Skip to main content
Springer Nature Link
Log in

A sustainable mutual authentication protocol for IoT-Fog-Cloud environment

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

This paper introduces a mutual authentication protocol designed for the IoT-Fog-Cloud environment, utilizing Elliptic Curve Cryptography (ECC). The proposed protocol supports the management of energy consumption and network usage. Smart energy management not only helps to reduce energy costs but also minimizes carbon emissions. Hence, it achieves sustainability. The protocol undergoes rigorous formal and informal security analyses and has proven to achieve session key security along with mutual authentication. Formal security analysis is conducted using ProVerif, while informal assessments reveal the protocol’s resilience against various attacks, including replay attacks, session key disclosure attacks, man-in-the-middle attacks, traffic analysis attacks, Denial-of-Service (DoS) attacks, desynchronization attacks and ESL attacks. Additionally, it provides perfect forward secrecy. The protocol incurs a computational cost of 14.88 milliseconds and requires 5824 bits for message exchange, keeping security as the top priority ensures swift and secure interaction between IoT devices and fog nodes. Also, simulation has been done using iFogSim to assess the practicability of the proposed scheme in real-life scenarios. The energy consumption, network usage, application loop delay, and execution time of various configurations are computed and compared. Compared to existing protocols, the proposed one confirms provable security and offers enhanced security features in the IoT-Fog-Cloud environment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14

Similar content being viewed by others

Data Availability

This is not applicable.

References

  1. Ali U, Idris MY, Frnda J, Ayub MN, Khan MA, Khan N, Jasim AA, Ullah I, Babar M (2023) Enhanced lightweight and secure certificateless authentication scheme (elwscas) for internet of things environment. Internet of Things 100923. https://doi.org/10.1016/j.iot.2023.100923

  2. Chaudhry SA, Irshad A, Yahya K, Kumar N, Alazab M, Zikria YB (2021) Rotating behind privacy: An improved lightweight authentication scheme for cloud-based iot environment. ACM Transactions on Internet Technology (TOIT) 21(3):1–19. https://doi.org/10.1145/3425707

    Article  Google Scholar 

  3. Servati MR, Safkhani M (2023) Eccbas: An ecc based authentication scheme for healthcare iot systems. Pervasive Mob Comput 90:101753. https://doi.org/10.1016/j.pmcj.2023.101753

    Article  Google Scholar 

  4. Ashton K (2009) That ‘internet of things’ thing. RFID journal 22(7):97–114

    MATH  Google Scholar 

  5. Erroutbi A, El Hanjri A, Sekkaki A (2019) Secure and lightweight hmac mutual authentication protocol for communication between iot devices and fog nodes. In: 2019 IEEE International Smart Cities Conference (ISC2), pp. 251–257. https://doi.org/10.1109/ISC246665.2019.9071788

  6. Association et al (2020) The mobile economy 2020. GSMA HEAD OFFICE

  7. Chen Z, Cheng Z, Luo W, Ao J, Liu Y, Sheng K, Chen L (2023) Fsmfa: Efficient firmware-secure multi-factor authentication protocol for iot devices. Internet of Things 21:100685. https://doi.org/10.1016/j.iot.2023.100685

    Article  Google Scholar 

  8. Ogundoyin SO, Kamil IA (2022) Secure and privacy-preserving d2d communication in fog computing services. Comput Netw 210:108942. https://doi.org/10.1016/j.comnet.2022.108942

    Article  MATH  Google Scholar 

  9. Mahmud R, Kotagiri R, Buyya R (2018) Fog computing: A taxonomy, survey and future directions. Internet of Everything: Algorithms, Methodologies, Technologies and Perspectives, 103–130. https://doi.org/10.1007/978-981-10-5861-5_5

  10. Bonomi F, Milito R, Zhu J, Addepalli S (2012) Fog computing and its role in the internet of things. In: Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, pp. 13–16. https://doi.org/10.1145/2342509.2342513

  11. Bonomi F, Milito R, Natarajan P, Zhu J (2014) Fog computing: A platform for internet of things and analytics. Big data and internet of things: A roadmap for smart environments 169–186. https://doi.org/10.1007/978-3-319-05029-4_7

  12. Yi S, Li C, Li Q (2015) A survey of fog computing: concepts, applications and issues. In: Proceedings of the 2015 Workshop on Mobile Big Data, pp. 37–42. https://doi.org/10.1145/2757384.2757397

