Skip to main content
SpringerLink
Log in

A secure elliptic curve based anonymous authentication and key establishment mechanism for IoT and cloud

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

With the increased number of smart devices in IoT and cloud, communication messages are exchanged extensively throughout the network. This requires secure data transfer between the user and the IoT node, and it entails appropriate mutual authentication and a key establishment mechanism. In this paper, a secure authentication and key agreement mechanism for cloud-based IoT based on elliptic curve cryptography, which provides complete anonymity, has been developed and proposed. The proposed mechanism satisfies multiple security attributes, including confidentiality, the anonymity of the user, anonymity of the IoT node, mutual authentication, secret key establishment, integrity, key privacy, non-repudiation, forward secrecy, and availability. Moreover, security analysis has revealed that the proposed mechanism is safe from replay, user impersonation, gateway impersonation, denial of service, man-in-the-middle, lost/stolen device, de-synchronization, known-key, parallel session, gateway bypassing, and offline password guessing attacks. Formal security analysis of the proposed protocol using BAN logic and ROR model has been carried out to ensure the security of the authentication process and the secrecy of the established key respectively. Comparative analysis of the security functionalities has established that the proposed mechanism provides the highest security in comparison to the other related schemes. The proposed mechanism has also removed the requirement of using a secure communication channel for the registration of an IoT node with the gateway. Though, the proposed mechanism consumes more computational and communication overhead, but in view of trade-off between security functions and performance, the proposed protocol outperforms the other existing IoT authentication protocols.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12

Similar content being viewed by others

References

  1. Abdalla M, Fouque PA, Pointcheval D (2005) Password-based authenticated key exchange in the three-party setting. In international workshop on public key cryptography (pp. 65-84). Springer, Berlin, Heidelberg

    MATH  Google Scholar 

  2. Agilandeeswari L, Paliwal S, Chandrakar A, Prabukumar M (2022) A new lightweight conditional privacy preserving authentication and key–agreement protocol in social internet of things for vehicle to smart grid networks. Multimed Tools Appl 81:1–28

    Google Scholar 

  3. Amin R, Islam SH, Biswas GP, Giri D, Khan MK, Kumar N (2016) A more secure and privacy‐aware anonymous user authentication scheme for distributed mobile cloud computing environments. Future Gener Comput Syst 78:1005–1019

  4. Amin R, Kumar N, Biswas GP, Iqbal R, Chang V (2018) A light weight authentication protocol for IoT-enabled devices in distributed cloud computing environment. Future Gener Comput Syst 78:1005–1019

  5. Azrour, M, Mabrouki, J, Chaganti, R (2021) New Efficient and Secured Authentication Protocol for Remote Healthcare Systems in Cloud-IoT Security and Communication Networks, 2021

  6. Banerjee S, Odelu V, Das AK, Chattopadhyay S, Park Y (2020) An efficient, anonymous and robust authentication scheme for smart home environments. Sensors 20(4):1215

    Google Scholar 

  7. Boneh, D (1998) The decision Diffe-Hellman problem. In Proceedings of the Third Algorithmic Number Theory Symposium (pp. 48–63)

  8. Burrows M, Abadi M, Needham RM (1989) A logic of authentication. Proceedings of the Royal Society of London. A Math Phys Sci 426(1871):233–271

    MATH  Google Scholar 

  9. Caruccio L, Desiato D, Polese G, Tortora G (2020) GDPR compliant information confidentiality preservation in big data processing. IEEE Access 8:205034–205050

    Google Scholar 

  10. Challa S, Wazid M, Das AK, Kumar N, Reddy AG, Yoon EJ, Yoo KY (2017) Secure signature-based authenticated key establishment scheme for future IoT applications. IEE Access 5:3028–3043

    Google Scholar 

  11. Chang CC, Le HD (2015) A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Trans Wirel Commun 15(1):357–366

    Google Scholar 

  12. Chen YC, Chuang SC, Yeh LY, Huang JL (2011) A practical authentication protocol with anonymity for wireless access networks. Wirel Commun Mob Comput 11(10):1366–1375

