Skip to main content

Advertisement

SpringerLink
Log in

A robust provable-secure privacy-preserving authentication protocol for Industrial Internet of Things

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

Wireless sensor networks (WSNs) accomplish a key aspect in the Industrial Internet of Things (IIoT) that has turned out to be the most flourishing perception for computerizations in an industrial maneuver. IIoT environment is a significant application of the Internet of Things (IoT) that facilitate the professionals related to industries for remote supervision of factory, warehouses, etc. In this environment, the data must constantly be analyzed to take important real-time decisions. It makes remote confirmation most essential to secure the data transmission through insure channel so that alteration, interception, modifications of data cannot occur. As a result, there remains an immense requirement of remote user authentication protocol to restrict any illicit access to the data. In this scenario, to eradicate all the security attacks, it is aimed to design a robust provable-secure privacy-preserving three-factor authentication protocol for IIoT in this research. Our scheme is analyzed using both informal and formal security reviews using broadly known random oracle models, BAN logic as well as simulated using a well-accepted ProVerif simulation tool that confirms that the protocol is well-secured against all existing security threats. It is exhibited in the performance estimation that the proposed scheme is more efficient as well as lightweight than other existing schemes. To conclude it can be said that the proposed scheme is easy to be realized in the resource-constrained IIoT environment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Ahmed MR, Huang X, Sharma D, Cui H (2012) Wireless sensor network: Characteristics and architectures. Int J Inf Commun Eng 6(12):1398–1401

    Google Scholar 

  2. Henze M, Hermerschmidt L, Kerpen D, Häußling R, Rumpe B, Wehrle K (2016) A comprehensive approach to privacy in the cloud-based Internet of Things. Futur Gener Comput Syst 56:701–718

    Article  Google Scholar 

  3. Jing Q, Vasilakos AV, Wan J, Lu J, Qiu D (2014) Security of the Internet of Things: Perspectives and challenges. Wirel Netw 20(8):2481–2501

    Article  Google Scholar 

  4. Li L (2012) Study on security architecture in the Internet of Things. In: Proceedings of 2012 international conference on measurement, information and control, vol 1. IEEE,  Piscataway, pp 374–377

  5. Farash MS, Turkanović M, Kumari S, Hölbl M (2016) An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment. Ad Hoc Netw 36:152–176

    Article  Google Scholar 

  6. Wu F, Xu L, Kumari S, Li X, Shen J, Choo KKR, Wazid M, Das AK (2017) An efficient authentication and key agreement scheme for multi-gateway wireless sensor networks in IoT deployment. J Netw Comput Appl 89:72–85

    Article  Google Scholar 

  7. Amin R, Kumar N, Biswas GP, Iqbal R, Chang V (2018) A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment. Futur Gener Comput Syst 78:1005–1019

    Article  Google Scholar 

  8. Li X, Ibrahim MH, Kumari S, Sangaiah AK, Gupta V, Choo KKR (2017) Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Comput Netw 129:429–443

    Article  Google Scholar 

  9. Das ML (2009) Two-factor user authentication in wireless sensor networks. IEEE Trans Wirel Commun 8(3):1086–1090

    Article  Google Scholar 

  10. Khan MK, Alghathbar K (2010) Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors 10(3):2450–2459

    Article  Google Scholar 

  11. He D, Gao Y, Chan S, Chen C, Bu J (2010) An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc Sens Wirel Netw 10(4):361–371

    Google Scholar 

  12. Lee CC, Li CT, CHEN SD (2011) Two attacks on a two-factor user authentication in wireless sensor networks. Parallel Process Lett 21(01):21–26

    Article  MathSciNet  MATH  Google Scholar 

  13. Vaidya B, Makrakis D, Mouftah H (2016) Two-factor mutual authentication with key agreement in wireless sensor networks. Secur Commun Netw 9(2):171–183

    Article  Google Scholar 

  14. Kim J, Lee D, Jeon W, Lee Y, Won D (2014) Security analysis and improvements of two-factor mutual authentication with key agreement in wireless sensor networks. Sensors 14(4):6443–6462

    Article  Google Scholar 

  15. Chang IP, Lee TF, Lin TH, Liu CM (2015) Enhanced two-factor authentication and key agreement using dynamic identities in wireless sensor networks. Sensors 15(12):29841–29854

    Article  Google Scholar 

  16. Wang D, Wang P (2014) Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks. Ad Hoc Netw 20:1–15

    Article  Google Scholar 

  17. Shim KA (2017) BASIS: a practical multi-user broadcast authentication scheme in wireless sensor networks. IEEE Trans Inf Forensics Secur 12(7):1545–1554

    Article  Google Scholar 

  18. Li X, Niu J, Bhuiyan MZA, Wu F, Karuppiah M, Kumari S (2017) A robust ECC-based provable secure authentication protocol with privacy preserving for industrial internet of things. IEEE Trans Industr Inf 14(8):3599–3609

    Article  Google Scholar 

  19. Yeh HL, Chen TH, Liu PC, Kim TH, Wei HW (2011) A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 11(5):4767–4779

