Abstract
Fog and dew computing represent relatively new computing paradigms in the literature. The main idea is to offload the computation processes from the device to a more nearby fog or dew server, who further forwards it to the central server. In the case of dew computing, the dew server is considered to lose connection with the central server and should be able to function autonomously most of the time. In the literature, several public-key-based tripartite schemes, offering a full set of security features, have been proposed that can serve the purpose. However, due to the large difference in performance between symmetric and public key-based cryptographic algorithms, this paper proposes a symmetric key-based authentication and key agreement protocol, consisting of a long and a short authentication process, addressing both fog and dew computing scenarios. Moreover, we conduct the informal and formal (ROR logic, GNY logic, and Scyther tool) security analysis to ensure that the scheme satisfies the most important security features described in the literature, in addition to offering protection against a semi-trusted third party. Furthermore, we assess the performance of the long and the short authentication phases in terms of computational, communication, storage costs, and energy consumption, revealing that it is less expensive than its competitors. Additionally, we show that when compared to its competitors, the long and the short authentication phases have less overhead when unknown attacks occur. We also use the NS2 network simulator tool to execute a real-time implementation of the long and the short authentication phase to ensure that it is realistic in practical implementation.
Similar content being viewed by others
Availability of data and materials
Not applicable.
References
Bonomi F, Milito R, Zhu J, Addepalli S (2012) Fog computing and its role in the internet of things. In: Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, ACM, pp 13–16
Ray PP (2018) An introduction to dew computing: definition, concept and implications. IEEE Access 6:723–737
Khanna A, Kaur S (2020) Internet of things (IoT), applications and challenges: a comprehensive review. Wirel Person Commun 114:1687–1762
Braeken A (2021) Public key versus symmetric key cryptography in client-server authentication protocols. Int J Inf Secur 21:103–114
Brown DR, Gallant R, Vanstone SA (2002) Provably secure implicit certificate schemes. Financial cryptography, Springer, Berlin Heidelberg, pp 156–165
Mattsson JP, Smeets B, Thormarker E (2021) Quantum technology and its impact on security in mobile networks, Ericsson Technology Review. https://bit.ly/3lIpfHU
Shabisha P, Sandeepa C, Moremada C, Dissanayaka N, Gamage T, Braeken A, Steenhaut K, Liyanage M (2021) Security enhanced emergency situation detection system for ambient assisted living. IEEE Open J Comput Soc 2:241–259
Lee T, Hwang T (2017) Three-party authenticated key agreements for optimal communication. J SomeThing 12(3):1–25
Ni L, Chen G, Li J (2013) Escrowable identity-based authenticated key agreement protocol with strong security. Comput Math Appl 65(9):1339–1349
Wang D, Wang P (2014) On the anonymity of two-factor authentication schemes for wireless sensor networks: attacks, principle and solutions. Comput Netw 73:41–57
Jia X, He D, Kumar N, Choo K (2019) Authenticated key agreement scheme for fog-driven IoT healthcare system. Wirel Netw 25(8):4737–4750
Liu C, Tsai W, Chang T, Liu T (2018) Ephemeral-secret-leakage secure id-based three party authenticated key agreement protocol for mobile distributed computing environments. Symmetry 10(4):84
Patonico S, Braeken A, Steenhaut K (2019) Identity-based and anonymous key agreement protocol for fog computing resistant in the Canetti–Krawczyk security model. Wirel Netw 1–13
Canetti R, Krawczyk H (2002) Universally composable notions of key exchange and secure channels. In: International Conference on the Theory and Applications of Cryptographic Techniques. Springer, pp 337–351
Mahmood K, Ayub MF, Hassan SZ, Ghaffar Z, Lv Z, Chaudhry SA (2022) A seamless anonymous authentication protocol for mobile edge computing infrastructure. Comput Commun 186:12–21
Guo Y, Zhang Z, Guo Y (2022) SecFHome: secure remote authentication in fog-enabled smart home environment. Comput Netw 207:108818
Rana S, Obaidat MS, Mishra D, Mishra A, Rao YS (2021) Efficient design of an authenticated key agreement protocol for dew-assisted IoT systems. J Supercomput
