Liang Kou,Yiqi Shi,Liguo Zhang,Duo Liu,Qing Yang

DOI: https://doi.org/10.32604/cmc.2019.03760

2019-01-01

Abstract:With the development of computer hardware technology and network technology, the Internet of Things as the extension and expansion of traditional computing network has played an increasingly important role in all professions and trades and has had a tremendous impact on people lifestyle. The information perception of the Internet of Things plays a key role as a link between the computer world and the real world. However, there are potential security threats in the Perceptual Layer Network applied for information perception because Perceptual Layer Network consists of a large number of sensor nodes with weak computing power, limited power supply, and open communication links. We proposed a novel lightweight authentication protocol based on password, smart card and biometric identification that achieves mutual authentication among User, GWN and sensor node. Biometric identification can increase the non-repudiation feature that increases security. After security analysis and logical proof, the proposed protocol is proven to have a higher reliability and practicality.

Hanguang Luo,Tao Zou,Chunming Wu,Dan Li,Shunbin Li,Chu

DOI: https://doi.org/10.32604/cmc.2022.027118

2022-01-01

Abstract:In the emerging Industrial Internet of Things (IIoT), authentication problems have become an urgent issue for massive resource-constrained devices because traditional costly security mechanisms are not suitable for them. The security protocol designed for resource-constrained systems should not only be secure but also efficient in terms of usage of energy, storage, and processing. Although recently many lightweight schemes have been proposed, to the best of our knowledge, they are unable to address the problem of privacy preservation with the resistance of Denial of Service (DoS) attacks in a practical way. In this paper, we propose a lightweight authentication protocol based on the Physically Unclonable Function (PUF) to overcome the limitations of existing schemes. The protocol provides an ingenious authentication and synchronization mechanism to solve the contradictions amount forward secrecy, DoS attacks, and resource-constrained. The performance analysis and comparison show that the proposed scheme can better improve the authentication security and efficiency for resource-constrained systems in IIoT.

Junhui Zhao,Fanwei Huang,Huanhuan Hu,Longxia Liao,Dongming Wang,Lisheng Fan

DOI: https://doi.org/10.1016/j.adhoc.2024.103427

IF: 4.816

2024-01-31

Ad Hoc Networks

Abstract:5G technology has been applied and popularized, leading to the widespread usage of the Internet of Things (IoT) in various areas such as intelligent transportation, home security, fire protection, industrial monitoring, healthcare, and data collection intelligence. Data sharing is one of the key factors for successful application in these fields. However, real-time data sharing through open channels may result in transmitted messages being illegally accessed by attackers, leading to privacy breaches. At present, most existing authentication schemes focus on single gateway authentication models. In order to overcome issues such as elevated communication overhead, reduced network performance, and inefficient cross-domain access in the single gateway model with larger network sizes, we introduce a multi-gateway lightweight authentication scheme as a solution. Firstly, our scheme is based on a three-factor authentication scheme of Chebyshev chaotic mapping, hash function, and XOR operation. This scheme achieves secure authentication between sensor nodes and users, establishes session keys, and also supports user key updates. Secondly, through security analysis, we demonstrate that the proposed scheme resists internal disguise attacks, sensor capture attacks, temporary secret leakage attacks, and achieves forward security of session keys. We additionally provide a demonstration of the semantic security of session keys by utilizing a Random Oracle Model (ROM). Finally, compared to other schemes, the results show that our proposed scheme has lower communication overhead and computational resource requirements, and is more in line with the requirements of lightweight device security authentication in the IoT.

