Abstract
With the development of the Internet of Things, the scale of IoT system is becoming large. Due to the network congestion problems and the server capability, using unicast authentication will bring burden to the network link and server. In this paper, we propose a scalable group authentication scheme with fault tolerance based on combinatorial designs. Performance analysis of the proposed scheme is based on several metrics such as fault tolerance, scalability, energy consumption and storage overhead. Simulation results have shown that oval designs realize the best trade-off for all metrics.
Similar content being viewed by others
Change history
28 September 2023
A Correction to this paper has been published: https://doi.org/10.1007/s42979-023-02168-3
References
El Mouaatamid O, Lahmer M, Belkasmi M. Internet of Things Security: layered classification of attacks and possible countermeasures. Electron J Inf Technol. 2016;9:24–37.
Borgia E. The Internet of Things vision: Key features, applications and open issues. Comput Commun. 2014;54:1–31.
Chengzhe L, et al. SE-AKA: a secure and efficient group authentication and key agreement protocol for LTE networks. Comput Netw. 2013;57(17):3492–510.
Mahalle PN, Prasad NR, Prasad R. Threshold cryptography-based group authentication (TCGA) scheme for the internet of things (IoT). In: 2014 4th international conference on wireless communications, vehicular technology, information theory and aerospace & Electronic Systems (VITAE). IEEE; 2014.
Simplicio MA Jr, Marcos A, et al. Lightweight and escrow-less authenticated key agreement for the internet of things. Comput Commun. 2017;9:43–51.
Zhang Z, Wang H, Vasilakos AV, Fang H. ECG-IJS key agreement and authentication in wireless body sensor networks. IEEE. 2014;1–10.
Chengzhe Lai et al. LGTH: A lightweight group authentication protocol for machine-type communication in LTE networks. In: Global communications conference (GLOBECOM), 2013 IEEE. IEEE, 2013.
Elmouaatamid O, Lahmer M, Belkasmi M. Group authentication with fault tolerance for internet of things. In: International symposium on ubiquitous networking. Springer, Cham; 2017. pp. 299–307
Huang J-J, et al. Lightweight authentication scheme with dynamic group members in IoT environments. In: Adjunct proceedings of the 13th international conference on mobile and ubiquitous systems: computing networking and services. ACM, 2016.
Yates F. Incomplete randomized blocks. Ann Eugen. 1936;7(2):121–40.
Çamtepe SA, Yener B. Combinatorial design of key distribution mechanisms for wireless sensor networks. IEEE/ACM Trans Netw. 2007;15(2):346–58.
Walid B, et al. A highly scalable key pre-distribution scheme for wireless sensor networks. IEEE Trans Wirel Commun. 2013;12(2):948–59.
Chang Y-S, Tzong-Chen W. Group-oriented authentication mechanism with key exchange. Comput Commun. 1998;21(5):485–97.
Lin SJ, Chung WH. A probabilistic model of (t, n) visual cryptography scheme with dynamic group. IEEE Trans Inf Forensics Secur. 2012;7(1):197–207.
Chengzhe L, et al. GLARM: group-based lightweight authentication scheme for resource-constrained machine to machine communications. Comput Netw. 2016;99:66–81.
Lai C, et al. SEGR: a secure and efficient group roaming scheme for machine to machine communications between 3GPP and WiMAX networks. In: 2014 IEEE international conference on communications (ICC). IEEE; 2014.
Xiong H, et al. An efficient certificateless aggregate signature with constant pairing computations. Inf Sci. 2013;219:225–35.
Huan W. Studying on Internet of things based on fingerprint identification. In: 2010 international conference on computer application and system modeling (ICCASM). vol 14. IEEE; 2010.
Habib K, Torjusen A, Leister W. A novel authentication framework based on bio-metric and radio fingerprinting for the IoT in eHealth. In: Proceedings of international conference on smart systems, devices and technologies (SMART) 2014.
Fremantle P, Scott P. A security survey of middleware for the Internet of Things. Peer J Computer Science. 2017;3:e114.
Zeng K, Govindan K, Mohapatra P. Non-cryptographic authentication and identification in wireless networks [security and privacy in emerging wireless networks]. IEEE Wirel Commun. 2010;17(5):56–62.
Raj Chandra B, Shrikhande SS. On the construction of sets of mutually orthogonal Latin squares and the falsity of a conjecture of Euler. Trans Am Math Soc. 1960;95(2):191–209.
Assmus EF, Key JD. Designs and codes: an update. Codes, designs and geometry. Boston: Springer; 1996. p. 3–23.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendices
Appendix A: Oval Design Construction
-
Let us construct the finite projective plane \(PG\left( 2,2^{2}\right)\), which is based on \(GF\left( 4\right)\). Let \(\alpha\) be the primitive element in the field, thus \(GF\left( 4\right) =\left\{ 0,1,\alpha ,\alpha ^{2}\right\}\). There are 63 triples different from \(\left( 0,0,0\right)\), of the form \(P=\left( p_{1},p_{2},p_{3}\right) \in GF\left( 4\right) ^{3}\). Every point P has 3 equivalent points, thus there are 21 equivalent classes. For simplification, we denote \(\left( p_{1},p_{2},p_{3}\right)\) as \(p_{1}p_{2}p_{3}\), then, there will be 21 equivalent classes of the points in \(PG\left( 2,2^{2}\right)\) :
100, 010, 001, \(1\alpha \alpha\), \(1\alpha ^{2}0\), \(01\alpha ^{2}\), \(1\alpha 1\), 101, \(10\alpha\), \(1\alpha ^{2}\alpha\), \(1\alpha ^{2}1\), \(10\alpha ^{2}\), \(11\alpha\), \(1\alpha ^{2}\alpha ^{2}\), 110, 011, \(1\alpha 0\), \(01\alpha\), \(1\alpha \alpha ^{2}\), \(11\alpha ^{2}\), 111.
The lines are obtained as described earlier.
They are consecutively 21 lines, and 5 points in each line:
\(\left[ 100\right]\): 010 001 \(01\alpha ^{2}\) 011 \(01\alpha\)
\(\left[ 010\right]\): 100 001 101 \(10\alpha\) \(10\alpha ^{2}\)
\(\left[ 001\right]\): 100 010 \(1\alpha ^{2}0\) 110 \(1\alpha 0\)
\(\left[ 110\right]\): 001 \(11\alpha\) 110 \(11\alpha ^{2}\) 111
\(\vdots\)
Let \(x \cdot z=y^{2}\) be the equation of the conic, there are 5 points that satisfy this equation, namely 100, \(001,\,1\alpha \alpha ^{2},\,1\alpha ^{2}\alpha ,\,111\). By adding the nucleus point \(P_{0}=010\), we obtain the oval.
By removing the secant and the tangent lines, we obtain the exterior lines that pass through the retained points, which are summarized in Table 3.
The oval design obtained from this construction is the \(\left( 6,\,15,\,5\right)\), which has the 6 exterior lines as its points, and the 15 retained points as its blocks.
Appendix B: The Scheme Evaluation
-
In the Table 4, we evaluate some balanced incomplete block deigns performances. We evaluate the performance of some metrics based on these designs as special Steiner System Designs (SSD), specifically are t-designs with \(\lambda =1\) and \(t=2\).
-
The metrics computed and evaluated are the scalability of the group (the group size), the storage overhead noted by C, the probability of sharing a common key-share \(s_{i}\) noted by \(P_{c}\) and the energy consumption requisite for unicast and group authentication denoted, respectively, by \(E_{UC}\) and \(E_{GA}\).
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
El Mouaatamid, O., Lahmer, M. & Belkasmi, M. A Scalable Group Authentication Scheme Based on Combinatorial Designs with Fault Tolerance for the Internet of Things. SN COMPUT. SCI. 1, 234 (2020). https://doi.org/10.1007/s42979-020-00247-3
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s42979-020-00247-3