    Google Scholar 

  13. Chen K, Zhang S, Li Z, Zhang Y, Deng Q, Ray S, Jin Y (2018) Internet-of-things security and vulnerabilities: taxonomy, challenges, and practice. J Hardware Syst Secur 2(2):97–110

    Google Scholar 

  14. Chen H, Xu C, Xu Z, Tu X (2019) An enhanced lightweight biometric-based three-factor anonymous authentication protocol for mobile cloud computing. In: 2019 IEEE 21st international conference on high performance computing and communications; IEEE 17th international conference on Smart City; IEEE 5th international conference on data science and systems (HPCC/SmartCity/DSS). IEEE, pp 1682–1691

  15. Chen, CM, Li, X, Liu, S, Wu, ME, Kumari, S (2022) Enhanced Authentication Protocol for the Internet of Things Environment Security and Communication Networks, 2022

  16. Das AK, Goswami A (2015) A robust anonymous biometric-based remote user authentication scheme using smart cards. J King Saud Univ-Comput Inf Sci 27(2):193–210

    Google Scholar 

  17. Das AK, Kalam S, Sahar N, Sinha D (2020) UCFL: user categorization using fuzzy logic towards PUF based two-phase authentication of fog assisted IoT devices. Comput Secur 97:101938

    Google Scholar 

  18. Das AK, Tabassum A, Sadaf S, Sinha D (2020) Attack prevention scheme for privacy preservation (apsp) using k anonymity in location based services for iot. In computational intelligence in pattern recognition (pp. 267–277). Springer, Singapore

    Google Scholar 

  19. Dhillon PK, Kalra S (2017) A lightweight biometrics based remote user authentication scheme for IoT services. J Inf Secur Appl 34:255–270

    Google Scholar 

  20. Fadi AT, Deebak BD (2020) Seamless authentication: for IoT-big data technologies in smart industrial application systems. IEEE Trans Indust Inf 17(4):2919–2927

    Google Scholar 

  21. Fakroon M, Alshahrani M, Gebali F, Traore I (2020) Secure remote anonymous user authentication scheme for smart home environment. Int Things 9:100158

    Google Scholar 

  22. Fouda MM, Fadlullah ZM, Kato N, Lu R, Shen XS (2011) A lightweight message authentication scheme for smart grid communications. IEEE Trans Smart Grid 2(4):675–685

    Google Scholar 

  23. Ghani A, Mansoor K, Mehmood S, Chaudhry SA, Rahman AU, Najmus Saqib M (2019) Security and key management in IoT-based wireless sensor networks: an authentication protocol using symmetric key. Int J Commun Syst 32(16):e4139

    Google Scholar 

  24. Hussain, K, Jhanjhi, NZ, Mati-ur-Rahman, H, Hussain, J, Islam, MH (2019) Using a systematic framework to critically analyze proposed smart card based two factor authentication schemes. J King Saud Univ-Comput Inf Sci

  25. Iqbal W, Abbas H, Daneshmand M, Rauf B, Bangash YA (2020) An in-depth analysis of IoT security requirements, challenges, and their countermeasures via software-defined security. IEEE Internet Things J 7(10):10250–10276

    Google Scholar 

  26. Islam SH, Amin R, Biswas GP, Farash MS, Li X, Kumari S (2017) An improved three party authenticated key exchange protocol using hash function and elliptic curve cryptography for mobile-commerce environments. J King Saud Univ-Comput Inf Sci 29(3):311–324

    Google Scholar 

  27. Kalra S, Sood SK (2015) Secure authentication scheme for IoT and cloud servers. Pervasive Mob Comput 24:210–223

    Google Scholar 

  28. Khan MK, Kumari S, Gupta MK (2014) More efficient key-hash based fingerprint remote authentication scheme using mobile device. Computing 96(9):793–816