  13. Guo Y, Zhang Z, Guo Y (2020) Fog-centric authenticated key agreement scheme without trusted parties. IEEE Syst J 15(4):5057–5066. https://doi.org/10.1109/JSYST.2020.3022244

    Article  MATH  Google Scholar 

  14. Wazid M, Das AK, Kumar N, Vasilakos AV (2019) Design of secure key management and user authentication scheme for fog computing services. Future Generation Computer Systems 91:475–492. https://doi.org/10.1016/j.future.2018.09.017

  15. Sicari S, Rizzardi A, Coen-Porisini A (2022) Insights into security and privacy towards fog computing evolution. Computers & Security 102822. https://doi.org/10.1016/j.cose.2022.102822

  16. Hazra A, Rana P, Adhikari M, Amgoth T (2023) Fog computing for next-generation internet of things: fundamental, state-of-the-art and research challenges. Computer Science Review 48:100549. https://doi.org/10.1016/j.cosrev.2023.100549

  17. Peng L, Dhaini AR, Ho PH (2018) Toward integrated cloud–fog networks for efficient iot provisioning: Key challenges and solutions. Future Generation Computer Systems 88:606–613. https://doi.org/10.1016/j.future.2018.05.015

  18. Saharan K, Kumar A (2015) Fog in comparison to cloud: A survey. International Journal of Computer Applications 122(3). https://doi.org/10.5120/21679-4773

  19. Ni J, Zhang K, Lin X, Shen X (2017) Securing fog computing for internet of things applications: Challenges and solutions. IEEE Communications Surveys & Tutorials 20(1):601–628. https://doi.org/10.1109/COMST.2017.2762345

    Article  MATH  Google Scholar 

  20. Ibrahim MH (2016) Octopus: An edge-fog mutual authentication scheme. Int. J. Netw. Secur. 18:1089–1101

    MathSciNet  MATH  Google Scholar 

  21. Wazid, M., Das, A.K., Shetty, S., JPC Rodrigues, J., Park, Y.: Ldakm-eiot: Lightweight device authentication and key management mechanism for edge-based iot deployment. Sensors 19(24), 5539 (2019) 10.3390/s19245539

  22. Gope, P.: Laap: Lightweight anonymous authentication protocol for d2d-aided fog computing paradigm. computers & security 86, 223–237 (2019) 10.1016/j.cose.2019.06.003

  23. Amin, R., Kunal, S., Saha, A., Das, D., Alamri, A.: Cfsec: Password based secure communication protocol in cloud-fog environment. Journal of Parallel and Distributed Computing 140, 52–62 (2020) 10.1016/j.jpdc.2020.02.005

  24. Verma, U., Bhardwaj, D.: Design of lightweight authentication protocol for fog enabled internet of things - a centralized authentication framework. International Journal of Communication Networks and Information Security (IJCNIS) 12(2), (2022) 10.17762/ijcnis.v12i2.4464

  25. Kalaria, R., Kayes, A., Rahayu, W., Pardede, E.: A secure mutual authentication approach to fog computing environment. computers & security 111, 102483 (2021) 10.1016/j.cose.2021.102483

  26. Loffi, L., Westphall, C.M., Grüdtner, L.D., Westphall, C.B.: Mutual authentication with multi-factor in iot-fog-cloud environment. Journal of Network and Computer Applications 176, 102932 (2021) 10.1016/j.jnca.2020.102932

  27. Lin, Y., Wang, X., Gan, Q., Yao, M.: A secure cross-domain authentication scheme with perfect forward security and complete anonymity in fog computing. Journal of Information Security and Applications 63, 103022 (2021) 10.1016/j.jisa.2021.103022

  28. Chatterjee U, Ray S, Khan MK, Dasgupta M, Chen C-M (2022) An ecc-based lightweight remote user authentication and key management scheme for iot communication in context of fog computing. Computing 104(6):1359–1395. https://doi.org/10.1007/s00607-022-01055-8

    Article  Google Scholar 

  29. Guo, Y., Guo, Y.: Fogha: An efficient handover authentication for mobile devices in fog computing. Computers & Security 108, 102358 (2021) 10.1016/j.cose.2021.102358

  30. Roy KS, Deb S, Kalita HK (2022) A novel hybrid authentication protocol utilizing lattice-based cryptography for iot devices in fog networks. Digital Communications and Networks. https://doi.org/10.1016/j.dcan.2022.12.003