computer science, information systems,telecommunications

Seunghwan Son,Deokkyu Kwon,Sangwoo Lee,Hyeokchan Kwon,Youngho Park

DOI: https://doi.org/10.1109/access.2024.3484522

IF: 3.9

2024-10-29

IEEE Access

Abstract:The sixth generation (6G) is the next generation of wireless communication technology, is not limited to cellular networks but can be used to provide better services in all areas of wireless communication, including vehicles, drones, and smart homes. However, these advancements in 6G technology require further security considerations. In earlier networks, authentication schemes were designed to rely on a secure channel between the core network and access points. The 6G network is an open, distributed network that integrates multiple domains and entities and cannot guarantee secure channels in the network. The 6G network requires a new security authentication scheme that applies the zero-trust model. Therefore, this study proposes a zero-trust authentication scheme with access control for 6G-enabled Internet of Things environments. The scheme uses blockchain technology for mutual authentication in a distributed environment and lightweight attribute-based encryption to ensure dynamic access control and network efficiency. This study compares the proposed authentication method with existing methods and demonstrates that this scheme has better performance and security. To the best of our knowledge, this paper is the first to propose a specific authentication protocol with access control considering the zero-trust model in a 6G environment.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yinghui Zhang,Axin Wu,Zhenwei Chen,Dong Zheng,Jin Cao,Xiaohong Jiang

DOI: https://doi.org/10.1016/j.comcom.2020.12.014

IF: 5.047

2021-01-01

Computer Communications

Abstract:<p>The fifth generation (5G) mobile communication technologies significantly promote the development of attractive applications such as automatic driving and telemedicine due to its lower latency, higher data rate and massive connectivities. In addition, 5G network slices can be used to realize tailored transmission network according to users' different requirements. Nevertheless, 5G still suffers from security, privacy and performance issues exemplified by authenticated key agreement, identity and network slice privacy, and the flexibility and efficiency of network slice selection. In this paper, we tackle these challenges by proposing FANS, a Flexible and Anonymous Network Slicing method for cloud radio access network enabled authentication of emerging 5G service. FANS achieves users' identity privacy protection by hiding the public key associated with the actual identity in transmitted messages. The privacy, flexibility and efficiency of network slice selection are realized by adopting the idea of privacy-aware one-to-many matching which has been used in anonymous attribute-based encryption. Based on comprehensive security and performance analysis, FANS is shown to be secure and efficient.</p>

computer science, information systems,telecommunications,engineering, electrical & electronic

Dongfeng Fang,Yi Qian,Rose Qingyang Hu

DOI: https://doi.org/10.1109/jiot.2020.2970974

IF: 10.6

2020-04-01

IEEE Internet of Things Journal

Abstract:Internet-of-Things (IoT) applications have been rapidly deployed into pervasive environment, where both challenges and opportunities abound. On the one hand, a large number of IoT devices and their rich functions contribute significant volumes of data, which has brought tremendous convenience to the daily lives of end users. On the other hand, the heterogeneous IoT devices and a large amount of private information transmitted through networks also bring serious security and privacy issues. It is a big challenge to model IoT systems and trust relationships between different entities with a large number of heterogeneous IoT devices. In this article, we study a general IoT system architecture with consideration of heterogeneous IoT devices. Different trust models are proposed and analyzed based on the trust relationships between different entities in the IoT system. We propose a flexible and efficient authentication scheme with a consideration of heterogeneous IoT devices based on the least trust-required model. The proposed scheme provides security and privacy to resource-limited IoT devices flexibly and efficiently by utilizing IoT devices with better storage and computational ability. Moreover, secure data transmission is presented with contextual privacy and data integrity services. The proposed scheme achieves not only the mutual authentication, initial session key agreement, and data integrity but also anonymity, contextual privacy, forward security, end-to-end security, and key escrow resilience. Security analysis is presented to provide verification of the proposed protocol and security objectives. Moreover, performance evaluation is presented with comparison to the other schemes in terms of security features, computational overhead, and communication overhead. The performance comparisons show that our proposed scheme provides flexible and efficient security by consideration of heterogeneous IoT devices. With the higher proportion of resource-limited IoT devic-s, our proposed scheme outperforms other similar schemes.

computer science, information systems,telecommunications,engineering, electrical & electronic

