Cited By
View all- and Communication Networks S(2023)RetractedSecurity and Communication Networks10.1155/2023/98475042023Online publication date: 1-Jan-2023
A Provable Secure Cross-Verification Scheme for IoT Using Public Cloud Computing
Authors: 
Naveed Khan, Jianbiao Zhang, 
Jehad Ali, Muhammad Salman Pathan, Shehzad Ashraf Chaudhry Academic Editor: Mohammad Ayoub KhanAuthors Info & Claims
Naveed Khan, Jianbiao Zhang, Jehad Ali, Muhammad Salman Pathan, Shehzad Ashraf Chaudhry Academic Editor: Mohammad Ayoub KhanAuthors Info & ClaimsAbstract
Public cloud computing has become increasingly popular due to the rapid advancements in communication and networking technology. As a result, it is widely used by businesses, corporations, and other organizations to boost the productivity. However, the result generated by millions of network-enabled IoT devices and kept on the public cloud server, as well as the latency in response and safe transmission, are important issues that IoT faces when using the public cloud computing. These concerns and obstacles can only be overcome by designing a robust mutual authentication and secure cross-verification mechanism. Therefore, we have attempted to design a cryptographic protocol based on a simple hash function, xor operations, and the exchange of random numbers. The security of the proposed protocol has formally been verified using the ROR model, ProVerif2.03, and informally using realistic discussion. In contrast, the performance metrics have been analyzed by looking into the security feature, communication, and computation costs. To sum it up, we have compared our proposed security mechanism with the state-of-the-art protocols, and we recommend it to be effectively implemented in the public cloud computing environment.
References
[1]
M. Saqib, B. Jasra, and A. H. Moon, “A lightweight three factor authentication framework for IoT based critical applications,” Journal of King Saud University-Computer and Information Sciences, 2021.
[2]
Z. Ali, S. Hussain, R. H. U. Rehman, A. Munshi, M. Liaqat, N. Kumar, and S. A. Chaudhry, “ITSSAKA-MS: An improved three-factor symmetric-key based secure AKA scheme for multi-server environments,” IEEE Access, vol. 8, pp. 107993–108003, 2020.
[3]
D. Dolev and A. Yao, “On the security of public key protocols,” IEEE Transactions on Information Theory, vol. 29, no. 2, pp. 198–208, 1983.
[4]
R. Canetti and H. Krawczyk, “Analysis of key-exchange protocols and their use for building secure channels,” in Lecture Notes in Computer Science, Vol 2045, pp. 453–474, Springer, Berlin, Heidelberg, 2001.
[5]
P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” in Advances in Cryptology-CRYPTO’ 99, pp. 388–397, Springer, Berlin, Heidelberg, 1999.
[6]
R. Amin, S. H. Islam, N. Kumar, and K.-K. R. Choo, “An untraceable and anonymous password authentication protocol for heterogeneous wireless sensor networks,” Journal of Network and Computer Applications, vol. 104, pp. 133–144, 2018.
[7]
M. Alotaibi, “An enhanced symmetric cryptosystem and biometric-based anonymous user authentication and session key establishment scheme for WSN,” IEEE Access, vol. 6, pp. 70072–70087, 2018.
[8]
P. Chandrakar and H. Om, “An extended ECC-based anonymity-preserving 3-factor remote authentication scheme useable in TMIS,” International Journal of Communication Systems, vol. 31, no. 8, p. e3540, 2018.
[9]
A. H. Moon, U. Iqbal, and G. M. Bhat, “Mutual entity authentication protocol based on ECDSA for WSN,” Procedia Computer Science, vol. 89, pp. 187–192, 2016.
[10]
W.-i. Bae and J. Kwak, “Smart card-based secure authentication protocol in multi-server IoT environment,” Multimedia Tools and Applications, vol. 79, no. 23, pp. 15793–15811, 2020.
[11]
S. Shin and T. Kwon, “A lightweight three-factor authentication and key agreement scheme in wireless sensor networks for smart homes,” Sensors, vol. 19, no. 9, p. 2012, 2019.
