scholarly journals An efficient anonymous authentication and key agreement scheme with privacy-preserving for smart cities

2021 ◽  
Vol 17 (6) ◽  
pp. 155014772110268
Author(s):  
Xueya Xia ◽  
Sai Ji ◽  
Pandi Vijayakumar ◽  
Jian Shen ◽  
Joel J. P. C. Rodrigues
Keyword(s):  
Internet Of Things ◽  
Privacy Preservation ◽  
Key Agreement ◽  
Smart Cities ◽  
Security Analysis ◽  
Security And Privacy ◽  
Experimental Simulation ◽  
Authentication And Key Agreement ◽  
Anonymous Authentication ◽  
Evaluation Mechanism

Internet of Things devices are responsible for collecting and transmitting data in smart cities, assisting smart cities to release greater potential. As Internet of Things devices are increasingly connected to smart cities, security and privacy have gradually become important issues. Recently, research works on mitigating security challenges of Internet of Things devices in smart cities mainly focused on authentication. However, in most of the existing authentication protocols, the trustworthiness evaluation of Internet of Things devices in smart cities is ignored. Considering the trustworthiness evaluation of Internet of Things devices is an important constituent of data source authentication, in this article, a cloud-aided trustworthiness evaluation mechanism is first designed to improve the credibility of the Internet of Things devices in smart cities. Furthermore, aiming at the problem that the user’s privacy is easy to leak in the process of authentication, an anonymous authentication and key agreement scheme based on non-interactive zero knowledge argument is proposed. The proposed scheme can ensure the privacy preservation and data security of Internet of Things devices in smart cities. The security analysis demonstrates that the proposed scheme is secure under q-SDH problem. The experimental simulation indicates that the performance of the proposal is greatly improved compared with other similar schemes.

scholarly journals A Secure Authentication and Key Agreement Scheme for IoT-Based Cloud Computing Environment

Symmetry ◽  
2020 ◽  
Vol 12 (1) ◽  
pp. 150 ◽  
Author(s):  
Yicheng Yu ◽  
Liang Hu ◽  
Jianfeng Chu
Keyword(s):  
Cloud Computing ◽  
Internet Of Things ◽  
Secure Communication ◽  
Key Agreement ◽  
Security Analysis ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Authentication And Key Agreement ◽  
Insider Attack ◽  
Cloud Servers

The integration of Internet of things (IoT) and cloud computing technology has made our life more convenient in recent years. Cooperating with cloud computing, Internet of things can provide more efficient and practical services. People can accept IoT services via cloud servers anytime and anywhere in the IoT-based cloud computing environment. However, plenty of possible network attacks threaten the security of users and cloud servers. To implement effective access control and secure communication in the IoT-based cloud computing environment, identity authentication is essential. In 2016, He et al. put forward an anonymous authentication scheme, which is based on asymmetric cryptography. It is claimed that their scheme is capable of withstanding all kinds of known attacks and has good performance. However, their scheme has serious security weaknesses according to our cryptanalysis. The scheme is vulnerable to insider attack and DoS attack. For overcoming these weaknesses, we present an improved authentication and key agreement scheme for IoT-based cloud computing environment. The automated security verification (ProVerif), BAN-logic verification, and informal security analysis were performed. The results show that our proposed scheme is secure and can effectively resist all kinds of known attacks. Furthermore, compared with the original scheme in terms of security features and performance, our proposed scheme is feasible.

scholarly journals Trusted Authority Assisted Three-Factor Authentication and Key Agreement Protocol for the Implantable Medical System

2018 ◽  
Vol 2018 ◽  
pp. 1-16 ◽  
Author(s):  
Deming Mao ◽  
Ling Zhang ◽  
Xiaoyu Li ◽  
Dejun Mu
Keyword(s):  
Key Agreement ◽  
Security Analysis ◽  
User Anonymity ◽  
Medical System ◽  
Security And Privacy ◽  
Medical Community ◽  
Implantable Medical Devices ◽  
Authentication And Key Agreement ◽  
Key Agreement Protocol ◽  
Privacy Issues

The application of implantable medical devices (IMDs), which solves the problems of geographical distance limitation and real-time health monitoring that plague patients and doctors, has caused great repercussions in the medical community. Despite the great potential of wide application, it also brings some security and privacy issues, such as the leakage of health data and unauthorized access to IMDs. Although a number of authentication and key agreement (AKA) schemes have been developed, we find that some subtle attacks still remain to be addressed. Then we propose an improved AKA scheme which achieves strong security features including user anonymity and known key security. It is formally proved to be secure under the Real-or-Random model. Moreover, a comprehensive security analysis shows that our scheme can resist various attacks and satisfy the desired requirements. Finally, the performance analysis shows the superiority of our protocol which is suitable for the implantable medical system.

scholarly journals An Efficient Authentication and Key Agreement Protocol  for IoT-Enabled Devices in Distributed Cloud Computing Architecture

