Abstract
Dew computing is complementing fog and cloud computing by offering the first layer of connection for any IoT device in the field. Typically, data are stored locally in the dew servers in cases when for instance Internet is not available. Therefore, dedicated authentication and key agreement protocols need to be developed in order to guarantee secure communication without the online presence of a trusted third party. First, a complete and clear presentation on the attack model and the required security features for dew computing scenarios are provided. Next, the relation with client-server security schemes is explained and two particular criteria are identified that need to be addressed in these schemes in order to serve as security scheme for dew computing. It is shown how a recently published client-server authentication scheme, satisfying these two criteria, can be extended with a key agreement feature, resulting in a very efficient authentication and key agreement scheme for a dew computing scenario. The obtained scheme outperforms from a security point of view the currently available alternatives and behaves in a similar line with respect to computational and communication efforts. More in particular, severe security vulnerabilities are demonstrated for a recently proposed dedicated dew computing authentication and key agreement protocol.
Similar content being viewed by others
References
Khanna A, Kaur S (2020) Internet of Things (IoT), applications and challenges: a comprehensive review. Wirel Pers Commun 114:1687–1762
Elizondo J, Palmer S (2009) Edge-Based Cloud Computing as a Feasible Network Paradigm
Wang Y (2015) Cloud-dew architecture. Int J Cloud Comput 4:199–210
Ray PP (2018) An introduction to dew computing: definition, concept and implications. IEEE Access 6:723–737
Bonomi F, Milito R, Zhu J, Addepalli S (2012) Fog computing and its role in the Internet of Things, Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, ACM, pp 13–16
Wang L, von Laszewski G, Younge A, He X, Kunze M, Taon J, Fu C (2010) Cloud computing: a perspective study. New Gener Comput 28:137–146
Pan Y, Thulasiraman P, Wang Y (2018) Overview of cloudlet, fog computing, edge computing, and dew computing, In: Proceedings of the 3rd International Workshop on Dew Computing, pp 20–23
Gusev M (2021) What makes dew computing more than edge computing for Internet of Things, In: IEEE 45th Annual Computers, Software and Applications Conference, IEEE, pp 1795-1800
Hadzovic S, Mrdovic S, Radonjic M (2021) Identification of IoT actors. Sensors 21(6):2093
Modi C, Patel D, Borisaniya B, Patel A, Rajarajan M (2013) A survey on security issues and solutions at different layers of cloud computing. J Supercomput 63:561–592
Gordienko1 Y, Stirenko S, Alienin O, Skala K, Sojat Z, Rojbi A, López Benito JR, Artetxe E, González, Lushchyk U, Sajn L, Llorente Coto A, Jervan G (2017) Augmented Coaching Ecosystem for Non-obtrusive Adaptive Personalized Elderly Care on the Basis of Cloud-Fog-Dew Computing Paradigm, In: 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), pp 359-364
Gusev M (2017) A dew computing solution for iot streaming devices, In: 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), pp 387-392
Botta A, Gallo L, Ventre G (2019) Cloud, fog, and dew robotics: architectures for next generation applications, In: 7th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud), pp 16-23
Singh P, Kaur A, Aujla GS, Batth RS, Kanhere S (2021) DaaS: dew computing as a service for intelligent intrusion detection in edge-of-things ecosystem. IEEE Internet Things J 8(16):12569–12577
Braeken A (2021) Public key versus symmetric key cryptography in client-server authentication protocols, Int J Inf Secur, Springer
Alaoui HL, El Ghazi A, Zbakh M, Touhafi A, Braeken A (2021) A highly efficient ECC-based authentication protocol for RFID, J Sens
Rana S, Obaidat MS, Mishra D, Mishra A, Rao YS (2021) Efficient design of an authenticated key agreement protocol for dew-assisted IoT systems, J Supercomput, Springer
Patonico S, Braeken A, Steenhaut K (2019) Identity-based and anonymous key agreement protocol for fog computing resistant in the Canetti-Krawczyk security model, Wireless Networks, pp. 1-13
Shabisha P, Sandeepa C, Moremada C, Dissaynayaka N, Gamage T, Braeken A, Steenhaut K, Liyanage M (2021) Security enhanced emergency situation detection system for ambient assisted living. IEEE J Comput Soc 2:241–259
Braeken A (2020) Symmetric key based 5G AKA authentication protocol satisfying anonymity and unlinkability. Comput Netw 181:107424
Braeken A (2018) PUF based authentication protocol for IoT. Symmetry 10(8):352
