iAKA-CIoT: An Improved Authentication and Key Agreement Scheme for Cloud Enabled Internet of Things Using Physical Unclonable Function

Abstract

The Internet of Things (IoT) with cloud services are important functionalities in the latest IoT systems for providing various convenient services. These cloud-enabled IoT environments collect, analyze, and monitor surrounding data, resulting in the most effective handling of large amounts of heterogeneous data. In these environments, secure authentication with a key agreement mechanism is essential to ensure user and data privacy when transmitting data between the cloud server and IoT nodes. In this study, we prove that the previous scheme contains various security threats, and hence cannot guarantee essential security requirements. To overcome these security threats, we propose an improved authentication and key agreement scheme for cloud-enabled IoT using PUF. Furthermore, we evaluate its security by performing informal, formal (mathematical), and simulation analyses using the AVISPA tool and ROR model. The performance and security properties of our scheme are subsequently compared with those of other related schemes. The comparison confirms that our scheme is suitable for a practical cloud-enabled IoT environment because it provides a superior security level and is more efficient than contemporary schemes.

1. Introduction

The Internet of Things (IoT) and advanced communication technologies are opening up a novel networking paradigm that connects various devices to a public network. By 2025, the number of IoT devices and their market size are estimated to increase to approximately 30 billion [1] and 1.6 trillion [2], respectively. With the expansion of IoT infrastructure, IoT-based smart systems can support social networks in various areas, such as telemedicine, finance, smart grids, intelligent transport systems, and businesses. In these environments, IoT devices analyze the surrounding circumstances, collect data, and send them to service providers to provide various IoT services to users. However, IoT devices generally have limited computing power and storage resources, and do not handle a large amount of heterogeneous data.

Cloud-enabled IoT is known to be the most effective system for handling massive amounts of data generated by IoT devices [3]. In cloud-enabled IoT, a cloud server (CS) has sufficient ability to handle massive amounts of data and has the required storage capability for providing services. IoT devices transfer the collected data by monitoring the surrounding circumstances to utilize the storage and computing power of the CS. Thus, the CS collects IoT data and analyzes it to provide cost-effective and convenient services. Cloud-enabled IoT with communication technologies has become extremely important in human life, and thus the need for security and privacy has become essential for users. This is because of the various sensitive information that IoT data contains, such as health, finance, location, and behavior. Moreover, the Internet is an open channel that causes severe security issues. An adversary can easily forge or intercept data transmitted in an open channel and access user data stored in the CS. Therefore, it is necessary to authenticate entities that attempt to access data.

Numerous authenticated key agreement (AKA) schemes have been presented to guarantee user privacy and data security [4,5,6,7,8,9,10,11]. However, these schemes do not resist physical capture attacks using differential power analysis because IoT devices are not equipped with tamper-proof modules. Although some schemes assume that the devices in their scheme are equipped with tamper-proof modules, they do not present detailed tamper-resistant techniques to prevent physical capture attacks.

A physically unclonable function (PUF) [12] is a novel solution for preventing physical capture attacks targeting devices. The PUF module extracts the unique value corresponding to the inputs from an integrated circuit (IC) that is deployed during the manufacturing process. It has strong and valuable properties, such as tamper-proofing, unpredictable results, and low power consumption, which can be applied to lightweight authentication and identification protocols. In recent years, several PUF-based AKA schemes have been proposed [13,14,15] to ensure the security of the physical layer. In PUF-based AKA schemes, the PUF module can generate the secret value using challenge-response methods from IC which has different physical characteristics. After performing a fuzzy extractor for correcting the noise of a PUF value, it can be applied for AKA schemes as a secret parameter.

In this paper, we cryptanalyze the security flaws of previous schemes and propose an improved AKA scheme for cloud-enabled IoT using a challenge-response-based PUF, called iAKA-CIoT. Additionally, we analyze its security using formal (mathematical) and informal analyses, and conduct a comparative analysis on iAKA-CIoT and other contemporary schemes. Finally, we simulate our scheme to prove that it is secure against potential attacks.

Motivations and Contributions

The main goal of this study was to propose an improved AKA scheme for IoT using PUF to overcome the security threat of the previous scheme [6,10,11,16,17]. In the previous schemes, an attacker can easily disguise a legal user and compute a correct session key between the participants of the protocol. Moreover, the devices of their scheme can be easily compromised by an attacker using physical capture attack. In our AKA scheme, an adversary cannot compromise the IoT devices because they are protected by PUF modules. We perform informal and formal (mathematical) security analysis, which proves that our scheme meets the essential security requirements and session key security in a threat model. We also conducted a formal simulation analysis using the “automated validation of internet security protocols and applications” (AVISPA) [18] to prove its security and suitability for deployment in an open channel. Finally, the comparative analysis is carried out to evaluate performances and security properties compared with the related schemes.

The organization of this paper is as follows. Section 2, Section 3 and Section 4 discuss the related works, preliminaries and a review of the scheme proposed by Bhuarya et al., respectively. Section 5 presents the security weaknesses of the aforementioned scheme. In Section 6, we propose an improved AKA scheme for IoT using PUF to overcome the security weaknesses of previous schemes. Subsequently, we present the formal-, informal-security and simulation analyses in Section 7. Section 8 presents a comparative analysis of the related schemes. Finally, the conclusion is furnished in Section 9.

2. Related Works

In the last decade, several studies have been conducted to guarantee user and data privacy in IoT [4,5,6,7,8,9,10,11,13,14]. In 2014, Islam and Biwas [4] proposed a multi-factor authentication method using elliptic curve cryptosystems (ECCs) to provide secure communication for cloud computing. However, Sarvabhatla and Vorugunti [5] showed that the scheme proposed by Islam and Biwas did not prevent offline password guessing, replay, and user impersonation, and subsequently presented an enhanced ECC-based authentication scheme. However, their scheme is inefficient owing to its high computational cost. In 2015, Kalra and Sood [5] proposed an AKA scheme for cloud-enabled IoT using an ECC. However, in 2017, Kumari et al. [6] showed the security flaws of the Kalra and Sood Schemes and presented an AKA scheme using ECC to resolve these issues. Chaudhry et al. [7] and Chang et al. [8] simultaneously proposed an ECC-based remote user AKA scheme to provide secure mutual AKA. However, in 2019, Mo et al. [9] identified that the scheme proposed by Chaudhry et al. [7] did not resist smart-card loss attacks. Karuppiah et al. [10] proposed a remote AKA for cloud environments. However, Bhuarya et al. [11] pointed out that the aforementioned scheme did not prevent a password-guessing attack and did not achieve user anonymity and secure mutual authentication (SMA). Bhuarya et al. [11] cryptanalyzed the scheme proposed by Kumari et al. [6] and proposed an improved ECC-based AKA for cloud-based IoT. In 2022, Qureshi and Munir [13] also proposed a PUF-based robust authentication and key agreement scheme, and Wang et al. [14] proposed PUF-based authentication scheme with blockchain for wireless sensor network to prevent physical capture attacks. Although many schemes have been proposed, they do not prevent physical capture attacks or have a high communication cost while others simply do not consider them at all, which causes critical security issues.

