Nowadays in many application scenarios of Internet of Things (IoT), low latency is achieved at the cost of computing-complexity which is beyond the capabilities of IoT devices. Offloading the computing intensive tasks to more powerful edge devices is expected to provide new generation computing-intensive and delay-sensitive services. In the three hierarchy architecture user/IoT-edge-cloud, private and secure mutual authentication are necessary between user, IoT device, and edge device. However, in the emerging computing paradigms, such as mobile transparent computing, edge computing, fog computing, and several threats, such as edge device compromise, privacy leaking, and denial of service (DoS) might crash the security of the system. Here, we propose a lightweight anonymous mutual authentication scheme for ${n}$ -times computing offloading (CO) in IoT. In our novel scheme, through a smartcard as token and an edge device as a security proxy, a user is able to subscribe or renew ${n}$ -times CO service and consume it securely in daily use. Moreover, both IoT and edge devices authenticate each other anonymously without leaking user’s sensitive information, which will preserve the privacy even when an edge device is comprised. Finally, our scheme is based on lightweight one-way hash function and MAC function, therefore the adversary is not able to perform a DoS attack. To evaluate the solution, a security analysis and a performance analysis are presented. Compared with similar schemes, our approach achieves all designed security features and achieves a $1.66\boldsymbol {\times }$ and $2.87\boldsymbol {\times }$ of computing speed on IoT and edge devices, respectably.
Read full abstract