Secure Authentication And Key Agreement Protocol In Internet Of Things

With the application and popularization of 5G technology,the Internet of Things(IoT)has been widely used in various fields such as intelligent transportation,home security,smart firefighting,industrial monitoring,personal health,and intelligent acquisition.Data sharing is one of the key factors for the successful application of these fields.For example,in an Industrial Internet of Things(IIoT)environment,electronic sensors located in a factory can monitor the surrounding environment in real-time and upload the monitored data to a gateway node through an open network.However,real-time data sharing through an open channel may lead to illegal access by attackers,resulting in privacy leaks.For example,attackers can eavesdrop on,tamper with,intercept communication messages or impersonate communication entities,thereby threatening message security and user privacy.In addition,there may be irreparable physical damage,such as an adversary issuing malicious instructions to destroy the sensor.Based on the aforementioned issues,user identity authentication is the first line of defense for security protection in IoT environments.Therefore,this article designs a cloud-assisted industrial IoT user security authentication and key agreement protocol.In addition,a multi-gateway lightweight authentication scheme is proposed to address communication bottlenecks such as increased communication overhead,decreased network performance,and low cross-domain access efficiency in single gateway models as network scale increases.Its security and performance are analyzed in detail.The main research work of this article is as follows:1.A cloud-assisted authentication scheme based on Chebyshev polynomials encryption is proposed for the IIoT environment,which allows only authorized users to access sensing devices in the IoT to obtain real-time data.The scheme uses fuzzy extraction technology to verify biometric features.Three factors are required to authenticate a user’s login request:smart card,password,and the user’s personal biometric feature.The scheme uses the classical random oracle model to formally analyze the protocol’s semantic security and mathematically verifies the very low probability of an adversary disrupting session keys.Informal security analysis also shows that the proposed scheme can withstand multiple known attacks.Compared with other related user authentication schemes,the proposed scheme also provides some auxiliary functional features,including adding new sensor nodes for user access,updating user passwords and biometric features,deploying new sensor nodes,protecting user anonymity and untraceability.In addition,the scheme is compared with similar schemes in terms of computational cost,communication cost,and security,and the results show that the scheme meets higher security performance compared with other schemes of the same kind under the condition of lower computation and communication overhead.2.A multi-gateway identity authentication and key negotiation protocol is proposed to meet the requirement of cross-domain access to sensor nodes in the IoT environment.Firstly,the scheme is based on three-factor authentication using Chebyshev chaos mapping,hash function,and XOR operation,which can achieve secure authentication between sensor nodes and users,establish session keys,and support key updates for users.Secondly,security analysis proves that the proposed scheme can resist internal spoofing attacks,sensor capture attacks,temporary secret leakage attacks,and forward secrecy for session keys.The semantic security of session keys is also proven by the random oracle model.Finally,compared with other schemes in terms of performance,the proposed scheme only requires lower communication overhead and computational resources,making it more suitable for lightweight security authentication requirements of IoT devices.