3. Preliminaries

3.1. Threat Model

We adopted the Dolev–Yao (DY) threat model [19] to evaluate the security of the cryptographic protocols, including the assumptions proposed by Bhuarya et al. According to the adopted model, an adversary can control all messages transmitted in a public network. Additionally, an adversary can easily guess the identity or password but cannot guess them simultaneously in polynomial time. Moreover, an adversary cannot speculate on the secret parameters (secret key, nonce, random number, etc.) in polynomial time because of its large size. Finally, an adversary can obtain data stored in embedded devices that are not equipped with detailed tamper-proof techniques [20,21,22].

3.2. Physical Unclonable Function

A PUF [12] is a physically unclonable one-way function constructed from a semiconductor as an integrated circuit. PUF is based on challenge-response methods and allows for the identification and authentication of the user. In PUF, c is a challenge and is the input, and its unique response r is illustrated as $r=PUF\left(c\right)$. Although the same input is provided, PUF returns an inconsistent output. The PUF has following properties:

(1)

Unclonable: There is no function $PU{F}^{\prime }\left(c\right)$ satisfying $PUF\left(c\right)=PUF\left(c\right)$, and the probability of duplicating the same result in polynomial time is negligible.

(2)

Computable and unpredictable: $PUF\left(c\right)=r$ is easily computed; however, it is infeasible to correctly guess r of the $PUF\left(\right)$ corresponding to c in polynomial time.

3.3. Fuzzy Extractor

The PUF response $r=PUF\left(c\right)$ is not perfect because of its susceptibility to surrounding conditions and noise. Therefore, it cannot be utilized in cryptographic protocols as a secret parameter. To correct the noise or errors, we utilize a fuzzy extractor [23,24] that can recover a uniform PUF response r. A fuzzy extractor consists of the two following functions.

(1)

Generation function $Gen$: $Gen\left(c\right)=(a,h)$, where c, a, and h are the input value, return value, and auxiliary string, respectively.

(2)

Reproduction function $Rep$: $Rep=(c,h)$, where c and h are the noisy input value and auxiliary string, respectively. $Rep$ can recover the correct a from c and helper string h.

4. Review of Bhuarya et al. Scheme

This section reviews the scheme proposed by Bhuarya et al. [11] to demonstrate their security limitations. The scheme consists of three phases: initial, registration, and login and authentication. The notations used in this paper are presented in Table 1.

Table 1. Notations.

Notation	Description
$E{D}_i$	Embedded device
CS	Cloud server
$I{D}_i$	Identity of $E{D}_i$
$PI{D}_i$	Pseudo identity of $E{D}_i$
$I{D}_{CS}$	Identity of the CS
$M{X}_{CS}$	Master secret key of the CS
$x_{cs-i}$	A shared secret value between the CS and $E{D}_i$
$S{K}_{cs-E{D}_i}$	A session key between the CS and $E{D}_i$
$r{n}_i$	Random number chosen by entities
⊕	Bit-wise XOR function
$h(·)$	One-way hash function
$\left|\right|$	A concatenation operation

4.1. System Setup Phase

This phase is executed by the CS to set up the initial parameters for the system. The CS selects a large prime number p, elliptic curve equation $y^2=x^3+ax+b$ over the finite field $Z_p$, and elements $a,b\in Z_p$, where $a,b$ satisfy the condition $4a^3+27b^2\ne 0$. G and O are the base points of the elliptic curve and the point at infinity, respectively, where $n·G=O$. The CS then generates a secret key $M{X}_{CS}$ and broadcasts the initial public parameters.

4.2. Registration Phase

In this phase, embedded devices $E{D}_i$ register themselves with the CS through a secure network to use the CS services. The detailed steps of this phase are as follows.

(1)

$E{D}_i$ chooses the identity $I{D}_i$ and password $P{W}_i$. It then computes $I_i=h(I{D}_i\left|\right|P{W}_i)$ and sends it to the CS via a secure channel.

(2)

After receiving $\left\{I_i\right\}$, the CS selects a random number $r{n}_s$ and computes a pseudo identity $PI{D}_i=h(r{n}_s\left|\right|I{D}_{CS}\left|\right|I_i)\oplus I{D}_{CS}$ for $E{D}_i$. Afterwards, the CS computes the cookie $C_k=h(r{n}_s\left|\right|M{X}_{CS}\left|\right|E_t\left|\right|PI{D}_i)$, $C_k^{\prime }=C_k·G$, $R_i=r{n}_s\oplus h(M{X}_{cs}\left|\right|PI{D}_i)$, $A_i=h(r{n}_s\oplus h(M{X}_{CS}\left|\right|PI{D}_i)\oplus I_i\oplus C_k^{\prime })$, and $A_i^{\prime }=A_i·G$. The CS computes $t_i=R_i\oplus M{X}_{CS}$, $a_i=A_i\oplus M{X}_{CS}$, and expiration time $e_t=E_t$, and then stores it with $PI{D}_i$ and sends $\{PI{D}_i,C_k,R_i\}$ to $E{D}_i$ through a secure channel. If $C_k$ is expired, $E_t$ is updated to $E_t^{\prime }$ and computes a new cookie $C_k=h(r{n}_s\left|\right|M{X}_{CS}\left|\right|E_t^{\prime }\left|\right|PI{D}_i)$.

(3)

Finally, $E{D}_i$ stores $PI{D}_i$, $R_i$, $C_k$ with $I_i$ in a memory.

4.3. Login and Authentication Phase

In this phase, the CS and $E{D}_i$ authenticate each other, which is executed via a public channel. The detailed steps of this phase are as follows.

(1)

A user inputs their identity $I{D}_i$ and password $P{W}_i$, and then $E{D}_i$ computes $I_i^{*}=h(I{D}_i\left|\right|P{W}_i)$ and checks if $I_i^{*}\stackrel{?}{=}{I}_i$. If it is valid, $E{D}_i$ chooses a random number $r{n}_1$, a current timestamp $T_1$, and computes $P_1=r{n}_1·G$, $P_2=h(r{n}_1·C_k^{\prime })$, $E=PI{D}_i\oplus R_i,K=h\left(P_1\right)\oplus PI{D}_i$, and $Y=h\left(P_1\right|\left|P_2\right|\left|K\right|\left|T_1\right)$. Then, $E{D}_i$ sends the login request $\{E,P_1,Y,T_1\}$ to CS.

(2)

Upon receiving the login request from $E{D}_i$, the CS checks the timestamp validity, computes $PI{D}_i=E\oplus R_i$, and finds $PI{D}_i$ in the database.

(3)

If it exists, the CS calculates $r{n}_s=R_i\oplus h(M{X}_{CS}\left|\right|PI{D}_i)$, $C_k=h(r{n}_s\left|\right|M{X}_{CS}\left|\right|E_t\left|\right|PI{D}_i)$, $K=h\left(P_1\right)$, $P_2=h(P_1·C_k)$, and $Y^{*}=h(P_1\left|\right|P_2\left|\right|K\left|\right|T_1)$, and then verifies that $Y^{*}$ is equal to Y. If it is correct, the CS chooses a random number $r{n}_2$ and a current timestamp $T_3$ and calculates $P_3=r{n}_2·G$, $P_4=r{n}_2·A_i^{\prime }$, and $S=h\left(P_3\right|\left|P_4\right|\left|T_3\right)$. Subsequently, the CS sends the response messages $\{S,P_3,T_3\}$ to $E{D}_i$.

