Authentication Scheme Research Articles

An Efficient Lightweight Authentication Scheme for Smart Meter

With the rapid development of the information age, smart meters play an important role in the smart grid. However, there are more and more attacks on smart meters, which mainly focus on the identity authentication of smart meters and the security protection of electricity consumption data. In this paper, an efficient lightweight smart meter authentication scheme is proposed based on the Chinese Remainder Theorem (CRT), which can realize the revocation of a single smart meter user by publishing a secret random value bound to the smart meter identity. The proposed scheme not only protects the security of smart meter electricity consumption data by using encryption, but also resists identity attacks from both internal and external adversaries by using hash functions and timestamps. Experiment shows that the proposed scheme has lower computation overhead and communication overhead than other authentication schemes and is more suitable for smart meter authentication.

CABC: A Cross-Domain Authentication Method Combining Blockchain with Certificateless Signature for IIoT

Device management in the Industrial Internet of Things (IIoT) is complex, especially in a cross-domain context. Trust identity authentication between cross-domain devices is required when devices work together. Existing identity authentication methods can result in heavy key management overhead or be computationally demanding on the device. In this paper, we propose a cross-domain authentication scheme based on blockchain and certificateless signature that can be suitable for IIoT devices. First, smart contracts are used to complete trusted identity verification of devices, which reduces the computing overhead of IIoT devices. Second, a trust value-based access control method is proposed, which can quickly and timely identify malicious authentication and ensure the normal operation of the authentication system. Finally, the validity and safety of our proposed methods are proven by experiments. The experiment results showed that our methods can meet the needs in terms of IIoT device security and blockchain system output performance, and can achieve cross-domain authentication for IIoT devices.

Lightweight blockchain-based remote user authentication for fog-enabled IoT deployment

The Internet of Things (IoT) seeks to enhance human life by embedding everyday objects with intelligence. As deployed in diverse environments, IoT devices exchange substantial data to offer autonomously smart and innovative services. Cloud computing serves as an effective solution for processing and storing data from IoT devices, enabling remote access for end-users. However, authenticating remote users poses a critical challenge. Although several existing schemes tackle this challenge, they have notable security and performance weaknesses. This paper introduces a lightweight, distributed multi-factor authentication scheme for remote users in IoT. The proposed approach, named Lightchain, integrates blockchain technology and fog computing while incorporating a lightweight cryptographic hash function. The security of Lightchain is rigorously confirmed through formal verification using the well-recognized Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. Additionally, we develop and assess Lightchain’s functionality using the solidity language across diverse use cases. A comparative analysis is presented to evaluate performance costs and security requirements against recent methods. The proposed scheme demonstrates efficiency and robustness, making it well-suited for a range of IoT applications.

Data Privacy Preservation and Authentication Scheme for Secured IoMT Communication Using Enhanced Heuristic Approach with Deep Learning

Internet of Medical Things (IoMT) is a promising field that is widely used in healthcare applications nowadays. The IoMT is an extension of the Internet of Things (IoT) that is utilized for the processing, generation, collection, and evaluation of medical data. However, the most concerning issue in IoMT is regarding the privacy and protection of the IoMT data. Because privacy preservation of information is the major concern in IoT-based healthcare systems. Hence, there is a need for a trustworthy end-to-end system, which can tolerate even insider attacks. The core aim of this research work is to promote the latest secure technique for transmitting the data from sink nodes to the server and also to ensure the security level of communication between them. Here, the gathered sink node is authenticated by deep hybrid methods of combining the Auto Encoder (AE) and Bidirectional Long Short-Term Memory (BiLSTM). This hybrid model is named as Auto Encoder-Bidirectional Long Short-Term Memory (AE-Bi-LSTM), in which the parameters are tuned by the Improved Chimp Optimization Algorithm (IChoA). Hence, data privacy preservation makes to secure communication in the networks. The proposed privacy-prevention model is utilized for maintaining communication between sink nodes and servers. The communication is done through three different steps (a) Sanitation, (b) Optimal key generation, and (c) Restoration. Moreover, from the overall result analysis, the accuracy and precision rate of the designed IChoA-AE-Bi-LSTM approach are 95.58 and 91.93%. The experimental analysis shows that the designed model offers a better authentication scheme and guarantees data privacy than traditional models. Moreover, applying a high amount of energy will reduce the lifetime of the sensor nodes. Here, privacy preservation is a challenging task due to fraudulent attacks from third-party service providers. In the future, advanced techniques will be implemented with lightweight encoded mechanisms.