Saeed Bamashmos,Naveen Chilamkurti,Ahmad Salehi Shahraki

DOI: https://doi.org/10.3390/s24113575

IF: 3.9

2024-06-02

Sensors

Abstract:Internet of Things (IoT) technology is evolving over the peak of smart infrastructure with the participation of IoT devices in a wide range of applications. Traditional IoT authentication methods are vulnerable to threats due to wireless data transmission. However, IoT devices are resource- and energy-constrained, so building lightweight security that provides stronger authentication is essential. This paper proposes a novel, two-layered multi-factor authentication (2L-MFA) framework using blockchain to enhance IoT devices and user security. The first level of authentication is for IoT devices, one that considers secret keys, geographical location, and physically unclonable function (PUF). Proof-of-authentication (PoAh) and elliptic curve Diffie–Hellman are followed for lightweight and low latency support. Second-level authentication for IoT users, which are sub-categorized into four levels, each defined by specific factors such as identity, password, and biometrics. The first level involves a matrix-based password; the second level utilizes the elliptic curve digital signature algorithm (ECDSA); and levels 3 and 4 are secured with iris and finger vein, providing comprehensive and robust authentication. We deployed fuzzy logic to validate the authentication and make the system more robust. The 2L-MFA model significantly improves performance, reducing registration, login, and authentication times by up to 25%, 50%, and 25%, respectively, facilitating quicker cloud access post-authentication and enhancing overall efficiency.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Hsiao-Ling Wu,Chin-Chen Chang,Yao-Zhu Zheng,Long-Sheng Chen,Chih-Cheng Chen

DOI: https://doi.org/10.3390/s20195604

IF: 3.9

2020-09-30

Sensors

Abstract:The Internet of Things (IoT) is currently the most popular field in communication and information techniques. However, designing a secure and reliable authentication scheme for IoT-based architectures is still a challenge. In 2019, Zhou et al. showed that schemes pro-posed by Amin et al. and Maitra et al. are vulnerable to off-line guessing attacks, user tracking attacks, etc. On this basis, a lightweight authentication scheme based on IoT is proposed, and an authentication scheme based on IoT is proposed, which can resist various types of attacks and realize key security features such as user audit, mutual authentication, and session security. However, we found weaknesses in the scheme upon evaluation. Hence, we proposed an enhanced scheme based on their mechanism, thus achieving the security requirements and resisting well-known attacks.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Wenlong Zhu,Changli Zhou,Linmei Jiang

DOI: https://doi.org/10.3390/electronics13061026

IF: 2.9

2024-03-09

Electronics

Abstract:With the rapid popularization of current Internet of Things (IoT) technology and 5G networks, as well as the continuous updating of new service lifestyles and businesses, the era of big data processing for the IoT has arrived. However, centralizing all data for processing in the cloud can lead to issues such as communication latency and privacy breaches. To solve these problems, edge computing, as a new network architecture close to terminal data sources and supporting low latency services, has gradually emerged. In this context, cloud edge collaborative computing has become an important network architecture. With the changing security requirements and communication methods of cloud edge collaborative network architecture, traditional authentication key agreement protocols are no longer applicable. Therefore, a new IoT authentication and key agreement protocol needs to be designed to solve this problem. This study proposes an IoT accessible solution for cloud edge collaboration. This scheme adopts a chaotic mapping algorithm to achieve efficient authentication. It ensures the anonymity and untraceability of users. Following this, we conducted strict security verification using BAN logic and Scyther tools. Through experimental comparative analysis, the research results show that the protocol performs better than other schemes while ensuring security. This indicates that the protocol can achieve efficient authentication and key negotiation in cloud edge collaborative network architecture, providing a secure and reliable solution for the accessibility of the IoT.

engineering, electrical & electronic,computer science, information systems,physics, applied