    MathSciNet  Google Scholar 

  29. Koblitz N, Menezes A, Vanstone S (2000) The state of elliptic curve cryptography. Des Codes Crypt 19(2):173–193

    MathSciNet  MATH  Google Scholar 

  30. Kumari S (2017) Design flaws of “an anonymous two-factor authenticated key agreement scheme for session initiation protocol using elliptic curve cryptography”. Multimed Tools Appl 76(11):13581–13583

    Google Scholar 

  31. Kumari S, Li X, Wu F, Das AK, Arshad H, Khan MK (2016) A user friendly mutual authentication and key agreement scheme for wireless sensor networks using chaotic maps. Futur Gener Comput Syst 63:56–75

    Google Scholar 

  32. Kumari S, Karuppiah M, Das AK, Li X, Wu F, Kumar N (2018) A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers. J Supercomput 74(12):6428–6453

    Google Scholar 

  33. Lamport L (1981) Password authentication with insecure communication. Commun ACM 24(11):770–772

    Google Scholar 

  34. Lauter KE, Stange KE (2008) The elliptic curve discrete logarithm problem and equivalent hard problems for elliptic divisibility sequences. In international workshop on selected areas in cryptography (pp. 309–327). Springer, Berlin, Heidelberg

    Google Scholar 

  35. Li, L (2012) Study on security architecture in the internet of things. In proceedings of 2012 international conference on measurement, information and control (Vol. 1, pp. 374-377). IEEE

  36. Li X, Qiu W, Zheng D, Chen K, Li J (2010) Anonymity enhancement on robust and efficient password-authenticated key agreement using smart cards. IEEE Trans Ind Electron 57(2):793–800

    Google Scholar 

  37. Li X, Xiong Y, Ma J, Wang W (2012) An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. J Netw Comput Appl 35(2):763–769

    Google Scholar 

  38. Lu Y, Li L, Peng H, Yang Y (2017) An anonymous two-factor authenticated key agreement scheme for session initiation protocol using elliptic curve cryptography. Multimed Tools Appl 76(2):1801–1815

    Google Scholar 

  39. Luo, H, Wang, F, Xu, G (2021) Provably Secure ECC-Based Three-Factor Authentication Scheme for Mobile Cloud Computing with Offline Registration Centre Wirel Commun Mob Comput, 2021

  40. Maitra T, Islam SH, Amin R, Giri D, Khan MK, Kumar N (2016) An enhanced multi-server authentication protocol using password and smart-card: cryptanalysis and design. Secur Commun Netw 9(17):4615–4638

    Google Scholar 

  41. Malik, MY (2010) Efficient implementation of elliptic curve cryptography using low-power digital signal processor. In 2010 the 12th international conference on advanced communication technology (ICACT) (Vol. 2, pp. 1464-1468). IEEE

  42. Martínez-Peláez R, Toral-Cruz H, Parra-Michel JR, García V, Mena LJ, Félix VG, Ochoa-Brust A (2019) An enhanced lightweight IoT-based authentication scheme in cloud computing circumstances. Sensors 19(9):2098

    Google Scholar 

  43. Mishra D, Das AK, Mukhopadhyay S (2014) A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Syst Appl 41(18):8129–8143

    Google Scholar 

  44. Mo J, Hu Z, Chen H, Shen W (2019) An efficient and provably secure anonymous user authentication and key agreement for mobile cloud computing. Wirel Commun Mob Comput 2019:4520685

  45. Ouafi K, Phan RCW (2008) Traceable privacy of recent provably-secure RFID protocols. In international conference on applied cryptography and network security. Springer, Berlin, Heidelberg, pp 479–489

  46. Pal S, Hitchens M, Rabehaja T, Mukhopadhyay S (2020) Security requirements for the internet of things: a systematic approach. Sensors 20(20):5897

    Google Scholar 

  47. Panda PK, Chattopadhyay S (2020) A secure mutual authentication protocol for IoT environment. J Reliable Intell Environ 6(2):79–94

