Abstract
Wireless sensor networks (WSNs) accomplish a key aspect in the Industrial Internet of Things (IIoT) that has turned out to be the most flourishing perception for computerizations in an industrial maneuver. IIoT environment is a significant application of the Internet of Things (IoT) that facilitate the professionals related to industries for remote supervision of factory, warehouses, etc. In this environment, the data must constantly be analyzed to take important real-time decisions. It makes remote confirmation most essential to secure the data transmission through insure channel so that alteration, interception, modifications of data cannot occur. As a result, there remains an immense requirement of remote user authentication protocol to restrict any illicit access to the data. In this scenario, to eradicate all the security attacks, it is aimed to design a robust provable-secure privacy-preserving three-factor authentication protocol for IIoT in this research. Our scheme is analyzed using both informal and formal security reviews using broadly known random oracle models, BAN logic as well as simulated using a well-accepted ProVerif simulation tool that confirms that the protocol is well-secured against all existing security threats. It is exhibited in the performance estimation that the proposed scheme is more efficient as well as lightweight than other existing schemes. To conclude it can be said that the proposed scheme is easy to be realized in the resource-constrained IIoT environment.
Similar content being viewed by others
References
Ahmed MR, Huang X, Sharma D, Cui H (2012) Wireless sensor network: Characteristics and architectures. Int J Inf Commun Eng 6(12):1398–1401
Henze M, Hermerschmidt L, Kerpen D, Häußling R, Rumpe B, Wehrle K (2016) A comprehensive approach to privacy in the cloud-based Internet of Things. Futur Gener Comput Syst 56:701–718
Jing Q, Vasilakos AV, Wan J, Lu J, Qiu D (2014) Security of the Internet of Things: Perspectives and challenges. Wirel Netw 20(8):2481–2501
Li L (2012) Study on security architecture in the Internet of Things. In: Proceedings of 2012 international conference on measurement, information and control, vol 1. IEEE, Piscataway, pp 374–377
Farash MS, Turkanović M, Kumari S, Hölbl M (2016) An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment. Ad Hoc Netw 36:152–176
Wu F, Xu L, Kumari S, Li X, Shen J, Choo KKR, Wazid M, Das AK (2017) An efficient authentication and key agreement scheme for multi-gateway wireless sensor networks in IoT deployment. J Netw Comput Appl 89:72–85
Amin R, Kumar N, Biswas GP, Iqbal R, Chang V (2018) A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment. Futur Gener Comput Syst 78:1005–1019
Li X, Ibrahim MH, Kumari S, Sangaiah AK, Gupta V, Choo KKR (2017) Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Comput Netw 129:429–443
Das ML (2009) Two-factor user authentication in wireless sensor networks. IEEE Trans Wirel Commun 8(3):1086–1090
Khan MK, Alghathbar K (2010) Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors 10(3):2450–2459
He D, Gao Y, Chan S, Chen C, Bu J (2010) An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc Sens Wirel Netw 10(4):361–371
Lee CC, Li CT, CHEN SD (2011) Two attacks on a two-factor user authentication in wireless sensor networks. Parallel Process Lett 21(01):21–26
Vaidya B, Makrakis D, Mouftah H (2016) Two-factor mutual authentication with key agreement in wireless sensor networks. Secur Commun Netw 9(2):171–183
Kim J, Lee D, Jeon W, Lee Y, Won D (2014) Security analysis and improvements of two-factor mutual authentication with key agreement in wireless sensor networks. Sensors 14(4):6443–6462
Chang IP, Lee TF, Lin TH, Liu CM (2015) Enhanced two-factor authentication and key agreement using dynamic identities in wireless sensor networks. Sensors 15(12):29841–29854
Wang D, Wang P (2014) Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks. Ad Hoc Netw 20:1–15
Shim KA (2017) BASIS: a practical multi-user broadcast authentication scheme in wireless sensor networks. IEEE Trans Inf Forensics Secur 12(7):1545–1554
Li X, Niu J, Bhuiyan MZA, Wu F, Karuppiah M, Kumari S (2017) A robust ECC-based provable secure authentication protocol with privacy preserving for industrial internet of things. IEEE Trans Industr Inf 14(8):3599–3609
