A Trusted Internet of Things Access Scheme for Cloud Edge Collaboration

Abstract

With the rapid popularization of current Internet of Things (IoT) technology and 5G networks, as well as the continuous updating of new service lifestyles and businesses, the era of big data processing for the IoT has arrived. However, centralizing all data for processing in the cloud can lead to issues such as communication latency and privacy breaches. To solve these problems, edge computing, as a new network architecture close to terminal data sources and supporting low latency services, has gradually emerged. In this context, cloud edge collaborative computing has become an important network architecture. With the changing security requirements and communication methods of cloud edge collaborative network architecture, traditional authentication key agreement protocols are no longer applicable. Therefore, a new IoT authentication and key agreement protocol needs to be designed to solve this problem. This study proposes an IoT accessible solution for cloud edge collaboration. This scheme adopts a chaotic mapping algorithm to achieve efficient authentication. It ensures the anonymity and untraceability of users. Following this, we conducted strict security verification using BAN logic and Scyther tools. Through experimental comparative analysis, the research results show that the protocol performs better than other schemes while ensuring security. This indicates that the protocol can achieve efficient authentication and key negotiation in cloud edge collaborative network architecture, providing a secure and reliable solution for the accessibility of the IoT.

1. Introduction

The Internet of Things (IoT) industry has witnessed significant growth in recent years due to the rapid advancements in new generation information technology. These technological advancements have played a crucial role in fostering the development and expansion of the IoT industry [1].

The proliferation of IoT devices connecting to the Internet has led to a substantial surge in network data and processes. The updates of various information technologies have driven the upgrading of devices; image recognition, vehicle networks, industrial internet, and other time sensitive and computationally intensive businesses continue to emerge [2,3]. Currently available devices have limited computing power due to their hardware and size, which cannot guarantee the normal operation of such services. This can lead to increased network load and affect user experience. Cloud computing technology has successfully solved these problems by bringing together a large number of computing devices and establishing a highly capable computing center, providing cloud computing and storage services to all devices and users [4,5]. The device can offload the tasks to be calculated by the cloud computing center; the cloud server uses its powerful computing power to support terminal device calculations and then transmits the results back to the terminal device through the network. However, with the increasing number of IoT devices, there are more and more computing tasks requiring central support. Cloud computing centers are far away from devices [6] and the transmission distance of tasks in the network is long, with high latency, making it difficult to meet user needs. Due to its deployment methods, distance, energy consumption, and other drawbacks, the use of cloud computing in industry is limited. Edge computing overcomes the disadvantage of cloud computing (that it is far away from terminal devices), and edge computing has become a research hotspot [7]. Cloud computing centrally uploads all tasks to the cloud for processing, resulting in increased transmission latency of data in the network. Edge computing, meanwhile, establishes nodes near terminals on the network edge side to provide services. Edge computing alleviates the computing pressure and network transmission pressure of cloud computing [8]. In the cloud edge collaborative computing system, the cloud service center deploys edge nodes, integrates intelligent applications and application service layer hardware, is responsible for high complexity and global data services, and can meet the basic needs of users for diverse scenarios. Intelligent edge nodes provide relatively lightweight services, utilizing outstanding advantages such as edge location and low latency to increase the speed of network service responses [9]. High-cost computing and storage are generally not performed on edge nodes, resulting in relatively low equipment costs. As data generators, end users submit diversified data to upper-level service providers, which helps support service providers in data analysis and decision-making. The full perception of these key links will generate sensitive, heterogeneous, and massive amounts of data in real-time, widely distributed among diverse end users and massive service providers. Accurate multivariate analysis of user data helps to estimate user needs from multiple perspectives, allocate resources reasonably, and improve and enhance the satisfaction index of end customers [10].

At present, the development of cloud computing is mature, but there are still security risks. Recently, edge computing has been introduced. Edge computing is not a method to replace the cloud center, but rather to expand the capabilities of the cloud center [11]. As such, edge computing also has the security problems of cloud computing. Edge distribution is more extensive, the geographical location is more remote, and it has characteristics such as being massive, heterogeneous, and dispersed, making the communication process more complex and therefore more susceptible to malicious attacks. In cloud edge collaborative computing architecture, new cryptographic techniques need to be considered to ensure secure interaction [7]. In the cloud edge collaborative architecture, large amounts data are transmitted through public channels, causing issues such as privacy leakage and illegal access. Authentication processes can achieve negotiation and authentication of common session keys between two or more communication entities; identity and message authentication can be achieved between cloud edges, while generating session keys required for security requirements such as message integrity and message confidentiality [12]. Due to the importance of authentication, the academic community has never stopped analyzing and designing security protocols. Due to different application environments, security requirements, and design methods, the corresponding authentication protocols are also different, and new attack methods are constantly emerging [13]. Most resource constrained terminals are unable to perform many complex and powerful calculations due to resource and capability limitations [14,15,16,17,18,19,20,21]. So, as the network architecture shifts from cloud-to-cloud edge, the corresponding authentication mode will also change accordingly. Therefore, it is necessary to design new authentication protocols to ensure the information exchange of terminals in the cloud edge collaborative architecture. Therefore, this article proposes a trustworthy IoT access scheme for cloud edge collaboration. The contributions are summarized below:

(1)

This article proposes a scheme based on two factor security authentication and key negotiation. By applying chaotic mapping technology, this scheme can securely protect communication between devices, cloud servers, and edge devices at lower computational and communication costs. This scheme protects the transmission of confidential messages and improves communication security by negotiating session keys.

(2)

To ensure security, this article adopts the BAN logic reduction method and the Scyther verification tool. After security verification, the results show that the protocol exhibits a high level of security. Through security analysis and performance comparison, the experimental results demonstrate that the scheme achieves enhanced security strength while simultaneously improving the efficiency of authentication.

2. Related Work

Privacy protection in the context of the Internet of Things (IoT) encompasses identity authentication, key negotiation, and data privacy. To enhance security mechanisms, Zhang et al. [22] introduced a trust-based secure multi-cloud collaboration framework for the cloud fog assisted Internet of Things. This framework prioritized the interests of cloud users by providing highly credible composite services and ensured the security of cloud service providers through efficient multi-cloud user authentication and collaborative access control. It supported role and trust-based service composition, offering precise trust levels for multi-cloud service composition. Additionally, the framework proposed an efficient and secure multi-cloud collaboration solution to safeguard data objects and other assets maintained by composite services. It underwent a security analysis and demonstrated applicability through case analysis and performance evaluation.

Qi et al. [23] proposed a cloud-centric three-factor authentication and key protocol that integrated passwords, biometrics, and smart cards. This protocol enabled secure access to both the cloud and autonomous vehicles while preserving user biometric privacy. It achieved three-factor authentication and negotiated two session keys: one for safe remote control of autonomous vehicles and another for secure cloud data access, ensuring high security guarantees even in the face of compromised short-term security parameters. The protocol was validated for security characteristics and evaluated for efficiency, demonstrating strong security with reasonable computational and communication costs.

