A Lightweight Authenticated Key Agreement Protocol Using Fog Nodes in Social Internet of Vehicles

Recently, there has been rapid growth in the Internet of things, the Internet of vehicles, fog computing, and social Internet of vehicles SIoV , which can generate large amounts of real-time data. Now, researchers have begun applying fog computing to the SIoV to reduce the computing pressure on cloud servers. However, there are still security challenges in SIoV . In this paper, we propose a lightweight and authenticated key agreement protocol based on fog nodes in SIoV . The protocol completes the mutual authentication between entities and generates the session key for subsequent communication. Through a formal analysis of the Burrows–Abadi–Needham (BAN) logic, real-oracle random (ROR) model, and ProVerif, the security, validity, and correctness of the proposed protocol are demonstrated. In addition, informal security analysis shows that our proposed protocol can resist known security attacks. We also evaluate the performance of the proposed protocol and show that it achieves better performance in terms of computing power and communication cost.

Pragmatic authenticated key agreement for IEEE Std 802.15.6

The IEEE Std 802.15.6 is the latest international standard for Wireless Body Area Networks. The security of communication in this standard is based upon four elliptic-curve-based key agreement protocols. These protocols have been shown to exhibit serious security vulnerabilities but surprisingly, do not provision any privacy guarantees. To date, no suitable key agreement protocol has been proposed which fulfills all the requisite objectives for IEEE Std 802.15.6. In this paper, two key agreement protocols are presented which, in addition to being efficient and provisioning advance security properties, also offer the essential privacy attributes of anonymity and unlinkability. We develop a formal security and privacy model in an appropriate complexity-theoretic framework and prove the proposed protocols secure in this model.

Security and Privacy Analysis of Vinoth et al.’s Authenticated Key Agreement Scheme for Industrial IoT

Vinoth et al. proposed an authenticated key agreement scheme for industrial IoT (Internet of Things) applications. Vinoth et al.’s scheme aimed to protect the remote sensing data of industrial IoT devices under hostile environments. The scheme is interesting because the authorized user is allowed simultaneously to access the multiple IoT sensing devices. Therefore, we carefully analyzed the security and privacy implications of Vinoth et al.’s scheme. Our findings are summarized as follows. One, Vinoth et al.’s scheme failed to defeat user impersonation attacks. Second, Vinoth et al.’s scheme did not prevent IoT sensing device impersonation attacks. Third, Vinoth et al.’s scheme suffered from replay attacks. Fourth, Vinoth et al.’s scheme was vulnerable to desynchronization attacks. Fifth, Vinoth et al.’s scheme could not maintain user privacy. As a case study, our analysis results enlighten researchers and engineers on the design of robust and efficient authenticated key agreement schemes for IoT applications.

A Certificateless Authenticated Key Agreement Scheme for the Power IoT

Power Internet of Things (IoT) is the application of IoT technology in the field of power grid, which can better control all kinds of power equipment, power personnel and operating environment. However, access to mass terminals brings higher requirements for terminal authentication and key management for the power IoT. And the traditional public key infrastructure (PKI) and identity-based public key cryptography (IB-PKC) exist the problems of certificate management and key escrow. Therefore, the paper proposes a novel authenticated key agreement scheme based on the certificateless public key cryptography (CL-PKC) mechanism. In addition, the proposed scheme is proven with the improved extended Canetti-Krawczyk (eCK) security model. Finally, the implementation of the authenticated key agreement protocol is given based on the actual application requirement of the power IoT, and the analysis and comparison of the simulation demonstrates that the proposed scheme has higher efficiency and would be suitable for the power IoT.