    Google Scholar 

  48. Park DS (2018) Future computing with IoT and cloud computing. J Supercomput 74(12):6401–6407

    Google Scholar 

  49. Park K, Park Y, Park Y, Reddy AG, Das AK (2017) Provably secure and efficient authentication protocol for roaming service in global mobility networks. IEEE Access 5:25110–25125

    Google Scholar 

  50. Porambage P, Schmitt C, Kumar P, Gurtov A, Ylianttila M (2014) Two-phase authentication protocol for wireless sensor networks in distributed IoT applications. In: 2014 IEEE wireless communications and networking conference (WCNC). IEEE, pp 2728–2733

  51. Ray, S, Biswas, GP (2011) Design of mobile-PKI for using mobile phones in various applications. In 2011 international conference on recent trends in information systems (pp. 297-302). IEEE

  52. Ray S, Biswas GP, Dasgupta M (2016) Secure multi-purpose mobile-banking using elliptic curve cryptography. Wirel Pers Commun 90(3):1331–1354

    Google Scholar 

  53. Sadhukhan D, Ray S, Biswas GP, Khan MK, Dasgupta M (2021) A lightweight remote user authentication scheme for IoT communication using elliptic curve cryptography. J Supercomput 77(2):1114–1151

    Google Scholar 

  54. Sharma G, Kalra S (2018) A lightweight multi-factor secure smart card based remote user authentication scheme for cloud-IoT applications. J Inf Secur Appl 42:95–106

    Google Scholar 

  55. Shparlinski I (2011) Computational Di_e-Hellman problem. In: Encyclopedia of cryptography and security. Springer, Berlin/Heidelberg, pp 240–244

  56. Shuai M, Yu N, Wang H, Xiong L (2019) Anonymous authentication scheme for smart home environment with provable security. Comput Secur 86:132–146

    Google Scholar 

  57. Singh AK, Patro BDK (2019) Security of low computing power devices: a survey of requirements, challenges & possible solutions. Cybernet Inf Technol 19(1):133–164

    Google Scholar 

  58. Singh, AK, Patro, DB (2019) A novel security protocol for wireless sensor networks based on elliptic curve Signcryption. Int J Comput Netw Commun (IJCNC) Vol, 11

  59. Singh AK, Solanki A, Nayyar A, Qureshi B (2020) Elliptic curve signcryption-based mutual authentication protocol for smart cards. Appl Sci 10(22):8291

    Google Scholar 

  60. Sood SK, Sarje AK, Singh K (2011) A secure dynamic identity based authentication protocol for multi-server architecture. J Netw Comput Appl 34(2):609–618

    Google Scholar 

  61. Souri A, Norouzi M (2019) A state-of-the-art survey on formal verification of the internet of things applications. J Serv Sci Res 11(1):47–67

    Google Scholar 

  62. Sowjanya K, Dasgupta M, Ray S (2021) Elliptic curve cryptography based authentication scheme for internet of medical things. J Inf Secur Appl 58:102761

    Google Scholar 

  63. Subramanian EK, Tamilselvan L (2020) Elliptic curve Diffie–Hellman cryptosystem in big data cloud security. Cluster Comput 23(4):1–11

    Google Scholar 

  64. Tabassum A, Sadaf S, Sinha D, Das AK (2020) Secure anti-void energy-efficient routing (SAVEER) protocol for WSN-based IoT network. In advances in computational intelligence (pp. 129–142). Springer, Singapore

    Google Scholar 

  65. Taher BH, Liu H, Abedi F, Lu H, Yassin AA, Mohammed AJ (2021) A secure and lightweight three-factor remote user authentication protocol for future IoT applications. J Sens 2021:1–18

    Google Scholar 

  66. Thakare A, Kim YG (2021) Secure and efficient authentication scheme in IoT environments. Appl Sci 11(3):1260

    Google Scholar 

  67. Tsai JL, Wu TC, Tsai KY (2010) New dynamic ID authentication scheme using smart cards. Int J Commun Syst 23(12):1449–1462

