A Lightweight ECC-Based Authentication Scheme for Internet of Things (IoT)

Hammi, Badis; Fayad, Achraf; Khatoun, Rida; Zeadally, Sherali; Begriche, Youcef

doi:10.1109/jsyst.2020.2970167

Cited by 115 publications

(38 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…After the registration of these entities, the registration values are stored in the memory of these devices and also in the smartphone/smart card of the users. These stored values will further help in the login, authentication, and key establishment processes [44]. The registration process is then summarised in Algorithm 1.…”

Section: The Proposed Generalized Frameworkmentioning

confidence: 99%

See 1 more Smart Citation

Blockchain‐Envisioned Secure Authentication Approach in AIoT: Applications, Challenges, and Future Research

Wazid

Das

2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

The Artificial Intelligence of Things (AIoT) is the amalgamation of Artificial Intelligence (AI) methods and the Internet of Things (IoT) infrastructure, which are deployed there to improve the overall performance of the system. AIoT can be deployed to achieve more efficient IoT operations; thereby can improve human-machine interactions and provide better data analysis. AI methods can be used to transform IoT data into useful information for the better decision-making processes, and it further increases the overall usability of the system. AIoT frameworks are very useful and applicable in a variety of applications, like security and surveillance system, smart home, intelligent transportation system, smart farming, secure and safe healthcare monitoring, industrial automation and control, eCommerce, logistics operations and control, and many more. However, AIoT frameworks may have issues related to data security and privacy as they are vulnerable to various types of information security-related attacks. These issues further cause the serious consequences, like the unauthorized data leakage and data update. Blockchain is a specific type of database. It is a digital ledger of transactions, which is duplicated and distributed across the entire network of computer systems. It stores data in the form of some blocks, which are then chained together. Blockchain is tamper proof and provides more security as compared to the traditional security mechanisms. Hence, blockchain can be integrated in various AIoT applications to provide more security. A generalized blockchain-envisioned secure authentication framework for AIoT has been proposed. The adversary model of blockchain-envisioned secure authentication framework for AIoT is also highlighted that covers most of the potential threats of a kind of communication environment. Various applications of the proposed framework are also discussed. Furthermore, different issues and challenges of the proposed framework are highlighted. In the end, we also provide some future research directions relevant to the proposed framework.

show abstract

Section: The Proposed Generalized Frameworkmentioning

confidence: 99%

“…Without guessing the correct session keys, the attacker cannot decrypt the exchanged messages. Therefore, the ongoing communication is safe and secure against the various potential attacks [44,45]. This phase is summarised in Algorithm 3.…”

Section: Authentication and Session Keymentioning

confidence: 99%

Blockchain‐Envisioned Secure Authentication Approach in AIoT: Applications, Challenges, and Future Research

Wazid

Das

2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…Third, KMMR adds and revokes efficient secure nodes. ECC is an ondemand routing network protocol which is specially design for wireless sensor network and ad hoc [15,16].…”

Section: Related Workmentioning

confidence: 99%

CoopECC: A Collaborative Cryptographic Mechanism for the Internet of Things

et al. 2021

View full text Add to dashboard Cite

The emergence of IoT applications has risen the security issues of the big data sent by the IoT devices. The design of lightweight cryptographic algorithms becomes a necessity. Moreover, elliptic curve cryptography (ECC) is a promising cryptographic technology that has been used in IoT. However, connected objects are resource-constrained devices, with limited computing power and energy power. Driven by these motivations, we propose and develop a secure cryptographic protocol called CoopECC which leverages the organization of IoT nodes into cluster to distribute the load of cluster head (CH) among its cluster members. This technique proves that it optimizes the resource consumption of the IoT nodes including computation and energy consumption. Performance evaluation, done with TOSSIM simulator, shows that the proposed protocol CoopECC outperforms the original ECC algorithm, in terms of computation time, consumed energy, and the network’s lifespan.

show abstract

“…However, IBE-ECC depends on a pre-shared key-based Diffie-Hellman exchange which is not enough to create secure encryption. Hammi et al [ 27 ] proposed OTP that relies on Elliptic Curve Cryptography and Isogeny. Ayoub et al [ 28 ] proposed a secure authentication and encryption based on improved ECC which is an asymmetric encryption scheme based on user credentials and biometric parameters.…”

Section: Related Work On Cryptographic and Digital Certificate Algorithms On Iotmentioning

confidence: 99%

“…The limitations of previous literature studies [ 14 , 15 , 16 , 17 , 18 , 19 , 20 , 21 , 22 , 23 , 24 , 25 , 26 , 27 , 28 ] can be divided into three types: Firstly, most of these research studies did not consider the hardware resource constraints and the appropriate architecture of IoT in the design of digital signature and cryptographic schemes is not considered. Secondly, the vulnerabilities of ECDH on IIoT were not covered and investigated as well.…”

Section: Related Work On Cryptographic and Digital Certificate Algorithms On Iotmentioning

confidence: 99%

Lightweight Digital Certificate Management and Efficacious Symmetric Cryptographic Mechanism over Industrial Internet of Things

Ahmed

2021

Sensors

View full text Add to dashboard Cite

The certificate authority, a trusted entity, issues digital certificates which contain identity credentials to help Industrial Internet of Things (IIoT) devices to represent their authenticity in a secure means. The crucial challenge of a digital certificate is to how design a secure certification authority management system that can counteract cyberattacks on the IIoT network. Moreover, current IIoT systems are not capable of implementing complex mathematical operations due to their constrained power capacity and processing capability. This paper proposes an effective, secure symmetric cryptographic mechanism (ESSC) based on the certificate authority management and Elliptic Curve Diffie Hellman (ECDH) to share a digital certificate among IIoT devices. The proposed certificate authority is used to securely exchange the shared secret key and to resolve the problem of spoofing attacks that may be used to impersonate the identity of the certificate authority. Also, ESSC uses the shared secret key to encrypt the sensitive data during transmission through the insecure communication channel. This research studies the adversary model for ESSC on IIoT and analyzes the cybersecurity of ESSC in the random oracle model. The findings that result from the experiments show that ESSC outperforms the baseline in terms of communication, computation, and storage costs. ESSC thus provides an adequate lightweight digital certificate management and cryptographic scheme which can help in the detection and prevention of several cyberattacks that can harm IIoT networks.

show abstract

A Lightweight ECC-Based Authentication Scheme for Internet of Things (IoT)

Cited by 115 publications

References 30 publications

Blockchain‐Envisioned Secure Authentication Approach in AIoT: Applications, Challenges, and Future Research

Blockchain‐Envisioned Secure Authentication Approach in AIoT: Applications, Challenges, and Future Research

CoopECC: A Collaborative Cryptographic Mechanism for the Internet of Things

Lightweight Digital Certificate Management and Efficacious Symmetric Cryptographic Mechanism over Industrial Internet of Things

Contact Info

Product

Resources

About