Abstract
Industry 4.0, which combines information technology, network and industrial production, is expected to have a tremendous impact on our daily lives. In such a complex and security-critical system with resource-constrained sensor nodes, the design of a secure user authentication scheme for preventing real-time data from unauthorized access is full of challenges, and the main crux lies in how to realize the important property of forward secrecy. Existing schemes either fail to achieve forward secrecy or achieve forward secrecy with high computation cost on sensor nodes. Besides, they often fail to conform to the development trend of industry 4.0 systems where a cloud center is necessary to help intelligent decision-making and alleviate computation and storage pressure. Therefore, in this paper, we propose an efficient privacy-preserving user authentication scheme with forward secrecy for industry 4.0, and formally prove its security in the random oracle model. Compared with previous schemes, it has three advantages: (1) all eleven state-of-the-art criteria are achieved; (2) its computation cost on sensor nodes is comparable to those insecure schemes that employ only symmetric cryptographic algorithms, and is superior to those that also use asymmetric cryptographic algorithms; (3) it takes the advantage of the computation and storage capabilities of the cloud center to achieve user anonymity and the resistance to offline dictionary attack without performing any asymmetric cryptographic algorithms on gateways. Our computation cost on gateways is the smallest among all state-of-the-art relevant schemes for comparison.
Similar content being viewed by others
References
Kemmerer S. Manufacturing Interoperability Program: A Synopsis. National Institue of Standards and Technology, Technical Report, 2009
Garg S, Kaur K, Kaddoum G, et al. Toward secure and provable authentication for internet of things: realizing industry 4.0. IEEE Internet Things J, 2020, 7: 4598–4606
Li X, Niu J, Bhuiyan M Z A, et al. A robust ECC-based provable secure authentication protocol with privacy preserving for industrial Internet of Things. IEEE Trans Ind Inf, 2018, 14: 3599–3609
Kumari S, Karuppiah M, Das A K, et al. A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers. J Supercomput, 2018, 74: 6428–6453
Lin C, He D, Kumar N, et al. Security and privacy for the Internet of drones: challenges and solutions. IEEE Commun Mag, 2018, 56: 64–69
Wang D, Li W, Wang P. Measuring two-factor authentication schemes for real-time data access in industrial wireless sensor networks. IEEE Trans Ind Inf, 2018, 14: 4081–4092
Wang C, Wang D, Tu Y, et al. Understanding node capture attacks in user authentication schemes for wireless sensor networks. IEEE Trans Depend Secure Comput, 2020. doi: https://doi.org/10.1109/TDSC.2020.2974220
Das A K, Wazid M, Kumar N, et al. Design of secure and lightweight authentication protocol for wearable devices environment. IEEE J Biomed Health Inform, 2018, 22: 1310–1322
Bresson E, Chevassut O, Pointcheval D. Security proofs for an efficient password-based key exchange. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, 2003. 41–50
Wang D, Wang P. Two birds with one stone: two-factor authentication with security beyond conventional bound. IEEE Trans Depend Secure Comput, 2018, 15: 708–722
He D, Zeadally S, Kumar N, et al. Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures. IEEE Trans Inform Forensic Secur, 2016, 11: 2052–2064
Meng W, Li W, Jiang L, et al. Socialauth: designing touch behavioral smartphone user authentication based on social networking applications. In: Proceedings of IFIP International Conference on ICT Systems Security and Privacy Protection, 2019. 562: 180–193
Meng W, Wang Y, Wong D S, et al. TouchWB: touch behavioral user authentication based on web browsing on smartphones. J Network Comput Appl, 2018, 117: 1–9
Wu T D. The secure remote password protocol. In: Proceedings of Internet Society Symposium on Network and Distributed System Security, 1998. 98: 97–111