Yeh HL, Chen TH, Liu PC, Kim TH, Wei HW (2011) A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 11(5):4767–4779
Shi W, Gong P (2013) A new user authentication protocol for wireless sensor networks using elliptic curves cryptography. Int J Distrib Sens Netw 9(4):730831
Choi Y, Lee D, Kim J, Jung J, Nam J, Won D (2014) Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 14(6):10081–10106
Nam J, Kim M, Paik J, Lee Y, Won D (2014) A provably-secure ECC-based authentication scheme for wireless sensor networks. Sensors 14(11):21023–21044
Xue K, Ma C, Hong P, Ding R (2013) A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. J Netw Comput Appl 36(1):316–323
Das AK (2016) A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-peer Netw Appl 9(1):223–244
Amin R, Islam SH, Biswas GP, Khan MK, Leng L, Kumar N (2016) Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks. Comput Netw 101:42–62
Wu F, Xu L, Kumari S, Li X (2018) An improved and provably secure three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Netw Appl 11(1):1–20
Amin R, Biswas GP (2016) A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Netw 36:58–80
Jiang Q, Zeadally S, Ma J, He D (2017) Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks. IEEE Access 5:3376–3392
Gope P, Hwang T (2016) A realistic lightweight anonymous authentication protocol for securing real-time application data access in wireless sensor networks. IEEE Trans Ind Electron 63(11):7124–7132
Challa S, Wazid M, Das AK, Kumar N, Reddy AG, Yoon EJ, Yoo KY (2017) Secure signature-based authenticated key establishment scheme for future IoT applications. IEEE Access 5:3028–3043
Wazid M, Das AK, Odelu V, Kumar N, Conti M, Jo M (2017) Design of secure user authenticated key management protocol for generic IoT networks. IEEE Internet Things J 5(1):269–282
Sadhukhan D, Ray S, Biswas GP, Khan MK, Dasgupta M (2021) A lightweight remote user authentication scheme for IoT communication using elliptic curve cryptography. J Supercomput 77:1114–1151. https://doi.org/10.1007/s11227-020-03318-7
Amin R, Islam SH, Biswas GP, Khan MK, Kumar N (2018) A robust and anonymous patient monitoring system using wireless medical sensor networks. Futur Gener Comput Syst 80:483–495
Ali R, Pal AK, Kumari S, Sangaiah AK, Li X, Wu F (2018) An enhanced three factor based authentication protocol using wireless medical sensor networks for healthcare monitoring. J Ambient Intell Human Comput. https://doi.org/10.1007/s12652-018-1015-9
Shuai M, Yu N, Wang H, Xiong L (2019) Anonymous authentication scheme for smart home environment with provable security. Comput Secur 86:132–146
Fakroon M, Alshahrani M, Gebali F, Traore I (2020) Secure remote anonymous user authentication scheme for smart home environment. Internet Things 9:100158
Kumari S, Om H (2016) Authentication protocol for wireless sensor networks applications like safety monitoring in coal mines. Comput Netw 104:137–154
Ray S, Biswas GP, Dasgupta M (2016) Secure multi-purpose mobile-banking using elliptic curve cryptography. Wirel Pers Commun 90(3):1331–1354
Ali R, Pal AK, Kumari S, Karuppiah M, Conti M (2018) A secure user authentication and key-agreement scheme using wireless sensor networks for agriculture monitoring. Futur Gener Comput Syst 84:200–215
Shuai M, Xiong L, Wang C, Yu N (2020) A secure authentication scheme with forward secrecy for industrial internet of things using Rabin cryptosystem. Computer Communications 160:215–227.https://doi.org/10.1016/j.comcom.2020.06.012
Das AK, Wazid M, Kumar N, Vasilakos AV, Rodrigues JJ (2018) Biometrics-based privacy-preserving user authentication scheme for cloud-based industrial Internet of Things deployment. IEEE Internet Things J 5(6):4900–4913
Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208
Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552
Canetti R, Krawczyk H (2002) Universally composable notions of key exchange and secure channels. In: International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, pp. 337–351
Park K, Park Y, Park Y, Das AK (2018) 2PAKEP: Provably secure and efficient two-party authenticated key exchange protocol for mobile environment. IEEE Access 6:30225–30241