Addressing the computing and storage challenges brought about by the rapid growth of IoT devices on gateways, Wang et al. [24] designed an authentication scheme suitable for such scenarios. This scheme aimed to protect against security threats while maintaining low computational costs for gateways. The article initially defined the adversary model and evaluation criteria for cloud-assisted IoT systems, outlining the security requirements for practical identity verification schemes. It then conducted a case study using advanced identity verification schemes, revealing challenges and subtleties in their design. Finally, the article proposed a secure and efficient authentication scheme for remote control and real-time data access in cloud-assisted IoT systems. Leveraging cloud capabilities, it reduced the computational burden on gateways and was particularly well-suited for IoT applications with a large number of devices. The scheme underwent security analysis and compared well with relevant schemes in terms of security and performance, demonstrating its ability to meet security requirements with minimal computational and storage costs on the gateway node.

3. Preliminaries

3.1. System Model

As shown in Figure 1, the third-party authentication model for cloud edge collaborative communication has three communication entities: IoT devices, edge servers, and cloud service center. When an edge server wants to enter the cloud service center for communication, it must first send a registration request to the cloud service center so that the edge server can obtain resource allocation and service scheduling from the cloud center. IoT devices need to flow and share the collected data and register with the cloud service center before they can proceed with subsequent communication. After registration is completed, authentication interaction is required before data communication. IoT devices first send authentication messages to edge servers, and then the edge servers perform relevant authentication while sending authentication requests to the cloud service center. The cloud service center receives the authentication messages sent by the edge servers and determines the validity and correctness of the messages. If both IoT devices and edge servers are authenticated, the three communication entities negotiate a session key that is only known to the three parties, which is used to ensure the security and privacy of subsequent data transmission. The cloud service center mainly includes cloud server clusters, cloud computing resource pools, data storage, and security control parts. These elements work together and provide registration functionality and powerful support for IoT devices and edge servers. IoT devices are responsible for collecting raw data from the entire system, encrypting the collected data, and sending the encrypted data to edge servers. The edge server layer plays a crucial intermediate role in data processing and analysis, and is responsible for receiving, processing, and forwarding information from IoT devices while providing data support for cloud service centers.

3.2. Threat Model

This article refers to the threat model of the scheme. The cloud service center is honest and curious, that is, it will honestly execute the protocol content, but it may attempt to invade the privacy data of users for profit or curiosity. The cloud service center may steal user privacy, while malicious external attackers may attempt to obtain privacy data through channel eavesdropping, forgery, and message modification [25,26,27,28,29,30,31,32,33,34,35,36]. The opponents above are all probability polynomial time. Based on the above threat model, the following security requirements should be ensured [18,29,37].

(1)

Confidentiality: Communication between entities in the system should be protected, even if external attackers eavesdrop on the channel to obtain messages, they cannot recover the information in the ciphertext.

(2)

Privacy protection: User privacy data should be protected, and other entities in the system cannot access user privacy data,

(3)

Integrity: For all messages sent in the system, the receiver can verify whether the sender of the message is a legitimate user and can detect whether the message has been maliciously tampered with and replaced.

3.3. Cloud Edge Collaboration

Cloud computing is an information processing method that has a large amount of computing resources, organizes, and calls various information resources through the network, and can perform large-scale computing [12,13,38]. This technology concentrates dispersed resources and forms a powerful computing resource pool through distributed technology, resource virtualization technology, and other means. Users can apply for resources in a dynamic, on-demand, and measurable manner, and can use multiple types of terminals to obtain the required resource services. As the years have advanced, the interconnection of all things has become the mainstream direction of development, and mobile application services have also developed rapidly. Applications with high traffic and data intensive characteristics of large connections have become increasingly mainstream. Traditional cloud computing technology, due to its distance from users, finds it difficult to process the massive amount of data generated by user side devices and terminals in real-time, resulting in longer data transmission delays and reduced service quality. Therefore, edge computing technology, which is closer to the data generation side, has gradually attracted the attention of researchers. Edge computing is an open platform with storage, computing, network, and other resources near the edge of the data source. It can provide edge intelligent services nearby, and has technical advantages such as timely service response, more intelligent applications, and strong privacy protection. Edge computing syncs computing and communication capabilities and uses edge devices close to the source of data generation to widely connect terminal devices, providing users with efficient computing services. Cloud edge collaboration means that the application scenario of edge computing requires the edge and cloud center to work together. In the cloud edge collaboration environment, data processing is determined according to the characteristics and needs of services [22]. Tasks with low computational resource requirements, sensitive feedback latency, and strong data privacy are mainly processed by the edge, while tasks with high computational resource consumption and global perception analysis are mainly processed by cloud centers. This is not a matter of separation, but rather of leveraging each other’s strengths to achieve the best service results in handling the same service.

3.4. Chebyshev Chaotic Mapping

First, it is necessary to define the n-dimensional Chebyshev polynomial as ${\mathrm{T}}_{\mathrm{n}}\left(\mathrm{x}\right)$, where n is a natural number and $\mathrm{x}\in [-\mathrm{1,1}]$, satisfying:

$${\mathrm{T}}_{\mathrm{n}}\left(\mathrm{x}\right)=\mathrm{c}\mathrm{o}\mathrm{s}(\mathrm{n}·\mathrm{a}\mathrm{r}\mathrm{c}\mathrm{c}\mathrm{o}\mathrm{s}(\mathrm{x}\left)\right)$$

Therefore, according to the trigonometric transformation, the recursive relationship of Chebyshev polynomials can be obtained as follows [8]:

$$\begin{gathered} {\mathrm{T}}_0\left(\mathrm{x}\right)=1 \\ {\mathrm{T}}_1\left(\mathrm{x}\right)=\mathrm{x} \\ {\mathrm{T}}_2\left(\mathrm{x}\right)=2{\mathrm{x}}^2-1 \\ \dots \dots \\ {\mathrm{T}}_{\mathrm{n}+1}\left(\mathrm{x}\right)=2\mathrm{x}{\mathrm{T}}_{\mathrm{n}}\left(\mathrm{x}\right)-{\mathrm{T}}_{\mathrm{n}-1}\left(\mathrm{x}\right) \end{gathered}$$

In addition, Chebyshev polynomials also possess semigroup properties. For $\mathrm{r},\mathrm{s}\in \mathrm{N},\mathrm{x}\in [-\mathrm{1,1}]$, they satisfy:

$${\mathrm{T}}_{\mathrm{r}}\left({\mathrm{T}}_{\mathrm{s}}\left(\mathrm{x}\right)\right)={\mathrm{T}}_{\mathrm{r}\mathrm{s}}\left(\mathrm{x}\right)={\mathrm{T}}_{\mathrm{s}}\left({\mathrm{T}}_{\mathrm{r}}\left(\mathrm{x}\right)\right)$$

In 2008, to compensate for the security flaws of Chebyshev polynomials, Zhang et al. [39] proposed an enhanced Chebyshev polynomial, which extended the domain of x from $[-\mathrm{1,1}]$ to $[-\mathrm{\infty },+\mathrm{\infty }]$, and the expression became:

$${\mathrm{T}}_{\mathrm{n}}\left(\mathrm{x}\right)=(2\mathrm{x}{\mathrm{T}}_{\mathrm{n}-1}\left(\mathrm{x}\right)-{\mathrm{T}}_{\mathrm{n}-2}\left(\mathrm{x}\right))\left(modN\right)$$

where $\mathrm{n}\ge 2$ and N is a large prime number, which still satisfies the semigroup property. The identity authentication protocol research in this article adopts an enhanced version of Chebyshev polynomials for protocol design.

