A Lightweight Cross-Layer Mutual Authentication With Key Agreement Protocol for IIoT

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS IEEE Internet of Things Journal Pub Date : 2024-11-06 DOI:10.1109/JIOT.2024.3492532

Liying Yu;Wen Wu;Lin Mei

{"title":"A Lightweight Cross-Layer Mutual Authentication With Key Agreement Protocol for IIoT","authors":"Liying Yu;Wen Wu;Lin Mei","doi":"10.1109/JIOT.2024.3492532","DOIUrl":null,"url":null,"abstract":"With constrained resources, the industrial Internet of Things (IIoT) craves for lightweight and robust access authentication protocols to secure the network. Existing physical unclonable functions (PUFs)-based cryptographic protocols face privacy threats from wireless environments and semitrusted participants, while physical-layer authentication (PLA) is costly as a complementary protocol to upper layer. Therefore, in this article we propose a cross-layer mutual authentication with the key agreement protocol based on PUFs for IIoT. The proposed protocol integrates PUFs’ challenge-response pairs (CRPs) into low-complexity cryptographic primitives and signal phases of subcarriers, employs a newly designed authentication decision methodology, and achieves excellent authentication performance while reducing protocol redundancy. Our protocol also provides device anonymity, dynamic updates, and storage-free CRPs to defend against potential insider threats. The security of the proposed protocol has been formally and informally verified. The performance analysis results show that our protocol provides better security and privacy performance with low computation and communication cost. The simulation results show the protocol can obtain great authentication performance in the indoor factory (InF) wireless scenario of the 3GPP TR 38.901 standard.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 6","pages":"7051-7066"},"PeriodicalIF":8.9000,"publicationDate":"2024-11-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10745278/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

With constrained resources, the industrial Internet of Things (IIoT) craves for lightweight and robust access authentication protocols to secure the network. Existing physical unclonable functions (PUFs)-based cryptographic protocols face privacy threats from wireless environments and semitrusted participants, while physical-layer authentication (PLA) is costly as a complementary protocol to upper layer. Therefore, in this article we propose a cross-layer mutual authentication with the key agreement protocol based on PUFs for IIoT. The proposed protocol integrates PUFs’ challenge-response pairs (CRPs) into low-complexity cryptographic primitives and signal phases of subcarriers, employs a newly designed authentication decision methodology, and achieves excellent authentication performance while reducing protocol redundancy. Our protocol also provides device anonymity, dynamic updates, and storage-free CRPs to defend against potential insider threats. The security of the proposed protocol has been formally and informally verified. The performance analysis results show that our protocol provides better security and privacy performance with low computation and communication cost. The simulation results show the protocol can obtain great authentication performance in the indoor factory (InF) wireless scenario of the 3GPP TR 38.901 standard.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

面向物联网的轻量级跨层带密钥协议的相互认证协议

由于资源有限，工业物联网（IIoT）需要轻量级和强大的访问认证协议来保护网络。现有的基于物理不可克隆功能（puf）的加密协议面临来自无线环境和半可信参与者的隐私威胁，而物理层身份验证（PLA）作为上层的补充协议，成本很高。因此，在本文中，我们提出了一种基于puf的跨层互认证协议。该协议将puf的挑战响应对（CRPs）集成到低复杂度的密码原语和子载波的信号相位中，采用了一种新设计的认证决策方法，在降低协议冗余的同时获得了良好的认证性能。我们的协议还提供设备匿名性、动态更新和无存储crp，以防御潜在的内部威胁。提议的议定书的安全性已经过正式和非正式的核查。性能分析结果表明，该协议具有较好的安全性能和隐私性能，且计算和通信成本较低。仿真结果表明，该协议在3GPP TR 38.901标准的室内工厂（InF）无线场景下能够获得良好的认证性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.