Braeken A (2022) Authenticated key agreement protocols for dew-assisted IoT systems. J Supercomput
Ma Y, Ma Y, Cheng Q (2022) Cryptanalysis and enhancement of an authenticated key agreement protocol for dew-assisted IoT systems. Secur Commun Netw 2022
Alaoui HL, El Ghazi A, Zbakh M, Touhafi A, Braeken A (2021) A highly efficient ECC-based authentication protocol for RFID, J Sens
Ying B, Nayak A (2019) Lightweight remote user authentication protocol for multi-server 5G networks using self-certified public key cryptography. J Netw Comput Appl 131:66–74
Wan Tao, Liu Xiaochang, Liao Weichuan, Jiang Nan (2019) Cryptanalysis and improvement of a smart card based authentication scheme for multi-server architecture using ECC. Int J Netw Secur 21(6):993–1002
Dolev D, Yao AC (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208
Yadav AK, Misra M, Pandey PK, Liyanage M (2022) An EAP-based mutual authentication protocol for WLAN connected IoT devices. In: IEEE Transactions on Industrial Informatics. https://doi.org/10.1109/TII.2022.3194956
Munilla J, Burmester M, Barco R (2021) An enhanced symmetric-key based 5G-AKA protocol. Comput Netw 198:108373
Abdalla M, Fouque P-A, Pointcheval D (2005) Password-based authenticated key exchange in the three-party setting. In International Workshop on Public Key Cryptography. Springer, pp 65–84
Gong L, Needham RM, Yahalom R (1990) Reasoning about belief in cryptographic protocols. In: IEEE Symposium on Security and Privacy. Citeseer, pp 234–248
Cremers CJF (2006) Scyther: semantics and verification of security protocols. Eindhoven university of Technology Eindhoven, Netherlands
Lee J, Kim G, Das AK, Park Y (2021) Secure and efficient honey list-based authentication protocol for vehicular ad hoc networks. IEEE Trans Netw Sci Eng 8(3):2412–2425
Cao J, Yan Z, Ma R, Zhang Y, Fu Y, Li H (2020) LSAA: a lightweight and secure access authentication scheme for both UE and mMTC devices in 5g networks. IEEE Internet Things J 7(6):5329–5344
Shunmuganathan S (2021) A reliable lightweight two factor mutual authenticated session key agreement protocol for multi-server environment. Wirel Pers Commun 121(4):2789–2822
Wang J, Zhu Y (2020) Secure two-factor lightweight authentication protocol using self-certified public key cryptography for multi-server 5G networks. J Netw Comput Appl 161:102660
Son S, Lee J, Park Y, Park Y, Das AK (2022) Design of blockchain-based lightweight V2I handover authentication protocol for VANET. IEEE Transactions on Network Science and Engineering
Xu Z, Li X, Xu J, Liang W, Choo K-KR (2021) A secure and computationally efficient authentication and key agreement scheme for internet of vehicles. Comput Electr Eng 95:107409
Cao J, Yu P, Xiang X, Ma M, Li H (2019) Anti-quantum fast authentication and data transmission scheme for massive devices in 5G NB-IoT system. IEEE Internet Things J 6(6):9794–9805
Ma R, Cao J, Feng D, Li H, Li X, Xu Y (2021) A robust authentication scheme for remote diagnosis and maintenance in 5G V2N. J Netw Comput Appl 198:103281
The Network Simulator-ns-2. [Online]. Available: http://www.isi.edu/nsnam/ns/, Accessed on Apr 2022
Jabbari A, Mohasefi JB (2021) Improvement of a user authentication scheme for wireless sensor networks based on internet of things security. Wirel Pers Commun 116(3):2565–91
Acknowledgements
Not applicable.
Funding
Not applicable.
Author information
Authors and Affiliations
Contributions
The first author contributed to the designing of authentication mechanisms, formal analysis, informal analysis, and practical implementation. The second author contributed to the authentication mechanism, problem formulation, draft writing, and overall organization of the draft. The third author contributed to draft writing, grammar checking, and the overall organization of the draft.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare no conflict of interest.
Consent for publication
Not applicable.
Ethics approval and consent to participate
Not applicable.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Yadav, A.K., Braeken, A. & Misra, M. Symmetric key-based authentication and key agreement scheme resistant against semi-trusted third party for fog and dew computing. J Supercomput 79, 11261–11299 (2023). https://doi.org/10.1007/s11227-023-05064-y
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-023-05064-y