Abdalla M, Fouque PA, Pointcheval D (2005) Password-based authenticated key exchange in the three-party setting. In: International Workshop on Public Key Cryptography. Springer, Berlin, pp 65–84
Burrows M, Abadi M, Needham RM (1989) A logic of authentication. Proc R Soc Lond A Math Phys Sci 426(1871):233–271
Mahmood K, Chaudhry SA, Naqvi H, Kumari S, Li X, Sangaiah AK (2018) An elliptic curve cryptography based lightweight authentication scheme for smart grid communication. Futur Gener Comput Syst 81:557–565
Wu F, Xu L, Kumari S, Li X (2017) An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks. Multimedia Syst 23(2):195–205
Ray S, Biswas GP (2012) Establishment of ECC-based initial secrecy usable for IKE implementation. In: Proceedings of the World Congress on Engineering, vol 1
Islam SH, Amin R, Biswas GP, Farash MS, Li X, Kumari S (2017) An improved three party authenticated key exchange protocol using hash function and elliptic curve cryptography for mobile-commerce environments. J King Saud Univ Comput Inf Sci 29(3):311–324
Stallings W (2006) Cryptography and network security, 4/E. Pearson Education India, Chennai
Ray S, Biswas GP (2012) An ECC based public key infrastructure usable for mobile applications. In: Proceedings of the second international conference on computational science, engineering and information technology, pp 562–568
Adhikari S, Ray S, Obaidat MS, Biswas GP (2020) Efficient and secure content dissemination architecture for content centric network using ECC-based public key infrastructure. Computer Communications 157:187–203. https://doi.org/10.1016/j.comcom.2020.04.024
Tribedi D, Sadhukhan D, Ray S (2018) Cryptanalysis of a secure and privacy preserving mobile wallet scheme with outsourced verification in cloud computing. In: International Conference on Computational Intelligence, Communications, and Business Analytics. Springer, Singapore, pp 411–424
Chatterjee U, Sadhukhan D, Ray S (2020) An improved authentication and key agreement protocol for smart healthcare system in the context of Internet of Things Using Elliptic curve cryptography. In: Proceedings of International Conference on IoT Inclusive Life (ICIIL 2019), NITTTR Chandigarh, India. Springer, Singapore, pp. 11–22
Adhikari S, Ray S, Biswas GP, Obaidat MS (2019) Efficient and secure business model for content centric network using elliptic curve cryptography. Int J Commun Syst 32(1):.e3839
Sadhukhan D, Ray S (2018) Cryptanalysis of an elliptic curve cryptography based lightweight authentication scheme for smart grid communication. In: 2018 4th International Conference on Recent Advances in Information Technology (RAIT). IEEE, Piscataway, pp 1–6
Islam SH, Biswas GP (2011) Comments on ID-based client authentication with key agreement protocol on ECC for mobile client-server environment. In: International Conference on Advances in Computing and Communications. Springer, Berlin, pp 628–635
Wang C, Xu G, Sun J (2017) An enhanced three-factor user authentication scheme using elliptic curve cryptosystem for wireless sensor networks. Sensors 17(12):2946
Kilinc HH, Yanik T (2013) A survey of SIP authentication and key agreement schemes. IEEE Commun Surv Tutorials 16(2):1005–1023
Acknowledgements
The research work is an outcome of the R&D project sanctioned to Dr. Sangram Ray under the Minor Seed Grant funded by TEQIP III, NPIU, Ministry of Education, Government of India. Authors are immensely grateful to the Editor-in-Chief, Editor, and anonymous reviewers for their precious comments and beneficial suggestions. The research is also carried out with support from the Ministry of Education, Government of India. Muhammad Khurram Khan is supported by Researchers Supporting Project number (RSP-2020/12), King Saud University, Riyadh, Saudi Arabia.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article is part of the Topical Collection: Special Issue on Privacy-Preserving Computing
Guest Editors: Kaiping Xue, Zhe Liu, Haojin Zhu, Miao Pan and David S.L. Wei
Rights and permissions
About this article
Cite this article
Rangwani, D., Sadhukhan, D., Ray, S. et al. A robust provable-secure privacy-preserving authentication protocol for Industrial Internet of Things. Peer-to-Peer Netw. Appl. 14, 1548–1571 (2021). https://doi.org/10.1007/s12083-020-01063-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-020-01063-5