Jie CHEN,Hong WEN,Song-lin CHEN,Wen-jie LIU,Jin-ling ZHANG

DOI: https://doi.org/10.3969/j.issn.1002-0802.2017.12.025

2017-01-01

Abstract:In the era of 5G, a large number of wireless terminal devices connected to the Internet of things are connected to the network. The openness of the wireless network makes it vulnerable to various attacks. Authentication is usually the first line of defense for secure communications to identify the identity and message authenticity of the sender and receiver. At present, there are several problems in the authentication of communication systems: The traditional password based authentication is not suitable for lightweight devices, and cannot be used in the Internet of things terminal on a large scale. Many authentication mechanisms are usually single and do not apply to mobile terminals. In view of the above problems, a cooperative identity detection mechanism for mobile terminals in the Internet of things is proposed. Specifically, physical layer authentication is suitable for lightweight devices, and combines the authentication mechanism based on radio frequency fingerprint and channel information to authenticate the identity and data of mobile terminals, aiming to achieve lightweight, safer and wider range of authentication.

Pengbo Xu,Huici Wu,Xiaofeng Tao,Chenyu Wang,Dajiang Chen,Guoshun Nan

DOI: https://doi.org/10.1109/jiot.2024.3353807

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Internet of Things (IoT) is one of the most representative application scenarios in the 5G and 6G era. The concurrent access of massive IoT devices definitely poses enormous communication, computation, and certificate management challenges to the wireless authentication. Moreover, the emergence of quantum computing makes classical cryptography-based authentication protocols, such as 5G-AKA, more easier to be broken. Facing the challenges posed by the massive concurrent authentication and quantum attacks, this paper proposes a lattice cryptography based group authentication scheme, where lattice-based aggregate signature algorithm and identity-based encryption (IBE) are leveraged to achieve simultaneous authentication of concurrent accessed devices. The proposed authentication scheme eliminates the process of public key certificate management, greatly reducing the storage overhead of core network. Moreover, the utilization of lattice cryptography enables the resistance of quantum attacks. The proposed solution does not rely on additional security assumptions such as security channel or trusted group center, making it more flexible to be deployed in actual network scenario. Finally, formal security analysis of the proposed protocol is provided with the tool ProVerif. It is demonstrated that the proposed protocol can satisfy the goals of identity privacy, authentication, data confidentiality and forward secrecy. In addition, compared with existing advanced solutions, the outperformance of the proposed scheme in terms of computation overhead, signaling overhead, communication overhead, and security properties is validated with simulations.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xinyin Xiang,Jin Cao,Weiguo Fan

DOI: https://doi.org/10.1016/j.ins.2024.120391

IF: 8.1

2024-03-10

Information Sciences

Abstract:With the deep integration of informatization and industrialization, cyber-physical system (CPS), which integrates computing, communication and control technologies, comes into being and has been widely used in industrial applications. A large number of information physical system devices and control systems are based on open internet connections, and security and privacy protection issues are gradually emerging, especially in the process of dynamic and difficult to control information physical system stream data transmission and storage, which will face new security threats. To alleviate these issues, user authentication mechanisms can prevent unauthorized access by adversaries in the CPS environment. For this purpose, we put forth a lightweight privacy-preserving authentication scheme for 5G-enabled ecosystems. This method utilizes edge devices to save online transaction data in network and securely transmits IoT devices data from the sensors to the edge gateway. Then, the edge gateway delivers and stores these data in the cloud. A detailed comparative study based on experimental results indicates that our proposal achieves a better balance between security and functionality features, communication and capitulation costs compared to other existing competitive solutions.

