide diversified services to the terminal users. However, traditional data storage and sharing scheme cloud computing based in IoT face many challenges. For example, IoT devices are usually resource-constrained (storage, computing power, battery capacity, etc.), data signed by IoT devices to ensure data integrity and authenticity will consume a lot of computing resources of IoT devices. At the same time, there is the challenge of high latency and unsafe data storage and sharing. To overcome these challenges, we propose a secure and efficient data storage and sharing scheme for blockchain-based mobile-edge computing. In our scheme, we construct the unique signature private key in a region into multiple key shares. IoT devices only need to submit the data and the random key shares allocated to the edge node. Edge node uses the recovered signature private key to realize data signature and homomorphic encryption. At the same time, the edge node will process timely data and return to the user. For data that need to be uploaded to the cloud for analysis, we use backup uploads to avoid data floods. Through experiments, it was found that our scheme can not only realize low-latency message response for the terminal users, but also realize anonymous identity verification while ensuring data integrity and authenticity. The key shares of the signature private key are stored in different blocks of the blockchain to improve fault tolerance. The content extraction signature algorithm ensures that the key shares stored in different blocks are publicly verifiable. Safety analysis and performance analysis verify the feasibility and effectiveness of our scheme.</p>

telecommunications

Jianying Qiu,Kai Fan,Kuan Zhang,Qiang Pan,Hui Li,Yintang Yang

DOI: https://doi.org/10.1109/access.2019.2958089

IF: 3.9

2019-01-01

IEEE Access

Abstract:The Internet of Things (IoT) is developing towards smart and mobile Internet of Things (SM-IoT), which has made great progress. Due to the inherent heterogeneity, distribution, intensive communication, and resource constraints of SM-IoT, efficient security and privacy communication protocols become a particularly critical challenge. Signcryption has received considerable attention. Various signcryption schemes have been proposed to solve secure communication. However, most of them are low in efficiency, without the consideration of characteristics of the SM-IoT. In this paper, we propose a signcryption scheme to achieve efficient secure multi-message and multi-receiver communication for the heterogeneous and distributed SM-IoT. We develop Identity-based Cryptography (IBC) and Certificateless Cryptography (CLC) to solve the certificate management problem. Our scheme no longer needs wireless secure channel during key generation phase of traditional CLC system, which improves the applicability of our scheme in wireless SM-IoT environment. There is no expensive operations, such as bilinear pairing, in our scheme. In addition, our scheme out sources part of the verification overhead from the SM-IoT users to the gateway without revealing user privacy. The performance evaluation shows that the computation efficiency in both sender and receiver side is improved in our scheme.

Hongjun Li,Fanyu Kong,Jia Yu,Hanlin Zhang,Yunting Tao

DOI: https://doi.org/10.2139/ssrn.4080721

2022-01-01

SSRN Electronic Journal

Abstract:With the popularity of IoT and 5G, the privacy-preserving message transmission and authentication have become an indispensable part in the field of data collection and analysis. There exist many protocols based on the public key, which allow the users to utilize their own identity as the public key to carry out data encryption and data signature, which is very suitable for applying in the IoT environment with a large number of terminal devices. However, these protocols usually involve some complex cryptographic operations, which hinder their application on the resource-constrained IoT devices. Secure outsourcing computation, as an important application of edge computing, can allow the resource-constrained devices to delegate the complex computations to the nearby edge servers. In this paper, we design a privacy-preserving and verifiable outsourcing message transmission and authentication protocol, which allows the resource-constrained users to delegate some complex operations to the two untrusted edge servers and reduce the computational burden on the users side. It is great meaningful for the promotion and application of the identity-based protocols. The designed protocol contains several secure and novel outsourcing algorithms for modular exponentiation, bilinear pairing and scalar multiplication. For the different operations in the different situations, we design several different blinding techniques and verification methods, which not only protect the users’ private information from being disclosed to the edge servers, but also ensure the users can verify the correctness of the results returned from the edge servers with a higher probability and the lower computational complexity. Finally, we carry out some experiments to show that our proposed protocol is efficient.

Yu Liu,Kaiping Xue,Peixuan He,David S. L. Wei,Mohsen Guizani

DOI: https://doi.org/10.1109/jiot.2020.2975140

IF: 10.6

2020-07-01

IEEE Internet of Things Journal

Abstract:The Internet of Things (IoT) has set off a new information technology revolution due to its convenience and efficiency. An IoT enables sharing economy, as more people are willing to share their own things (mostly mobile devices) to leverage the under-used value. In such a situation where owners and users are often not familiar with each other, an efficient access control mechanism is needed to deal with the trust issue and support service accountability to help owners accurately get their deserved profits. Besides, in such a sharing economy environment, the mobility of most shared IoT devices and their privacy preserving should also be taken into account. Regrettably, the existing schemes cannot achieve all of the aforementioned goals simultaneously and only few schemes were implemented to evaluate the claimed performance. In this article, we propose an efficient, accountable, and privacy-preserving access control solution for IoT in a sharing economy environment. In our scheme, we utilize the one-time signature to achieve anonymous authentication and let gateways store the signatures as service credentials for accountability. Meanwhile, we adopt the identity-based authentication to exclude malicious gateways and shared devices from the system and design a specialized protocol for those devices moving with the users. We conduct a detailed security analysis to show that our scheme can effectively defend against potential attacks, and also implement a prototype system to demonstrate that our design is indeed an efficient one.

