Generic placeholder image

Recent Advances in Computer Science and Communications

Editor-in-Chief

ISSN (Print): 2666-2558
ISSN (Online): 2666-2566

Research Article

ILAPU-Q: An Improved Lightweight Authentication Protocol for IoT Based on U-quark Hash Function

Author(s): Jihane Jebrane* and Saiida Lazaar

Volume 17, Issue 2, 2024

Published on: 12 December, 2023

Article ID: e121223224372 Pages: 10

DOI: 10.2174/0126662558274597231204114801

Price: $65

Abstract

Background: In the last decades, the development of Internet activities has been significantly accelerated, particularly with the emergence of the Internet of Things (IoT). Heterogeneous devices in the IoT can seamlessly and feasibly inter-connect with each other without human interaction. Due to this revolution, many applications have been adopted in the arena of smart healthcare, e-commerce, environmental and habitat monitoring, etc. In order to promote and facilitate people's standards of living around the world. However, these unbounded applications bring more challenges to the storage capabilities of devices, and their security and privacy preservation. Moreover, security issues suffer from weak authentication protocols.

Methods: To address these issues, suitable and secure lightweight mutual authentication schemes based on Elliptic Curve Cryptography (ECC) are required for the approval of Identity Management (IDM) of devices in the IoT. In this paper, we will propose an improved mutual authentication scheme based on ECC, coupled with a relevant seminal work considered as a reference in the field. This scheme is combined with U-quark, a lightweight hash function, to guarantee the security needed in the IoT environment.

Results: We will compare our amended protocol with a seminal scheme as an established reference in terms of computation cost, storage cost, and executing CPU time to demonstrate that our version can ensure the most favorable performance during the authentication process.

Conclusion: Finally, our proposed mutual authentication scheme has demonstrated its effectiveness in enhancing the security of IoT devices when compared to the seminal work in the same computational environment.