computer science, information systems

Alice May-Kuen Wong,Chien-Lung Hsu,Tuan-Vinh Le,Mei-Chen Hsieh,Tzu-Wei Lin

DOI: https://doi.org/10.3390/s20092511

2020-04-29

Abstract:The fifth generation (5G) mobile network delivers high peak data rates with ultra-low latency and massive network capacity. Wireless sensor network (WSN) in Internet of Thing (IoT) architecture is of prominent use in 5G-enabled applications. The electronic healthcare (e-health) system has gained a lot of research attention since it allows e-health users to store and share data in a convenient way. By the support of 5G technology, healthcare data produced by sensor nodes are transited in the e-health system with high efficiency and reliability. It helps in reducing the treatment cost, providing efficient services, better analysis reports, and faster access to treatment. However, security and privacy issues become big concerns when the number of sensors and mobile devices is increasing. Moreover, existing single-server architecture requires to store a massive number of identities and passwords, which causes a significant database cost. In this paper, we propose a three-factor fast authentication scheme with time bound and user anonymity for multi-server e-health systems in 5G-based wireless sensor networks. In our work, the three-factor authentication scheme integrating biometrics, password, and smart card ensures a high-security sensor-enabled environment for communicating parties. User anonymity is preserved during communication process. Besides, time bound authentication can be applied to various healthcare scenarios to enhance security. The proposed protocol includes fast authentication, which can provide a fast communication for participating parties. Our protocol is also designed with multi-server architecture to simplify network load and significantly save database cost. Furthermore, security proof and performance analysis results show that our proposed protocol can resist various attacks and bear a rational communication cost.

Xiongpeng Ren,Jin Cao,Maode Ma,Hui Li,Yinghui Zhang

DOI: https://doi.org/10.1109/jiot.2021.3098224

IF: 10.6

2022-03-01

IEEE Internet of Things Journal

Abstract:With the gradual commercialization of the fifth-generation (5G) network, the narrowband Internet of Things (NB-IoT) system would have potential and prospective applications in future relying on the infrastructure. Meanwhile, predictably, there are several security requirements to be satisfied, including concurrent access authentication for massive devices, identity privacy protection, physical attack resistance, application traffic security, etc. In this article, we present a novel group authentication and data transmission scheme using the physically unclonable function (PUF) for NB-IoT in which the output of PUF is viewed as shared root key to achieve the mutual authentication along with key agreement. By this scheme, a Group Leader is employed to aggregate and relay authentication information and, thus, it reduces the signaling cost and communication cost followed by activating attach request messages from a sea of devices. The network side as well can surely find fake ones through individual truncated authentication code and detect honest devices with high probability when aggregated authentication code is invalid. Furthermore, the revised security model and the formal verification tool Scyther are employed to evaluate the security of the scheme. Finally, performance analysis results show that our solution has the desired efficiency.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xianji Jin,Na Lin,Zhongwei Li,Wenqi Jiang,Yuge Jia,Qingyang Li

DOI: https://doi.org/10.1109/access.2024.3413853

IF: 3.9

2024-06-21

IEEE Access

Abstract:With the wide application of IoT technologies in the power sector, power IoT faces serious security challenges, which can be severely affected by malicious attacks and unauthorised access. Meanwhile, devices in power IoT are usually resource-constrained and deployed in a decentralised manner, making them vulnerable to physical attacks. Therefore, a robust and reliable lightweight authentication scheme needs to be constructed to guarantee its information security. A lightweight authentication scheme for the power IoT based on Physical Unclonable Function (PUF) and Chebyshev chaotic map is proposed in this paper, which achieves two-way authentication and session key negotiation between gateways and terminal devices. Comparing with traditional authentication schemes, the PUF and Chebyshev chaotic map used in this scheme have high security and lower resource overhead. PUF is used to generate Challenge and Response Pairs (CRPs) for two-way authentication and key negotiation without storing any secret information about authentication in the device memory. At the same time, Chebyshev chaotic map is used to protect the transmission of secret information such as CRPs in insecure channels. The solution is therefore resistant to attacks such as physical, machine learning modelling and impersonation, ensuring the information security of the authentication process. The proposed scheme is analyzed and verified using the formal verification tool ProVerif and improved BAN logic along with informal methods. The verification results show that the scheme satisfies 12 security properties such as two-way authentication and user anonymity. Comparative analysis with existing related authentication schemes shows that the proposed scheme has low computation and communication costs while guaranteeing security, thus rendering it suitable for resource-constrained terminal devices in the power IoT.

computer science, information systems,telecommunications,engineering, electrical & electronic