    Article  MATH  Google Scholar 

  31. Wang W, Huang H, Xiao F, Li Q, Xue L, Jiang J (2021) Computation-transferable authenticated key agreement protocol for smart healthcare. J Syst Architect 118:102215. https://doi.org/10.1016/j.sysarc.2021.102215

    Article  MATH  Google Scholar 

  32. Ma Y, Ma Y, Liu Y, Cheng Q (2023) A secure and efficient certificateless authenticated key agreement protocol for smart healthcare, vol. 86, p. 103735. Elsevier. https://doi.org/10.1016/j.csi.2023.103735

  33. Amanlou S, Hasan MK, Bakar KAA (2021) Lightweight and secure authentication scheme for iot network based on publish-subscribe fog computing model. Comput Netw 199:108465. https://doi.org/10.1016/j.comnet.2021.108465

    Article  Google Scholar 

  34. Ma M, He D, Wang H, Kumar N, Choo KKR (2019) An efficient and provably-secure authenticated key agreement protocol for fog-based vehicular ad-hoc networks. IEEE Internet of Things Journal PP, 1–1. https://doi.org/10.1109/JIOT.2019.2902840

  35. Eftekhari SA, Nikooghadam M, Rafighi M (2021) Security-enhanced three-party pairwise secret key agreement protocol for fog-based vehicular ad-hoc communications. Vehicular Communications 28:100306. https://doi.org/10.1016/j.vehcom.2020.100306

    Article  Google Scholar 

  36. Hamada M, Salem SA, Salem FM (2022) Lamas: Lightweight anonymous mutual authentication scheme for securing fog computing environments. Ain Shams Engineering Journal 13(6):101752

    Article  MATH  Google Scholar 

  37. Liu S, Chen L, Han J, Yu J, Li X (2022) Lightweight id-based broadcast signcryption for cloud-fog-assisted iot. J Syst Architect 130:102648. https://doi.org/10.1016/j.sysarc.2022.102648

    Article  Google Scholar 

  38. Mahmood K, Ayub MF, Hassan SZ, Ghaffar Z, Lv Z, Chaudhry SA (2022) A seamless anonymous authentication protocol for mobile edge computing infrastructure. Comput Commun 186:12–21. https://doi.org/10.1016/j.comcom.2022.01.005

    Article  Google Scholar 

  39. Chaudhry S, Naqvi H, Mahmood K, Ahmad H, Khan K (2017) An improved remote user authentication scheme using elliptic curve cryptography. Wireless Pers Commun 90:1–19. https://doi.org/10.1007/s11277-016-3745-3

    Article  MATH  Google Scholar 

  40. Lohachab A (2019) Karambir: Ecc based inter-device authentication and authorization scheme using mqtt for iot networks. Journal of Information Security and Applications 46:1–12. https://doi.org/10.1016/j.jisa.2019.02.005

    Article  Google Scholar 

  41. Guo J, Du Y, Zhang Y, Li M (2021) A provably secure ecc-based access and handover authentication protocol for space information networks. J Netw Comput Appl 193:103183. https://doi.org/10.1016/j.jnca.2021.103183

    Article  MATH  Google Scholar 

  42. Eddine MS, Ferrag MA, Friha O, Maglaras L (2021) Easbf: An efficient authentication scheme over blockchain for fog computing-enabled internet of vehicles. Journal of Information Security and Applications 59:102802. https://doi.org/10.1016/j.jisa.2021.102802

    Article  Google Scholar 

  43. Kamil IA, Ogundoyin SO (2021) A lightweight mutual authentication and key agreement protocol for remote surgery application in tactile internet environment. Comput Commun 170:1–18. https://doi.org/10.1016/j.comcom.2021.01.025

  44. Solutions CFC (2015) Unleash the power of the internet of things. Cisco Systems Inc

  45. Zhang P, Zhou M, Fortino G (2018) Security and trust issues in fog computing: A survey. Futur Gener Comput Syst 88. https://doi.org/10.1016/j.future.2018.05.008

  46. Rathi S, Nagpal R, Mehrotra D, Srivastava G (2022) A metric focused performance assessment of fog computing environments: A critical review. Comput Electr Eng 103:108350. https://doi.org/10.1016/j.compeleceng.2022.108350

    Article  Google Scholar 

  47. Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208. https://doi.org/10.1109/TIT.1983.1056650