[12]
J. Jung, J. Moon, D. Lee, and D. Won, “Efficient and security enhanced anonymous authentication with key agreement scheme in wireless sensor networks,” Sensors, vol. 17, no. 3, p. 644, 2017.
[13]
M. Fakroon, M. Alshahrani, F. Gebali, and I. Traore, “Secure remote anonymous user authentication scheme for smart home environment,” Internet of Things, vol. 9, p. 100158, 2020.
[14]
S. Banerjee, V. Odelu, A. K. Das, S. Chattopadhyay, and Y. Park, “An efficient, anonymous and robust authentication scheme for smart home environments,” Sensors, vol. 20, no. 4, p. 1215, 2020.
[15]
L. Zhou, X. Li, K.-H. Yeh, C. Su, and W. Chiu, “Lightweight IoT-based authentication scheme in cloud computing circumstance,” Future Generation Computer Systems, vol. 91, pp. 244–251, 2019.
[16]
R. Martínez-Peláez, H. Toral-Cruz, J. R. Parra-Michel, V. García, L. J. Mena, V. G. Félix, and A. Ochoa-Brust, “An enhanced lightweight IoT-based authentication scheme in cloud computing circumstances,” Sensors, vol. 19, no. 9, p. 2098, 2019.
[17]
X. Jia, D. He, N. Kumar, and K.-K. R. Choo, “A provably secure and efficient identity-based anonymous authentication scheme for mobile edge computing,” IEEE Systems Journal, vol. 14, no. 1, pp. 560–571, 2019.
[18]
C.-M. Chen, Y. Huang, K.-H. Wang, S. Kumari, and M.-E. Wu, “A secure authenticated and key exchange scheme for fog computing,” Enterprise Information Systems, vol. 15, no. 9, pp. 1200–1215, 2021.
[19]
X. Jia, D. He, N. Kumar, and K.-K. R. Choo, “Authenticated key agreement scheme for fog-driven IoT healthcare system,” Wireless Networks, vol. 25, no. 8, pp. 4737–4750, 2019.
[20]
B. Ying and A. Nayak, “Lightweight remote user authentication protocol for multi-server 5G networks using self-certified public key cryptography,” Journal of Network and Computer Applications, vol. 131, pp. 66–74, 2019.
[21]
M. Nikooghadam, R. Jahantigh, and H. Arshad, “A lightweight authentication and key agreement protocol preserving user anonymity,” Multimedia Tools and Applications, vol. 76, no. 11, pp. 13401–13423, 2017.
[22]
B. Hu, W. Tang, and Q. Xie, “A two-factor security Authentication scheme for wireless sensor networks in IoT environments,” Neurocomputing, 2022.
[23]
C.-T. Chen, C.-C. Lee, and I.-C. Lin, “Efficient and secure three-party mutual authentication key agreement protocol for WSNs in IoT environments,” PLoS One, vol. 15, no. 4, p. e0232277, 2020.
[24]
R. Amin, T. Maitra, D. Giri, and P. Srivastava, “Cryptanalysis and improvement of an RSA based remote user authentication scheme using smart card,” Wireless Personal Communications, vol. 96, no. 3, pp. 4629–4659, 2017.
[25]
M. Luo, Y. Zhang, M. K. Khan, and D. He, “A secure and efficient identity-based mutual authentication scheme with smart card using elliptic curve cryptography,” International Journal of Communication Systems, vol. 30, no. 16, p. e3333, 2017.
[26]
T. Maitra, M. S. Obaidat, R. Amin, S. H. Islam, S. A. Chaudhry, and D. Giri, “A robust ElGamal-based password-authentication protocol using smart card for client-server communication,” International Journal of Communication Systems, vol. 30, no. 11, p. e3242, 2017.
[27]
S. H. Islam, “Design and analysis of an improved smartcard-based remote user password authentication scheme,” International Journal of Communication Systems, vol. 29, no. 11, pp. 1708–1719, 2016.
[28]
T. Maitra, M. S. Obaidat, S. H. Islam, D. Giri, and R. Amin, “Security analysis and design of an efficient ECC-based two-factor password authentication scheme,” Security and Communication Networks, vol. 9, no. 17, pp. 4166–4181, 2016.