Braeken A, Liyanage M, Jurcut AD (2019) Anonymous lightweight proxy based key agreement for IoT (ALPKA). Wirel Pers Commun 106(2):345–364
Braeken A (2021) Device-to-device group authentication compatible with 5G AKA protocol. Comput Netw 201:108575
Gupta PC, Dhar J (2016) Hash based multi-server key exchange protocol using smart card. Wirel Pers Commun 87(1):225–244
Shunmuganathan S (2021) A reliable lightweight two factor mutual authenticated session key agreement protocol for multi-server environment. Wirel Pers Commun 121:2789–2822
Braeken A (2020) Highly efcient symmetric key based authentication and key agreement protocol using Keccak. Sensors 20(8):2160
Ying B, Nayak A (2019) Lightweight remote user authentication pro-tocol for multi-server 5G networks using self-certied public key cryptography. J Netw Comput Appl 131:66–74
Wan T, Liu X, Liao W, Jiang N (2019) Cryptanalysis and improvement of a smart card based authentication scheme for multi-server architecture using ECC. Int J Netw Secur 21(6):993–1002
Wei JH, Liu WF, Hu XX (2014) Cryptanalysis and improvement of a robust smart card authentication scheme for multi-server architecture. Wirel Pers Commun 77(3):2255–2269
Dolev D, Yao AC (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208
Schnorr P (1990) Efficient identification and signatures for smart cards, Advances in Cryptology-Crypto 1989. Springer-Verlag 435:239–252
Campagna M (2013) SEC 4: Elliptic curve Qu-Vanstone implicit certificate scheme (ECQV). Certicom institution, Mississauga, ON, Canada
Bertoni G, Daemen J, Peeters M, Van Assche G (2013) Keccak, Advances in Cryptology-EUROCRYPT 2013, Springer, 7881
Abdalla M, Fouque PA, Pointcheval D (2005) Password-based authenticated key exchange in the three-party setting, In: International Workshop on Public Key Cryptography, pp. 65–84
Lee J, Kim G, Das A, Park Y (2021) Secure and efficient honey list-based authentication protocol for vehicular ad hoc networks. IEEE Trans Netw Sci Eng 8:2412–2425
Canetti R, Krawczyk H (2001) Analysis of key-exchange protocols and their use for building secure channels. Lect Notes Comput Sci 2045:453–474
Braeken A, Kumar P, Martin A (2018) Efficient and provably secure key agreement for modern smart metering communications. Energies 11(10):2662
Sowjanya K, Dasgupta M, Ray S (2020) An elliptic curve cryptography based enhanced anonymous authentication protocol for wearable health monitoring systems. Int J Inf Secur 19(1):129–146
Dinarvand N, Barati H (2019) An efficient and secure RFID authentication protocol using elliptic curve cryptography. Wirel Netw 25(1):415–428
Merabet F, Cherif A, Belkadi M, Blazy O, Conchon E, Sauveron D (2020) New efficient M2C and M2M mutual authentication protocols for IoT-based healthcare applications. Peer-to-Peer Netw Appl 13(2):439–474
He D, Kumar N, Khan MK, Wang L, Shen J (2016) Efficient privacy-aware authentication scheme for mobile cloud computing services. IEEE Syst J 12:1621–1631
He D, Wang D (2015) Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst J 9:816–823
Ying B, Nayak A (2014) Efficient authentication protocol for secure vehicular communications, In: IEEE 79th Vehicular Technology Conference (VTC Spring), IEEE, pp 1–5
Chen C-M, Xiang B, Liu Y, Wang K-H (2019) A secure authentication protocol for internet of vehicles. IEEE Access 7:12047–12057
Patonico S (2021) Study and analysis of security features for internet of things devices in a One-M2M based network, PhD Thesis, Vrije Universiteit Brussel
Kim T, Barbulescu R (2016) Extended tower number field sieve: A new complexity for the medium prime case, CRYPTO (1). Springer 9814:543–571
Barreto PSLM, Lynn B, Scott M (2002) Constructing elliptic curves with prescribed embedding degrees. Security Communication Network, Springer 2576:257–267
Bernstein DJ, Birkner P, Joye M, Lange T, Peters C (2008) Twisted Edwards Curves, Techical Report
Vigano L (2006) Automated security protocol analysis with the avispa tool. Electron Notes Theor Comput Sci 155:61–86
Bellare M, Pointcheval D, Rogaway P (2000) Authenticated key exchange secure against dictionary attacks, In: International Conference on the Theory and Applications of Cryptographic Techniques, Springer, pp 139–155
Jakobsson M, Pointcheval D (2001) Mutual authentication for low-power mobile devices, In: International Conference on Financial Cryptography, Springer, pp 178–195
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Braeken, A. Authenticated key agreement protocols for dew-assisted IoT systems. J Supercomput 78, 12093–12113 (2022). https://doi.org/10.1007/s11227-022-04364-z
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-022-04364-z