Difficult problems refer to problems that cannot be calculated within probabilistic polynomial time algorithms. When designing cryptographic protocols, the security of the protocol is usually limited to a basic mathematical problem, with the insolvability of a specific known problem as the cornerstone of protocol security. Based on the Chebyshev polynomial, there are the following difficult assumptions:

(1)

Discrete Logarithmic Problem (DLP): Given the parameters x and y, it is difficult to find a positive integer n that satisfies ${\mathrm{T}}_{\mathrm{n}}\left(\mathrm{x}\right)=\mathrm{y}$.

(2)

Computational Diffie-Hellman Problem (CDHP): Given the parameters $x,{\mathrm{T}}_{\mathrm{r}}\left(\mathrm{x}\right)$ and ${\mathrm{T}}_{\mathrm{s}}\left(\mathrm{x}\right)$, it is difficult to calculate ${{\mathrm{T}}_{\mathrm{r}\mathrm{s}}\left(\mathrm{x}\right)=\mathrm{T}}_{\mathrm{r}}\left({\mathrm{T}}_{\mathrm{s}}\left(\mathrm{x}\right)\right)={\mathrm{T}}_{\mathrm{s}}\left({\mathrm{T}}_{\mathrm{r}}\left(\mathrm{x}\right)\right)$.

4. Proposed Protocol

In this paper, Figure 2 is used to represent the protocol authentication process.

4.1. Initialization

The Cloud Service Center (CSC) generates a random number x and a large prime number p, then selects a random number s as the private key. Next, CSC selects the one-way secure hash function $\mathrm{H}(·)$ and computes the public key ${\mathrm{T}}_{\mathrm{s}}\left(\mathrm{x}\right)$, and publicly disclose the parameters {x, ${\mathrm{T}}_{\mathrm{s}}\left(\mathrm{x}\right)$, $\mathrm{p}$,$\mathrm{H}(·)$}.

4.2. Register

• IoT device registration

  (1)

  IoT device ${IoTD}_i$ first selects a random number $a_0$, then inputs the identity identifier ${ID}_i$, calculates ${PID}_i=\mathrm{H}({ID}_i||a_0)$, and sends the calculation result {${PID}_i$} to the cloud server CSC through a secure channel.

  (2)

  After receiving {${PID}_i$}, CSC in the cloud server center selects the random number $b_0$ and identity ${ID}_c$, calculates ${CI}_i=\mathrm{H}\left({PID}_i\right|\left|b_0\right|\left|\mathrm{s}\right)$, ${SI}_i={ID}_c\oplus {PID}_i$, and initializes Count to 0. CSC stores {${PID}_i,b_0,\mathrm{C}\mathrm{o}\mathrm{u}\mathrm{n}\mathrm{t}$} in the registry and issues a smart card ${SC}_i$. CSC stores {${CI}_i,{SI}_i$} in ${SC}_i$ and finally sends ${SC}_i$ to ${IoTD}_i$

  (3)

  After receiving the smart card ${SC}_i$, ${IoTD}_i$ inputs the password ${PW}_i,$calculates ${IA}_i={CI}_i\oplus {PID}_i$, ${RI}_i=\mathrm{H}\left({ID}_i\right|\left|{PW}_i\right|\left|a_0\right)$ and then updates the information {${IA}_i,{RI}_i,{SI}_i,a_0$} to the smart card ${SC}_i$.

• Edge Server Registration

  (1)

  The edge server ${ES}_j$ selects a random number $n_0$, calculates ${EI}_j=\mathrm{H}({ID}_j||n_0)$, and sends it to CSC.

  (2)

  After receiving {${EI}_j$}, CSC selects the random number $s_1$ to calculate ${DI}_j=\mathrm{H}(E{I}_j|\left|s_1\right||\mathrm{s})$ and ${SI}_j={EI}_j\oplus {ID}_c$, and returns them to ${ES}_j$. Finally, CSC stores {${EI}_j$, $s_1$}.

  (3)

  After receiving {${EI}_j$, $s_1$}, ${ES}_j$ calculates ${BT}_j={DI}_j\oplus {EI}_j$ and stores {${BT}_j$, ${SI}_j$}.

4.3. Authentication and Key Negotiation

(1)

${IoTD}_i$ can be inserted into smart card ${SC}_i$, input identity ${ID}_i$ and password ${PW}_i$, calculate ${\mathrm{R}\mathrm{I}}_i^{\mathrm{*}}=\mathrm{H}({ID}_i|\left|{PW}_i\right||a_0)$, and then determine whether ${\mathrm{R}\mathrm{I}}_i^{\mathrm{*}}$ is equal to ${RI}_i$. This can determine whether the identity and password of ${IoTD}_i$ are correct. If ${\mathrm{R}\mathrm{I}}_i^{\mathrm{*}}$ = ${RI}_i$ is true, ${IoTD}_i$ login is successful. Therefore, two-factor authentication ensures the user’s secure login. ${IoTD}_i$ chooses randomly $a_1$ and the current timestamp $T_1$, uses chaotic mapping to calculate $I_1=T_{a_1}\left(x\right)$, $I_2=T_{a_1}\left({\mathrm{T}}_{\mathrm{s}}\left(\mathrm{x}\right)\right)={\mathrm{T}}_{a_1\mathrm{s}}\left(\mathrm{x}\right)$, ${AP}_i={ID}_i\oplus \mathrm{H}(I_1||I_2)$, ${AN}_i=\mathrm{H}\left(I_1\right|\left|I_2\right||{ID}_i|\left|T_1\right||{PID}_i)$, and finally sends {$I_1,{AP}_i,{AN}_i,T_1$} to the edge server ${ES}_j$.

(2)

When ${ES}_j$ receives {$I_1,{AP}_i,{AN}_i,T_1$} from ${IoTD}_i$, ${ES}_j$ checks $T_1$. If not established, ${ES}_j$ will immediately terminate communication. If it is true, ${ES}_j$ chooses randomly $n_1$ and $T_2$, then uses chaotic mapping to calculate $E_1=T_{n_1}\left(x\right)$, $E_2=T_{n_1}\left({\mathrm{T}}_{\mathrm{s}}\left(\mathrm{x}\right)\right)={\mathrm{T}}_{n_1\mathrm{s}}\left(\mathrm{x}\right)$, $E_3=T_{n_1}\left(I_1\right)={\mathrm{T}}_{n_1{a}_1}\left(\mathrm{x}\right)$, ${BP}_j={ID}_j\oplus \mathrm{H}(E_1|\left|{\mathrm{E}}_2\right),{BN}_j=\mathrm{H}(E_1|\left|E_2\right||{ID}_j|\left|T_2\right||{DI}_j)$, and finally ${ES}_j$ sends {$I_1,E_1,E_3,{AP}_i,{AN}_i,{BP}_j,{BN}_j,T_1,T_2$} to the cloud server CSC.