[29]
S. Kumari, X. Li, F. Wu, A. K. Das, K.-K. R. Choo, and J. Shen, “Design of a provably secure biometrics-based multi-cloud-server authentication scheme,” Future Generation Computer Systems, vol. 68, pp. 320–330, 2017.
[30]
Q. Feng, D. He, S. Zeadally, and H. Wang, “Anonymous biometrics-based authentication scheme with key distribution for mobile multi-server environment,” Future Generation Computer Systems, vol. 84, pp. 239–251, 2018.
[31]
R. Ali and A. K. Pal, “An efficient three factor-based authentication scheme in multiserver environment using ECC,” International Journal of Communication Systems, vol. 31, no. 4, p. e3484, 2018.
[32]
F. Wang, G. Xu, C. Wang, and J. Peng, “A provably secure biometrics-based authentication scheme for multi-server environment,” Security and Communication Networks, vol. 2019, 2019.
[33]
J. Wang, H. Liu, H. Shao, and H.-y. Xia, “Novel two-way security authentication wireless scheme based on hash function,” Computer Science, vol. 43, no. 11, pp. 205–209, 2016.
[34]
S. D. Kaul and A. K. Awasthi, “Security enhancement of an improved remote user authentication scheme with key agreement,” Wireless Personal Communications, vol. 89, no. 2, pp. 621–637, 2016.
[35]
S. S. Sahoo, S. Mohanty, and B. Majhi, “A secure three factor based authentication scheme for health care systems using IoT enabled devices,” Journal of Ambient Intelligence and Humanized Computing, vol. 12, no. 1, pp. 1419–1434, 2021.
[36]
M. Qi and J. Chen, “New robust biometrics-based mutual authentication scheme with key agreement using elliptic curve cryptography,” Multimedia Tools and Applications, vol. 77, no. 18, pp. 23335–23351, 2018.
[37]
A. Ostad-Sharif, D. Abbasinezhad-Mood, and M. Nikooghadam, “A robust and efficient ECC-based mutual authentication and session key generation scheme for healthcare applications,” Journal of Medical Systems, vol. 43, no. 1, pp. 1–22, 2019.
[38]
A. K. Sutrala, A. K. Das, V. Odelu, M. Wazid, and S. Kumari, “Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems,” Computer Methods and Programs in Biomedicine, vol. 135, pp. 167–185, 2016.
[39]
I. Z. Ahmed, T. M. Mohamed, and R. A. Sadek, “A low computation message delivery and authentication VANET protocol,” in Proceedings of the 2017 12th International Conference on Computer Engineering and Systems (ICCES), pp. 204–211, IEEE, Cairo, Egypt, December 2017.
[40]
H. Tan, Z. Gui, and I. Chung, “A secure and efficient certificateless authentication scheme with unsupervised anomaly detection in VANETs,” IEEE Access, vol. 6, pp. 74260–74276, 2018.
[41]
R. Ma, J. Cao, D. Feng, H. Li, B. Niu, F. Li, and L. Yin, A secure Authentication scheme for Remote Diagnosis and Maintenance in Internet of Vehicles, pp. 1–7.
[42]
N. Khan, J. Zhang, and S. U. Jan, “A robust and privacy-preserving Anonymous user Authentication scheme for public cloud server,” Security and Communication Networks, vol. 2022, 2022.
[43]
Q. Jiang, N. Zhang, J. Ni, J. Ma, X. Ma, and K.-K. R. Choo, “Unified biometric privacy preserving three-factor authentication and key agreement for cloud-assisted autonomous vehicles,” IEEE Transactions on Vehicular Technology, vol. 69, no. 9, pp. 9390–9401, 2020.
[44]
B. Blanchet, B. Smyth, V. Cheval, and M. Sylvestre, ProVerif 2.00: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial, pp. 05–16, 2018.
[45]
S. A. Chaudhry, K. Yahya, F. Al-Turjman, and M.-H. Yang, “A secure and reliable device access control scheme for IoT based sensor cloud systems,” IEEE Access, vol. 8, pp. 139244–139254, 2020.