Security Analysis on a Three-Factor Authentication Scheme of 5G Wireless Sensor Networks for IoT System

Security Analysis on a Three-Factor Authentication Scheme of 5G Wireless Sensor Networks for IoT System

A privacy preserving quantum authentication scheme for secure data sharing in wireless body area networks

A privacy preserving quantum authentication scheme for secure data sharing in wireless body area networks

Making it real on social media: exploring authenticity strategies for sport and fitness influencers

ABSTRACT Authenticity is a multi-faceted construct, encompassing various dimensions such as originality, truthfulness, and genuineness. Its importance is particularly significant in social media influencer (SMI) marketing, although it is also paradoxically threatened by it. This article aims to emphasize the relevance of implementing strategies that promote influencer authenticity when collaborating with brands on social media platforms. The study focuses specifically on how sport and fitness influencers maintain their authenticity while partnering with brands. The research design includes semi-structured interviews, content analysis and an experiment. The study reveals that influencers in this industry adopt authenticity management strategies, which are shaped by two motives: (internal vs. external) and three drivers (i.e., attractiveness, reliability, and expertise). Six different strategies that combine these two elements are identified. Results also indicate that SMI authenticity has a significant main effect on SMI credibility, and that SMI-brand fit mediates the relationship between SMI authenticity and SMI credibility. Managerial implications and avenues for future research are identified.

“A lightweight authentication scheme for 6LoWPAN-based Internet-of -things”

ABSTRACT IPv6-based IoT networks, i.e. 6LoWPAN network, require authentication for security. The existing authentication schemes on symmetric-key based approaches for 6LoWPAN consume huge computational and processing overhead in the literature. In a large network, pre-deployment of the key leads to huge memory consumption due to storing many keys. Furthermore, in asymmetric key cryptography, operations with the public key are computationally expensive, which is unsuitable for resource-constrained devices. We proposed a lightweight key exchange and authentication scheme for 6LoWPAN to mutually authenticate the sensor nodes, the gateway, and the server with less computational overhead and without compromising any security credentials. The authentication scheme helps to generate a session key without storing any secrets in the 6LoWPAN devices. We utilized a one-way hash function and XOR operation to reduce overhead in multi-hop communication. The AVISPA verification tool and the formal verification show that the proposed method is resistant to well-known attacks. The proposed scheme outperforms relevant methods in computational overhead, communication cost, and computation time.

Comparison on resilience and energy efficiency of authentication schemes in IoT networks

AbstractNetwork security is one of the primary concerns when deploying IoT applications. A proper authentication scheme can strengthen network security and resilience against malicious attacks. The quantitative comparison among authentication schemes is rarely found. Thus, it is difficult to choose the appropriate authentication scheme objectively. This paper presents a quantitative comparison of three authentication schemes, including blockchain‐based authentication, a widely discussed new approach for IoT security. This paper focuses on network‐level simulation instead of the protocol, providing a different angle when evaluating an authentication scheme. The simulations include five common topologies in IoT networks under five different attack strategies. The results show that the blockchain‐based scheme has the most substantial resilience compared to PKI‐based and PSK methods, while the computational cost is 1% less than the PKI‐based method. In addition, the PSK method is most energy efficient as its computational cost is only around 1% of PKI‐based and blockchain‐based methods.

An Anonymous Authenticated Group Key Agreement Scheme for Transfer Learning Edge Services Systems

The visual information processing technology based on deep learning (DL) can play many important yet assistant roles for unmanned aerial vehicles (UAV) navigation in complex environments. Traditional centralized architectures usually rely on a cloud server to perform model inference tasks, which can lead to long communication latency. Using transfer learning (TL) to unload deep neural networks (DNN) to the edge-fog collaborative networks has become a new paradigm for dealing with the conflicts between computing resources and communication latency. However, ensuring the security of edge-fog collaborative networks entity is still challenging. For such, we propose an anonymous authentication and group key agreement scheme for the UAV-enabled edge-fog collaborative networks, consisting of UAV authentication protocol and collaborative networks authentication protocol. Utilizing the AVISPA assessment tool and security analysis, the security requirements and functional features of the proposed scheme are demonstrated. From the performance results of the proposed scheme, we show that it is superior to existing authentication schemes and promising.