    Article  MathSciNet  MATH  Google Scholar 

  48. Canetti R, Krawczyk H (2002) Universally composable notions of key exchange and secure channels. In: Advances in Cryptology—EUROCRYPT 2002: International Conference on the Theory and Applications of Cryptographic Techniques Amsterdam, The Netherlands, April 28–May 2, 2002 Proceedings 21, pp. 337–351. Springer. https://doi.org/10.1007/3-540-46035-7_22

  49. Guo Y, Zhang Z, Guo Y (2022) Secfhome: Secure remote authentication in fog-enabled smart home environment. Comput Netw 207:108818. https://doi.org/10.1016/j.comnet.2022.108818

    Article  MATH  Google Scholar 

  50. Cui J, Cheng F, Zhong H, Zhang Q, Gu C, Liu L (2023) Multi-factor based session secret key agreement for the industrial internet of things. Ad Hoc Netw 138:102997. https://doi.org/10.1016/j.adhoc.2022.102997

    Article  Google Scholar 

  51. Wazid M, Das AK, Hussain R, Succi G, Rodrigues J (2018) Authentication in cloud-driven iot-based big data environment: Survey and outlook. J Syst Architect 97. https://doi.org/10.1016/j.sysarc.2018.12.005

  52. Wu L, Wang J, Choo KKR, He D (2018) Secure key agreement and key protection for mobile device user authentication. IEEE Transactions on Information Forensics and Security PP, 1–1. https://doi.org/10.1109/TIFS.2018.2850299

  53. Indushree M, Raj M, Mishra VK, Shashidhara R, Das AK, Bhat V (2022) Mobile-chain: Secure blockchain based decentralized authentication system for global roaming in mobility networks. Comput Commun 200. https://doi.org/10.1016/j.comcom.2022.12.026

  54. Gupta BB, Quamara M (2018) An identity based access control and mutual authentication framework for distributed cloud computing services in iot environment using smart cards. Procedia Computer Science 132:189–197. https://doi.org/10.1016/j.procs.2018.05.185 . International Conference on Computational Intelligence and Data Science

  55. Lohachab A (2018) Using quantum key distribution and ecc for secure inter-device authentication and communication in iot infrastructure. SSRN Electron J. https://doi.org/10.2139/ssrn.3166511

    Article  Google Scholar 

  56. Blanchet B (2014) Automatic Verification of Security Protocols in the Symbolic Model: The Verifier ProVerif

  57. Nyangaresi VO (2022) Lightweight anonymous authentication protocol for resource-constrained smart home devices based on elliptic curve cryptography. J Syst Architect 133:102763. https://doi.org/10.1016/j.sysarc.2022.102763

  58. Sureshkumar V, Amin R, Vijaykumar V, Sekar SR (2019) Robust secure communication protocol for smart healthcare system with fpga implementation. Futur Gener Comput Syst 100:938–951. https://doi.org/10.1016/j.future.2019.05.058

    Article  Google Scholar 

  59. Shukla S, Thakur S, Hussain S, Breslin JG, Jameel SM (2021) Identification and authentication in healthcare internet-of-things using integrated fog computing based blockchain model. Internet of Things 15:100422. https://doi.org/10.1016/j.iot.2021.100422

    Article  MATH  Google Scholar 

Download references

Funding

This is not applicable.

Author information

Authors and Affiliations

  1. Computer Science & Engineering, National Institute of Technology, Rourkela, 769008, Odisha, India

    Swati Priyambada Satpathy, Sujata Mohanty & Manabhanjan Pradhan

Authors
  1. Swati Priyambada Satpathy
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Sujata Mohanty
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Manabhanjan Pradhan
    View author publications

    You can also search for this author inPubMed Google Scholar

Contributions

Swati Priyambada Satpathy: Conceptualization, Methodology, Formal analysis, Writing - original draft, Visualization. Sujata Mohanty: Supervision, Validation, Reviewing & Editing. Manabhanjan Pradhan: Validation, Reviewing.

Corresponding author

Correspondence to Swati Priyambada Satpathy.

Ethics declarations

Ethics Approval

This paper contains no studies with human participants or animals performed by authors.

Consent to publish

All authors have approved this manuscript for publication.

Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Satpathy, S.P., Mohanty, S. & Pradhan, M. A sustainable mutual authentication protocol for IoT-Fog-Cloud environment. Peer-to-Peer Netw. Appl. 18, 35 (2025). https://doi.org/10.1007/s12083-024-01843-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s12083-024-01843-3

Keywords