[46]
Z. Hou and D. Wang, “New Observations on Zipf’s Law in passwords,” IEEE Transactions on Information Forensics and Security, 2022.
[47]
S. Barman, H. P. Shum, S. Chattopadhyay, and D. Samanta, “A secure authentication protocol for multi-server-based e-healthcare using a fuzzy commitment scheme,” IEEE Access, vol. 7, pp. 12557–12574, 2019.
[48]
X. Li, T. Liu, M. S. Obaidat, F. Wu, P. Vijayakumar, and N. Kumar, “A lightweight privacy-preserving authentication protocol for VANETs,” IEEE Systems Journal, vol. 14, no. 3, pp. 3547–3557, 2020.
[49]
R. I. Abdelfatah, N. M. Abdal-Ghafour, and M. E. Nasr, “Secure VANET Authentication protocol (SVAP) using Chebyshev Chaotic Maps for Emergency Conditions,” IEEE Access, vol. 10, pp. 1096–1115, 2021.
[50]
K. Mahmood, S. Shamshad, M. Rana, A. Shafiq, S. Ahmad, M. A. Akram, and R. Amin, “PUF enable lightweight key-exchange and mutual authentication protocol for multi-server based D2D communication,” Journal of Information Security and Applications, vol. 61, p. 102900, 2021.
[51]
M. Kaveh, D. Martín, and M. R. Mosavi, “A lightweight authentication scheme for V2G communications: A PUF-based approach ensuring cyber/physical security and identity/location privacy,” Electronics, vol. 9, no. 9, p. 1479, 2020.
[52]
P. Gope and B. Sikdar, “An efficient privacy-preserving authenticated key agreement scheme for edge-assisted internet of drones,” IEEE Transactions on Vehicular Technology, vol. 69, no. 11, pp. 13621–13630, 2020.
[53]
P. Gope, Y. Gheraibia, S. Kabir, and B. Sikdar, “A secure IoT-based modern healthcare system with fault-tolerant decision making process,” IEEE Journal of Biomedical and Health Informatics, vol. 25, no. 3, pp. 862–873, 2020.
[54]
S. Shamshad, M. F. Ayub, K. Mahmood, S. Kumari, S. A. Chaudhry, and C.-M. Chen, “An enhanced scheme for mutual authentication for healthcare services,” Digital Communications and Networks, vol. 8, no. 2, pp. 150–161, 2022.
[55]
S. S. Sahoo, S. Mohanty, and B. Majhi, “Improved biometric-based mutual authentication and key agreement scheme using ECC,” Wireless Personal Communications, vol. 111, no. 2, pp. 991–1017, 2020.
Index Terms
- A Provable Secure Cross-Verification Scheme for IoT Using Public Cloud Computing
Index terms have been assigned to the content through auto-classification.
Recommendations
Anonymous and secure aggregation scheme in fog-based public cloud computing
By using fog computing, cloud computing can be extended to the edge of the network. Generally, in the public cloud, fog computing comprises three components: terminal device, fog node and public cloud server (PCS). In this paper, we propose the concept ...
Secure authentication scheme for IoT and cloud servers
Internet of Things (IoT) is an upcoming platform where information and communication technology connect multiple embedded devices to the Internet for performing information exchange. Owing to the immense development of this technology, embedded devices ...
An efficient public key secure scheme for cloud and IoT security
AbstractAccording to the National Institute of Standard and Technology (NIST), the security level of RSA is safe when it is N-bit modulus ≥ 2048 bits. Because of this, the processing time to generate asymmetric keys also increases. Taking this ...
Comments
Information & Contributors
Information
Published In
Copyright © 2022 Naveed Khan et al.
This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Publisher
John Wiley & Sons, Inc.
United States
Publication History
Published: 01 January 2022
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 04 Oct 2024
Other Metrics
Citations
Cited By
View all- and Communication Networks S(2023)RetractedSecurity and Communication Networks10.1155/2023/98475042023Online publication date: 1-Jan-2023
View Options
View options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in