(4)

After receiving $\{S,P_3,T_3\}$ from CS, $E{D}_i$ calculates $A_i=h(R_i\oplus I_i\oplus C_k^{\prime })$, $P_3^{*}=P_3·A_i$ and $S^{*}=h(P_3^{*}\left|\right|P_4\left|\right|T_3)$, and then verifies that $S^{*}\stackrel{?}{=}S$ and the timestamp is valid. If this is correct, $E{D}_i$ generates the session key $SK=h(r{n}_1·P_3|\left|PI{D}_i\right|\left|T_4\right|\left|A_i\right)$ and $V_i=h((r{n}_1·C_k^{\prime })\left|\right|SK)$, and then sends the messages $\{V_i,T_4\}$ to CS.

(5)

The CS checks the validity of the timestamp and generates the session key $S{K}^{*}=h(r{n}_2·P_1\left|\right|PI{D}_i\left|\right|T_4\left|\right|A_i)$ and $V_i^{*}=h\left(\right(P_1·C_k\left|\right|S{K}^{*})$. Then, the CS verifies that $V_i^{*}$ is equal to $V_a$. If it is, the CS and $E{D}_i$ successfully authenticate each other.

5. Security Weaknesses of Bhuarya et al.’s Scheme

In this section, we show that the scheme proposed by Bhuarya et al. does not prevent various potential attacks, such as impersonation and man-in-the-middle. Moreover, their scheme has an incorrect authentication mechanism and does not guarantee SMA, which is an essential requirement of an AKA protocol. This analysis was performed under the DY threat model described in Section 3.1.

5.1. Impersonation Attack

Owing to the fact that the scheme does not provide detailed tamper-proof techniques, we suppose that an adversary $\mathcal{A}$ obtains the embedded device $E{D}_i$ or captures it physically. Subsequently, $\mathcal{A}$ can access the data $\{PI{D}_i,R_i,C_k,I_i\}$ stored in $E{D}_i$ and perform impersonation attacks using the obtained data as follows:

(1)

$\mathcal{A}$ chooses a random number $r{n}_a$ and a current timestamp $T_1$, and computes $P_a=r{n}_a·G$, $P_{a2}=h(r{n}_a·C_k^{\prime })$, $E_a=PI{D}_i\oplus R_i,K_a=h\left(P_a\right)\oplus PI{D}_i$, and $Y_a=h(P_a\left|\right|P_{a2}\left|\right|K\left|\right|T_1)$. Then, $\mathcal{A}$ sends the login request $\{E_a,P_a,Y_a,T_1\}$ to CS.

(2)

On receiving the login request from $\mathcal{A}$, the CS checks the timestamp validity, computes $PI{D}_i=E_a\oplus R_i$, and finds $PI{D}_i$ in the database.

(3)

If it exists, the CS computes $r{n}_s=R_i\oplus h(M{X}_{CS}\left|\right|PI{D}_i)$, $C_k=h(r{n}_s\left|\right|M{X}_{CS}\left|\right|E_t\left|\right|PI{D}_i)$, $K=h\left(P_a\right)$, $P_{a2}=h(P_a·C_k)$, and $Y^{*}=h(P_a\left|\right|P_{a2}\left|\right|K\left|\right|T_1)$. The CS subsequently verifies that $Y^{*}$ is equal to Y. If it correct, the CS selects a random number $r{n}_2$ and a current timestamp $T_3$, and computes $P_3=r{n}_2·G$, $P_4=r{n}_2·A_i^{\prime }$, $S=h\left(P_3\right|\left|P_4\right|\left|T_3\right)$. Afterwards, the CS sends the response messages $\{S,P_3,T_3\}$ to $\mathcal{A}$.

(4)

After receiving $\{S,P_3,T_3\}$ from CS, $\mathcal{A}$ computes $A_a=h(R_i\oplus I_i\oplus C_k^{\prime })$, $P_3^{*}=P_3·A_a$, and $S_a^{*}=h(P_3^{*}\left|\right|P_4\left|\right|T_3)$, and then verifies that $S_a^{*}\stackrel{?}{=}S$ and timestamp is valid. If it is correct, $\mathcal{A}$ computes the session key $SK=h(r{n}_a·P_3|\left|PI{D}_i\right|\left|T_4\right|\left|A_a\right)$ and $V_a=h((r{n}_a·C_k^{\prime })\left|\right|SK)$, and then sends the messages $\{V_a,T_4\}$ to CS.

(5)

The CS checks the validity of the timestamp and computes the session key $S{K}^{*}=h(r{n}_2·P_a\left|\right|PI{D}_i\left|\right|T_4\left|\right|A_a)$ and $V_a^{*}=h\left(\right(P_a·C_k\left|\right|S{K}^{*})$. Then, the CS verifies that $V_a^{*}$ is equal to $V_a$. If it is, the CS and $\mathcal{A}$ successfully authenticate each other.

$\mathcal{A}$ can successfully generate a valid login request $\{E_a,P_a,Y_a,T_1\}$ and response messages $\{V_a,T_4\}$, showing that the aforementioned scheme does not resist impersonation attacks.

5.2. Man-in-the-Middle Attack

An adversary $\mathcal{A}$ can perform a man-in-the-middle attack as follows:

(1)

$\mathcal{A}$ first intercepts the login request $\{E,P_1,Y,T_1\}$ of $E{D}_i$, and then chooses a random number $r{n}_a$ and a current timestamp $T_1$. $\mathcal{A}$ computes $P_a=r{n}_a·G$, $P_{a2}=h(r{n}_a·C_k^{\prime })$, $E_a=PI{D}_i\oplus R_i,K_a=h\left(P_a\right)\oplus PI{D}_i$, $Y_a=h(P_a\left|\right|P_{a2}\left|\right|K\left|\right|T_1)$, and sends the login request $\{E_a,P_a,Y_a,T_1\}$ to CS.

(2)

$\mathcal{A}$ chooses a random number $r{n}_{a2}$ and computes $P_{a3}=r{n}_2·G$, $P_{a4}=r{n}_2·A_i$, and $S_a=h(P_{a3}\left|\right|P_{a4}\left|\right|T_3)$, where $A_i$ is obtained by the threat model.

(3)

$\mathcal{A}$ intercepts the response messages $\{S,P_3,T_3\}$ of the CS, and then computes $SK=h(r{n}_a·P_3|\left|PI{D}_i\right|\left|T_4\right|\left|A_a\right)$ and $V_a=h((r{n}_a·C_k^{\prime })\left|\right|SK)$. Finally, $\mathcal{A}$ sends $\{V_a,T_4\}$ and $\{S_a,P_{a3},T_3\}$ to the CS and $E{D}_i$, respectively.

(4)

After receiving $\{V_a,T_4\}$ and $\{S_a,P_{a3},T_3\}$, the CS and $E{D}_i$ generates the session key using received messages.

$\mathcal{A}$ can successfully establish the session key $SK$ using $r{n}_a$ and $r{n}_{a2}$, which shows that the aforementioned scheme does not prevent man-in-the-middle attacks.