(3)

When CSC receives the message {$A_1,E_1,E_3,{AP}_i,{AN}_i,{BP}_i,{BN}_i,T_1,T_2$} sent by ${ES}_j$, it checks $T_2$. If not established, CSC will immediately stop communication. If it is true, CSC uses chaotic mapping to calculate ${\mathrm{I}}_2^{\mathrm{*}}=T_s\left({\mathrm{T}}_{a_1}\left(\mathrm{x}\right)\right)={\mathrm{T}}_{a_1\mathrm{s}}\left(\mathrm{x}\right),$ ${\mathrm{E}}_2^{\mathrm{*}}=T_s\left({\mathrm{T}}_{n_1}\left(\mathrm{x}\right)\right)={\mathrm{T}}_{n_1\mathrm{s}}\left(\mathrm{x}\right)$, ${\mathrm{I}\mathrm{D}}_i^{\mathrm{*}}={AP}_i\oplus \mathrm{H}\left(I_1\right|\left|{\mathrm{I}}_2^{\mathrm{*}}\right),$ ${\mathrm{I}\mathrm{D}}_j^{\mathrm{*}}={BP}_j\oplus \mathrm{H}\left(E_1\right|\left|{\mathrm{E}}_2^{\mathrm{*}}\right),$ ${\mathrm{A}\mathrm{N}}_i^{\mathrm{*}}=\mathrm{H}\left(I_1\right|\left|{\mathrm{I}}_2^{\mathrm{*}}\right|\left|{\mathrm{I}\mathrm{D}}_i^{\mathrm{*}}\right|\left|T_1\right|\left|{PID}_i\right),$ ${\mathrm{B}\mathrm{N}}_j^{\mathrm{*}}=\mathrm{H}\left(E_1\right|\left|{\mathrm{E}}_2^{\mathrm{*}}\right|\left|{\mathrm{I}\mathrm{D}}_j^{\mathrm{*}}\right|\left|T_2\right|\left|{DI}_j\right)$, and then determines whether ${AN}_i={\mathrm{A}\mathrm{N}}_i^{\mathrm{*}}$ and ${BN}_j={\mathrm{B}\mathrm{N}}_j^{\mathrm{*}}$ are true. If the above equation results are judged to be unequal, CSC will immediately terminate communication. If the above equations are equal, CSC selects the random number $s_2$ and timestamp $T_3$, then calculates $D_1=T_{s_2}\left(x\right),D_2=T_{s_2}\left({\mathrm{T}}_{\mathrm{s}}\left(\mathrm{x}\right)\right)={\mathrm{T}}_{s_2\mathrm{s}}\left(\mathrm{x}\right),D_3=T_{s_2}\left(E_1\right)={\mathrm{T}}_{s_2{n}_1}\left(\mathrm{x}\right),{CK}_1=T_{s_2}\left(E_3\right)$, session key ${SK}_1=\mathrm{H}({CK}_1|\left|I_1\right||E_1|\left|D_1\right||{ID}_c),{CE}_j=\mathrm{H}\left(E_1\right|\left|{\mathrm{E}}_2^{\mathrm{*}}\right|\left|{\mathrm{I}\mathrm{D}}_j^{\mathrm{*}}\right|\left|{SK}_1\right|\left|T_3\right)$, ${CI}_i=\mathrm{H}\left(I_1\right|\left|{\mathrm{I}}_2^{\mathrm{*}}\right|\left|{\mathrm{I}\mathrm{D}}_i^{\mathrm{*}}\right|\left|{SK}_1\right|\left|T_3\right)$, and finally updates the counter Count = Count + 1 in the CSC storage table while sending {$D_1,D_2,D_3,{CI}_i,{CE}_j,T_3$} to the edge server ${ES}_j$.

(4)

When ${ES}_j$ receives the message {$D_1,D_2,D_3,{CI}_i,{CE}_j,T_3$} returned by CSC, it first checks whether $T_3$ meets the requirements. Then ${ES}_j$ uses chaotic mapping to calculate ${CK}_2=T_{n_1}\left(D_2\right)$, session key ${SK}_2=\mathrm{H}({CK}_2|\left|I_1\right||E_1|\left|D_1\right||{ID}_c)$, ${\mathrm{C}\mathrm{E}}_j^{\mathrm{*}}=\mathrm{H}(E_1|\left|E_2\right||{ID}_j||{SK}_2||T_3)$, and determines whether ${\mathrm{C}\mathrm{E}}_j^{\mathrm{*}}$ is equal to ${CE}_j$. If equal, ${ES}_j$ verifies the identity of CSC and the session key is equal. Then ${ES}_j$ returns {$E_1,D_1,D_3,{CI}_i,T_3$} to ${IoTD}_i$.

(5)

When ${IoTD}_i$ receives messages {$E_1,D_1,D_3,{CI}_i,T_3$} sent by ${ES}_j$, it first checks $T_3$. If $T_3$ is within the time threshold range, ${ES}_j$ uses chaotic mapping to calculate ${CK}_3=T_{n_1}\left(D_3\right)$, session key ${SK}_3=\mathrm{H}({CK}_3|\left|I_1\right||E_1|\left|D_1\right||{ID}_c),{\mathrm{C}\mathrm{I}}_i^{\mathrm{*}}=\mathrm{H}(I_1|\left|I_2\right||{ID}_i||{SK}_3||T_3)$ and determines whether ${\mathrm{C}\mathrm{I}}_i^{\mathrm{*}}$ is equal to ${CI}_i$. If they are not equal, ${IoTD}_i$ immediately terminates communication. If they are the same, ${IoTD}_i$ believes that ${ES}_j$ and CSC are true and that the session key is equal, and then ${IoTD}_i$ can communicate with CSC and ${ES}_j$ through the session key.

4.4. Password Modification

When ${IoTD}_i$ wants to change its password, it first enters the identity ${ID}_i$ and password ${PW}_i$, then calculates ${\mathrm{R}\mathrm{I}}_i^{\mathrm{*}}=\mathrm{H}({ID}_i|\left|{PW}_i\right||a_0)$ and checks whether it is equal to ${\mathrm{R}\mathrm{I}}_i$. If it is equal, it proves that ${IoTD}_i$ is legal. Then, it can choose a new password ${PW}_i^{new}$ and update the content in smart card ${SC}_i$, replacing ${\mathrm{R}\mathrm{I}}_i$ with ${\mathrm{R}\mathrm{I}}_i^{new}=\mathrm{H}\left({ID}_i\right|\left|{PW}_i^{new}\right|\left|a_0\right)$.

5. Security Evaluation

5.1. Security Proof

This article uses BAN logic analysis to prove the correctness of the proposed scheme.

(1)

Protocol idealization

${\mathrm{M}\mathrm{e}\mathrm{s}}_1:{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i\to CSC:<I_1,{AP}_i,{AN}_i,T_1{>}_{I_2}$

${\mathrm{M}\mathrm{e}\mathrm{s}}_2:{ES}_j\to \mathrm{C}\mathrm{S}\mathrm{C}:<E_1,E_3,{BP}_j,{BN}_j,T_2{>}_{E_2}$

${\mathrm{M}\mathrm{e}\mathrm{s}}_3:\mathrm{C}\mathrm{S}\mathrm{C}\to {ES}_j:<D_1,D_2,D_3,{CI}_i,{CE}_j,T_3{>}_{{CK}_1}$

${\mathrm{M}\mathrm{e}\mathrm{s}}_4:{ES}_j\to {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i:<E_1,D_1,D_3,{CI}_i,T_3{>}_{{CK}_2}$

(2)

Protocol goal

${\mathrm{G}}_1:{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_{\mathrm{i}}|\equiv {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i\stackrel{SK}{\leftrightarrow }{\mathrm{E}\mathrm{S}}_{\mathrm{j}}$

${\mathrm{G}}_2:{\mathrm{E}\mathrm{S}}_j|\equiv {\mathrm{E}\mathrm{S}}_j\stackrel{SK}{\leftrightarrow }{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i$

${\mathrm{G}}_3:{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i|\equiv {\mathrm{E}\mathrm{S}}_j|\equiv {\mathrm{E}\mathrm{S}}_j\stackrel{SK}{\leftrightarrow }{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i$

${\mathrm{G}}_4:{\mathrm{E}\mathrm{S}}_j|\equiv {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i|\equiv {\mathrm{E}\mathrm{S}}_j\stackrel{SK}{\leftrightarrow }{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i$

(3)

Initial hypothesis

${\mathrm{A}}_1:CSC|\equiv \mathrm{C}\mathrm{S}\mathrm{C}\stackrel{I_2}{\leftrightarrow }{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_{\mathrm{i}}$

${\mathrm{A}}_2:CSC|\equiv \#(T_1)$

${\mathrm{A}}_3:CSC|\equiv {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_{\mathrm{i}}\Rightarrow <I_1,{AP}_i,{AN}_i,T_1>$

${\mathrm{A}}_4:CSC|\equiv \mathrm{C}\mathrm{S}\mathrm{C}\stackrel{E_2}{\leftrightarrow }{\mathrm{E}\mathrm{S}}_{\mathrm{j}}$

${\mathrm{A}}_5:CSC|\equiv \#(T_2)$

${\mathrm{A}}_6:CSC|\equiv {\mathrm{E}\mathrm{S}}_{\mathrm{j}}\Rightarrow <E_1,E_3,{BP}_j,{BN}_j,T_2>$

${\mathrm{A}}_7:{\mathrm{E}\mathrm{S}}_{\mathrm{j}}|\equiv \mathrm{C}\mathrm{S}\mathrm{C}\stackrel{{CK}_1}{\leftrightarrow }{\mathrm{E}\mathrm{S}}_{\mathrm{j}}$

${\mathrm{A}}_8:{\mathrm{E}\mathrm{S}}_{\mathrm{j}}|\equiv \#(T_3)$

${\mathrm{A}}_9:{\mathrm{E}\mathrm{S}}_{\mathrm{j}}|\equiv CSC\Rightarrow <D_1,D_2,D_3,{CI}_i,{CE}_j,T_3>$

${\mathrm{A}}_{10}:{\mathrm{E}\mathrm{S}}_i|\equiv {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_{\mathrm{i}}\Rightarrow {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_{\mathrm{i}}\stackrel{SK}{\leftrightarrow }{\mathrm{E}\mathrm{S}}_i$

${\mathrm{A}}_{11}:{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_{\mathrm{i}}|\equiv {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_{\mathrm{i}}\stackrel{{CK}_2}{\leftrightarrow }{ES}_j$

${\mathrm{A}}_{12}:{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_{\mathrm{i}}|\equiv \#(E_1)$

${\mathrm{A}}_{13}:{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_{\mathrm{i}}|\equiv {\mathrm{E}\mathrm{S}}_j\Rightarrow <E_1,D_1,D_3,{CI}_i,T_3>$

${\mathrm{A}}_{14}:{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_{\mathrm{i}}|\equiv {\mathrm{E}\mathrm{S}}_{\mathrm{j}}\Rightarrow {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_{\mathrm{i}}\stackrel{SK}{\leftrightarrow }{\mathrm{E}\mathrm{S}}_i$

(4)

Proof of protocol

According to ${\mathrm{M}\mathrm{e}\mathrm{s}}_1$, it gets:

${\mathrm{R}}_1:CSC⊲<I_1,{AP}_i,{AN}_i,T_1{>}_{I_2}$

From ${\mathrm{R}}_1,A_1$ and message meaning rule, we get:

${\mathrm{R}}_2:CSC\left|\equiv {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i\right|~<I_1,{AP}_i,{AN}_i,T_1>$

According to ${\mathrm{R}}_2$, $A_2$ and the random number validation rule, we obtain:

${\mathrm{R}}_3:CSC\left|\equiv {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i\right|\equiv <I_1,{AP}_i,{AN}_i,T_1>$

According to ${\mathrm{R}}_3$, $A_3$ and the arbitration rules, we get:

${\mathrm{R}}_4:CSC|\equiv <I_1,{AP}_i,{AN}_i,T_1>$

According to ${\mathrm{M}\mathrm{e}\mathrm{s}}_2$, it gets:

${\mathrm{R}}_5:CSC⊲<E_1,E_3,{BP}_j,{BN}_j,T_2{>}_{E_2}$

From ${\mathrm{R}}_5,A_4$ and message meaning rule, we get:

${\mathrm{R}}_6:CSC\left|\equiv {\mathrm{E}\mathrm{S}}_j\right|~<E_1,E_3,{BP}_j,{BN}_j,T_2>$

According to ${\mathrm{R}}_6$, $A_5$ and the random number validation rule, we obtain:

${\mathrm{R}}_7:CSC\left|\equiv {\mathrm{E}\mathrm{S}}_j\right|\equiv <E_1,E_3,{BP}_j,{BN}_j,T_2>$

According to ${\mathrm{R}}_7$, $A_6$ and the arbitration rules, we get:

${\mathrm{R}}_8:CSC|\equiv <E_1,E_3,{BP}_j,{BN}_j,T_2>$

According to ${\mathrm{M}\mathrm{e}\mathrm{s}}_3$, it gets:

${\mathrm{R}}_9:{\mathrm{E}\mathrm{S}}_j⊲<D_1,D_2,D_3,{CI}_i,{CE}_j,T_3{>}_{{CK}_1}$

From ${\mathrm{R}}_9,A_7$ and message meaning rule, we get:

${\mathrm{R}}_{10}:{\mathrm{E}\mathrm{S}}_j\left|\equiv CSC\right|~<D_1,D_2,D_3,{CI}_i,{CE}_j,T_3>$

According to ${\mathrm{R}}_{10}$, $A_8$ and the random number validation rule, we obtain:

${\mathrm{R}}_{11}:{\mathrm{E}\mathrm{S}}_j\left|\equiv CSC\right|\equiv <D_1,D_2,D_3,{CI}_i,{CE}_j,T_3>$

According to ${\mathrm{R}}_{11}$, $A_9$ and the arbitration rules, we get:

${\mathrm{R}}_{12}:{\mathrm{E}\mathrm{S}}_j|\equiv <D_1,D_2,D_3,{CI}_i,{CE}_j,T_3>$

According to ${\mathrm{R}}_{12}\mathrm{a}\mathrm{n}\mathrm{d}$ ${SK}_2=\mathrm{H}\left({CK}_2\right|\left|I_1\right||E_1|\left|D_1\right||{ID}_c)$, we get

${\mathrm{R}}_{13}:{\mathrm{E}\mathrm{S}}_j|\equiv {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i|\equiv {\mathrm{E}\mathrm{S}}_{\mathrm{j}}\stackrel{SK}{\leftrightarrow }{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i$

According to ${\mathrm{R}}_{13}$, $A_{10}$, and the arbitration rules, we get:

${\mathrm{R}}_{14}:{\mathrm{E}\mathrm{S}}_j|\equiv {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i\stackrel{SK}{\leftrightarrow }{\mathrm{E}\mathrm{S}}_j$

According to ${\mathrm{M}\mathrm{e}\mathrm{s}}_4$, it gets:

${\mathrm{R}}_{15}:{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i⊲<E_1,D_1,D_3,{CI}_i,T_3{>}_{{CK}_2}$

From ${\mathrm{R}}_{15},A_{11}$ and message meaning rule, we can get:

${\mathrm{R}}_{16}:{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i\left|\equiv {\mathrm{E}\mathrm{S}}_j\right|~<E_1,D_1,D_3,{CI}_i,T_3>$

According to ${\mathrm{R}}_{16}$, $A_{12}$ and the random number validation rule, we obtain:

${\mathrm{R}}_{17}:{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i\left|\equiv {\mathrm{E}\mathrm{S}}_j\right|\equiv <E_1,D_1,D_3,{CI}_i,T_3>$

According to ${\mathrm{R}}_{17}$, $A_{13}$ and the arbitration rules, we get:

${\mathrm{R}}_{18}:{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i|\equiv <E_1,D_1,D_3,{CI}_i,T_3>$

According to ${\mathrm{R}}_{10}\mathrm{a}\mathrm{n}\mathrm{d}{\mathrm{A}}_{14}$, ${SK}_3=\mathrm{H}\left({CK}_3\right|\left|I_1\right||E_1|\left|D_1\right||{ID}_c)$, we get:

${\mathrm{R}}_{19}:{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i|\equiv {\mathrm{E}\mathrm{S}}_{\mathrm{j}}|\equiv {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i\stackrel{SK}{\leftrightarrow }{\mathrm{E}\mathrm{S}}_j$

According to ${\mathrm{R}}_{19}$, $A_{15}$ and the arbitration rules, we get:

${\mathrm{R}}_{20}:{\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i|\equiv {\mathrm{I}\mathrm{o}\mathrm{T}\mathrm{D}}_i\stackrel{SK}{\leftrightarrow }{\mathrm{E}\mathrm{S}}_{\mathrm{j}}$

In summary, all goals have been achieved. Therefore, the correctness of this scheme has been verified.

5.2. Scyther Verification

Protocol security directly determines the security of communication networks. Formal tools have made significant contributions in determining the security of verification protocols, accurately and quickly proving security and identifying security vulnerabilities in protocols. The Scyther formal tool [8] has outstanding performance in protocol security analysis due to its concise formal language and more practical and sound functions. This formal tool is based on the Athena algorithm and utilizes various techniques such as mathematical theorems and logical analysis to analyze multi-agent protocols. This tool uses Security Protocol Description Language (SPDL) to describe the protocol and models the protocol’s security properties through a set of declarations (Alive, Weakage, Niagree, Nisync, and Commit), which are mainly used to detect replay attacks, man in the middle attacks, key forward and backward attacks, and other types of attacks.

Therefore, this article will use Scyther formal tools to verify the security of the protocol proposed in this article. The verification results are shown in Figure 3. The verification results of security attributes such as Alive, Weakagreee, Niagreee, and Nisynch are all “OK”, with no attack path, indicating that attackers cannot launch attacks on the protocol, indicating that the authentication protocol can effectively resist multiple attacks such as man in the middle attack and key forward attack. So, the proposed solution in this article has passed formal tool security verification of the protocol, and the negotiated session key has security.

5.3. Security Analysis

(1)

Mutual authentication

The IoT device ${IoTD}_i$ sends the message request {$I_1,{AP}_i,{AN}_i,T_1$} to the edge server ${ES}_j$ for authentication. ${ES}_j$ sends the new authentication request {$I_1,E_1,E_3,{AP}_i,{AN}_i,{BP}_j,{BN}_j,T_1,T_2$} to the cloud server CSC. CSC first checks the timeliness of the message, and then verifies the identity of ${IoTD}_i$ and ${ES}_j$ by comparing whether ${AN}_i={\mathrm{A}\mathrm{N}}_i^{\mathrm{*}}$ and ${BN}_j={\mathrm{B}\mathrm{N}}_j^{\mathrm{*}}$ are valid. ${ES}_j$ receives messages {$D_1,D_2,D_3,{CI}_i,{CE}_j,T_3$} from CSC to determine if ${\mathrm{C}\mathrm{E}}_j^{\mathrm{*}}$ is equal to ${CE}_j$. If equal, ${ES}_j$ verifies the identity of CSC. ${IoTD}_i$ receives messages {$E_1,D_1,D_3,{CI}_i,T_3$} from ${ES}_j$ to determine if ${\mathrm{C}\mathrm{I}}_i^{\mathrm{*}}$ is equal to ${CI}_i$. ${IoTD}_i$ verified the identities of ${ES}_j$ and CSC. Therefore, our protocol achieves mutual identity authentication between entities.

