Abstract
With the widespread use of network infrastructures such as 5G and low-power wide-area networks, a large number of the Internet of Things (IoT) device nodes are connected to the network, generating massive amounts of data. Therefore, it is a great challenge to achieve anonymous authentication of IoT nodes and secure data transmission. At present, blockchain technology is widely used in authentication and s data storage due to its decentralization and immutability. Recently, Fan et al. proposed a secure and efficient blockchain-based IoT authentication and data sharing scheme. We studied it as one of the state-of-the-art protocols and found that this scheme does not consider the resistance to ephemeral secret compromise attacks and the anonymity of IoT nodes. To overcome these security flaws, this paper proposes an enhanced authentication and data transmission scheme, which is verified by formal security proofs and informal security analysis. Furthermore, Scyther is applied to prove the security of the proposed scheme. Moreover, it is demonstrated that the proposed scheme achieves better performance in terms of communication and computational cost compared to other related schemes.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Hasan M. State of IoT-Spring 2022. IOT Analytics, See https://iot-analytics.com/product/state-of-iot-spring-2022 website, 2022
Wang X, Ning Z, Hu X, Wang L, Hu B, Cheng J, Leung V C M. Optimizing content dissemination for real-time traffic management in large-scale internet of vehicle systems. IEEE Transactions on Vehicular Technology, 2019, 68(2): 1093–1105
Kelly J T, Campbell K L, Gong E, Scuffham P. The internet of things: impact and implications for health care delivery. Journal of Medical Internet Research, 2020, 22(11): e20135
Zemrane H, Baddi Y, Hasbi A. Internet of things smart home ecosystem. In: Elhoseny M, Hassanien A E, eds. Emerging Technologies for Connected Internet of Vehicles and Intelligent Transportation System Networks. Cham: Springer, 2020, 101–125
Miloslavskaya N, Tolstoy A. Internet of things: information security challenges and solutions. Cluster Computing, 2019, 22(1): 103–119
Khan M A, Salah K. IoT security: review, blockchain solutions, and open challenges. Future Generation Computer Systems, 2018, 82: 395–411
Fakhri D, Mutijarsa K. Secure IoT communication using blockchain technology. In: Proceedings of 2018 International Symposium on Electronics and Smart Devices (ISESD). 2018, 1–6
Fan Q, Chen J H, Deborah L J, Luo M. A secure and efficient authentication and data sharing scheme for internet of things based on blockchain. Journal of Systems Architecture, 2021, 117: 102112
Liu S G, Dibaei M, Tai Y, Chen C, Zhang J, Xiang Y. Cyber vulnerability intelligence for internet of things binary. IEEE Transactions on Industrial Informatics, 2020, 16(3): 2154–2163
Xu Z, Xu C, Chen H, Yang F. A lightweight anonymous mutual authentication and key agreement scheme for WBAN. Concurrency and Computation: Practice and Experience, 2019, 31(14): e5295
Alzahrani B A, Irshad A, Albeshri A, Alsubhi K. A provably secure and lightweight patient-healthcare authentication protocol in wireless body area networks. Wireless Personal Communications, 2021, 117(1): 47–69
Adavoudi-Jolfaei H, Ashouri-Talouki M, Aghili S F. Lightweight and anonymous three-factor authentication and access control scheme for real-time applications in wireless sensor networks. Peer-to-Peer Networking and Applications, 2019, 12(1): 43–59
Gope P, Hwang T. A realistic lightweight anonymous authentication protocol for securing real-time application data access in wireless sensor networks. IEEE Transactions on Industrial Electronics, 2016, 63(11): 7124–7132
Kumar P, Chouhan L. A secure authentication scheme for IoT application in smart home. Peer-to-Peer Networking and Applications, 2021, 14(1): 420–438
Bera B, Vangala A, Das A K, Lorenz P, Khan M K. Private blockchain-envisioned drones-assisted authentication scheme in IoT-enabled agricultural environment. Computer Standards & Interfaces, 2022, 80: 103567
Islam T, Youki R A, Chowdhury B R, Hasan A S M T. An ECC based secure communication protocol for resource constraints IoT devices in smart home. In: Proceedings of the International Conference on Big Data, IoT, and Machine Learning. 2022, 431–444
Panda S S, Jena D, Mohanta B K, Ramasubbareddy S, Daneshmand M, Gandomi A H. Authentication and key management in distributed IoT using blockchain technology. IEEE Internet of Things Journal, 2021, 8(16): 12947–12954
Kshetri N. Can blockchain strengthen the internet of things? IT Professional, 2017, 19(4): 68–72
Cui Z, Xue F, Zhang S, Cai X, Cao Y, Zhang W, Chen J. A hybrid blockchain-based identity authentication scheme for multi-WSN. IEEE Transactions on Services Computing, 2020, 13(2): 241–251
