A Privacy-Preserving Authentication and Key Agreement Scheme with Deniability for IoT

User authentication for the Internet of Things (IoT) is a vital measure as it consists of numerous unattended connected devices and sensors. For security, only the user authenticated by the gateway node can access the real-time data gathered by sensor nodes. In this article, an efficient privacy-preserving authentication and key agreement scheme for IoT is developed which enables the user, the gateway node and sensor nodes to authenticate with each other. Only the trusted gateway node can determine the real identity of user; however, no other entities can get information about user’ identity by just intercepting all exchanged messages during authentication phase. The gateway cannot prove the received messages from the sender to a third party, and thus preserving the privacy of the sender. The correctness of the proposed scheme is proved to be feasible by using BAN logic, and its security is proved under the random oracle model. The execution time of the proposed scheme is evaluated and compared with existing similar schemes, and the results demonstrate that our proposed scheme is more efficient and applicable for IoT applications.


Introduction
The Internet of Things (IoT) [1] is an enormous ubiquitous-network which is connecting the objects through various sensor devices and networks. It plays an important role in people's lives and has been widely used in many fields to gather data such as transportation [2], education, smart healthcare [3][4][5], logistics, etc. In general, the network of IoT is formed by end-users, sensors and base stations (e.g., gateway), in which sensors can collect data of specific areas around them and then end users can access data on demand through the network.
However, the IoT is vulnerable to lots of malicious attacks due to its inherent the computational constraints of the sensors and the openness of wireless channel in IoT environment [1]. It is becoming a principal security concern that how to ensure that only valid end-users can access the critical data. To address this problem effectively, several authentication mechanisms [6][7][8][9] have been proposed to guarantee the authenticity of entities as well as the confidentiality of transferred data during communication in IoT. In an IoT environment, there exist three types entities, i.e., users, gateways and sensors. The gateways are specific modes which are served as trusted servers during authentication. Then sensors locate in various application environment to collect data. The user can access data in sensors while he or she has been authenticated by gateway. The basic goal of authentication is to enable gateway nodes, end-users and sensor nodes to authenticate each other. In order to meet functionality 1. User anonymity. No entity except the trusted gateway nodes can obtain any information about the identity of the users during the authentication phase. 2. Deniability. The gateway node can generate another message that is indistinguishable from the received message from the user, such that when the user request a service via the gateway node, any third party cannot tell whether the message is sent by the user or generated by the gateway node. Therefore, the user can deny that he or she has requested the service. 3. Unlinkability. Any external entity except the trusted gateway node cannot determine whether two messages from distinguished authentication sessions are sent by the same entity. 4. Traceability. If any dispute or misbehavior occurs during the authentication phase, the trusted gateway node can reveal the identity of the user with the exchanged messages. 5. High-efficiency. Due to the adoption of low-cost hash functions and ECC(elliptic curve cryptography) operations, the proposed scheme is more efficient than the existing exponential or bilinear pairing-based authentication schemes.
The remainder of this article is structured as follows. Section 2 provides related preliminaries. The concrete construction of the proposed scheme is described in Section 3. Section 4 presents a rigorous security analysis about the proposed scheme. Section 5 conducts the performance evaluation. Conclusions of the paper are presented in Section 6.

Preliminaries
In this section, some basic knowledge including communication model, the random oracle model and elliptic curve discrete logarithm problem are introduced.

Communication Model
The communication model of our proposed scheme is shown in Figure 1. It includes three kinds of entities: the gateway node GW N, the user U and the sensor node S. A secure communication channel can be established between U and S. Once the user U intends to request a certain service or access the data via GWN, the authentication session is initiated. U first sends an authentication request the message M1 to GW N which requests GW N for authentication; after checking the validity of messages from U, GW N sends the message M2 to S. When receives the message M2 from GW N, S replies the confirmation message about session key establishment with message M3 to GW N. Then GW N verifies M3, generates and sends the message M4 including the message M3 to U. At last, after U authenticating GW N and S, U securely establishes a session key with S successfully.