Graphical Abstract

[2]
M. Majid, S. Habib, A.R. Javed, M. Rizwan, G. Srivastava, T.R. Gadekallu, and J.C.W. Lin, "Applications of wireless sensor netwo rks and internet of things frameworks in the industry revolution 4.0: A systematic literature review", Sensors (Basel), vol. 22, no. 6, p. 2087, 2022.
[http://dx.doi.org/10.3390/s22062087] [PMID: 35336261]
[3]
S. Ali, X. Guo, R. Karri, and D. Mukhopadhyay, "Fault attacks on AES and their countermeasures", In: in Secure System Design and Trustable Computing. 2016, pp. 163-208..
[http://dx.doi.org/10.1007/978-3-319-14971-4_5]
[4]
E. Dubrova, K. Ngo, J. Gärtner, and R. Wang, "Breaking a fifth-order masked implementation of crystals-kyber by copy-paste", In Proceedings of the 10th ACM Asia Public-Key Cryptography Workshop, 2023, pp. 10-20
[http://dx.doi.org/10.1145/3591866.3593072]
[5]
J. Kaur, A.C. Canto, M.M. Kermani, and R. Azarderakhsh, "A Comprehensive Survey on the Implementations, Attacks, and Countermeasures of the Current NIST Lightweight Cryptography Standard", arXiv:2304.06222, 2023.,
[6]
R. Elkhatib, R. Azarderakhsh, and M. Mozaffari-Kermani, "Accelerated RISC-V for SIKE", Proceedings of the 2021 IEEE 28th Symposium on Computer Arithmetic (ARITH), pp. 131-138, 2021.
[http://dx.doi.org/10.1109/ARITH51176.2021.00035]
[7]
A. Cintas-Canto, J. Kaur, M. Mozaffari-Kermani, and R. Azarderakhsh, "ChatGPT vs. Lightweight Security: First Work Implementing the NIST Cryptographic Standard ASCON", arXiv:2306.08178, 2023.,
[8]
A. Sarker, A.C. Canto, M.M. Kermani, and R. Azarderakhsh, "Error Detection Architectures for Hardware/Software Co-design Approaches of Number-Theoretic Transform", IEEE Trans. Comput. Aided Des. Integrated Circ. Syst., 2022.
[9]
M. Mozaffari Kermani, and R. Azarderakhsh, Integrating emerging cryptographic engineering research and security education., American Society for Engineering Education. ASEE, 2015.
[10]
M. Mozaffari-Kermani, "Reliable and high-performance hardware architectures for the advanced encryption standard/galois counter mode"", In: Ph.D. thesis. The University of Western Ontario: Canada, 2001.
[11]
A. Sarker, M.M. Kermani, and R. Azarderakhsh, "“Efficient error detection architectures for postquantum signature falcon’s sampler and KEM SABER,” IEEE Transactions on Very Large-Scale Integration (VLSI)", Systems, vol. 30, no. 6, pp. 794-802, 2022.
[12]
P.H. Griffin, "Secure authentication on the Internet of Things", Proceedings of SoutheastCon, vol. 2017, pp. 1-5, 2017.
[http://dx.doi.org/10.1109/SECON.2017.7925274]
[13]
N. Kushalnagar, G. Montenegro, and C. Schumacher, IPv6 over low-power wireless personal area networks (6LoWPANs): overview, assumptions, problem statement, and goals IEEE Communications Surveys & Tutorials,, vol. 9, no. 2, pp. 87-93.
[14]
V.L. Shivraj, M.A. Rajan, M. Singh, and P. Balamuralidhar, "One time password authentication scheme based on elliptic curves for Internet of Things (IoT", In Second National Symposium on Information Technology: Towards New Smart World (NSITNSW), Budapest, Hungary, 2015, pp. 1-6
[http://dx.doi.org/10.1109/NSITNSW.2015.7176384]
[15]
K.H. Wang, C.M. Chen, W. Fang, and T.Y. Wu, "A secure authentication scheme for Internet of Things", Pervasive Mobile Comput., vol. 42, pp. 15-26, 2017.
[http://dx.doi.org/10.1016/j.pmcj.2017.09.004]
[16]
J. Jebrane, and S. Lazaar, "Comparison Study of Lightweight Hash Functions for an Authentication Solution on IoT", In Conference Proceedings Advanced Intelligent Systems for Sustainable Development, vol. Volume 2, pp. 1189-1193 Springer, 2020.,
[17]
L. Lamport, "Password authentication with insecure communication", Commun. ACM, vol. 24, no. 11, pp. 770-772, 1981.
[http://dx.doi.org/10.1145/358790.358797]
[18]
A. Shamir, "Identity-based cryptosystems and signature schemes", In Proceedings of CRYPTO 84, Springer Berlin Heidelberg, 1985, pp. 47-53
[19]
H.R. Tseng, R.H. Jan, and W. Yang, "An improved dynamic user authentication scheme for wireless sensor networks", In GLOBECOM 2007 - IEEE Global Telecommunications Conference, pp. 986-990 November 2007,
[http://dx.doi.org/10.1109/GLOCOM.2007.190]
[20]
M.L. Das, "Two-factor user authentication in wireless sensor networks", IEEE Trans. Wirel. Commun., vol. 8, no. 3, pp. 1086-1090, 2009.
[http://dx.doi.org/10.1109/TWC.2008.080128]
[21]
M.K. Khan, and K. Alghathbar, "Security Analysis of ‘Two-Factor User Authentication in Wireless Sensor Networks’", In International Conference on Advanced Computer Science and Information Technology Berlin, Heidelberg: Springer Berlin Heidelberg, June, pp. 55-60, 2010.
[http://dx.doi.org/10.1007/978-3-642-13577-4_5]
[22]
T.H. Chen, and W.K. Shih, "A robust mutual authentication protocol for wireless sensor networks", ETRI J., vol. 32, no. 5, pp. 704-712, 2010.
[http://dx.doi.org/10.4218/etrij.10.1510.0134]
[23]
Y.P. Liao, and C.M. Hsiao, "A secure ECC-based RFID authentication scheme using hybrid protocols", Proceedings of the International Computer Symposium ICS 2012, held at Hualien Taiwan, December 12–14, pp. 1-13, 2012.
[24]
T.T. Truong, M.T. Tran, and A.D. Duong, ""Duong, "Improvement of the more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on ECC"", In 2012 26th International Conference on Advanced Information Networking and Applications Workshops, pp. 698-703, 2012.