2020 ◽  
Author(s):  
Huihui Huang ◽  
Siqi Lu ◽  
Zehui Wu ◽  
Qiang Wei
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Smart Cities ◽  
Security Protocol ◽  
Security And Privacy ◽  
Computing Architecture ◽  
Authentication And Key Agreement ◽  
Key Agreement Protocol ◽  
Use Of Internet ◽  
Distributed Cloud

Abstract With the widespread use of Internet of Things and cloud computing in smart cities, various security and privacy challenges may be encountered. The most basic problem is authentication between each application. Recently, in order to prevent counterfeiting attacks in the protocol of Amin et al.(2018), Kang et al. improved an authentication protocol for IoT-Enabled devices in a distributed cloud computing environment (2020). However, We found that the Kang et al.'s protocol still has a fatal vulnerability, that is, it is attacked by offline password guessing, and malicious users can easily obtain the master key of the control server. In this article, we extend their work to design a lightweight pseudonym identity based authentication and key agreement protocol using smart card. For illustrating the security of our protocol, we used the security protocol analysis tools of AVISPA and Scyther to prove that the protocol can defend against various existing attacks. We will further analyze the interaction between participants authentication path to ensure security protection from simulated attacks detailedly. In addition, based on the comparison of security functions and computing performance, our protocol is superior to the other two related protocols. As a result, the enhanced protocol will be efficient and secure in distributed cloud computing architecture for smart city.

scholarly journals Privacy-Preserving Machine Authenticated Key Agreement for Internet of Things

2021 ◽  
Vol 13 (2) ◽  
pp. 99-120
Author(s):  
Beaton Kapito ◽  
Mwawi Nyirenda ◽  
Hyunsung Kim
Keyword(s):  
Internet Of Things ◽  
Key Agreement ◽  
Security Analysis ◽  
Physical World ◽  
Privacy Preserving ◽  
Security And Privacy ◽  
Research Gaps ◽  
Authenticated Key Agreement ◽  
Privacy And Security ◽  
Active Attacks

Internet of things (IoT) is the integration of computer-based systems and the physical world in which things interact with each other. Due to heterogeneity and resource-constrained feature of IoT devices, there are many privacy and security challenges resulting in many threat vulnerabilities in IoT environments. After reviewing and analyzing the recent IoT security, privacy, and authentication protocols, we will withdraw research gaps focused on the elimination of human factors in IoT authentication. In order to fill these research gaps, this paper proposes a privacy-preserving machine authenticated key agreement based on IoT, denoted as IoTMAKA. IoTMAKA uses dynamic identity and machine fingerprint to provide security and privacy. Security analysis shows that IoTMAKA provides anonymity and untraceability, provides freshness, and is secure against passive and active attacks. IoTMAKA reduces communication overheads by 20% and computational overheads by 25% on average as compared to the previous related works.

scholarly journals How to Design a Secure Anonymous Authentication and Key Agreement Protocol for Multi-Server Environments and Prove Its Security

Symmetry ◽  
2021 ◽  
Vol 13 (9) ◽  
pp. 1629
Author(s):  
Yun-Hsin Chuang ◽  
Chin-Laung Lei ◽  
Hung-Jr Shiu
Keyword(s):  
Secure Communication ◽  
Key Agreement ◽  
Vehicular Ad Hoc Networks ◽  
Smart Cities ◽  
Cloud Services ◽  
Session Key ◽  
Authentication And Key Agreement ◽  
Anonymous Authentication ◽  
Security Proofs ◽  
Multi Server

An anonymous authentication and key agreement (AAKA) protocol provides anonymous members symmetric authentication and establishes a symmetric session key for secure communication in public networks. Today, numerous popular remote services are based on multi-server architecture, such as the internet of things (IoT), smart cities, cloud services, vehicular ad hoc networks (VANET), and telecare medicine information systems (TMIS). Many researchers have attempted to design AAKA protocols in multi-server environments for various applications. However, many of these have security defects, even if they have so-called “formal” security proofs. In this paper, we analyze related AAKA protocols to identify the common design defects, expound the process of designing secure AAKA protocols, and explain why the present AAKA protocols still suffer attacks, despite having security proofs. We instruct readers on how to design a secure AAKA protocol and how to prove the security. This paper will therefore be helpful for the design of new AAKA protocols, and for ensuring their security.

scholarly journals An efficient authentication and key agreement protocol for IoT-enabled devices in distributed cloud computing architecture

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Huihui Huang ◽  
Siqi Lu ◽  
Zehui Wu ◽  
Qiang Wei
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Smart Cities ◽  
Security Protocol ◽  
Security And Privacy ◽  
Computing Architecture ◽  
Authentication And Key Agreement ◽  
Key Agreement Protocol ◽  
Iot Devices ◽  
Distributed Cloud