Security Definition
The secrecy of the session key is the central security goal for authentication and key agreement scheme. To formally prove the security, a game-based method is introduced in our paper based on Abdalla et al.'s [26] method. The security model of our proposed scheme is introduced as follows.
Participants. There are three types of participants: users, gateway nodes and sensor nodes. Let ∏ n P be the instance n of the participants such that P ∈ {U, G, S}, where U, G, S represent users, gateway nodes and sensor nodes respectively. Let ∏ j S represent the j-th instance of S, ∏ i U denote the i-th instance of U, and ∏ n G represent the k-th instance of G. Any participant instance is assumed as an oracle.
Partnering. Let sid denote the session identification which is unique for each conversation. Adversary. It is assumed that there exists a probabilistic polynomial-time(PPT) adversary A that can fully control all the communications by accessing to a series of oracle queries during the execution of the protocol. All the adversary's queries are listed as below: This query issued by the adversary A simulates the eavesdropping attacks on honest executions among the user instance ∏ i U , trusted gateway instance ∏ n G and sensor instance ∏ j S . It outputs a transcript of the exchanged messages during the honest execution of the protocol.
• Send(∏ n P , M): This query models the active attacks such as impersonation attack and replay attack. Once has received the messages, ∏ n P returns a corresponding result to A. • Corrupt(∏ n P ): This query is issued by the adversary A, it is used to simulate the attack that A corrupts an entity from ∏ n P . A can get the private key of a participant with this query. Please note that this query does not corrupt the partner's same internal data and ephemeral values of the instance ∏ n P .
• Reaveal (∏ n P ): The query is designed to simulate known session key attack. If there is a valid session from the instance ∏ n P , returns the shared session key to A. Otherwise, returns null. • Test(∏ n P ): This query is used to model the capability of the adversary A to distinguish between a random number and a real session key SK by flipping an unbiased coin b. If the session key of the instance ∏ n P has been defined, the session key of ∏ n P will be responded to A if b = 1 or a random value will be returned if b = 0; otherwise, ⊥ will be responded.
• H 1 (x, v 1 ): As soon as the adversary A makes H 1 query adaptively on the message x, it returns the existing v 1 if the list L 1 exist a tuple {x, v 1 }, where L 1 initially is an empty set; otherwise, it picks a random value v 1 , stores the tuple x, v 1 in the list L 1 and returns v 1 to A.
• H 2 (y, v 2 ): Upon receiving the query about y from the adversary A, examines whether the tuple {y, v 2 } is in L 2 , where L 2 initially is an empty set. If so, it responds to the existing v 2 to A; otherwise, it generates a random value v 2 , stores the tuple y, v 2 in the list L 2 and returns v 2 to A.
The adversary A could issue any Test query to the instances after being provided with the above queries. The output of Test query is relevant to the bit b. At last, A outputs a guessing bit b about b. A is successful if b = b. Let Succ represent the event that A succeeds in the game, the advantage of the adversary A is defined as follows: If the advantage Adv ake (A) is negligible, then we conclude that the proposed scheme is secure.

Elliptic Curve Discrete Logarithm Problem
Let G be a cyclic additive elliptic curve group with the prime order q and P is a generator of G. Suppose that the multiplication and inversion operation in G can be computed efficiently, the two intractable problems in G are defined as follows: • Elliptic curve discrete logarithm (ECDL) problem: Given P, aP ∈ G for unknown a ∈ Z * q , to find a.

The Proposed Scheme
In this section, we describe the proposed scheme in detail. It consists of four phases: system set up, user registration, sensor node registration and authentication phase. Table 1 summarizes all the notations used in this paper.
An elliptic curve point in a non-singular elliptic curve E p (a, b), P (x) and P (y) are x and y coordinates of P respectively d GW N , Q GW N The private key and the corresponding public key of GW N respectively d U , Q U The private key and the corresponding public key of U respectively d S , Q S The private key and the corresponding public key of S respectively r The random number selected by involved entities The time stamps of U, GW N, S respectively ∆t Maximum transmission delay ⊕ The XOR operation Thet concatenation operation

System Setup Phase
System setup is performed by GW N as follows, 1. GW N chooses a non-singular elliptic curve E p (a, b) over a prime finite Z p , where p is a large prime. Let G be an elliptic curve group. Then, GW N chooses a generator P of order q over E p . GW N selects its private key d GW N and computes the public key Q GW N = d GW N P in accordance with d GW N . 2. GW N selects three collision-resistant one-way hash functions h, H 1 , 3. Finally, the system parameters params = E p (a, b), P, p, q, h, H 1 , H 2 , Q GW N is published while the private key d GW N is kept secretly by GW N.