(2)

Anonymity

During the registration phase of the protocol, ${ID}_i$ is processed by ${PID}_i=\mathrm{H}({ID}_i||a_0)$ and then sent to CSC. Moreover, the processed ${ID}_i$ is registered in CSC, and the ${ID}_i$ of IoT devices is not stored in CSP’s database. Therefore, there is no problem of obtaining user identity by cracking CSC’s database content during the registration phase, which can ensure the anonymity of users during the registration phase. Then, in the authentication stage, ${ID}_i$ is encrypted by ${AP}_i={ID}_i\oplus \mathrm{H}(I_1||I_2)$ and transmitted through the public channel after computation. However, even if the information transmitted through the public channel is intercepted, ${ID}_i$ cannot be calculated. In order to obtain ${ID}_i$, it is necessary to calculate $I_2$, and obtaining $I_2$ requires solving the CDHP problem, so $I_2$ cannot be calculated, that is, the value of ${ID}_i$ cannot be obtained. In summary, the protocol can ensure user anonymity.

(3)

Unlinkability

In the protocol, ${IoTD}_i$, ${ED}_j$, and CSC first set timestamps during the authentication negotiation process, and the time of each stage is changing dynamically, so the time of the message is the latest. Then, the identity of ${IoTD}_i$ is anonymous, and the encryption parameters are different each time, so the calculated authentication value is always changing. In the calculated authentication value, new random numbers are added during each authentication process to ensure that each authentication is a changing value. So, in summary, the protocol satisfies untraceability.

(4)

Replay attack

In the protocol, on the one hand, adding timestamps to the first stage of each entity authentication can ensure the freshness of the messages sent by the three parties and ensure the effectiveness of the transmitted messages to resist replay attacks. On the other hand, authentication values are calculated using random values. As each session progresses, the authentication value varies. This increases the difficulty for attackers to replay each time.

(5)

Man in the middle attack

Assuming the attacker could intercept the messages {$I_1,{AP}_i,{AN}_i,T_1$} transmitted by ${IoTD}_i$, it cannot obtain the secret value $I_2$ calculated by the chaotic mapping algorithm in ${IoTD}_i$. Therefore, even if the attacker tampers with the transmitted messages {$I_1,{AP}_i,{AN}_i,T_1$} and sends them to CSC, authentication cannot be obtained. Similarly, attackers can intercept and modify messages {$I_1,E_1,E_3,{AP}_i,{AN}_i,{BP}_j,{BN}_j,T_1,T_2$}, but they still cannot obtain the secret value $E_2$ calculated by the chaotic mapping algorithm in ${ES}_j$. This means that CSC cannot complete the verification.

(6)

Impersonation attack

Assuming that the private key s of CSC is leaked, if the attacker can use s to calculate $I_2$ and $E_2$, they can impersonate IoT devices and edge servers. However, even if they know $I_2$ and $E_2$, they cannot calculate the correct ${AN}_i=\mathrm{H}\left(I_1\right|\left|I_2\right||{ID}_i|\left|T_1\right||{PID}_i)$ and ${BN}_j=\mathrm{H}\left(E_1\right|\left|E_2\right||{ID}_j|\left|T_2\right||{DI}_j)$ because they do not know ${PID}_i$ and ${DI}_j$, so they cannot obtain the correct authentication value. So, it is impossible to disguise ${IoTD}_i$ and ${ES}_j$.

(7)

Password guessing attacks

Attackers can intercept messages {$I_1,{AP}_i,{AN}_i,T_1$}, {$I_1,E_1,E_3,{AP}_i,{AN}_i,{BP}_j,{BN}_j,T_1,T_2$}, {$D_1,D_2,D_3,{CI}_i,{CE}_j,T_3$} and {$E_1,D_1,D_3,{CI}_i,T_3$} transmitted by three role login authentication in the public channel, but cannot make password guesses based on these intercepted messages. Because these messages transmitted through public channels do not mention ${PW}_i$, smart cards can steal and obtain stored information. However, the identity ${ID}_i$ and password ${PW}_i$ of ${IoTD}_i$ are unknown, and in the first stage of device login, the correct ${ID}_i$ and ${PW}_i$ must be entered simultaneously for authentication. So, the protocol can resist password guessing attacks.

(8)

Verification Table Loss Attack

In the proposed protocol, the parameter table maintained by ${IoTD}_i$ is {${IA}_i,{RI}_i,{SI}_i,a_0$}, and the parameter table maintained by ${ES}_j$ is {${BT}_j$, ${SI}_j$}. The parameters in these two tables are not critical secret parameters, so even if an attacker obtains these parameters, they cannot use them to enhance the advantage of the attack and threaten the security of the system.

(9)

Privileged internal attack

In the proposed protocol, the user only sends the ${PID}_{\mathrm{i}}$ to the server, without sending any information related to the password. Then, among all the parameters stored in the ${SC}_{\mathrm{i}}$, it is found that ${PW}_{\mathrm{i}}$ is not presented in plain text, but uses a one-way function, so ${PW}_{\mathrm{i}}$ is for security protection. Therefore, the proposed protocol has the ability to resist privileged internal attack.

(10)

IoT device compromise

When an IoT device is compromised, the information stored on the device may be obtained by attackers. However, the attacker cannot obtain the user password, and it is difficult for the attacker to log in successfully and authenticate.

(11)

Forward security

Assuming that the main key s of CSC is leaked and that the attacker has intercepted all communication content on the channel, they will want to crack the previous session key. At this point, the attacker needs to calculate ${SK}_3=\mathrm{H}\left({CK}_3\right|\left|I_1\right||E_1|\left|D_1\right||{ID}_c)$; however, the secret value of ${CK}_3$ is calculated using a chaotic mapping algorithm. Therefore, when an attacker calculates ${CK}_3$, they will face the CDHP difficulty problem based on Chebyshev polynomials, which is almost impossible to calculate successfully.

5.4. Security Comparison

Here, the main comparison was made between the relevant solutions and the proposed solutions in this article, and the security features and related functions were compared. The summary of the comparison results is shown in

Table 1. Functionality comparison.

Feature	[23]	[40]	[18]	[29]	[37]	[24]	[41]	Our
Mutual authentication	✓	✓	✓	✓	✓	✓	✓	✓
Anonymity	✓	✓	✓	✓	✓	✓	✓	✓
Unlinkability	✘	✓	✓	✓	✓	✓	✓	✓
Replay attack	✓	✓	✘	✓	✓	✓	✓	✓
Man in the middle attack	✓	✓	✓	✓	✓	✓	✓	✓
Counterfeit attack	✓	✘	✓	✓	✓	✓	✓	✓
Session key negotiation	✓	✓	✓	✓	✓	✓	✓	✓
Resist offline dictionary attack	✘	✘	✘	✘	✘	✘	✘	✓
Message integrity	✓	✓	✓	✓	✓	✓	✓	✓
Verification Table Loss Attack	✓	✓	✓	✓	✓	✓	✓	✓
IoT device compromise	✓	✓	✓	✓	✓	✓	✓	✓
Privileged internal attack	✓	✓	✓	✓	✓	✓	✓	✓
Forward security	✓	✓	✓	✓	✓	✓	✓	✓

. In the table, we use ✓ to mark support for this feature or function and use ✘ to indicate that this feature or feature is not supported.