5.3. Correctness of Authentication Mechanism

In the login and authentication phase of the scheme, the CS computes $\{S,P_3,T_3\}$ and sends it to $E{D}_i$. Subsequently, $E{D}_i$ computes $S^{*}=h(P_3^{*}\left|\right|P_4\left|\right|T_3)$ and verifies that $S\stackrel{?}{=}{S}^{*}$ to authenticate the CS. However, $E{D}_i$ cannot authenticate the CS because S is not equal to $S^{*}$ as follows:

$$\begin{array}{c}\hfill S=h(P_3\left|\right|P_4\left|\right|T_3)=h(r{n}_2·G\left|\right|P_4\left|\right|T_3)\\ \hfill S^{*}=h(P_3^{*}\left|\right|P_4\left|\right|T_3)=h(P_3·A_i\left|\right|P_4\left|\right|T_3)\\ \hfill =h(r{n}_2·G·A_i|\left|P_4\right|\left|T_3\right)\\ \hfill =h(r{n}_2·G·h(r{n}_s\oplus h(M{X}_{cs}\left|\right|PI{D}_i)\oplus I_i\oplus C_k^{\prime }\left)\right||P_4\left|\right|T_3)\\ \hfill \therefore S\ne S^{*}\end{array}$$

5.4. Secure Mutual Authentication

In Section 5.1 and Section 5.2, we proved that the scheme proposed by Bhuarya et al. does not resist impersonation and man-in-the-middle attacks. Moreover, we proved that their scheme contains an incorrect authentication mechanism, which causes the authentication process to be aborted. Therefore, the scheme does not ensure SMA.

6. Proposed Scheme

This section presents an improved AKA scheme for IoT using PUF, which comprises three phases: system setup, registration, and login and authentication. In our scheme, embedded devices are tamper-proof devices that use a PUF to protect the data stored in memory. The embedded devices register their identities with the CS, authenticate them, and establish the session key to each other. After completing the AKA phase, $E{D}_i$ can use the various services offered by the CS.

6.1. System Setup Phase

The CS sets up the initial parameters related to the elliptic curve, which is identical to the Bhuarya et al. scheme. The CS then generates a secret key $M{X}_{CS}$ and broadcasts the initial public parameters.

6.2. Embedded Device Registration Phase

This phase is shown in Figure 1, and the detailed steps are as follows:

Figure 1. Registration Phase for Our Scheme.

(1)

User selects identity $I{D}_i$, password $P{W}_i$, challenge $c_i$, and random number $r{n}_i$ for $E{D}_i$, and then computes $PI{D}_i=h(I{D}_i\left|\right|P{W}_i\left|\right|r{n}_i)$, $RP{W}_i=(I{D}_i\left|\right|P{W}_i)\oplus r{n}_i$, and $C{V}_i=c_i\oplus r{n}_i\oplus h(PI{D}_i\left|\right|RP{W}_i\left|\right|I{D}_i)$. $E{D}_i$ calculates $re{s}_i=PUF\left(c_i\right)$ and $(a_i,h_i)=Gen\left(re{s}_i\right)$ using the PUF and fuzzy extractor. Afterwards, $E{D}_i$ computes $h_i^{\prime }=h_i\oplus h(a_i\left|\right|RP{W}_i\left|\right|r{n}_i)$ and sends $\left\{PI{D}_i\right\}$ to the CS via a secure channel.

(2)

On receiving the registration request from $E{D}_i$, the CS chooses a random number $x_{cs-E{D}_i}$ for $E{D}_i$, and then computes $SI{D}_i=h(PI{D}_i\left|\right|S_{cs-E{D}_i}$ and $S_{E{D}_i}=h(PI{D}_i\left|\right|r{n}_{cs}\left|\right|x_{cs-E{D}_i})$. The CS stores $SI{D}_i$ with $\{PI{D}_i,S_{E{D}_i}\}$ in a secure database and sends $\{SI{D}_i,S_{E{D}_i}\}$ to $E{D}_i$ through a secure channel.

(3)

After receiving $\{SI{D}_i,S_{E{D}_i}\}$ from the CS, $E{D}_i$ computes $K_i=S_{E{D}_i}\oplus h(PI{D}_i\left|\right|r{n}_i\left|\right|a_i)$ and $Ve{r}_i=h(PI{D}_i\left|\right|S_{E{D}_i}\left|\right|r{n}_i\left|\right|a_i)$, and stores $\{SI{D}_i,RP{W}_i,C{V}_i,h_i^{\prime },K_i,Ve{r}_i\}$ in memory.

6.3. Authentication and Key Agreement Phase

This phase is shown in Figure 2, and the detailed steps are as follows:

Figure 2. Login and Authentication Phase for Our Scheme.

(1)

User inputs the identity $I{D}_i$ with password $P{W}_i$ to $E{D}_i$, and then $E{D}_i$ computes $h_{ID\left|\right|P{W}_i}$, $r{n}_i=h_{ID\left|\right|P{W}_i}\oplus RP{W}_i$, $PI{D}_i=h(I{D}_i\left|\right|P{W}_i\left|\right|r{n}_i)$, $c_i=C{V}_i\oplus r{n}_i\oplus h(PI{D}_i\left|\right|RP{W}_i\left|\right|I{D}_i)$, $re{s}_i=PUF\left(c_i\right)$, $h_i=h_i^{\prime }\oplus h(c_i\left|\right|PI{D}_i\left|\right|I{D}_i)$, $a_i=Rep(re{s}_i,h_i)$, $S_{E{D}_i}=K_i\oplus h(PI{D}_i\left|\right|r{n}_i\left|\right|a_i)$ and $Ve{r}_i^{*}=h(PI{D}_i\left|\right|S_{E{D}_i}\left|\right|r{n}_i\left|\right|a_i)$. $E{D}_i$ checks whether $Ve{r}_i^{*}\stackrel{?}{=}Ve{r}_i$. If it is correct, $E{D}_i$ chooses a random number $r{n}_1$ and a current timestamp $T_1$; otherwise, it aborts the connection. $E{D}_i$ computes $R_1=r{n}_1·P$, $M_1=R_1\oplus h(PI{D}_i\left|\right|S_{E{D}_i}\left|\right|T_1)$, and $V_1=h(M_1\left|\right|R_1\left|\right|S_{E{D}_i}\left|\right|PI{D}_i\left|\right|I{D}_{cs}\left|\right|T_1)$, and then sends $\{SI{D}_i,M_1,V_1,T_1\}$ to the CS.

(2)

On receiving the login request from $E{D}_i$, the CS checks the timestamp validity and finds $\{PI{D}_i,S_{E{D}_i}\}$ using $SI{D}_i$ from a secure database. The CS computes $h\left(PI{D}_i\right|\left|S_{E{D}_i}\right|\left|T_1\right)$, $R_1=M_1\oplus h(PI{D}_i\left|\right|S_{E{D}_i}\left|\right|T_1)$ and $V_1^{*}=h(M_1\left|\right|R_1\left|\right|S_{E{D}_i}\left|\right|PI{D}_i\left|\right|I{D}_{cs}\left|\right|T_1)$, and then verifies that $V_1^{*}$ is equal to $V_1$.

(3)

If it is equal, the CS generates computes a random number $r{n}_2$ and a current timestamp $T_2$; otherwise, aborts the connection. The CS calculates $R_2=r{n}_2·P$, $M_2=R_2\oplus h(PI{D}_i\left|\right|S_{E{D}_i}\left|\right|T_2)$, the session key $S{K}_{cs-E{D}_i}=r{n}_2·R_1$, and $V_2=h(M_2\left|\right|R_2\left|\right|R_1\left|\right|S_{E{D}_i}\left|\right|I{D}_{cs}\left|\right|S{K}_{cs-E{D}_i})$. After that, the CS sends the response messages $\{M_2,V_2,T_2\}$ to $E{D}_i$.

