IRBA: An Identity-Based Cross-Domain Authentication Scheme for the Internet of Things

Jia, Xudong; Hu, Ning; Su, Shen; Yin, Shibin; Zhao, Yan; Cheng, Xinda; Zhang, Chi

doi:10.3390/electronics9040634

Cited by 54 publications

(39 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Compared with literature [37], this scheme can resist the replacement attack by using temporary identities and the two-factor authentication of "password + key," making itself more secure. Compared with literature [33,34,[37][38][39], this scheme realizes cross-domain identity authentication under different cryptographic systems, which better satisfies the needs of contemporary society. 4.7.…”

Section: Anti-man-in-the-middle Attacksmentioning

confidence: 95%

“…is scheme uses hierarchical ID tree to define the ID values of users, cloud service providers, and other entities to realize the uniqueness of entity identity. Compared with literature [34][35][36][37][38][39], this scheme replaces the real identity with the temporary identity, and the KGC or CA1 signs user U's temporary identity, further enhancing security and meanwhile realizing anonymous tracking. Compared with literature [33][34][35][36], the KGC or CA1 in this scheme signs the temporary identity of user U and encrypts the message by the public key of the CSP, which results in better performance in resisting man-in-the-middle attacks.…”

Section: Anti-man-in-the-middle Attacksmentioning

confidence: 99%

See 1 more Smart Citation

Heterogeneous Cross-Domain Identity Authentication Scheme Based on Proxy Resignature in Cloud Environment

Liu

Wang

2020

Mathematical Problems in Engineering

View full text Add to dashboard Cite

Based on proxy resignature, the signature transformation between trust domains of different cryptographic systems is realized with the help of the cloud authentication center, so as to achieve cross-domain access between users and cloud service providers in heterogeneous environment. Hierarchical ID tree realizes the uniqueness of identity in communication, and the security of heterogeneous cross-domain identity authentication is enhanced by the two-factor authentication of “password + key” and temporary identity replacing real identity. The security of the scheme is proved under the CK model, which can anonymously trace entity identity, resist replay attacks, replacement attacks, and man-in-the-middle attacks, and the simulation experiment is carried out. By searching it in related fields, no paper on heterogeneous cross-domain identity authentication based on proxy resignature has been published yet. The results of this paper show that the proposed scheme has better computing performance and higher security.

show abstract

Section: Anti-man-in-the-middle Attacksmentioning

confidence: 95%

Section: Anti-man-in-the-middle Attacksmentioning

confidence: 99%

Heterogeneous Cross-Domain Identity Authentication Scheme Based on Proxy Resignature in Cloud Environment

Liu

Wang

2020

Mathematical Problems in Engineering

View full text Add to dashboard Cite

show abstract

“…The number of cryptographic operations involved in this study are counted. To represent the comparison, Table 6 shows the notations, description, and computed their approximate execution time for various cryptographic operations by using the PBC library reported by Jia et al [ 41 ]. Specifically, the study employed a secure hash function, public-key-based encryption, symmetrical encryption, and symmetric decryption, which are, respectively, denoted as

, and

.…”

Section: Security Features Comparisonmentioning

confidence: 99%

SELAMAT: A New Secure and Lightweight Multi-Factor Authentication Scheme for Cross-Platform Industrial IoT Systems

Khalid

Hashim

Ahmad

et al. 2021

Sensors

View full text Add to dashboard Cite

The development of the industrial Internet of Things (IIoT) promotes the integration of the cross-platform systems in fog computing, which enable users to obtain access to multiple application located in different geographical locations. Fog users at the network’s edge communicate with many fog servers in different fogs and newly joined servers that they had never contacted before. This communication complexity brings enormous security challenges and potential vulnerability to malicious threats. The attacker may replace the edge device with a fake one and authenticate it as a legitimate device. Therefore, to prevent unauthorized users from accessing fog servers, we propose a new secure and lightweight multi-factor authentication scheme for cross-platform IoT systems (SELAMAT). The proposed scheme extends the Kerberos workflow and utilizes the AES-ECC algorithm for efficient encryption keys management and secure communication between the edge nodes and fog node servers to establish secure mutual authentication. The scheme was tested for its security analysis using the formal security verification under the widely accepted AVISPA tool. We proved our scheme using Burrows Abdi Needham’s logic (BAN logic) to prove secure mutual authentication. The results show that the SELAMAT scheme provides better security, functionality, communication, and computation cost than the existing schemes.

show abstract

“…(2) Scalability problem: with the popularity of IoT, the identity authentication problem in IoT does not only exist in a single IoT application, but also in different IoT applications with the same authentication needs [21,37], which we call cross-domain authentication. Blockchain-based authentication schemes are usually deployed in a single application domain or intelligent system, and authentication information from different application domains or systems is not interoperable, lacking an effective cross-domain authentication scheme.…”

Section: Motivation and Basicmentioning

confidence: 99%

“…Besides, blockchain's nonfalsifiability and fault tolerance make it a good solution to authentication problems [19]. For example, in [20], the feasibility of using blockchain technology for IoT device authentication in edge computing systems is discussed, and blockchain-based smart contracts are introduced to handle the operation of authentication-related certificates; Jia et al [21] proposed a blockchain-based cross-domain authentication system applied to the authentication process for data access to different IoT application domains; e study [22] was based on blockchain and elliptic curve cryptosystem cross-data center authentication and key exchange programs.…”

Section: Introductionmentioning

confidence: 99%

A2 Chain: A Blockchain-Based Decentralized Authentication Scheme for 5G-Enabled IoT

Jia

Yin

et al. 2020

Mobile Information Systems

Self Cite

View full text Add to dashboard Cite

The fifth-generation mobile communication technology (5G) provides high-bandwidth and low-latency data channels for massive IoT terminals to access the core business network. At the same time, it also brings higher security threats and challenges. Terminal identity authentication is an important security mechanism to ensure the core business network; however, most of the existing solutions adopt a centralized authentication model. Once the number of authentication requests exceeds the processing capacity of the authentication center service, it will cause authentication request congestion or deadlock. The decentralized authentication model can effectively solve the above problems. This article proposes a decentralized IoT authentication scheme called A2 Chain. First, A2 Chain uses edge computing to decentralize the processing of authentication requests and eliminate the burden on authentication services and the network. Second, to implement cross-domain identity verification of IoT devices, A2 Chain uses blockchain, and sidechain technologies are used to securely share the identity verification information of IoT devices. Additionally, A2 Chain replaces public key infrastructure (PKI) algorithm with identity-based cryptography (IBC) algorithm to eliminate the management overhead caused by centralized authentication model.

show abstract

IRBA: An Identity-Based Cross-Domain Authentication Scheme for the Internet of Things

Cited by 54 publications

References 34 publications

Heterogeneous Cross-Domain Identity Authentication Scheme Based on Proxy Resignature in Cloud Environment

Heterogeneous Cross-Domain Identity Authentication Scheme Based on Proxy Resignature in Cloud Environment

SELAMAT: A New Secure and Lightweight Multi-Factor Authentication Scheme for Cross-Platform Industrial IoT Systems

A2 Chain: A Blockchain-Based Decentralized Authentication Scheme for 5G-Enabled IoT

Contact Info

Product

Resources

About