computer science, information systems,telecommunications,engineering, electrical & electronic

Ziyi Su,Shiwei Wang,Hongliu Cai,Jiaxuan Huang,Yourong Chen,Xudong Zhang,Muhammad Alam

DOI: https://doi.org/10.3390/electronics13183735

IF: 2.9

2024-09-21

Electronics

Abstract:Current authentication schemes based on zero-knowledge proof (ZKP) still face issues such as high computation costs, low efficiency, and security assurance difficulty. Therefore, we propose a secure and efficient authentication scheme (SEAS) for large-scale IoT devices based on ZKP. In the initialization phase, the trusted authority creates prerequisites for device traceability and system security. Then, we propose a new registration method to ensure device anonymity. In the identity tracing and revocation phase, we revoke the real identity of abnormal devices by decrypting and updating group public keys, avoiding their access and reducing revocation costs. In the authentication phase, we check the arithmetic relationship between blind certificates, proofs, and other random data. We propose a new anonymous batch authentication method to effectively reduce computation costs, enhance authentication efficiency, and guarantee device authentication security. Security analysis and experimental results show that an SEAS can ensure security and effectively reduce verification time and energy costs. Its security and performance exceed existing schemes.

engineering, electrical & electronic,computer science, information systems,physics, applied

Han Bao,Xiaoping Zhang,Gaoyuan Wang,Renrui Tian,Jinrong Duan,Youjian Zhao

DOI: https://doi.org/10.1109/icc45041.2023.10279752

2023-01-01

Abstract:Internet of Things (IoT) devices have achieved rapid development but most of them are vulnerable to spoofing attacks and spoofing-related attacks. It is crucial to verify source identity at the near-source end to defend against attacks, save network forwarding resources, and relieve the authentication pressure on the receiver end. In this paper, we propose Smart-PKI, a blockchain-based distributed identity validation scheme for IoT Devices. In the architecture of Smart-PKI, near-source forwarders can verify the authenticity of the source identity of packets and can filter spoofed packets. Besides, we apply Merkle Patricia Trie (MPT) to the Smart-PKI blockchain to enable lightweight blockchain copy storage and efficient retrieval and verification of identity information on forwarders. Meanwhile, Smart-PKI proposes an identity restoration mechanism and enables solutions for the attacks caused by public and private key compromise. Furthermore, we implement Smart-PKI on Network Simulator Version 3 (NS3) and evaluate its performance against reflection denial-of-service (DDoS) attacks. The simulation results demonstrate the effectiveness and efficiency of Smart-PKI and it outperforms existing blockchain-based PKI solutions for IoT devices in terms of network latency for verifying certificates.

Zhenyu Wang,Ding Deng,Shen Hou,Yang Guo,Shaoqing Li

DOI: https://doi.org/10.1016/j.comcom.2023.02.015

IF: 5.047

2023-01-01

Computer Communications

Abstract:The remarkable advance of the Internet of Things (IoT) has smoothed the way to the interconnection of various mobile devices in secure access and communication. In order to guarantee user privacy and anonymity in public networks, a large number of mutual authentication and key-sharing protocols between different IoT devices and multi-servers have been proposed. Due to resource-constrained and inefficient IoT devices, most previous protocols can confront assorted malicious attacks, such as eavesdropping, counterfeiting, chip cloning, device forgery, and other attacks. These attacks may be exposed the user’s private key or other sensitive data. To solve these problems, physical unclonable function (PUF) is a lightweight security primitive that utilizes random process deviations that cannot be controlled during chip manufacturing to generate device-unique digital signatures. In this paper, we combined the key-sharing scheme based on PUF on the hardware side, which solves relevant security problems such as device cloning and key tampering. Furthermore, we propose a three-factor secure and efficient authentication and key-sharing protocol, leveraging the inherent security properties of passwords, biometrics, and PUFs. We demonstrate the security of our proposed protocol based on computational Bilinear Diffie–Hellman Problem (BDH) and k-CAA hard problems and the Proverif tool. Compared with existing relevant protocols, our protocol meets various security properties and defends against varied security threats. The low computational cost, communication overhead, and device storage indicate that our protocol is applicable to resource-constrained IoT devices.