6. Performance Analysis

6.1. Computation Overhead

For the cryptographic operations involved in the proposed scheme and other related schemes, this paper conducted network simulation experiments on a hardware platform (shown in

Table 2. Experimental Platform.

Entity	${\mathit{I}\mathit{o}\mathit{T}\mathit{D}}_{\mathit{i}}$	${\mathit{E}\mathit{S}}_{\mathit{j}}$	CSC
Platform	Smart phone	Laptop	Desktop
Processor	Hisilicon Kirin 980	Intel Core i7 processor	Intel Core i7 processor
Memory	4 GB	16 GB	32 GB
Operating system	Android 11	Windows 10	Windows 10

). We used the PBC library and C oracle to develop cryptographic algorithms. The development tool we used is Visual Studio 2019. Through this experiment, the execution time of various cryptographic operations can be obtained. $T_H$, $T_{ECC}$, $T_{CM}$, $T_{D/E}$, and $T_F$ are used to represent the time required to perform one-way hash functions, elliptic curve point multiplication, chaotic mapping algorithms, symmetric encryption, and fuzzy extraction, respectively. As shown in

Table 3. Execution time.

Operation	${\mathit{I}\mathit{o}\mathit{T}\mathit{D}}_{\mathit{i}}$	${\mathit{E}\mathit{S}}_{\mathit{j}}$	CSC
$T_{CM}$	0.93	0.62	0.54
$T_{D/E}$	0.85	0.51	0.46
$T_{ECC}$	2.16	1.75	1.32
$T_F$	2.16	1.75	1.32
$T_H$	0.0098	0.0062	0.0031

, these times are calculated. In addition, due to the very low overhead of XOR operation compared to other cryptographic operations, most existing schemes do not consider the time of XOR operation, so it can be ignored.

The comparison results of the computational overhead between the proposed scheme and other related authentication schemes are shown in

Table 4. Computation overhead.

	[23]	[40]	[24]	[41]	Our Protocol
${IoTD}_i$	$5T_{ECC}+9T_H+T_{D/E}$	$3T_{ECC}+T_F+9T_H$	$3T_{ECC}+T_F+8T_H$	$4T_{ECC}+7T_H$	$3T_{CM}+5T_H$
${ES}_i$	$5T_{ECC}+12T_H+2T_{D/E}$	$2T_{ECC}+8T_H$	$9T_H$	$T_{ECC}+4T_H$	$4T_{CM}+4T_H$
CSC	$4T_H+T_{D/E}$	$3T_{ECC}+5T_H$	$3T_{ECC}+14T_H$	$4T_{ECC}+6T_H$	$6T_{CM}+7T_H$
Total	$10T_{ECC}+25T_H+4T_{D/E}$	$8T_{ECC}+T_F+22T_H$	$6T_{ECC}+21T_H$	$9T_{ECC}+17T_H$	$13T_{CM}+16T_H$

. In the authentication process between multiple participating entities, this scheme used a total of 13 chaotic mapping operations and 13 hash function operations, so the computational overhead of this scheme is $13T_{CM}+16T_H$. Compared to the literature, the scheme proposed by Jiang et al. [23] used 10 ECC operations, 4 symmetric encryption operations, and 25 hash function operations, resulting in a total computational overhead of $10T_{ECC}+25T_H+4T_{D/E}$. In other relevant comparative literature, the scheme proposed by Zhao et al. [40] used 22 hash function operations, 8 ECC operations, and 1 fuzzy extraction operation. Therefore, the total time overhead is approximately $8T_{ECC}+T_F+22T_H$. The scheme proposed by Wang et al. [24] involves 21 hash function operations and 6 ECC operations. Therefore, the total time overhead is approximately $6T_{ECC}+21T_H$. The scheme proposed by Xu et al. [41] involves 17 hash function operations and 9 ECC operations. Therefore, the total time overhead is approximately $9T_{ECC}+17T_H$. From Figure 4, it can be seen that the proposed scheme in this article is lower in the total computation overhead. Based on the security analysis proposed above, this scheme achieves lower computational overhead while ensuring higher level security and more functional features.

6.2. Communication Overhead

To compare the communication costs of different schemes, this article unifies the output length of each cryptographic operation. We set the length of random numbers in the scheme to 128 bits, the output length of elliptic curve point multiplication operation to 256 bits, the output length of hash algorithm to 128 bits, the output length of Chebyshev chaotic map to 160 bits, the output length of identity information to 128 bits, and the output length of timestamp to 32 bits. Based on this, the cost of different schemes can be calculated, as shown in

Table 5. Communication overhead.

Protocol	Communication Overhead (bits)
[23]	2816
[40]	2304
[24]	3072
[41]	2816
Our protocol	2912

. The proposed solution includes four interactions. We can calculate that the size of the first message {$I_1,{AP}_i,{AN}_i,T_1$} is 448 bits. Similarly, we can obtain that the size of the second message {$I_1,E_1,E_3,{AP}_i,{AN}_i,{BP}_j,{BN}_j,T_1,T_2$} is 1056 bits, the size of {$D_1,D_2,D_3,{CI}_i,{CE}_j,T_3$} is 768 bits, and the size of {$E_1,D_1,D_3,{CI}_i,T_3$} is 640 bits. Therefore, the total cost of our proposed solution is 2912 bits. From the comparison results in Table 5 and Figure 5, it can be seen that our scheme has lower communication overhead compared to the scheme in [24]. Although the communication overhead of the proposed scheme in this article is higher than that of [23,40,41], after systematically comparing the security, functional characteristics, authentication, and key negotiation efficiency, it can be concluded that the proposed scheme achieves higher security and functional characteristics and minimizes computational and communication overhead as much as possible.

7. Conclusions

With the rapid development of information technology and cloud computing, data plays an important role in various fields, especially in the fields of the Internet, healthcare, finance, etc. To fully leverage the value of data, the flow and sharing of data are essential. Cloud edge collaboration is the current trend. Terminal devices need to establish network connectivity with the edge or cloud center, which requires powerful computing, storage, and analysis capabilities from the edge and cloud center. Authentication is one of the convenient methods to solve the security of information transmission between communication entities. Therefore, based on the cloud edge collaboration, this paper proposes a protocol, which ensures protocol security and forward confidentiality based on chaotic mapping algorithm, and achieves the goal of lightweight authentication for terminals. Finally, the BAN logical reduction method and Scyther are used for security verification. Experimental comparative analysis shows that the proposed protocol had better overhead on the terminal than other schemes. However, the cloud edge collaboration scheme in this article mainly considers the authentication of one IoT device and has not yet considered the scenario of multiple IoT devices being authenticated simultaneously. Therefore, when multiple IoT devices are authenticated simultaneously, it may cause network congestion and reduce efficiency. In addition, this article mainly considers identity verification within the same region and has not yet considered cross cloud server scenarios that exist between different regions. In the future, advanced cryptographic techniques, machine learning algorithms, and blockchain technology will also be introduced to achieve secure and efficient cross domain authentication, while considering authentication of multiple IoT devices.