(4)

After receiving $\{M_2,V_2,T_2\}$ from the CS, $E{D}_i$ checks timestamp validity and computes $h\left(PI{D}_i\right|\left|S_{E{D}_i}\right|\left|T_2\right)$, $R_2=M_2\oplus h(PI{D}_i\left|\right|S_{E{D}_i}\left|\right|T_2)$, the session key $S{K}_{E{D}_i-cs}=r{n}_1·R_2$, and $V_2^{*}=h(M_2\left|\right|R_2\left|\right|R_1\left|\right|S_{E{D}_i}\left|\right|I{D}_{cs}\left|\right|S{K}_{E{D}_i-cs})$. Then, $E{D}_i$ checks whether $V_2^{*}\stackrel{?}{=}{V}_2$. If it is verified, $E{D}_i$ generates a current timestamp $T_3$ and computes $V_3=h(S{K}_{E{D}_i-cs}\left|\right|R_1\left|\right|R_2\left|\right|S_{E{D}_i}\left|\right|T_3$. $E{D}_i$ sends the verification messages $\{V_3,T_3\}$ to the CS.

(5)

On receiving $\{V_3,T_3\}$ to $E{D}_i$, the CS computes $V_3^{*}=h(S{K}_{cs-E{D}_i}\left|\right|R_1\left|\right|R_2\left|\right|S_{E{D}_i}\left|\right|T_3$ and checks its validity. If it is verified, the CS and $E{D}_i$ successfully authenticate each other.

7. Security Analysis

In this section, we prove that iAKA-CIoT ensures the session key security (SKS) using the real-or-random (RoR) model [25]. We also perform an informal analysis and simulation analysis using the AVISPA verification tool [18] to demonstrate that our scheme is secure against various potential attacks.

7.1. Formal Security Analysis Using ROR Model

We prove that our scheme achieves SKS using an ROR model-based mathematical formal proof [26,27,28]. We first discuss the fundamental concept and queries of the ROR model before conducting the formal analysis.

• Participants: Let ${\mathsf{\Pi }}_{ED}^{ins{t}_1}$ and ${\mathsf{\Pi }}_{CS}^{ins{t}_2}$ be the instance $ins{t}_1$ and $ins{t}_2$ of the ED and CS, respectively.
• Accepted state: After completing the message exchanging process, the oracle ${\mathsf{\Pi }}^{i}nst$ transfers a this state. Let the current session identifier be $si{d}_c$ of ${\mathsf{\Pi }}^{inst}$ should all the messages be arranged in order.
• Partnering: When ${\mathsf{\Pi }}_{ED}^{ins{t}_1}$ and ${\mathsf{\Pi }}_{CS}^{ins{t}_2}$ have the same $si{d}_c$ and the accepted state, and each oracle completes the AKA, partners (${\mathsf{\Pi }}_{ED}^{ins{t}_1}$ and ${\mathsf{\Pi }}_{CS}^{ins{t}_2}$) are defined.
• Freshness: To carry out the formal proof, ${\mathsf{\Pi }}_{ED}^{ins{t}_1}$ and ${\mathsf{\Pi }}_{CS}^{ins{t}_2}$ as instances are deemed fresh if the session key between the ED and CS is presently not revealed to adversary A.
• Attacker: Under our enhanced threat model Section 3.1, A can completely control the public network and send the ROR queries shown in Table 2 to destroy the SKS.
  Table 2. Queries with their descriptions.

  Queries	Descriptions
  $Execute({\mathsf{\Pi }}_{ED}^{ins{t}_1},$ ${\mathsf{\Pi }}_{CS}^{ins{t}_2})$	A can perform an eavesdropping attack using this query under the threat model
  $CorruptED\left({\mathsf{\Pi }}_{ED}^{ins{t}_1}\right)$	A can perform device stolen attacks using it to retrieve the data stored in $E{D}_i$.
  $Send({\mathsf{\Pi }}^{inst},M)$	A can send messages and receive its response from the oracle $P^{inst}$ using it.
  $Test\left({\mathsf{\Pi }}^{inst}\right)$	Under this query, A guesses the probabilistic result for an unbiased coin c. When the freshness of the session key $SK$ is established by $P^{inst}$ and A, A guesses $SK$ by sending a $Test$ query to the oracle. If $c=c$ or $c=1$, A obtain an arbitrary number or the correct $SK$, respectively; otherwise, obtains the NULL $(\perp )$.

• Semantic Security: A tries to find a correct session key from a random number utilizing the ROR queries. If A correctly guesses a bit c, A wins this game and breaks the semantic security of the scheme. Let $Ad{v}_P=|2Pr\left[Succ\right]-1|$ be the advantage in breaking the session key of scheme $\mathcal{P}$, where $Win$ is the event of the winning game by A.
• Random oracle: All participant entities can use a random oracle as a collision resistant one-way hash function $Hash$.

Now, we prove that our scheme ensures SKS using the following Definitions 1 and 2 and Theorem 1.

Definition 1.

Elliptic curve discrete logarithm problem (ECDLP): Given P and Q, it is computationally intractable to find integer a such that $Q=a·P$, where $a\in Z_p^{*}$.

Definition 2.

Elliptic curve decision Diffie–Hellman problem (ECDDHP): Given $P,xP$, and $yP$, it is computationally difficult to compute $x·y·P$, where $x,y\in Z_p^{*}$.

Theorem 1.

Let an adversary run in polynomial time t as A, and let the advantage of A in breaking the SKS be $Ad{v}_{\mathcal{P}}^A$. Then,

$$\begin{array}{c}\hfill Ad{v}_{\mathcal{P}}^A\le \frac{q_h^2}{2\left|Hash\right|}+\frac{q_{puf}^2}{2\left|PUF\right|}+max\left\{C^{\prime },q_s^{s^{\prime }},\frac{q_s}{2^{lenf}},\frac{q_s}{2^{lenp}}\right\}\end{array}$$

(1)

where $q_h$, $Hash$, and $Ad{v}^{ECDLP}\left(t\right)$ is the number of $Hash$ queries, a collision-resistant hash function $Hash$, and an advantage in breaking ECDLP, respectively.