Sensen Li,Yicai Huang,Bin Yu

DOI: https://doi.org/10.1016/j.comnet.2024.110426

IF: 5.493

2024-05-09

Computer Networks

Abstract:With the explosive development of the Internet of Things (IoT), its security has become a critical concern. As a lightweight hardware primitive, Physical Unclonable Function (PUF) provides a promising solution for IoT security. Nevertheless, as per the knowledge of the authors, most of the existing PUF-based anonymous authentication protocols for IoT are not suitable for end-to-end IoT applications due to their flexibility or security. Specifically, there are two main issues with existing related protocols: (1) the end-to-end anonymous authentication between IoT devices requires the participation of a trusted third party, which seriously affects the flexibility of interaction; (2) most related protocols provide weak anonymity, that is, they are anonymous against only eavesdroppers. To solve these problems, a new PUF-based end-to-end anonymous authentication protocol is proposed. Without needing the real-time participation of the third party, the proposed protocol realizes end-to-end direct mutual authentication and session key agreement while maintaining strong anonymity. It also provides an online dynamic updating mechanism for security parameters. The security analysis shows that the proposed protocol has perfect forward secrecy while resisting various known attacks including physical attacks and modeling attacks. Meanwhile, it outperforms related protocols in terms of protocol rounds and communication costs.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Yiran Han,Hua Guo,Jianwei Liu,Brou Bernard Ehui,Yapeng Wu,Sijia Li

DOI: https://doi.org/10.1109/jiot.2024.3355228

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:The Industrial Internet of Things (IIoT) is the application of the Internet of Things (IoT) in the industrial field. IIoT allows users to remotely access industrial equipment and the data in it, which also brings certain challenges to the security of industrial data. Authentication and key agreement protocols are very effective security technologies in the matter of protecting industrial data. There is a large amount of research work on authentication protocols in IIoT, but most of the protocols have security weaknesses. Recently, Rafique et al. proposed a multi-factor protocol in IIoT that can accomplish authentication and session key establishment through a gateway. Rafique et al. claimed that their protocol is secure, unfortunately, we carefully analyze the protocol of Rafique et al. and find some security flaws, i.e., it is vulnerable to insider attack and known session-specific temporary information (KSSTI) attack, and unable to provide forward security. We explore the factors of insecurity and propose an enhanced multi-factor secure authentication and key agreement protocol in IIoT. The new protocol improves the security of the protocol while using only symmetric cryptography, hash function, and XOR operation. Formal security analysis and informal security discussions demonstrate that the new protocol is resistant to a variety of known attacks. After performance analysis, our protocol has lower computational cost, and increases no significant communication cost, while providing more secure and robust properties.

computer science, information systems,telecommunications,engineering, electrical & electronic

