Skip to main content
SpringerLink
Log in

High-Speed Anonymous Device Authentication Without Asymmetric Cryptography in the Internet-of-Things

  • Conference paper
  • First Online:
Ubiquitous Security (UbiSec 2022)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1768))

Included in the following conference series:

  • 619 Accesses

Abstract

A large portion of end-point and edge devices in the Internet-of-Things (IoT) are constrained in computational power and bandwidth, which means they cannot easily afford the resource-consuming asymmetric cryptography such as Diffie-Hellman key exchange and RSA-2048 digital signatures. On the other hand, these devices are still confronted with similar threats against conventional devices in authenticity and privacy. In this paper, we present a high-speed authentication protocol for resource-constrained devices in IoT, which provides both authenticity and anonymity without any use of asymmetric cryptography. Moreover, we show how our protocol can be extended for devices that can execute symmetric encryption for secure data transmission. The security and anonymity of the new protocols have been analyzed comprehensively, and the evaluation demonstrates their efficiency.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    ThinkPad, Windows 10, Intel Core i7-8565U @1.80 GHz. The speed measurement is done with openssl speed aes-128-cbc/sha256/ecdh.

  2. 2.

    Two EC point multiplications on each side.

  3. 3.

    See “Authentication Server” column in TABLE V in [7].

References

  1. Arfaoui, G., Bultel, X., Fouque, P.A., Nedelcu, A., Onete, C.: The privacy of the TLS 1.3 protocol. Proc. Priv. Enhancing Technol. 4, 190–210 (2019)

    Article  Google Scholar 

  2. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2_21

    Chapter  Google Scholar 

  3. Bormann, C., Ersue, M., Keranen, A.: Terminology for constrained-node networks. RFC 7228 (informational), March 2014. http://www.ietf.org/rfc/rfc7228.txt

  4. de Carvalho Silva, J., Rodrigues, J.J., Alberti, A.M., Solic, P., Aquino, A.L.: LoRaWAN-a low power WAN protocol for Internet of Things: a review and opportunities. In: 2017 2nd International Multidisciplinary Conference on Computer and Energy Science (SpliTech), pp. 1–6. IEEE (2017)

    Google Scholar 

  5. Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. RFC 5280 (proposed standard), May 2008. http://www.ietf.org/rfc/rfc5280.txt

  6. Davis, H., Diemert, D., Günther, F., Jager, T.: On the concrete security of TLS 1.3 PSK mode. In: Dunkelman, O., Dziembowski, S. (eds.) EUROCRYPT 2022. LNCS, vol. 13276, pp. 876–906. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-07085-3_30

    Chapter  MATH  Google Scholar 

  7. Esfahani, A., et al.: A lightweight authentication mechanism for M2M communications in industrial IoT environment. IEEE Internet Things J. 6(1), 288–296 (2017)

    Article  MathSciNet  Google Scholar 

  8. Guajardo, J., Kumar, S.S., Schrijen, G.-J., Tuyls, P.: FPGA intrinsic PUFs and their use for IP protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_5

    Chapter  Google Scholar 

  9. Guin, U., Singh, A., Alam, M., Canedo, J., Skjellum, A.: A secure low-cost edge device authentication scheme for the Internet of Things. In: 2018 31st International Conference on VLSI Design and 2018 17th International Conference on Embedded Systems (VLSID), pp. 85–90. IEEE (2018)

    Google Scholar 

  10. Heinrich, A., Stute, M., Kornhuber, T., Hollick, M.: Who can find my devices? Security and privacy of apple’s crowd-sourced Bluetooth location tracking system. Proc. Priv. Enhancing Technol. 3, 227–245 (2021)

    Article  Google Scholar 

  11. Heydon, R., Hunn, N.: Bluetooth low energy. CSR Presentation, Bluetooth SIG (2012). https://www.bluetooth.org/DocMan/handlers/DownloadDoc.ashx

  12. Internet Engineering Task Force, Rescorla, E.: The transport layer security (TLS) protocol version 1.3. draft-ietf-tls-tls13-26 (2018). https://tools.ietf.org/html/draft-ietf-tls-tls13-26

  13. Katz, J., Lindell, Y.: Introduction to Modern Cryptography. CRC Press, Boca Raton (2014)

    Book  MATH  Google Scholar 

  14. Krawczyk, H.: HMQV: a high-performance secure Diffie-Hellman protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005). https://doi.org/10.1007/11535218_33