The formal proofs consisting of four games $G_i(i=0,1,2)$ using the ROR model are as follows:

• Game $G_0$: A first tosses the coin c and obtains its result at the beginning of this game. Its winning advantage is:

  $$Ad{v}_{\mathcal{P}}^A=|2.Pr\left[Suc{c}_0\right]-1|,$$

  (2)

  where $Succ$ is the event of A winning the game.
• Game $G_1$: Under this game, Attacker A performs an eavesdropping attack using the $Execute({\mathsf{\Pi }}_{ED}^{ins{t}_1},$${\mathsf{\Pi }}_{CS}^{ins{t}_2})$ query. A first intercepts the transmitted messages $\{SI{D}_i,M_1,V_1,T_1\}$, $\{M_2,V_2,T_2\}$, and $\{V_3,T_3\}$ to break the SKS. Then, A executes the $Test\left({\mathsf{\Pi }}^t\right)$ query to guess whether the output of the query is equal to $SK$ or any arbitrary number. However, the winning probability of $G_1$ does not increase because A does not compute the session key $S{K}_{E{D}_i-cs}=r{n}_1·r{n}_2·P$ without breaking the ECDLP and ECDDHP. Thus, we obtain:

  $$Pr\left[Suc{c}_1\right]=Pr\left[Suc{c}_0\right]$$

  (3)
• Game $G_2$: Attacker A performs an active attack using $Send({\mathsf{\Pi }}^{inst},M)$ and $Hash$ queries. A attempts to guess the correct message digest collision to mislead a participant entity using several $Hash$ queries. However, in our scheme, all transmitted messages are secured because A does not break the $Hash$ oracle in polynomial time. Moreover, A cannot compute the correct messages without the pseudo-identity $PI{D}_i$, secret value $S_{E{D}_i}$, and tamper-proof value $a_i$. Thus, according to the birthday paradox [29],

  $$|Pr\left[Suc{c}_1\right]-Pr\left[Suc{c}_2\right|\le \frac{q_h^2}{2\left|Hash\right|}$$

  (4)
• Game $G_3$: Attacker A performs a final attack and can obtain $\{SI{D}_i,RP{W}_i,C{V}_i,h_i^{\prime },K_i,Ve{r}_i\}$ stored in the memory of $E{D}_i$ using $CorruptED\left({\mathsf{\Pi }}_{ED}^{ins{t}_1}\right)$. However, A does not compute the valid login request messages $\{SI{D}_i,M_1,V_1,T_1\}$ without knowing $\{I{D}_i,P{W}_i,a_i\}$, where $M_1=R_1\oplus h(PI{D}_i\left|\right|S_{E{D}_i}\left|\right|T_1)$ and $V_1=h(M_1\left|\right|R_1\left|\right|S_{E{D}_i}\left|\right|PI{D}_i\left|\right|I{D}_{cs}\left|\right|T_1)$. Since A does not know $I{D}_i$, $r{n}_i$, $PI{D}_i$ and $a_i$, A cannot correctly guess $P{W}_i$ using $Send({\mathsf{\Pi }}^{inst},M)$. Moreover, $a_i$ is only generated by the secure PUF function with a fuzzy extractor, which is defined in Section 3.2, and A does not distinguish between the PUF values and those of the noise without help of fuzzy extractor because the guessing probability of fuzzy extractor values $lenf$ and $lenp$ is approximately $\frac{1}{2^{lenf}}$ and $\frac{1}{2^{lenp}}$, respectively. Therefore, from the PUF simulation and Zipf’s law on passwords [30],

  $$\begin{array}{c}\hfill |Pr\left[Suc{c}_1\right]-Pr\left[Suc{c}_2\right|\le \frac{q_{puf}^2}{2\left|PUF\right|}+max\left\{C^{\prime },q_s^{s^{\prime }},\frac{q_s}{2^{lenf}},\frac{q_s}{2^{lenp}}\right\}\end{array}$$

  (5)

After simulating all the games ($G_0,G_1,G_2,G_3)$, A attempts to guess the correct c using the $Test$ query. Therefore,

$$\begin{array}{c}\hfill Ad{v}_{\mathcal{P},G_3}^A=\frac{1}{2}\end{array}$$

(6)

We can obtain the following results using Equations (2), (3) and (6).

$$\begin{array}{ccc}\hfill \frac{1}{2}.Ad{v}_{\mathcal{P}}^A& =& |Pr\left[Suc{c}_0\right]-\frac{1}{2}|\hfill \\ & =& |Pr\left[Suc{c}_1\right]-\frac{1}{2}|\hfill \\ & =& |Pr\left[Suc{c}_1\right]-Pr\left[Suc{c}_3\right]|\hfill \end{array}$$

(7)

Then, we can gain the following results using (5)–(7):

$$\begin{array}{ccc}\hfill \frac{1}{2}.Ad{v}_{\mathcal{P}}^A& =& |Pr\left[Suc{c}_1\right]-Pr\left[Suc{c}_3\right]|\hfill \\ & \le & |Pr\left[Suc{c}_1\right]-Pr\left[Suc{c}_2\right]|\hfill \\ & +& |Pr\left[Suc{c}_2\right]-Pr\left[Suc{c}_3\right]|\hfill \\ & \le & \frac{q_h^2}{2\left|Hash\right|}+\frac{q_{puf}^2}{2\left|PUF\right|}+max\left\{C^{\prime },q_s^{s^{\prime }},\frac{q_s}{2^{lenf}},\frac{q_s}{2^{lenp}}\right\}\hfill \end{array}$$

(8)

Finally, we acquire the final goal by multiplying both sides of (8) by two.

$$\begin{array}{c}\hfill Ad{v}_{\mathcal{P}}^A\le \frac{q_h^2}{2\left|Hash\right|}+\frac{q_{puf}^2}{2\left|PUF\right|}+max\left\{C^{\prime },q_s^{s^{\prime }},\frac{q_s}{2^{lenf}},\frac{q_s}{2^{lenp}}\right\}\end{array}$$

(9)

7.2. Informal Security Analysis

This section demonstrates that our scheme is secure against various potential attacks, such as impersonation, man-in-the-middle, replay, physical capture, and offline password guessing. In addition, we demonstrate that it guarantees SMA and anonymity.

7.2.1. Impersonation Attack

Under our threat model, an adversary $\mathcal{A}$ can acquire the exchanged messages in a public network and extract the stored data $\{SI{D}_i,RP{W}_i,C{V}_i,h_i^{\prime },K_i,Ve{r}_i\}$ from the memory of $E{D}_i$. However, $\mathcal{A}$ cannot attempt to impersonate a legitimate $E{D}_i$ because $\mathcal{A}$ does not successfully generate the login request $\{SI{D}_i,M_1,V_1,T_1\}$ and verification messages $\{V_3,T_3\}$ without knowing $I{D}_i$, $P{W}_i$, $S_{E{D}_i}$ and $a_i$. Therefore, iAKA-CIoT is secure against impersonation attacks.

7.2.2. Man-in-the-Middle Attack and Replay Attack

When $\mathcal{A}$ tries to perform a man-in-the-middle attack, $\mathcal{A}$ should obtain $\{R_1,R_2\}$ and compute the response messages $\{M_2,V_2\}$ and $\left\{V_3\right\}$. However, $\mathcal{A}$ cannot obtain $R_1$ and $R_2$ without obtaining $h\left(PI{D}_i\right|\left|r{n}_i\right|\left|a_i\right)$. Moreover, all response messages include a timestamp and are masked by a collision-resistant hash function, which makes it difficult to find original messages in polynomial time. Therefore, iAKA-CIoT resists man-in-the-middle and replay attacks.

7.2.3. Physical Capture Attack

After obtaining the data $\{SI{D}_i,RP{W}_i,C{V}_i,h_i^{\prime },K_i,Ve{r}_i\}$ stored in the memory of $E{D}_i$’ using a physical capture attack, the data do not help compute the session key $SK$ because the PUF response $a_i$ is only generated by $E{D}_i$ and $\mathcal{A}$ cannot retrieve $S_{E{D}_i}$ from $K_i$. Therefore, our scheme protects against physical-capture attacks.

