Abstract

Industrial internet of things (IIoT) is the usage of internet of things (IoT) devices and applications for the purpose of sensing, processing and communicating real-time events in the industrial system to reduce the unnecessary operational cost and enhance manufacturing and other industrial-related processes to attain more profits. However, such IoT based smart industries need internet connectivity and interoperability which makes them susceptible to numerous cyber-attacks due to the scarcity of computational resources of IoT devices and communication over insecure wireless channels. Therefore, this necessitates the design of an efficient security mechanism for IIoT environment. In this paper, we propose a hyperelliptic curve cryptography (HECC) based IIoT Certificateless Signcryption (IIoT-CS) scheme, with the aim of improving security while lowering computational and communication overhead in IIoT environment. HECC with 80-bit smaller key and parameters sizes offers similar security as elliptic curve cryptography (ECC) with 160-bit long key and parameters sizes. We assessed the IIoT-CS scheme security by applying formal and informal security evaluation techniques. We used Real or Random (RoR) model and the widely used automated validation of internet security protocols and applications (AVISPA) simulation tool for formal security analysis and proved that the IIoT-CS scheme provides resistance to various attacks. Our proposed IIoT-CS scheme is relatively less expensive compared to the current state-of-the-art in terms of computational cost and communication overhead. Furthermore, the IIoT-CS scheme is 31.25% and 51.31% more efficient in computational cost and communication overhead, respectively, compared to the most recent protocol.

Highlights

  • The Internet of Things (IoT) is a rapidly evolving infrastructure which allows traditional systems to connect with one another by incorporating new devices such as sensors, actuators, and other smart devices

  • identity-based cryptography (IBC) enables the participating entities to produce public keys directly from their identities, such as e-mail and phone numbers, without the need for certificate authority (CA), and the private key for each participating entity is generated by the trusted server which acts as the key generation center (KGC)

  • We proposed hyperelliptic curve cryptography (HECC) based Industrial IoT (IIoT) certificateless Signcryption (IIoT-Certificateless Signcryption (CS)) scheme for secure communication in IIoT environment

Read more

Summary

Introduction

The Internet of Things (IoT) is a rapidly evolving infrastructure which allows traditional systems to connect with one another by incorporating new devices such as sensors, actuators, and other smart devices. The IIoT refers to the use of well-connected IoT devices for collecting and communicating real-time events in industrial systems to reduce human effort and operational costs and to enhance manufacturing and industrial processes These interconnected smart devices and networks have been used to enable a variety of cyberattacks due to the inadequate computational resources and communication over insecure wireless channels. To address the flaws in PKC based schemes, the notion of public key infrastructure (PKI) was introduced in which a certificate authority (CA) is used that binds the public key with certificates [7] This mechanism suffers from certificate storage, distribution, and manufacturing difficulties [8]. IBC based schemes suffer from the key escrow problem in which the KGC has the complete knowledge of the private keys of all participants To address this problem, the idea of Certificateless Public Key Infrastructure (CPKI) was suggested in [11]. We proposed HECC based IIoT certificateless Signcryption (IIoT-CS) scheme for secure communication in IIoT environment

Motivation and Contributions
Outline of the Paper
Related Work
System Model
Threat Model
Proposed Scheme
Authentication Phase
Formal Security Analysis Using RoR Model
Formal Security Verification Using AVISPA
Informal Security Analysis
Computational Cost
Communication Overhead
Comparison of Security Attributes
F2 F3 F4 F5 F6 F7 F8 F9 F10
Conclusion
Findings
Future Work

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.