    Google Scholar 

  68. Wang D, Wang P (2016) Two birds with one stone: two-factor authentication with security beyond conventional bound. IEEE Trans Depend Secure Comput 15(4):708–722

    Google Scholar 

  69. Wang D, Wang P (2018) Two birds with one stone: two-factor authentication with security beyond conventional bound. IEEE Trans Depend Secur Comput 15(4):708–722

    Google Scholar 

  70. Wang D, Cheng H, Wang P, Huang X, Jian G (2017) Zipf’s law in passwords. IEEE Trans Inf Forensic Secur 12(11):2776–2791

    Google Scholar 

  71. Wang C, Ding K, Li B, Zhao Y, Xu G, Guo Y, Wang P (2018) An enhanced user authentication protocol based on elliptic curve cryptosystem in cloud computing environment. Wirel Commun Mob Comput. https://doi.org/10.1155/2018/3048697

  72. Wang D, Zhang X, Zhang Z, Wang P (2020) Understanding security failures of multi-factor authentication schemes for multi-server environments. Comput Secur 88:101619

    Google Scholar 

  73. Wang, F, Xu, G, Xu, G, Wang, Y, Peng, J (2020) A robust IoT-based three-factor authentication scheme for cloud computing resistant to session key exposure Wirel Commun Mob Comput, 2020

  74. Wazid M, Das AK, Odelu V, Kumar N, Conti M, Jo M (2017) Design of secure user authenticated key management protocol for generic IoT networks. IEEE Internet Things J 5(1):269–282

    Google Scholar 

  75. Wu S, Zhu Y, Pu Q (2012) Robust smart-cards-based user authentication scheme with user anonymity. Secur Commun Netw 5(2):236–248

    Google Scholar 

  76. Wu HL, Chang CC, Zheng YZ, Chen LS, Chen CC (2020) A secure IoT-based authentication system in cloud computing environment. Sensors 20(19):5604

    Google Scholar 

  77. Xie Q, Hu B, Tan X, Bao M, Yu X (2014) Robust anonymous two-factor authentication scheme for roaming service in global mobility network. Wirel Pers Commun 74(2):601–614

    Google Scholar 

  78. Xue K, Ma C, Hong P, Ding R (2013) A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. J Netw Comput Appl 36(1):316–323

    Google Scholar 

  79. Yang, D, Yang, B (2010) A biometric password-based multi-server authentication scheme with smart card. In 2010 international conference on computer design and applications (Vol. 5, pp. V5-554). IEEE

  80. Yu S, Park K, Park Y (2019) A secure lightweight three-factor authentication scheme for IoT in cloud computing environment. Sensors 19(16):3598

    Google Scholar 

  81. Zhou L, Li X, Yeh KH, Su C, Chiu W (2019) Lightweight IoT-based authentication scheme in cloud computing circumstance. Future Gener Comput Syst 91:244–251

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing, University of Engineering & Technology (UETR), Roorkee, 247667, India

    Anuj Kumar Singh & Ankit Garg

  2. Graduate School, Duy Tan University, Da Nang, 550000, Vietnam

    Anand Nayyar

  3. Faculty of Information Technology, Duy Tan University, Da Nang, 550000, Vietnam

    Anand Nayyar

Authors
  1. Anuj Kumar Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anand Nayyar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ankit Garg
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Anand Nayyar.

Ethics declarations

Conflict of interest

Authors declare that there is no conflicts of interests of any sort associated with this manusctipt.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Singh, A.K., Nayyar, A. & Garg, A. A secure elliptic curve based anonymous authentication and key establishment mechanism for IoT and cloud. Multimed Tools Appl 82, 22525–22576 (2023). https://doi.org/10.1007/s11042-022-14140-z

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-022-14140-z

Keywords

Search

Navigation