Anshul Jain,Tanya Singh,Satyendra Kumar Sharma,Vikas Prajapati

DOI: https://doi.org/10.28945/4675

2021-01-01

Abstract:Aim/Purpose: 5G and IoT are two path-breaking technologies, and they are like wall and climbers, where IoT as a climber is growing tremendously, taking the support of 5G as a wall. The main challenge that emerges here is to secure the ecosystem created by the collaboration of 5G and IoT, which consists of a network, users, endpoints, devices, and data. Other than underlying and hereditary security issues, they bring many Zero-day vulnerabilities, which always pose a risk. This paper proposes a security solution using network slicing, where each slice serves customers with different problems. Background: 5G and IoT are a combination of technology that will enhance the user experience and add many security issues to existing ones like DDoS, DoS. This paper aims to solve some of these problems by using network slicing and implementing an Intrusion Detection System to identify and isolate the compromised resources. Methodology: This paper proposes a 5G-IoT architecture using network slicing. Research here is an advancement to our previous implementation, a Python-based software divided into five different modules. This paper’s amplification includes induction of security using pattern matching intrusion detection methods and conducting tests in five different scenarios, with 1000 up to 5000 devices in different security modes. This enhancement in security helps differentiate and isolate attacks on IoT endpoints, base stations, and slices. Contribution: Network slicing is a known security technique; we have used it as a platform and developed a solution to host IoT devices with peculiar requirements and enhance their security by identifying intruders. This paper gives a different solution for implementing security while using slicing technology. Findings: The study entails and simulates how the IoT ecosystem can be variedly deployed on 5G networks using network slicing for different types of IoT devices and users. Simulation done in this research proves that the suggested architecture can be successfully implemented on IoT users with peculiar requirements in a network slicing environment. Recommendations for Practitioners: Practitioners can implement this solution in any live or production IoT environment to enhance security. This solution helps them get a cost-effective method for deploying IoT devices on a 5G network, which would otherwise have been an expensive technology to implement. Recommendation for Researchers: Researchers can enhance the simulations by amplifying the different types of IoT devices on varied hardware. They can even perform the simulation on a real network to unearth the actual impact. Impact on Society: This research provides an affordable and modest solution for securing the IoT ecosystem on a 5G network using network slicing technology, which will eventually benefit society as an end-user. This research can be of great assistance to all those working towards implementing security in IoT ecosystems. Future Research: All the configuration and slicing resources allocation done in this research was performed manually; it can be automated to improve accuracy and results. Our future direction will include machine learning techniques to make this application and intrusion detection more intelligent and advanced. This simulation can be combined and performed with smart network devices to obtain more varied results. A proof-of-concept system can be implemented on a real 5G network to amplify the concept further.

English Else

Dongdong Liu,Tiantian Ji

DOI: https://doi.org/10.1038/s41598-024-73480-y

IF: 4.6

2024-10-27

Scientific Reports

Abstract:The Internet of Things technology allows you to transfer data to any asset through communication networks such as the Internet or intranet. One of the most important problems is security, which includes confidentiality, authenticity validation, and completeness. Among security problems, the most important ones are ensuring authenticity and protecting privacy. The elliptic curve encryption algorithm is famous protocols for maintaining privacy and verifying authenticity. Despite the capabilities they have and provide good security against network attacks, they face challenges such as response time, delay in the authentication and authentication process, as well as the amount of memory consumed. Two-factor authentication (2FA) is a security process where users provide two different authentication factors to authenticate themselves. It also provides a higher level of security than authentication methods that rely on single-factor authentication (SFA). This article presents two novel methods for 2FA that use encryption techniques, scramble architecture, and chord architecture. These methods allow for the authentication process to be initiated by both parties involved in the communication. Three scenarios and three metrics of reaction time, memory usage, and connection latency were used to assess the efficacy of the suggested approach. The average reaction time is improved and is 0.012 s when the lengths of the finger table in the chord structure are increased to 10, 15, and 20. The findings show that the suggested approach reduces computing complexity, reaction time, and communication latency. It has an average reaction time of 0.016 s, an average memory use of 30,360 kb, and an average connection latency of 0.042 s.

multidisciplinary sciences

Zhishuo Zhang,Yu Sun,Wei Zhang,Yi Wu,Zhiguang Qin

DOI: https://doi.org/10.1088/1742-6596/1812/1/012038

2021-01-01

Journal of Physics Conference Series

Abstract:Abstract With the rapid advancements of semiconductor technologies and wireless communication, Internet-of-Things (IoT) based network has a wider range adoption in the smart city. The Wireless Body Area Network (WBAN) is a representative IoT based network designed to connect various wearable IoT devices, located inside or outside of a human body. The WBAN typically connects itself to the mobile network and Internet via the smartphones. But how to mutually authenticate the entities’ identities and ensure the data confidentiality and integrity during the data transmission over a channel have still been the most prominent challenge in the IoT based networks. To solve the abovementioned challenge, in this paper, we propose a strongly secure pairing-free certificateless authenticated key agreement (PF-CL-AKA) protocol with two-way identity-based authentication before extracting the secure session key for the smartphones and wearable IoT devices. Our protocol is provably secure in the Lippold model, which means our protocol is still secure as long as each party of the channel has at least one uncompromised partial private term.