    Chapter  Google Scholar 

  15. Langley, A., Hamburg, M., Turner, S.: Elliptic curves for security. RFC 7748, January 2016. https://doi.org/10.17487/RFC7748. https://www.rfc-editor.org/info/rfc7748

  16. Li, X., Niu, J., Kumari, S., Wu, F., Sangaiah, A.K., Choo, K.K.R.: A three-factor anonymous authentication scheme for wireless sensor networks in Internet of Things environments. J. Netw. Comput. Appl. 103, 194–204 (2018)

    Article  Google Scholar 

  17. Majzoobi, M., Rostami, M., Koushanfar, F., Wallach, D.S., Devadas, S.: Slender PUF protocol: a lightweight, robust, and secure authentication by substring matching. In: 2012 IEEE Symposium on Security and Privacy Workshops, pp. 33–44. IEEE (2012)

    Google Scholar 

  18. Nair, A.S., Thampi, S.M.: PUFloc: PUF and location based hierarchical mutual authentication protocol for surveillance drone networks. In: Wang, G., Choo, K.K.R., Ko, R., Xu, Y., Crispo, B. (eds.) UbiSec 2021. CCIS, vol. 1557, pp. 66–89. Springer, Singapore (2022). https://doi.org/10.1007/978-981-19-0468-4_6

    Chapter  Google Scholar 

  19. Nguyên, T.T., Xiao, X., Yang, Y., Hui, S.C., Shin, H., Shin, J.: Collecting and analyzing data from smart device users with local differential privacy. arXiv preprint arXiv:1606.05053 (2016)

  20. Pearce, J.: Internet of Things: key stats for 2022, February 2022. https://techinformed.com/internet-of-things-key-stats-for-2022/

  21. Pornin, T.: Deterministic usage of the digital signature algorithm (DSA) and elliptic curve digital signature algorithm (ECDSA). RFC 6979, August 2013. https://www.rfc-editor.org/rfc/rfc6979

  22. Qureshi, M.A., Munir, A.: PUF-IPA: a PUF-based identity preserving protocol for Internet of Things authentication. In: 2020 IEEE 17th Annual Consumer Communications & Networking Conference (CCNC), pp. 1–7. IEEE (2020)

    Google Scholar 

  23. Srivastava, A., Kumar, A.: A review on authentication protocol and ECC in IoT. In: 2021 International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE), pp. 312–319. IEEE (2021)

    Google Scholar 

  24. 1889-1 International Organization for Standardization: Information technology - Trusted platform module library - Part 1: Architecture. International Organization for Standardization, Vernier, Geneva, Switzerland, ISO/IEC 11889-1:2015 (2015). https://www.iso.org/standard/66510.html

  25. Suárez-Albela, M., Fernández-Caramés, T.M., Fraga-Lamas, P., Castedo, L.: A practical performance comparison of ECC and RSA for resource-constrained IoT devices. In: 2018 Global Internet of Things Summit (GIoTS), pp. 1–6. IEEE (2018)

    Google Scholar 

  26. Wu, T.: SRP protocol design. SRP document (2002). http://srp.stanford.edu/design.html

Download references

Author information

Authors and Affiliations

  1. Paderborn University, 33098, Paderborn, Germany

    Li Duan

  2. Huawei Technologies Düsseldorf, 64293, Darmstadt, Germany

    Li Duan & Yong Li

Authors
  1. Li Duan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yong Li .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. University of Texas at San Antonio, San Antonio, TX, USA

    Kim-Kwang Raymond Choo

  3. Temple University, Philadelphia, PA, USA

    Jie Wu

  4. Khalifa University of Science and Technology, Abu Dhabi, United Arab Emirates

    Ernesto Damiani

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Duan, L., Li, Y. (2023). High-Speed Anonymous Device Authentication Without Asymmetric Cryptography in the Internet-of-Things. In: Wang, G., Choo, KK.R., Wu, J., Damiani, E. (eds) Ubiquitous Security. UbiSec 2022. Communications in Computer and Information Science, vol 1768. Springer, Singapore. https://doi.org/10.1007/978-981-99-0272-9_32

Download citation

  • DOI: https://doi.org/10.1007/978-981-99-0272-9_32

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-99-0271-2

  • Online ISBN: 978-981-99-0272-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation