Skip to main content
SpringerLink
Log in

An ECC-based lightweight remote user authentication and key management scheme for IoT communication in context of fog computing

  • Regular Paper
  • Published:
Computing Aims and scope Submit manuscript

Abstract

Fog computing is a computing structure which is distributed in nature. Low latency, reasonably low communication overhead and ability to support real time applications are the reasons for which fog computing approach said to provide better performance than cloud computing. Although, it is an extension of the cloud computing. Fog computing also inherits some critical security and privacy issues of cloud computing. Secure key management and user authentication are among the key issues faced by fog computing. Various schemes with probable solutions of these issues have been proposed by many authors in this context. Among them, a notable scheme has been presented by Wajid et al. known as SAKA-FC, where authors used three-factor authentication with privacy preservation for remote user based on ECC, hash functions, fuzzy extractor and symmetric bivariate polynomial function. This paper analyses the SAKA-FC protocol and found that it is not resilient against fog server insider attack, message intercept attack and replay attack. Consequently, an improved, lightweight and secure authentication scheme in context of fog-centric IoT communication is proposed in this paper to eradicate all the above mentioned security shortfalls of Wajid et al scheme. The proposed scheme is verified using mathematical security analysis and simulated using AVISPA which proves that the proposed scheme prevents all pertinent security threats. The performance analysis of our scheme proves its effectiveness over other related existing schemes in this context.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20

Similar content being viewed by others

References

  1. Wazid M, Das AK, Kumar N, Vasilakos AV (2019) Design of secure key management and user authentication scheme for fog computing services. Future Gener Comput Syst 91:475–492

    Article  Google Scholar 

  2. Martini B, Choo KKR (2012) An integrated conceptual digital forensic framework for cloud computing. Digit Investig 9(2):71–80

    Article  Google Scholar 

  3. Hu P, Ning H, Qiu T, Song H, Wang Y, Yao X (2017) Security and privacy preservation scheme of face identification and resolution framework using fog computing in internet of things. IEEE Internet Things J 4(5):1143–1155

    Article  Google Scholar 

  4. Abdul W, Ali Z, Ghouzali S, Alfawaz B, Muhammad G, Hossain MS (2017) Biometric security through visual encryption for fog edge computing. IEEE Access 5:5531–5538

    Article  Google Scholar 

  5. Koo D, Hur J (2018) Privacy-preserving deduplication of encrypted data with dynamic ownership management in fog computing. Future Gener Comput Syst 78:739–752

    Article  Google Scholar 

  6. Wang H, Wang Z, Domingo-Ferrer J (2018) Anonymous and secure aggregation scheme in fog-based public cloud computing. Future Gener Comput Syst 78:712–719

    Article  Google Scholar 

  7. Jia X, He D, Kumar N, Choo KKR (2019) Authenticated key agreement scheme for fog-driven IoT healthcare system. Wirel Netw 25(8):4737–4750

    Article  Google Scholar 

  8. Rostampour S, Safkhani M, Bendavid Y, Bagheri N (2020) ECCbAP: a secure ECC-based authentication protocol for IoT edge devices. Pervasive Mob Comput 67:101194

    Article  Google Scholar 

  9. Wu TY, Wang T, Lee YQ, Zheng W, Kumari S, Kumar S (2021) Improved authenticated key agreement scheme for fog-driven IoT healthcare system. Secur Commun Netw 2021:1–16

    Google Scholar 

  10. Wu TY, Lee Z, Yang L, Luo JN, Tso R (2021) Provably secure authentication key exchange scheme using fog nodes in vehicular ad hoc networks. J Supercomput 77:1–29

  11. Jan SU, Qayum F, Khan HU (2021) Design and analysis of lightweight authentication protocol for securing IoD. IEEE Access 9:69287–69306

    Article  Google Scholar 

  12. Banerjee S, Das AK, Chattopadhyay S, Jamal SS, Rodrigues JJ, Park Y (2021) Lightweight failover authentication mechanism for IoT-based fog computing environment. Electronics 10(12):1417

    Article  Google Scholar 

  13. Rangwani D, Om H (2021) A secure user authentication protocol based on ECC for cloud computing environment. Arab J Sci Eng 46(4):3865–3888

    Article  Google Scholar 

  14. Adhikari S, Ray S, Obaidat MS, Biswas GP (2020) Efficient and secure content dissemination architecture for content centric network using ECC-based public key infrastructure. Comput Commun 157:187–203

    Article  Google Scholar 

  15. Sadhukhan D, Ray S, Biswas GP, Khan MK, Dasgupta M (2021) A lightweight remote user authentication scheme for IoT communication using elliptic curve cryptography. J Supercomput 77(2):1114–1151

    Article  Google Scholar 

  16. Rangwani D, Sadhukhan D, Ray S, Khan MK, Dasgupta M (2021) An improved privacy preserving remote user authentication scheme for agricultural wireless sensor network. Trans Emerg Telecommun Technol 32(3):1–31

    Google Scholar 

  17. Miao Y, Ma J, Liu X, Weng J, Li H, Li H (2018) Lightweight fine-grained search over encrypted data in fog computing. IEEE Trans Serv Comput 12(5):772–785

    Article  Google Scholar 

  18. Sowjanya K, Dasgupta M, Ray S, Obaidat MS (2019) An efficient elliptic curve cryptography-based without pairing KPABE for Internet of Things. IEEE Syst J 14(2):2154–2163