IoMT-BADT: A blockchain-envisioned secure architecture with a lightweight authentication scheme for the Digital Twin environment in the Internet of Medical Things

IoMT-BADT: A blockchain-envisioned secure architecture with a lightweight authentication scheme for the Digital Twin environment in the Internet of Medical Things

MotionID: Towards practical behavioral biometrics-based implicit user authentication on smartphones

Traditional one-time authentication mechanisms cannot authenticate smartphone users’ identities throughout the session — the concept of using behavioral-based biometrics captured by the built-in motion sensors and touch data is a candidate to solve this issue. Many studies proposed solutions for behavioral-based continuous authentication; however, they are still far from practicality and generality for real-world usage. To date, no commercially deployed implicit user authentication scheme exists because most of those solutions were designed to improve detection accuracy without addressing real-world deployment requirements. To bridge this gap, we tackle the limitations of existing schemes and reach towards developing a more practical implicit authentication scheme, dubbed MotionID, based on a one-class detector using behavioral data from motion sensors when users touch their smartphones. Compared with previous studies, our work addresses the following challenges: ① Global mobile average to dynamically adjust the sampling rate for sensors on any device and mitigate the impact of using sensors’ fixed sampling rate; ② Over-all-apps to authenticate a user across all the mobile applications, not only on-specific application; ③ Single-device-evaluation to measure the performance with multiple users’ (i.e., genuine users and imposters) data collected from the same device; ④ Rapid authentication to quickly identify users’ identities using a few samples collected within short durations of touching (1–5 s) the device; ⑤ Unconditional settings to collect sensor data from real-world smartphone usage rather than a laboratory study. To show the feasibility of MotionID for those challenges, we evaluated the performance of MotionID with ten users’ motion sensor data on five different smartphones under various settings. Our results show the impracticality of using a fixed sampling rate across devices that most previous studies have adopted. MotionID is able to authenticate users with an F1-score up to 98.5% for some devices under practical requirements and an F1-score up to roughly 90% when considering the drift concept and rapid authentication settings. Finally, we investigate time efficiency, power consumption, and memory usage considerations to examine the practicality of MotionID.

QKBAKA: A Quantum-Key-Based Authentication and Key Agreement Scheme for Internet of Vehicles

QKBAKA: A Quantum-Key-Based Authentication and Key Agreement Scheme for Internet of Vehicles

Formal validation of authentication scheme in 5G-enabled vehicular networks using AVISPA

Smart transportation may come from 5G-enabled cars. Traffic reports include congestion, roads, and driving. Urbanisation and population growth increase traffic accidents and travel time. Traffic accidents kill and injure most people worldwide. Intelligent transportation systems (ITS) improves driver and pedestrian safety. This study connects the VANET to 5G to create a 5G-enabled vehicle network because the road-side unit (RSU) is expensive and unsecure. This study connects numerous automobiles to TA for 5G-BS D2D communication. Data transmissions between autos are risky. Several scholars suggest authentication techniques for safe vehicle-to-vehicle communications. Overhead may enable side-channel attacks with these tactics. A secure and effective efficient and secure authentication-privacy-preserving (ES-APP) system connected TA, 5G-BS, and on-border unit (OBU) was presented. Initialization, vehicle registration, parameter renewal, message signing, single and batch verification are ES-APP steps. The formal evaluation automated verification of internet security protocols and applications (AVISPA) tool with on-the-fly model-checker (OFMC) and attack searcher (ATSE) back-ends secures the suggested ES-APP technique. ES-APP appears impervious to active and passive AVISPA assaults.