Das M L. Two-factor user authentication in wireless sensor networks. IEEE Trans Wirel Commun, 2009, 8: 1086–1090
Fan R, He D, Pan X, et al. An efficient and DoS-resistant user authentication scheme for two-tiered wireless sensor networks. J Zhejiang Univ Sci C, 2011, 12: 550–560
Wang D, Wang P. On the anonymity of two-factor authentication schemes for wireless sensor networks: attacks, principle and solutions. Comput Netw, 2014, 73: 41–57
Das A K, Sharma P, Chatterjee S, et al. A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. J Network Comput Appl, 2012, 35: 1646–1656
Xue K, Ma C, Hong P, et al. A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. J Network Comput Appl, 2013, 36: 316–323
Ma C G, Wang D, Zhao S D. Security flaws in two improved remote user authentication schemes using smart cards. Int J Commun Syst, 2014, 27: 2215–2227
Choi Y, Lee D, Kim J, et al. Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 2014, 14: 10081–10106
He D, Kumar N, Chilamkurti N. A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf Sci, 2015, 321: 263–277
Reddy A G, Das A K, Yoon E J, et al. A secure anonymous authentication protocol for mobile services on elliptic curve cryptography. IEEE Access, 2016, 4: 4394–4407
Jiang Q, Zeadally S, Ma J, et al. Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks. IEEE Access, 2017, 5: 3376–3392
Wang D, He D, Wang P, et al. Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment. IEEE Trans Depend Secure Comput, 2015, 12: 428–442
Dolev D, Yao A. On the security of public key protocols. IEEE Trans Inform Theor, 1983, 29: 198–208
Wang D, Wang P. On the implications of Zipf’s law in passwords. In: Proceedings of European Symposium on Research in Computer Security, 2016. 111–131
Li W, Wang D, Wang P. Insider attacks against multi-factor authentication protocols for wireless sensor networks (in Chinese). J Softw, 2019, 30: 2375–2391
Wang D, Cheng H, Wang P, et al. Zipf’s law in passwords. IEEE Trans Inform Forensic Secur, 2017, 12: 2776–2791
Wang D, Wang P, Wang C. Efficient multi-factor user authentication protocol with forward secrecy for real-time data access in WSNS. ACM Trans Cyber-Phys Syst, 2020, 4: 30
Li X, Peng J, Obaidat M S, et al. A secure three-factor user authentication protocol with forward secrecy for wireless medical sensor network systems. IEEE Syst J, 2020, 14: 39–50
Sharif A O, Arshad H, Nikooghadam M, et al. Three party secure data transmission in IoT networks through design of a lightweight authenticated key agreement scheme. Future Gener Comput Syst, 2019, 100: 882–892
Srinivas J, Das A K, Wazid M, et al. Anonymous lightweight chaotic map-based authenticated key agreement protocol for industrial Internet of Things. IEEE Trans Depend Secure Comput, 2020, 17: 1133–1146
Wu F, Li X, Sangaiah A K, et al. A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks. Future Gener Comput Syst, 2018, 82: 727–737
Amin R, Islam S H, Biswas G P, et al. A robust and anonymous patient monitoring system using wireless medical sensor networks. Future Gener Comput Syst, 2018, 80: 483–495
Wazid M, Das A K, Odelu V, et al. Secure remote user authenticated key establishment protocol for smart home environment. IEEE Trans Depend Secure Comput, 2020, 17: 391–406
Park Y H, Park Y H. Three-factor user authentication and key agreement using elliptic curve cryptosystem in wireless sensor networks. Sensors, 2016, 16: 2123–2140
Srinivas J, Mukhopadhyay S, Mishra D. Secure and efficient user authentication scheme for multi-gateway wireless sensor networks. Ad Hoc Netw, 2017, 54: 147–169
Acknowledgements
This work was supported by the National Key Research and Development Plan of China (Grant No. 2018YFB0803605) and National Natural Science Foundation of China (Grant No. 61802006).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Wang, C., Wang, D., Xu, G. et al. Efficient privacy-preserving user authentication scheme with forward secrecy for industry 4.0. Sci. China Inf. Sci. 65, 112301 (2022). https://doi.org/10.1007/s11432-020-2975-6
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11432-020-2975-6