AbstractWith the widespread use of Internet of Things and cloud computing in smart cities, various security and privacy challenges may be encountered.The most basic problem is authentication between each application, such as participating users, IoT devices, distributed servers, authentication centers, etc. In 2020, Kang et al. improved an authentication protocol for IoT-Enabled devices in a distributed cloud computing environment and its main purpose was in order to prevent counterfeiting attacks in Amin et al.’ protocol, which was published in 2018. However, We found that the Kang et al.’s protocol still has a fatal vulnerability, that is, it is attacked by offline password guessing, and malicious users can easily obtain the master key of the control server. In this article, we extend their work to design a lightweight pseudonym identity based authentication and key agreement protocol using smart card. For illustrating the security of our protocol, we used the security protocol analysis tools of AVISPA and Scyther to prove that the protocol can defend against various existing attacks. We will further analyze the interaction between participants authentication path to ensure security protection from simulated attacks detailedly. In addition, based on the comparison of security functions and computing performance, our protocol is superior to the other two related protocols. As a result, the enhanced protocol will be efficient and secure in distributed cloud computing architecture for smart city.

scholarly journals Privacy-Preserving Smart Road-Pricing System with Trustworthiness Evaluation in VANETs

Sensors ◽  
2021 ◽  
Vol 21 (11) ◽  
pp. 3658
Author(s):  
Qingfeng Zhu ◽  
Sai Ji ◽  
Jian Shen ◽  
Yongjun Ren
Keyword(s):  
Traffic Control ◽  
Traffic Management ◽  
Location Privacy ◽  
Vehicular Ad Hoc Networks ◽  
Intelligent Transportation System ◽  
Smart Cities ◽  
Security Analysis ◽  
Geographical Location ◽  
Experimental Simulation ◽  
Control Center

With the advanced development of the intelligent transportation system, vehicular ad hoc networks have been observed as an excellent technology for the development of intelligent traffic management in smart cities. Recently, researchers and industries have paid great attention to the smart road-tolling system. However, it is still a challenging task to ensure geographical location privacy of vehicles and prevent improper behavior of drivers at the same time. In this paper, a reliable road-tolling system with trustworthiness evaluation is proposed, which guarantees that vehicle location privacy is secure and prevents malicious vehicles from tolling violations at the same time. Vehicle route privacy information is encrypted and uploaded to nearby roadside units, which then forward it to the traffic control center for tolling. The traffic control center can compare data collected by roadside units and video surveillance cameras to analyze whether malicious vehicles have behaved incorrectly. Moreover, a trustworthiness evaluation is applied to comprehensively evaluate the multiple attributes of the vehicle to prevent improper behavior. Finally, security analysis and experimental simulation results show that the proposed scheme has better robustness compared with existing approaches.

scholarly journals Secure Rate Control and Statistical QoS Provisioning for Cloud-Based IoT Networks

2021 ◽  
Vol 2021 ◽  
pp. 1-19
Author(s):  
Irfan Muhammad ◽  
Hirley Alves ◽  
Onel Alcaraz López ◽  
Matti Latva-aho
Keyword(s):  
Internet Of Things ◽  
Interference Cancellation ◽  
Smart Cities ◽  
Security And Privacy ◽  
Throughput Maximization ◽  
Closed Form Expression ◽  
Effective Capacity ◽  
Alternative Formulation ◽  
Artificial Noise ◽  
Qos Provisioning

The Internet of Things (IoT) facilitates physical things to detect, interact, and execute activities on-demand, enabling a variety of applications such as smart homes and smart cities. However, it also creates many potential risks related to data security and privacy vulnerabilities on the physical layer of cloud-based Internet of Things (IoT) networks. These can include different types of physical attacks such as interference, eavesdropping, and jamming. As a result, quality-of-service (QoS) provisioning gets difficult for cloud-based IoT. This paper investigates the statistical QoS provisioning of a four-node cloud-based IoT network under security, reliability, and latency constraints by relying on the effective capacity model to offer enhanced QoS for IoT networks. Alice and Bob are legitimate nodes trying to communicate with secrecy in the considered scenario, while an eavesdropper Eve overhears their communication. Meanwhile, a friendly jammer, which emits artificial noise, is used to degrade the wiretap channel. By taking advantage of their multiple antennas, Alice implements transmit antenna selection, while Bob and Eve perform maximum-ratio combining. We further assume that Bob decodes the artificial noise perfectly and thus removes its contribution by implementing perfect successive interference cancellation. A closed-form expression for an alternative formulation of the outage probability, conditioned upon the successful transmission of a message, is obtained by considering adaptive rate allocation in an ON-OFF transmission. The data arriving at Alice’s buffer are modeled by considering four different Markov sources to describe different IoT traffic patterns. Then, the problem of secure throughput maximization is addressed through particle swarm optimization by considering the security, latency, and reliability constraints. Our results evidence the considerable improvements on the delay violation probability by increasing the number of antennas at Bob under strict buffer constraints.

Sign in / Sign up

Export Citation Format

Share Document