7.2.4. Offline Password Guessing Attack

We assume that $\mathcal{A}$ attempts to guess the password of the user by using intercepted messages and extracting data. $\mathcal{A}$ must know the real identity $I{D}_i$, random number $r{n}_i$, pseudo identity $PI{D}_i$ and secure parameter $S_{E{D}_i}$. However, $\mathcal{A}$ does not know these values because it is masked by a collision-resistant hash function, and $\mathcal{A}$ cannot simultaneously guess two or three parameters in polynomial time. Therefore, iAKA-CIoT is secure against offline password-guessing attacks.

7.2.5. Secure Mutual Authentication and Anonymity

In the AKA phase of our scheme, the CS and $E{D}_i$ verify the login request $V_1\stackrel{?}{=}{V}_1^{*}$ and response messages $V_2\stackrel{?}{=}{V}_2^{*}$ by using $PI{D}_i$ and $S_{E{D}_i}$. According to previous analyses (Section 7.2.1, Section 7.2.2 and Section 7.2.3), $\mathcal{A}$ does not compute verification messages $V_1$ and $V_2$ without obtaining $\{PI{D}_i,a_i,I{D}_i,P{W}_i,S_{E{D}_i}\}$. Moreover, in our scheme, the user utilizes the pseudo identity $PI{D}_i$ for the AKA phase, and $\mathcal{A}$ cannot obtain the real identity $I{D}_i$ of the user. Therefore, our scheme achieves SMA and anonymity.

7.2.6. Denial-of-Service Attack

After receiving exchanged messages between CS and $E{D}_i$, they should perform verification procedures to prove validity of these messages {$Ve{r}_i,V_1,V_3$}. If it is not valid, the AKA procedure is immediately aborted. It can mitigate denial of service (DoS)/distributed denial of service (DDoS) attacks because {$Ve{r}_i,V_1,V_3$} has freshness which includes timestamp and random number, and can be generated by a legitimate entities.

7.3. Simulation Analysis Using AVISPA Tool

In this section, we discuss the simulation of our scheme by using the AVISPA simulation tool to prove its security [18,31]. AVISPA is a well-known formal simulation tool for evaluating the security of protocols, whereby it verifies that a protocol resists man-in-the-middle and replay attacks. First, we define the security properties of our scheme by using a high-level protocol specification language (HLPSL) [32]. The defined HLPSL code was transformed into an intermediate format using the HLPSL2IF translator. This simulation was executed under the four back-ends model [33]; “on-the-fly model checker” (OFMC); “tree automata based on a protocol analyzer” (TA4SP); “SAT-based model checker” (SATMC), and “constraint logic-based attack searcher” (CL-AtSE). The procedure of this simulation is shown in Figure 3 and the concept of HLPSL is presented in [31,32].

Figure 3. The Procedures of AVISPA Simulation.

7.3.1. HLPSL Specifications

We simulated the defined HLPSL by considering the $E{D}_i$ and CS AKA phase. There are two basic roles (CS, $E{D}_i$), and their HLPSL descriptions are presented in Figure 4 and Figure 5. A session with the environment is defined in Figure 6.

Figure 4. HLPSL Description: CS Role.

Figure 5. HLPSL Description: $E{D}_i$ role.

Figure 6. HLPSL Description: Session and Environment.

7.3.2. Simulation Results

Figure 7 shows the results of the AVISPA simulation, which presents the simulation summary “SAFE”. In the CL-AtSe results, the translation time was 0.01 s. For the OFMC results, the search depth was four when 16 nodes were explored in 0.02 s. Therefore, our scheme prevents man-in-the-middle and replay attacks.

Figure 7. Simulation Result of AVISP Simulation (Summary: SAFE). (a) Result of CL-AtSe. (b) Result of OFMC.

8. Comparative Analysis

This section presents a comparative analysis of our scheme on the security property, communication, and computation cost with other related schemes [6,10,11,16,17].

8.1. Security Property

We compared the security properties of our scheme with those of the contemporary schemes. Table 3 shows that the previous schemes cannot resist security attacks, achieve anonymity, or SMA. In contrast, we demonstrate that iAKA-CIoT can prevent potential security attacks and guarantee essential security requirements. Therefore, our scheme is more secure than the aforementioned schemes [6,10,11,13,14,16,17].

Table 3. A Comparative Summary: Security Properties.

Properties	[6]	[10]	[16]	[17]	[11]	[13]	[14]	Ours
$S{P}_1$	×	×	×	×	×	√	√	√
$S{P}_2$	×	×	×	×	×	√	×	√
$S{P}_3$	√	×	×	√	√	N/A	√	√
$S{P}_4$	×	√	√	√	√	√	√	√
$S{P}_5$	×	×	×	×	×	√	×	√
$S{P}_6$	√	√	√	×	√	×	×	√
$S{P}_7$	×	√	×	×	×	√	×	√
$S{P}_8$	√	×	×	×	√	×	√	√

√: supports the security property; ×: does not support the security property; N/A: not applicable; $S{P}_1$: physical capture attack; $S{P}_2$: impersonation attack; $S{P}_3$: offline password guessing attack; $S{P}_4$: replay attack; $S{P}_5$: mutual authentication; $S{P}_6$: user anonymity; $S{P}_7$: formal (mathematical) proof; $S{P}_8$: formal simulation proof.

We demonstrated that Bhuarya et al. [11] is insecure against physical capture attacks in Section 5. We also proved that other related schemes [6,10,16] does not prevent physical capture attacks to highlight our contributions. The detailed processes of AKA schemes refer to [6,10,16,17].

In [6], an adversary $\mathcal{A}$ can extract the data {$Pi{d}_i,C_k^{\prime }$} stored in the embedded device $E{D}_i$, and then $\mathcal{A}$ selects a random number and computes $P_1=r_1·G$, $P_2=h(r_1·C_k^{\prime })$. Finally $\mathcal{A}$ can successfully generate the login request messages $\{P_1,P_2,Pi{d}_i\}$ without knowing any other information.

In [10], $\mathcal{A}$ can obtain the parameters $\{B_i,N_i,N_t\}$ and $\{W_i,V_i,T_u\}$ from the user’s smart card and open channel. Then, $\mathcal{A}$ tries to obtain the $P{W}_i$ by executing offline password guessing attacks [34]. $\mathcal{A}$ chooses {$I{D}_i^{*},P{W}_i^{*}\}$, and computes $k^{*}=N_i\oplus h(I{D}_i^{*}\oplus P{W}_i^{*})$, $A_i^{*}=B_i\oplus h(I{D}_i^{*}\left|\right|h(P{W}_i^{*}\left|\right|k^{*})$, ${(r_i\oplus k)}^{*}=W_i\oplus h(T_u\oplus A_i^{*}$) and $V_i^{*}=h(I{D}_i^{*}\left|\right|A_i^{*}\left|\right|W_i\left|\right|{(r_i\oplus k)}^{*}\left|\right|T_u$. If $V_i$ is equal to $V_i^{*}$, $\mathcal{A}$ successfully guesses the correct $P{W}_i$ and can correctly generate valid login request.

In [16], we assumed that $\mathcal{A}$ is a dishonest registered participant in the system. Then, $\mathcal{A}$ can extract the data $\{AI{D}_A,BI{D}_A,r_A\}$ from smart card and can impersonate a legitimate user $U_a$ using it. In their scheme, $\mathcal{A}$ can establish the session key of any legitimate user by betraying a trusted server [7].