    Article  Google Scholar 

  20. Shi W, Gong P (2013) A new user authentication protocol for wireless sensor networks using elliptic curves cryptography. Int J Distrib Sens Netw 9(4):730831

    Article  Google Scholar 

  21. Choi Y, Lee D, Kim J, Jung J, Nam J, Won D (2014) Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 14(6):10081–10106

    Article  Google Scholar 

  22. Nam J, Kim M, Paik J, Lee Y, Won D (2014) A provably-secure ECC-based authentication scheme for wireless sensor networks. Sensors 14(11):21023–21044

    Article  Google Scholar 

  23. Xue K, Ma C, Hong P, Ding R (2013) A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. J Netw Comput Appl 36(1):316–323

    Article  Google Scholar 

  24. Das AK (2016) A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-peer Netw Appl 9(1):223–244

    Article  Google Scholar 

  25. Amin R, Islam SH, Biswas GP, Khan MK, Leng L, Kumar N (2016) Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks. Comput Netw 101:42–62

    Article  Google Scholar 

  26. Wu F, Xu L, Kumari S, Li X (2018) An improved and provably secure three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Netw Appl 11(1):1–20

    Article  Google Scholar 

  27. Amin R, Biswas GP (2016) A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Netw 36:58–80

    Article  Google Scholar 

  28. Jiang Q, Zeadally S, Ma J, He D (2017) Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks. IEEE Access 5:3376–3392

    Article  Google Scholar 

  29. Gope P, Hwang T (2016) A realistic lightweight anonymous authentication protocol for securing real-time application data access in wireless sensor networks. IEEE Trans Ind Electron 63(11):7124–7132

    Article  Google Scholar 

  30. Challa S, Wazid M, Das AK, Kumar N, Reddy AG, Yoon EJ, Yoo KY (2017) Secure signature-based authenticated key establishment scheme for future IoT applications. IEEE Access 5:3028–3043

    Article  Google Scholar 

  31. Wazid M, Das AK, Odelu V, Kumar N, Conti M, Jo M (2017) Design of secure user authenticated key management protocol for generic IoT networks. IEEE Internet Things J 5(1):269–282

    Article  Google Scholar 

  32. Sadhukhan D, Ray S, Biswas GP, Khan MK, Dasgupta M (2021) A lightweight remote user authentication scheme for IoT communication using elliptic curve cryptography. J Supercomput 77:1114–1151. https://doi.org/10.1007/s11227-020-03318-7

  33. Amin R, Islam SH, Biswas GP, Khan MK, Kumar N (2018) A robust and anonymous patient monitoring system using wireless medical sensor networks. Futur Gener Comput Syst 80:483–495

    Article  Google Scholar 

  34. Ali R, Pal AK, Kumari S, Sangaiah AK, Li X, Wu F (2018) An enhanced three factor based authentication protocol using wireless medical sensor networks for healthcare monitoring. J Ambient Intell Human Comput. https://doi.org/10.1007/s12652-018-1015-9

  35. Shuai M, Yu N, Wang H, Xiong L (2019) Anonymous authentication scheme for smart home environment with provable security. Comput Secur 86:132–146

    Article  Google Scholar 

  36. Fakroon M, Alshahrani M, Gebali F, Traore I (2020) Secure remote anonymous user authentication scheme for smart home environment. Internet Things 9:100158

    Article  Google Scholar 

  37. Kumari S, Om H (2016) Authentication protocol for wireless sensor networks applications like safety monitoring in coal mines. Comput Netw 104:137–154

    Article  Google Scholar 

  38. Ray S, Biswas GP, Dasgupta M (2016) Secure multi-purpose mobile-banking using elliptic curve cryptography. Wirel Pers Commun 90(3):1331–1354

    Article  Google Scholar 

  39. Ali R, Pal AK, Kumari S, Karuppiah M, Conti M (2018) A secure user authentication and key-agreement scheme using wireless sensor networks for agriculture monitoring. Futur Gener Comput Syst 84:200–215

    Article  Google Scholar 

  40. Shuai M, Xiong L, Wang C, Yu N (2020) A secure authentication scheme with forward secrecy for industrial internet of things using Rabin cryptosystem. Computer Communications 160:215–227.https://doi.org/10.1016/j.comcom.2020.06.012

  41. Das AK, Wazid M, Kumar N, Vasilakos AV, Rodrigues JJ (2018) Biometrics-based privacy-preserving user authentication scheme for cloud-based industrial Internet of Things deployment. IEEE Internet Things J 5(6):4900–4913

    Article  Google Scholar 

  42. Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208

    Article  MathSciNet  MATH  Google Scholar 

  43. Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552

    Article  MathSciNet  MATH  Google Scholar 

  44. Canetti R, Krawczyk H (2002) Universally composable notions of key exchange and secure channels. In: International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, pp. 337–351

  45. Park K, Park Y, Park Y, Das AK (2018) 2PAKEP: Provably secure and efficient two-party authenticated key exchange protocol for mobile environment. IEEE Access 6:30225–30241

    Article  Google Scholar 

  46. Abdalla M, Fouque PA, Pointcheval D (2005) Password-based authenticated key exchange in the three-party setting. In: International Workshop on Public Key Cryptography. Springer, Berlin, pp 65–84

