Abstract
Use of Internet-of-Things (IoT)-based wireless applications has been exponentially increased nowadays and likely to accelerate in near future. Thus, a large volume of traffic needs to be managed at the application server. In such scenario, the traditional single-server architecture shows serious performance bottleneck and needs to be replaced by multiple servers. In addition, several security and design vulnerabilities may arise while accessing application data through various resource-constraint mobile devices. Thus, ensuring entity authentication, application data confidentiality and energy-efficient computations are essential. In this article, we introduce a group key-based lightweight Mutual Authentication and Key Agreement (MAKA) protocol for multi-server environment. The proposed protocol is designed using low-cost cryptographic primitives (such as hash function and symmetric key encryption/decryption) to address energy-efficiency requirements of the resource-constraint mobile devices. It reduces computational burden of the registration center by distributing the traffic load into a group of servers. Additionally, registration center needs not to maintain one-to-one communication with its users whenever a new server is added to the system. The protocol achieves various security and design properties which are verified both formally and informally. Finally, we compare our protocol with others to show its applicability in real-life implementations.
Similar content being viewed by others
Change history
22 October 2021
A Correction to this paper has been published: https://doi.org/10.1007/s11227-021-04144-1
References
Ramson SJ, Moni DJ (2017) Applications of wireless sensor networks-a survey. In: 2017 International Conference on Innovations in Electrical, Electronics, Instrumentation and Media Technology (ICEEIMT), IEEE, pp 325–329
Shen X, Wang Z, Sun Y (2004) Wireless sensor networks for industrial applications. In: Fifth World Congress on Intelligent Control and Automation (IEEE Cat. No. 04EX788), IEEE, vol 4, pp 3636–3640
Sheng Z, Mahapatra C, Zhu C, Leung VC (2015) Recent advances in industrial wireless sensor networks toward efficient management in iot. IEEE Access 3:622–637
Gungor VC, Hancke GP (2009) Industrial wireless sensor networks: Challenges, design principles, and technical approaches. IEEE Trans Ind Electron 56(10):4258–4265
Challa S, Das AK, Odelu V, Kumar N, Kumari S, Khan MK, Vasilakos AV (2018) An efficient ecc-based provably secure three-factor user authentication and key agreement protocol for wireless healthcare sensor networks. Comput Elect Eng 69:534–554
Xu Z, Xu C, Liang W, Xu J, Chen H (2019) A lightweight mutual authentication and key agreement scheme for medical internet of things. IEEE Access 7:53922–53931
Inc G (2018) Gartner identifies top 10 strategic iot technologies and trends. [online] available:https://www.gartner.com/en/newsroom/press-releases/2018-11-07-gartner-identifies-top-10-strategic-iot-technologies-and-trends
He D, Zeadally S, Kumar N, Wu W (2016) Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures. IEEE Trans Inf Forensics Secur 11(9):2052–2064
Limbasiya T, Sahay SK, Sridharan B (2021) Privacy-preserving mutual authentication and key agreement scheme for multi-server healthcare system. Information Systems Frontiers pp 1–14
ul Haq I, Wang J, Zhu Y et al (2020b) Secure two-factor lightweight authentication protocol using self-certified public key cryptography for multi-server 5g networks. J Netw Comput Appl 161:102660
Wu TY, Lee Z, Obaidat MS, Kumari S, Kumar S, Chen CM (2020) An authenticated key exchange protocol for multi-server architecture in 5g networks. IEEE Access 8:28096–28108
Ying B, Nayak A (2019) Lightweight remote user authentication protocol for multi-server 5g networks using self-certified public key cryptography. J Netw Comput Appl 131:66–74
Ng B, Si A, Lau RW, Li FW (2002) A multi-server architecture for distributed virtual walkthrough. In: Proceedings of the ACM symposium on Virtual reality software and technology, pp 163–170
Rahman MG, Imai H (2002) Security in wireless communication. Wirel Pers Commun 22(2):213–228
Samfat D, Molva R, Asokan N (1995) Untraceability in mobile networks. In: Proceedings of the 1st Annual International Conference on Mobile Computing and Networking, pp 26–36
Steinbrecher S, Köpsell S (2003) Modelling unlinkability. In: International Workshop on Privacy Enhancing Technologies, Springer, pp 32–47
Khurana H, Hadley M, Lu N, Frincke DA (2010) Smart-grid security issues. IEEE Secur Priv 8(1):81–85
Mont MC, Bramhall P, Harrison K (2003) A flexible role-based secure messaging service: Exploiting ibe technology for privacy in health care. In: 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings., IEEE, pp 432–437
Eldewahi AE, Sharfi TM, Mansor AA, Mohamed NA, Alwahbani SM (2015) Ssl/tls attacks: analysis and evaluation. 2015 International Conference on Computing. Control, Networking, Electronics and Embedded Systems Engineering (ICCNEEE), IEEE, pp 203–208