    Article  Google Scholar 

  19. Li X, Peng J, Obaidat MS, Wu F, Khan MK, Chen C (2019) A secure three-factor user authentication protocol with forward secrecy for wireless medical sensor network systems. IEEE Syst J 14(1):39–50

    Article  Google Scholar 

  20. Harbi Y, Aliouat Z, Refoufi A, Harous S, Bentaleb A (2019) Enhanced authentication and key management scheme for securing data transmission in the internet of things. Ad Hoc Netw 94:101948

    Article  Google Scholar 

  21. Ali Z, Chaudhry SA, Mahmood K, Garg S, Lv Z, Zikria YB (2021) A clogging resistant secure authentication scheme for fog computing services. Comput Netw 185:107731

    Article  Google Scholar 

  22. Ray S, Biswas GP, Dasgupta M (2016) Secure multi-purpose mobile-banking using elliptic curve cryptography. Wirel Pers Commun 90(3):1331–1354

    Article  Google Scholar 

  23. Ray S, Biswas GP (2012) Establishment of ECC-based initial secrecy usable for IKE implementation. In: Proceedings of the world congress on engineering, vol 1, pp 530–535

  24. Ray S, Biswas GP (2012) An ECC based public key infrastructure usable for mobile applications. In: Proceedings of the second international conference on computational science, engineering and information technology, pp 562–568

  25. Chatterjee U, Sadhukhan D, Ray S (2020) An improved authentication and key agreement protocol for smart healthcare system in the context of Internet of Things using elliptic curve cryptography. In: Proceedings of international conference on IoT inclusive life (ICIIL 2019), NITTTR Chandigarh, India. Springer, Singapore, pp 11–22

  26. Islam SH, Amin R, Biswas GP, Farash MS, Li X, Kumari S (2017) An improved three party authenticated key exchange protocol using hash function and elliptic curve cryptography for mobile-commerce environments. J King Saud Univ Comput Inf Sci 29(3):311–324

    Article  Google Scholar 

  27. Stallings W (2006) Cryptography and network security, 4/E. Pearson Education India

  28. Mahmood K, Chaudhry SA, Naqvi H, Kumari S, Li X, Sangaiah AK (2018) An elliptic curve cryptography based lightweight authentication scheme for smart grid communication. Futur Gener Comput Syst 81:557–565

    Article  Google Scholar 

  29. Sowjanya K, Dasgupta M, Ray S (2020) An elliptic curve cryptography based enhanced anonymous authentication protocol for wearable health monitoring systems. Int J Inf Secur 19(1):129–146

    Article  Google Scholar 

  30. Adhikari S, Ray S (2019) A Lightweight and secure IoT communication framework in content-centric network using elliptic curve cryptography. In: Recent trends in communication, computing, and electronics. Springer, Singapore, pp 207–216

  31. Shafiq A, Altaf I, Mahmood K, Kumari S, Chen CM (2020) An ECC based remote user authentication protocol. J Internet Technol 21(1):285–294

    Google Scholar 

  32. Chen CM, Huang Y, Wang KH, Kumari S, Wu ME (2020) A secure authenticated and key exchange scheme for fog computing. Enterp Inf Syst 15(9):1200–1215

  33. Amin R, Kunal S, Saha A, Das D, Alamri A (2020) CFSec: Password based secure communication protocol in cloud-fog environment. J Parallel Distrib Comput 140:52–62

    Article  Google Scholar 

  34. Li CT, Hwang MS, Chu YP (2008) A secure and efficient communication scheme with authenticated key establishment and privacy preserving for vehicular ad hoc networks. Comput Commun 31(12):2803–2814

    Article  Google Scholar 

  35. Li W, Wen Q, Su Q, Jin Z (2012) An efficient and secure mobile payment protocol for restricted connectivity scenarios in vehicular ad hoc network. Comput Commun 35(2):188–195

    Article  Google Scholar 

  36. He D, Kumar N, Lee JH, Sherratt RS (2014) Enhanced three-factor security protocol for consumer USB mass storage devices. IEEE Trans Consum Electron 60(1):30–37

    Article  Google Scholar 

Download references

Acknowledgements

The research work is supported by Ministry of Education, Govt of India. Muhammad Khurram Khan is supported by researchers supporting Project Number (RSP-2021/12), King Saud University, Riyadh, Saudi Arabia.

Author information

Authors and Affiliations

  1. National Institute of Technology Sikkim, Ravangla, India

    Uddalak Chatterjee & Sangram Ray

  2. Center of Excellence in Information Assurance, College of Computer and Information Sciences, King Saud University, Riyadh, 11653, Kingdom of Saudi Arabia

    Muhammad Khurram Khan

  3. National Institute of Technology Raipur, Raipur, India

    Mou Dasgupta

  4. College of Computer Science and Engineering, Shandong University of Science and Technology, Qingdao, China

    Chien-Ming Chen

Authors
  1. Uddalak Chatterjee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sangram Ray
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Muhammad Khurram Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mou Dasgupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Chien-Ming Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chatterjee, U., Ray, S., Khan, M.K. et al. An ECC-based lightweight remote user authentication and key management scheme for IoT communication in context of fog computing. Computing 104, 1359–1395 (2022). https://doi.org/10.1007/s00607-022-01055-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00607-022-01055-8

Keywords

Mathematics Subject Classification

Search

Navigation