  47. Burrows M, Abadi M, Needham RM (1989) A logic of authentication. Proc R Soc Lond A Math Phys Sci 426(1871):233–271

  48. Mahmood K, Chaudhry SA, Naqvi H, Kumari S, Li X, Sangaiah AK (2018) An elliptic curve cryptography based lightweight authentication scheme for smart grid communication. Futur Gener Comput Syst 81:557–565

    Article  Google Scholar 

  49. Wu F, Xu L, Kumari S, Li X (2017) An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks. Multimedia Syst 23(2):195–205

    Article  Google Scholar 

  50. Ray S, Biswas GP (2012) Establishment of ECC-based initial secrecy usable for IKE implementation. In: Proceedings of the World Congress on Engineering, vol 1

  51. Islam SH, Amin R, Biswas GP, Farash MS, Li X, Kumari S (2017) An improved three party authenticated key exchange protocol using hash function and elliptic curve cryptography for mobile-commerce environments. J King Saud Univ Comput Inf Sci 29(3):311–324

    Google Scholar 

  52. Stallings W (2006) Cryptography and network security, 4/E. Pearson Education India, Chennai

  53. Ray S, Biswas GP (2012) An ECC based public key infrastructure usable for mobile applications. In: Proceedings of the second international conference on computational science, engineering and information technology, pp 562–568

  54. Adhikari S, Ray S, Obaidat MS, Biswas GP (2020) Efficient and secure content dissemination architecture for content centric network using ECC-based public key infrastructure. Computer Communications 157:187–203. https://doi.org/10.1016/j.comcom.2020.04.024

  55. Tribedi D, Sadhukhan D, Ray S (2018) Cryptanalysis of a secure and privacy preserving mobile wallet scheme with outsourced verification in cloud computing. In: International Conference on Computational Intelligence, Communications, and Business Analytics. Springer, Singapore, pp 411–424

  56. Chatterjee U, Sadhukhan D, Ray S (2020) An improved authentication and key agreement protocol for smart healthcare system in the context of Internet of Things Using Elliptic curve cryptography. In: Proceedings of International Conference on IoT Inclusive Life (ICIIL 2019), NITTTR Chandigarh, India. Springer, Singapore, pp. 11–22

  57. Adhikari S, Ray S, Biswas GP, Obaidat MS (2019) Efficient and secure business model for content centric network using elliptic curve cryptography. Int J Commun Syst 32(1):.e3839

    Article  Google Scholar 

  58. Sadhukhan D, Ray S (2018) Cryptanalysis of an elliptic curve cryptography based lightweight authentication scheme for smart grid communication. In: 2018 4th International Conference on Recent Advances in Information Technology (RAIT). IEEE, Piscataway, pp 1–6

  59. Islam SH, Biswas GP (2011) Comments on ID-based client authentication with key agreement protocol on ECC for mobile client-server environment. In: International Conference on Advances in Computing and Communications. Springer, Berlin, pp 628–635

  60. Wang C, Xu G, Sun J (2017) An enhanced three-factor user authentication scheme using elliptic curve cryptosystem for wireless sensor networks. Sensors 17(12):2946

    Article  Google Scholar 

  61. Kilinc HH, Yanik T (2013) A survey of SIP authentication and key agreement schemes. IEEE Commun Surv Tutorials 16(2):1005–1023

    Article  Google Scholar 

Download references

Acknowledgements

The research work is an outcome of the R&D project sanctioned to Dr. Sangram Ray under the Minor Seed Grant funded by TEQIP III, NPIU, Ministry of Education, Government of India. Authors are immensely grateful to the Editor-in-Chief, Editor, and anonymous reviewers for their precious comments and beneficial suggestions. The research is also carried out with support from the Ministry of Education, Government of India. Muhammad Khurram Khan is supported by Researchers Supporting Project number (RSP-2020/12), King Saud University, Riyadh, Saudi Arabia.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, National Institute of Technology Sikkim Ravangla, Sikkim, 737139, India

    Diksha Rangwani, Dipanwita Sadhukhan & Sangram Ray

  2. Center of Excellence in Information Assurance, College of Computer & Information Sciences, King Saud University, Riyadh, 11653, Kingdom of Saudi Arabia

    Muhammad Khurram Khan

  3. Department of Computer Application, National Institute of Technology, Raipur, Raipur, 492010, India

    Mou Dasgupta

Authors
  1. Diksha Rangwani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dipanwita Sadhukhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sangram Ray
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Muhammad Khurram Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mou Dasgupta
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sangram Ray.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This article is part of the Topical Collection: Special Issue on Privacy-Preserving Computing

Guest Editors: Kaiping Xue, Zhe Liu, Haojin Zhu, Miao Pan and David S.L. Wei

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Rangwani, D., Sadhukhan, D., Ray, S. et al. A robust provable-secure privacy-preserving authentication protocol for Industrial Internet of Things. Peer-to-Peer Netw. Appl. 14, 1548–1571 (2021). https://doi.org/10.1007/s12083-020-01063-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-020-01063-5

Keywords

Search

Navigation