Consistent Round Hash optimized SRP-6a-based end-to-end mutual authentication for secure data transfer in industry 4.0

Abstract

When the Internet of Things (IoT) is used in a typical manufacturing system, the industrial plant can be controlled remotely through the Internet. This enables manufacturing and execution systems to obtain real-time work orders directly from the Enterprise Resource Planning (ERP) system. Therefore, workflows for development, production, and manufacturing can be integrated with sales, market, and finance business processes. The possibility of implementing this integration, however, is dependent on the trust, security, and authentication of IoT devices. Many IoT devices face significant security risks such as device hijacking and data leaks due to limited resources and inadequate self-protection capabilities. Despite the fact that several studies have been conducted using the physical unclonable function to protect communication between IoT devices from the aforementioned security threats, current solutions rely on the participation of the server to distribute the key parameters, which requires high message overhead and has a significant impact on efficiency. To fill this gap, this article proposes a Consistent Round Hash optimized SRP-6a-based end-to-end mutual authentication for secure data transfer technique with single-share trusted device collaboration can detect an unauthenticated device. In addition, our proposed technique ensures the overall system's integrity and stability during a scaling-out phenomenon, which is becoming increasingly common in complex industrial environments. Furthermore, we present a formal and informal security analysis of the proposed protocol. According to the results of the performance analysis, our proposed technique has the lowest communication overhead, computational cost, and round-trip time when compared to other state-of-the-art schemes.