Honey-list based authentication protocol for industrial IoT swarms

Abstract

Industrial Internet of Things (IIoT) systems are advanced IoT systems composed of sensor devices supported with dynamic objects such as smart vehicles and drones. The collaboration among static and heterogeneous mobile objects makes the topologies of IIoT systems dynamic and complex. This dynamic topology is also partially due to the fact that the static devices are typically partitioned into categories of collaborating sensors (called swarms) managed by side servers. However, existing authentication techniques for IIoT systems do not consider realistic system models simultaneously hosting different types of dynamic objects. For such scenarios, there is a need for a protocol that guarantees a secure Entity-to-Entity (E2E) communication, thus ensuring a smooth and safe production process.In this paper, for IIoT with swarms (SIIoT), we propose a novel key agreement and authentication protocol, HASAO (Honey-list Authentication for SIIoT with Autonomous Objects). HASAO enables efficient and secure E2E communication between devices in the same or different swarms. HASAO fills the gap of considering a realistic system model simultaneously hosting different types of dynamic objects. We employ Honey lists (lists with algorithms used to prevent guessing passwords) and mutual authentication technologies in HASAO to guarantee its security against different attacks, even in public-channel communication scenarios. Using the well-established Real-Or-Random (ROR) model, we proved the security of HASAO in detail. We also provide a prototype implementation of HASAO in the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. This tool confirms the results of our theoretical proofs, thus verifying the security of HASAO. We also carried out a detailed comparative study of HASAO against existing related authentication techniques. Compared to these techniques, HASAO offers more functionality (serving more types of dynamic objects) and superior security (via proving backup plans for session key establishment). Finally, we prove that HASAO is practical by implementing it in a well-known network simulator, Omnet++.