Therefore, the aforementioned schemes are insecure against physical capture attacks because they stored secret data as plaintext, which causes critical security issues.

8.2. Computation, Communication and Storage Costs

In this analysis, we consider the AKA phase for protocols. Table 4, Table 5 and Table 6 compare the computation, communication and storage costs between our scheme and other related schemes, which is shown in Figure 8, Figure 9 and Figure 10, respectively.

Table 4. A Comparative Analysis: Computational Cost.

Scheme	Login Procedure	Authentication Procedure	Total Costs
Kumari et al. [6]	$4T_h+4T_{em}$	$3T_h+4T_{em}$	$7T_h+8T_{em}\approx 0.357+22.784=23.141$ ms
Karuppiah et al. [10]	$10T_h+3T_{modexp}$	$4T_h$	$14T_h+3T_{modexp}\approx 0.714+9.438=10.152$ ms
Huang et al. [16]	$12T_h+5T_{em}$	$5T_h+1T_{em}$	$17T_h+6T_{em}\approx 0.867+17.088=17.955$ ms
Jiang et al. [17]	$6T_h+5T_{modexp}$	$3T_h$	$9T_h+5T_{modexp}\approx 0.459+15.73=16.189$ ms
Bhuarya et al. [11]	$10T_h+5T_{em}$	$6T_h+4T_{em}$	$16T_h+9T_{em}\approx 0.816+25.632=26.448$ ms
Qureshi and Munir [13]	$2T_{aes}$	$2T_{em}$	$2T_{aes}+2T_{em}\approx 0.024+5.696+1=5.72$ ms
Wang et al. [14]	$6T_h$	$7T_h$	$13T_h\approx 0.663$ ms
Ours	$9T_h+1T_{em}$	$6T_h+3T_{em}$	$15T_h+4T_{em}\approx 0.765+11.392=12.157$ ms

Table 5. A Comparative Analysis: Communication Cost.

Scheme	Handshake	Total Costs
Kumari et al. [6]	3	1760 bits
Karuppiah et al. [10]	2	2848 bits
Huang et al. [16]	3	1600 bits
Jiang et al. [17]	2	1984 bits
Bhuarya et al. [11]	3	1760 bits
Qureshi and Munir [13]	7	2400 bits
Wang et al. [14]	5	3200 bits
Ours	3	1760 bits

Table 6. A Comparative Analysis: Storage Cost.

Scheme	Total Costs
Kumari et al. [6]	480 bits
Karuppiah et al. [10]	3712 bits
Huang et al. [16]	320 bits
Jiang et al. [17]	640 bits
Bhuarya et al. [11]	640 bits
Qureshi and Munir [13]	800 bits
Wang et al. [14]	960 bits
Ours	960 bits

Figure 8. A Comparative Analysis: Computational Cost (Figure).

Figure 9. A Comparative Analysis: Communication Cost (Figure).

Figure 10. A Comparative Analysis: Storage Cost (Figure).

The computation cost analysis was performed using Raspberry PI 4B with Linux Ubuntu 18.04.4 LTS with 64-bits, 8 GB, and MIRACL library. We utilized the average values for each cryptographic primitive, which was run 100 times to measure its execution cost. To evaluate the computational cost of iAKA-CIoT compared with other schemes, we considered four cryptographic primitives, and their execution costs are presented in Table 7.

Table 7. Execution cost (milliseconds).

Operation	Max. Time (ms)	Min. Time (ms)	Average Time (ms)
$T_{em}$	2.920	2.766	2.848
$T_h$	0.142	0.022	0.051
$T_{modexp}$	4.649	1.746	3.146
$T_{aes}$	0.021	0.011	0.012

$T_{em}$: elliptic curve scalar multiplication; $T_h$: hash function; $T_{modexp}$: modular exponentiation; $T_{aes}$: AES-256.

Our scheme requires the total cost $15T_h+4T_{em}\approx 0.765+11.392=12.157$ ms, whereas the total cost for other schemes are as follows: that in Kumari et al. [6] required $7T_h+8T_{em}\approx 0.357+22.784=23.141$ ms; that in Karuppiah et al. [10] required $0.714+9.438=10.152$ ms; that in Huang et al. [16] required $17T_h+6T_{em}\approx 0.867+17.088=17.955$ ms; that in Jiang et al. [17] required $9T_h+5T_{modexp}\approx 0.459+15.73=16.189$ ms; that in Bhuarya et al. [11] required $16T_h+9T_{em}\approx 0.816+25.632=26.448$ ms; that in Qureshi and Munir [13] required $2T_{aes}+2T_{em}\approx 0.024+5.696=5.72$ ms; that in Wang et al. [14] required $13T_h\approx 0.663$ ms.

For the comparison of communication costs, we defined the message length of the parameters. The one-way hash function, identity, timestamp, and random number are 160 bits. The elliptic curve point and modular exponentiation are 320 and 1024 bits, respectively. In our scheme, the exchanged messages $\{SI{D}_i,M_1,V_1,T_1\}$, $\{M_2,V_2,T_2\}$, and $\{V_3,T_3\}$ needs $160+320+160+160=800$ bits, $320+160+160=640$ bits, and $160+160=320$ bits, respectively. Thus, the total communication cost for our scheme was $800+640+320=1760$. Kumari et al. [6], Karuppiah et al. [10], Huang et al. [16], Jiang et al. [17], Bhuarya et al. [11], Qureshi and Munir [13] and Wang et al. [14] required 1760, 2848, 1600, 1984, 1760, 2400, and 3200, respectively.

The iAKA-CIoT requires a storage cost of 960 bits, whereas the storage cost for other schemes are as follows: that in Kumari et al. [6] required 480 bits; that in Karuppiah et al. [10] required 3712 bits; that in Huang et al. [16] required 320 bits; that in Jiang et al. [17] required 640 bits; that in Bhuarya et al. [11] required 640 bits; that in Qureshi and Munir [13] required 800 bits; and that in Wang et al. [14] required 960 bits.

Section 8.1 shows that the abovementioned schemes [6,10,11,13,14,16,17] are insecure against various attacks such as password guessing, impersonation, replay, and physical capture attacks. Moreover, their schemes do not provide anonymity, a formal proof analysis, or SMA. Although some schemes [13,14] can prevent physical capture attacks, their scheme has security weaknesses [15] or high communication costs. Therefore, our scheme is secure and superior for practical IoT environments.

9. Conclusions

This paper demonstrated that the Bhuarya et al. scheme had an incorrect authentication mechanism, did not resist various attacks, such as impersonation, man-in-the-middle, and physical capture attacks. We also demonstrated that it did not achieve SMA and SKS. We proposed an improved authentication and key agreement scheme for cloud-enabled IoT using PUF to resolve these security flaws. We demonstrated that iAKA-CIoT is secure against impersonation, man-in-the-middle, replay, offline-password guessing, and physical capture attacks, and achieves SMA and anonymity. Formal security proof confirmed that our scheme achieved SKS between the CS and ED using the ROR model. Moreover, we performed a formal simulation analysis using the AVISPA tool and compared it with other related schemes using the Raspberry PI 4B with MIRACL library. Our scheme also provides superior security properties compared to the aforementioned schemes. Therefore, iAKA-CIoT is suitable for practical cloud-enabled IoT environments because it is more secure and superior than the other related schemes.