A Trie-Based Authentication Scheme for Approximate String Queries

A Trie-Based Authentication Scheme for Approximate String Queries

Enabling Fast and Privacy-Preserving Broadcast Authentication With Efficient Revocation for Inter-Vehicle Connections

Many vehicular applications, especially safety-related ones, rely on spatial-temporal messages periodically broadcast by vehicles. In the absence of a secure authentication scheme, invalid spatial-temporal messages may be sent out by malicious vehicles. Meanwhile, malicious applications may also collect a lot of personal information from spatial-temporal messages. Since inter-vehicle connections are often deployed in high-moving traffic, any authentication must be implemented in real-time. To meet all these properties, we propose a Fast and Anonymous Spatial-Temporal Trust (FastTrust) scheme for inter-vehicle connections. In contrast to most authentication protocols which rely on fixed infrastructures, FastTrust is mostly designed on hash chains and an entropy-based commitment, and is able to secure periodic spatial-temporal messages. FastTrust also protects vehicles' privacy by deploying a pseudonym-varying scheduling mechanism to satisfy the anonymity and unlinkability requirements. Finally, in order to efficiently isolate malicious vehicles, a lightweight certificate management scheme is proposed for the limited bandwidth of vehicular networks. We provide analytical evaluations to show that our FastTrust achieves the security and privacy properties. Extensive validations are done to show that FastTrust can authenticate dozens of times faster than the existing signature algorithms, and isolate malicious vehicles at a low cost in terms of communication and computational resources.

Identity Based Authentication Scheme (IAS) for Securing WSN Based Internet of Things

The growing number of connected devices in IoT networks has raised security concerns. These networks face unique challenges, including limited resources, lack of standardized security protocols, and diverse devices and applications. Identity-based authentication is needed to address these threats and limitations. Implementing a multi-factor authentication system can enhance security and protect sensitive information from unauthorized access. The proposed Identity Based Authentication (IAS) scheme is implemented using the NS-2 simulator to address security challenges in IoT networks. Each node is assigned a unique identity for authentication, ensuring only authorized access and preventing security breaches. The IAS scheme enhances IoT network security by verifying node identities. Two scenarios are considered to evaluate the scalability and interoperability of the IAS scheme. The first scenario involves a random environment, assessing performance in real-world settings with varying device densities and network conditions. The second scenario involves a cluster-based environment, providing insights into the scheme's functionality and efficiency. By examining both scenarios, this research aims to provide a comprehensive understanding of how the authentication scheme performs in different deployment scenarios. The findings highlight the importance of selecting the appropriate authentication scheme based on the specific network environment and requirements. The superiority of the IAS authentication scheme suggests its potential for widespread adoption and implementation in various network scenarios over other authentication schemes.

Multi-factor authentication scheme based on custom attributes

Multi-factor authentication scheme based on custom attributes

Multi-Server user Authentication Scheme for Privacy Preservation with Fuzzy Commitment

The integration of artificial intelligence technology with a scalable Internet of Things (IoT) platform facilitates diverse smart communication services, allowing remote users to access services from anywhere at any time. The multi-server environment within IoT introduces a flexible security service model, enabling users to interact with any server through a single registration. To ensure secure and privacy preservation services for resources, an authentication scheme is essential. Zhao et al. recently introduced a user authentication scheme for the multi-server environment, utilizing passwords and smart cards, claiming resilience against well-known attacks. This paper conducts cryptanalysis on Zhao et al.'s scheme, focusing on denial of service and privacy attacks, revealing a lack of user-friendliness. Subsequently, we propose a new multi-server user authentication scheme for privacy preservation with fuzzy commitment over the IoT environment, addressing the shortcomings of Zhao et al.'s scheme. Formal security verification of the proposed scheme is conducted using the ProVerif simulation tool. Through both formal and informal security analyses, we demonstrate that the proposed scheme is resilient against various known attacks and those identified in Zhao et al.'s scheme.

A Trusted Authentication Scheme Using Semantic LSTM and Blockchain in IoT Access Control System

In edge computing scenarios, due to the wide distribution of devices, complex application environments, and limited computing and storage capabilities, their authentication and access control efficiency is low. To address the above issues, a secure trusted authentication scheme based on semantic Long Short-Term Memory (LSTM) and blockchain is proposed for IoT applications. The attribute-based access control model is optimized, combining blockchain technology with access control models, effectively improving the robustness and credibility of access control systems. Semantic LSTM is used to predict environmental attributes that can further restrict user access and dynamically meet the minimum permission granting requirements. Experiments show that when the number of certificates is 60, the computational overhead of the proposed method is only 203s, which is lower than other state-of-the-art methods. Therefore, the performance of the proposed schema in information security protection in IoT environments shows promise as a scalable authentication solution for IoT applications.