Khalid U, Asim M, Baker T, Hung P C K, Tariq M A, Rafferty L. A decentralized lightweight blockchain-based authentication mechanism for IoT systems. Cluster Computing, 2020, 23(3): 2067–2087
Yang X, Yang X, Yi X, Khalil I, Zhou X, He D, Huang X, Nepal S. Blockchain-based secure and lightweight authentication for internet of things. IEEE Internet of Things Journal, 2022, 9(5): 3321–3332
Choi K Y, Hwang J Y, Lee D H, Seo I S. ID-based authenticated key agreement for low-power mobile devices. In: Proceedings of the 10th Australasian Conference on Information Security and Privacy. 2005, 494–505
Guo Z, Ni Y, Wong W S, Shi L. Time synchronization attack and countermeasure for multisystem scheduling in remote estimation. IEEE Transactions on Automatic Control, 2021, 66(2): 916–923
Tabassum N, Geetha D D, Biradar R C. Joint position estimation and synchronization of clocks in WSN. In: Proceedings of the 6th International Congress on Information and Communication Technology. 2022, 409–418
Pointcheval D, Stern J. Security arguments for digital signatures and blind signatures. Journal of Cryptology, 2000, 13(3): 361–396
Cremers C J F. The scyther tool: verification, falsification, and analysis of security protocols. In: Proceedings of the 20th International Conference on Computer Aided Verification. 2008, 414–418
Lowe G. A hierarchy of authentication specifications. In: Proceedings of the 10th Computer Security Foundations Workshop. 1997, 31–43
Wu T Y, Wang T, Lee Y Q, Zheng W, Kumari S, Kumar S. Improved authenticated key agreement scheme for fog-driven IoT healthcare system. Security and Communication Networks, 2021, 2021, 1–16
Li Y, Cheng Q, Liu X, Li X. A secure anonymous identity-based scheme in new authentication architecture for mobile edge computing. IEEE Systems Journal, 2021, 15(1): 935–946
Jia X, He D, Kumar N, Choo K K R A provably secure and efficient identity-based anonymous authentication scheme for mobile edge computing. IEEE Systems Journal, 2020, 14(1): 560–571
Acknowledgements
This work was supported by the National Natural Science Foundation of China (Grant Nos. 61872449, U1804263, 62172435, 62172141, 61772173), the Zhongyuan Science and Technology Innovation Leading Talent Project, China (No. 214200510019), the Natural Science Foundation of Henan (No. 222300420004), the Major Public Welfare Special Projects of Henan Province (No. 201300210100) and the Key Research and Development Project of Henan Province (No. 221111321200).
Author information
Authors and Affiliations
Corresponding author
Additional information
Xingxing Chen received her MS degree in School of Information Science and Engineering from Henan University of Technology, China in 2021. She is currently pursuing the PhD degree at the State Key Laboratory of Mathematical Engineering and Advanced Computing, China. Her research interests are information security and blockchain.
Qingfeng Cheng received the MS degree from National University of Defense Technology, China in 2004 and PhD degree from Information Engineering University, China in 2011. He is now a professor in the State Key Laboratory of Mathematical Engineering and Advanced Computing, China. His research interests include cryptography and information security.
Weidong Yang received his BS in Industrial Automation, MS and PhD degree in Computer Science from Xidian University, China in 1999, 2005, and 2008, respectively. He is now a professor in Henan University of Technology, deputy chair of Henan Key Laboratory of Grain Photoelectric Detection and Control, Henan University of Technology, China. He is also a senior member of China Computer Federation (CCF). His research focuses on wireless networks security, privacy protection, vehicular ad-hoc networks, and so on.
Xiangyang Luo received his BS, MS and PhD degrees from the State Key Laboratory of Mathematical Engineering and Advanced Computing, China in 2001, 2004, and 2010, respectively. He is the author or co-author of more than 150 refereed international journal and conference papers. He is currently a professor of the State Key Laboratory of Mathematical Engineering and Advanced Computing, also with Key Laboratory of Cyberspace Situation Awareness of Henan Province. His research interests are multimedia security and network security.
Electronic supplementary material
Rights and permissions
About this article
Cite this article
Chen, X., Cheng, Q., Yang, W. et al. An anonymous authentication and secure data transmission scheme for the Internet of Things based on blockchain. Front. Comput. Sci. 18, 183807 (2024). https://doi.org/10.1007/s11704-023-2595-x
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11704-023-2595-x