Sirohi P, Agarwal A, Tyagi S (2016) A comprehensive study on security attacks on ssl/tls protocol. In: 2016 2nd International Conference on Next Generation Computing Technologies (NGCT), IEEE, pp 893–898
ul Haq I, Wang J, Zhu Y, Maqbool S (2020a) A survey of authenticated key agreement protocols for multi-server architecture. Journal of Information Security and Applications 55:102639
Wang D, Zhang X, Zhang Z, Wang P (2020) Understanding security failures of multi-factor authentication schemes for multi-server environments. Comput Secur 88:101619
Kumar A, Om H (2018) An improved and secure multiserver authentication scheme based on biometrics and smartcard. Digit Commun Netw 4(1):27–38
ul Haq I, Wang J, Zhu Y, Maqbool S et al (2021) An efficient hash-based authenticated key agreement scheme for multi-server architecture resilient to key compromise impersonation. Digit Commun Netw 7(1):140–150
Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Annual International Cryptology Conference, Springer, pp 388–397
Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552
Zhou S, Gan Q, Wang X (2018) Authentication scheme based on smart card in multi-server environment. Wirel Netw 26(2):855–863
Wu F, Li X, Xu L, Sangaiah AK, Rodrigues JJ (2018) Authentication protocol for distributed cloud computing: an explanation of the security situations for internet-of-things-enabled devices. IEEE Consum Electron Mag 7(6):38–44
Raymond DR, Midkiff SF (2008) Denial-of-service in wireless sensor networks: Attacks and defenses. IEEE Pervasive Comput 7(1):74–81
Wood AD, Stankovic JA (2002) Denial of service in sensor networks. Computer 35(10):54–62
Roy PK, Bhattacharya A (2021) Desynchronization resistant privacy preserving user authentication protocol for location based services. Peer-to-Peer Networking and Applications pp 1–15. https://doi.org/10.1007/s12083-021-01194-3
Tsobdjou LD, Pierre S, Quintero A (2021) A new mutual authentication and key agreement protocol for mobile client-server environment. IEEE Trans Netw Serv Manag 18(2):1275–1286
Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208
Cheng Z, Nistazakis M, Comley R, Vasiu L (2005) On the indistinguishability-based security model of key agreement protocols-simple cases. IACR Cryptol ePrint Arch 2005:129
Lee CC, Lin TH, Chang RX (2011) A secure dynamic id based remote user authentication scheme for multi-server environment using smart cards. Expert Syst Appl 38(11):13863–13870
Liao YP, Wang SS (2009) A secure dynamic id based remote user authentication scheme for multi-server environment. Comput Stand Interf 31(1):24–29
Menezes AJ, Van Oorschot PC, Vanstone SA (2018) Handbook of applied cryptography. CRC Press, Boca Raton
He D, Bu J, Chan S, Chen C, Yin M (2010) Privacy-preserving universal authentication protocol for wireless communications. IEEE Trans Wirel Commun 10(2):431–436
Chang CC, Le HD (2015) A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Trans Wirel Commun 15(1):357–366
Rogaway P, Shrimpton T (2004) Cryptographic hash-function basics: Definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. In: International workshop on fast software encryption, Springer, pp 371–388
Shashidhara R, Bojjagani S, Maurya AK, Kumari S, Xiong H (2020) A robust user authentication protocol with privacy-preserving for roaming service in mobility environments. Peer-to-Peer Netw Appl 13(6):1943–1966
Wen F, Susilo W, Yang G (2013) A secure and effective anonymous user authentication scheme for roaming service in global mobility networks. Wirel Person Commun 73(3):993–1004
Armando A, Basin D, Boichut Y, Chevalier Y, Compagna L, Cuéllar J, Drielsma PH, Héam PC, Kouchnarenko O, Mantovani J et al (2005) The avispa tool for the automated validation of internet security protocols and applications. In: International Conference on Computer Aided Verification, pp 281–285
Von Oheimb D (2005) The high-level protocol specification language hlpsl developed in the eu project avispa. In: Proceedings of APPSEM 2005 workshop, pp 1–17
Team T et al (2006) Avispa v1. 1 user manual. Information society technologies programme (2006). http://avispa-project.org
Suárez-Albela M, Fernández-Caramés TM, Fraga-Lamas P, Castedo L (2018) A practical performance comparison of ecc and rsa for resource-constrained iot devices. In: 2018 Global Internet of Things Summit (GIoTS), IEEE, pp 1–6
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
The original online version of this article was revised: In this article the legend for Fig. 7 and 8 was wrong.
Rights and permissions
About this article
Cite this article
Roy, P.K., Bhattacharya, A. A group key-based lightweight Mutual Authentication and Key Agreement (MAKA) protocol for multi-server environment. J Supercomput 78, 5903–5930 (2022). https://doi.org/10.1007/s11227-021-04114-7
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-021-04114-7