[25]
Y.P. Liao, and C.M. Hsiao, "A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol", Ad Hoc Netw., vol. 18, pp. 133-146, 2014.
[http://dx.doi.org/10.1016/j.adhoc.2013.02.004]
[26]
M. Turkanović, "B. Brumen, and M. Hölbl, "A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion", Ad", Ad Hoc Netw., vol. 20, pp. 96-112, 2014.
[http://dx.doi.org/10.1016/j.adhoc.2014.03.009]
[27]
M.S. Farash, M. Turkanović, S. Kumari, and M. Hölbl, ""An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment",", Ad Hoc Netw., vol. 36, pp. 152-176, 2016.
[http://dx.doi.org/10.1016/j.adhoc.2015.05.014]
[28]
S. Kalra, and S.K. Sood, "Secure authentication scheme for IoT and cloud servers", Pervasive Mobile Comput., vol. 24, pp. 210-223, 2015.
[http://dx.doi.org/10.1016/j.pmcj.2015.08.001]
[29]
C.C. Chang, H.L. Wu, and C.Y. Sun, "Notes on “Secure authentication scheme for IoT and cloud servers”", Pervasive Mobile Comput., vol. 38, pp. 275-278, 2017.
[http://dx.doi.org/10.1016/j.pmcj.2015.12.003]
[30]
T. Shah, and S. Venkatesan, "Authentication of IoT device and IoT server using secure vaults", in 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/ 12th IEEE International Conference on Big Data Science and Engineering IEEE, pp. 819-824, 2018.
[http://dx.doi.org/10.1109/TrustCom/BigDataSE.2018.00117]
[31]
H. Wang, D. Guo, H. Zhang, and Q. Wen, "Robust multiple servers architecture based authentication scheme preserving anonymity", Sensors, vol. 19, no. 14, p. 3144, 2019.
[http://dx.doi.org/10.3390/s19143144] [PMID: 31319567]
[32]
Z. Xie, and L. Jiang, "An improved authentication scheme for Internet of things", IOP Conference Series Materals Science and Engineering, 2020.012031
p [http://dx.doi.org/10.1088/1757-899X/715/1/012031]
[33]
S. Zargar, A. Shahidinejad, and M. Ghobaei-Arani, "A lightweight authentication protocol for IoT-based cloud environment", Int. J. Commun. Syst., vol. 34, no. 11, 2021.e4849
[http://dx.doi.org/10.1002/dac.4849]
[34]
A. Lohachab, A. Lohachab, and A. Jangra, "A comprehensive survey of prominent cryptographic aspects for securing communication in post-quantum IoT networks", Internet of Things, vol. 9, 2020.100174
[http://dx.doi.org/10.1016/j.iot.2020.100174]
[35]
Z. Liu, K.K.R. Choo, and J. Grossschadl, "Securing edge devices in the post-quantum Internet of Things using lattice-based cryptography", IEEE Commun. Mag., vol. 56, no. 2, pp. 158-162, 2018.
[http://dx.doi.org/10.1109/MCOM.2018.1700330]
[36]
T.M. Fernández-Caramés, "From pre-quantum to post-quantum IoT security: A survey on quantum-resistant cryptosystems for the Internet of Things", IEEE Internet Things J., vol. 7, no. 7, pp. 6457-6480, 2020.
[http://dx.doi.org/10.1109/JIOT.2019.2958788]
[37]
M. Adeli, N. Bagheri, H.R. Maimani, S. Kumari, and J.J.P.C. Rodrigues, "A Post-Quantum Compliant Authentication Scheme for IoT Healthcare Systems", IEEE Internet Things J., p. 1, 2023.
[http://dx.doi.org/10.1109/JIOT.2023.3309931]
[38]
D. Xu, L. Liu, N. Zhang, M. Dong, V.C.M. Leung, and J.A. Ritcey, "Nested hash access with post quantum encryption for mission-critical iot communications", IEEE Internet Things J., vol. 10, no. 14, pp. 12204-12218, 2023.
[http://dx.doi.org/10.1109/JIOT.2023.3245360]
[39]
A.C. Canto, J. Kaur, M.M. Kermani, and R. Azarderakhsh, "Algorithmic security is insufficient: A comprehensive survey on implementation attacks haunting post-quantum security", arXiv:2305.13544, 2023.,
[40]
D. Hankerson, and A. Menezes, “Elliptic curve cryptography,” in Encyclopedia of Cryptography., Security and Privacy, Springer Berlin Heidelberg, 2021, pp. 1-2.
[41]
V. Rao, and K.V. Prema, "Light-weight hashing method for user authentication in Internet-of-Things", Ad Hoc Netw., vol. 89, pp. 97-106, 2019.
[http://dx.doi.org/10.1016/j.adhoc.2019.03.003]
[42]
H.L. Yeh, T.H. Chen, P.C. Liu, T.H. Kim, and H.W. Wei, "A secured authentication protocol for wireless sensor networks using elliptic curves cryptography", Sensors, vol. 11, no. 5, pp. 4767-4779, 2011.
[http://dx.doi.org/10.3390/s110504767] [PMID: 22163874]
[43]
C.A. Lara-Nino, A. Diaz-Perez, and M. Morales-Sandoval, "Lightweight elliptic curve cryptography accelerator for internet of things applications", Ad Hoc Netw., vol. 103, 2020.102159
[http://dx.doi.org/10.1016/j.adhoc.2020.102159]
[44]
G. Zhao, X. Si, J. Wang, X. Long, and T. Hu, "A novel mutual authentication scheme for Internet of Things", In Proceedings of the 2011 International Conference on Modelling, Identification and Control IEEE year, 2011, pp. 563-566
[http://dx.doi.org/10.1109/ICMIC.2011.5973767]
[45]
J.P. Aumasson, L. Henzen, W. Meier, and M. Naya-Plasencia, "Quark: A lightweight hash", In International Workshop on Cryptographic Hardware and Embedded Systems, Springer Berlin Heidelberg, 2010, pp. 1-5
[46]
J.P. Aumasson, L. Henzen, W. Meier, and M. Naya-Plasencia, "Quark: A lightweight hash", J. Cryptol., vol. 26, no. 2, pp. 313-339, 2013.
[http://dx.doi.org/10.1007/s00145-012-9125-6]
[47]
J. Jebrane, and S. Lazaar, A performance comparison of lightweight cryptographic algorithms suitable for IoT transmissions General Letters in Mathematics, vol. 10, no. 2, 2021..
[http://dx.doi.org/10.31559/glm2021.10.2.5]

Rights & Permissions Print Cite
© 2024 Bentham Science Publishers | Privacy Policy