Qingshui Xue,Xingzhong Ju,Haozhi Zhu,Haojin Zhu,Fengying Li,Xiangwei Zheng

DOI: https://doi.org/10.1007/978-3-030-22971-9_12

2019-01-01

Abstract:IoT is an important part of the new generation of information technologies and the next big thing in the IT industry after the computer and the internet. The IoT has great development potential and a wide range of possible applications, especially commercial applications. And information security of the IoT is the key to the long-term development of the whole industry. Currently, the two most significant factors in the development of the IoT are user identity authentication and privacy protection. This paper contains an analysis on the current picture of inter-device user identity authentication in the IoT and proposes an inter-device biometric authentication solution for the IoT that’s designed to work with larger devices, addressing the shortcomings of the traditional user identity authentication technologies including security and efficiency problems. A strategy for further solution optimization is also included. This paper elaborates on the specific process of user identity authentication carried out by users on devices and between devices making use of fingerprints. We’ll demonstrate the security of this solution against existing attack methods and in the last part, we enumerate various possible applications of this solution in smart homes.

Fei Chen,Zixing Xiao,Tao Xiang,Junfeng Fan,Hong-Linh Truong

DOI: https://doi.org/10.1109/tdsc.2022.3178115

2022-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:The rapid development of IoT (Internet of Things) brings great convenience to people through the utilization of IoT applications, but also brings huge security challenges. Existing IoT security breaches show that many IoT devices have authentication flaws. Although many IoT authentication schemes were proposed, they are not fit for recent smart IoT applications covering IoT device, back-end sever, and user-end mobile applications. To build the first line of defense for smart IoT systems, this paper proposes a new authentication scheme. The proposed scheme first models the entire lifecycle of the IoT device authentication for real-world scenarios of smart IoT systems that contains factory manufacturing, daily usage, and system resetting. For each stage in the lifecycle, the proposed scheme employs efficient symmetric key mechanisms to achieve the authentication between IoT device, back-end server, and mobile application. The proposed scheme supports both server-free local area network communication and sever-involved remote public area communication. Formal security verification shows that the proposed scheme resists existing attacks. The open-source experimental evaluations also show that the proposed scheme is efficient and promising for practical usage.

Han-Yu Lin,Pei-Ru Chen

DOI: https://doi.org/10.3390/s24196290

2024-09-28

Abstract:As technology advances rapidly, a diverse array of Internet of Things (IoT) devices finds widespread application across numerous fields. The intelligent nature of these devices not only gives people more convenience, but also introduces new challenges especially in security when transmitting data in fog-based cloud environments. In fog computing environments, data need to be transmitted across multiple devices, increasing the risk of data being intercepted or tampered with during transmission. To securely share cloud ciphertexts, an alleged proxy re-encryption approach is a commonly adopted solution. Without decrypting the original ciphertext, such a mechanism permits a ciphertext intended for user A to be easily converted into the one intended for user B. However, to revoke the decryption privilege of data users usually relies on the system authority to maintain a user revocation list which inevitably increases the storage space. In this research, the authors come up with a fog-based proxy re-encryption system with revocable identity. Without maintaining the traditional user revocation list, the proposed scheme introduces a time-updated key mechanism. The time-update key could be viewed as a partial private key and should be renewed with different time periods. A revoked user is unable to obtain the renewed time-update key and hence cannot share or decrypt cloud ciphertexts. We formally demonstrate that the introduced scheme satisfies the security of indistinguishability against adaptively chosen identity and chosen plaintext attacks (IND-PrID-CPA) assuming the hardness of the Decisional Bilinear Diffie-Hellman (DBDH) problem in the random oracle model. Furthermore, compared with similar systems, the proposed one also has lower computational complexity as a whole.

Wenlong Zhu,Changli Zhou,Linmei Jiang

DOI: https://doi.org/10.3390/electronics13061026

IF: 2.9

2024-03-09

Electronics

Abstract:With the rapid popularization of current Internet of Things (IoT) technology and 5G networks, as well as the continuous updating of new service lifestyles and businesses, the era of big data processing for the IoT has arrived. However, centralizing all data for processing in the cloud can lead to issues such as communication latency and privacy breaches. To solve these problems, edge computing, as a new network architecture close to terminal data sources and supporting low latency services, has gradually emerged. In this context, cloud edge collaborative computing has become an important network architecture. With the changing security requirements and communication methods of cloud edge collaborative network architecture, traditional authentication key agreement protocols are no longer applicable. Therefore, a new IoT authentication and key agreement protocol needs to be designed to solve this problem. This study proposes an IoT accessible solution for cloud edge collaboration. This scheme adopts a chaotic mapping algorithm to achieve efficient authentication. It ensures the anonymity and untraceability of users. Following this, we conducted strict security verification using BAN logic and Scyther tools. Through experimental comparative analysis, the research results show that the protocol performs better than other schemes while ensuring security. This indicates that the protocol can achieve efficient authentication and key negotiation in cloud edge collaborative network architecture, providing a secure and reliable solution for the accessibility of the IoT.

engineering, electrical & electronic,computer science, information systems,physics, applied