Registration Phase
A user U registers at the gateway node GW N in line with the requirement, while a regular sensor node S registers at GW N offline. A detailed process of registration process about U and S is highlighted as below.

User Registration Phase
The registration process is between the GW N and U is as follows: 1. U selects an identity ID U , a private key d U and then gets the public key Q U = d U P according to d U . Then, U calculates the registration message MID U = h (ID U ), and sends it to GW N via a non-public channel.
2. After receiving the registration message from U, GW N calculates M U = h (MID U d GW N ) and returns it to U via a non-public channel.

Sensor Node Registration Phase
S proceeds offline registration with the help of GW N as below: 1. S generates its identity ID S , private key d S and computes the corresponding public key ) P and sent it to S. GW N publish Q S and stores {ID S , Q S , R S } into its database. 3. Upon receiving R S from GW N, S stores it into its memory.

Authentication and Key Agreement Phase
When the user U wants to access the sensor node S, he or she initiates this phase by issuing a request via GW N. This phase enables GW N, U and S to effectively authenticate each other and then establish a session key between U and S. If a session key is negotiated successfully by U and S, then they can exchange private messages with each other via a public channel. A detailed description of the steps of this phase are as follows: 1. U selects a random number r U ∈ z * q , generates the current timestamp t 1 and computes E U = r U P, When GW N receives the authentication request message from U at the time t 1 , it checks whether the condition |t 1 − t 1 | ≤ ∆t holds. If yes, GW N then computes: GW N then verifies U by computing the following: If the verification does not hold, GW N rejects the user's authentication request; else, goes to 3. 3. GW N generates its current timestamp t 2 , selects a random number r GW N ∈ z * q and calculates: . Then, the gateway node GW N sends the message {E U , E GW N , M GW N , h GW N , t 2 , t 1 } to S via a public channel. 4. Upon receiving the authentication message from GW N at time t 2 , S first checks the validity of the timestamp on the condition |t 2 − t 2 | ≤ ∆t. If t 2 is invalid, S terminates the session. If it is valid, S then computes: and h GW N = H 1 K GW N ID S t 2 . Next, S verifies h GW N . If h GW N = h GW N , the sensor node S accepts GW N and goes to 5; otherwise, it rejects GW N. 5. S generates its current timestamp t 3 and selects a random number r S ∈ z * q , and computes Then, S computes the session key SK = H 2 (sk S E S E U t 3 t 1 ). 6. Upon receiving the replied message from S at time t 3 , GW N checks the validity of t 3 on the condition |t Then, GW N checks whether h S = h S . If yes, GW N generates its current timestamp t 4 , computes Auth GW N = H 1 (r GW N Q U M U t 4 ) and sends the message {E S , E GW N , t 3 , t 4 , Auth S , Auth GW N } to U. 7. After receiving the replied message from GW N at time t 4 , U checks the validity of t 4 with the condition |t . Then, U checks whether Auth S = Auth S . If yes, U calculates the secret session key The process of authentication and key agreement is visually illustrated in Figure 2.

Analysis of Correctness and Security
In this section, the correctness of the proposed scheme is validated using BAN-logic and the security of our scheme is proved under the random oracle model. In addition, some other security features are also discussed in the end.

Correctness
With the formal validation tool Burrows-Abadi-Needham Logic (BAN-logic) [27], we provide the proof of correctness of the proposed scheme in this section. Let U be the user, S represent the sensor node and GW N denote the gateway node. We demonstrate that a session key can be created successfully after the process of mutual authentication among S and U. Now, the basic notations of BAN-logic are given below: • P |≡ X: P believes X. • P X: P sees X. i.e., P has received messages containing X. • P |∼ X: P said X. i.e., P has sent messages containing X. • P |⇒ X: P controls X. • #(X) or f resh(X): X is a fresh message. X is usually a temporary value. • (X): The hashed value of X.
• P K ←→ Q: K is a shared secret key between P and Q.
Some logic postulates of BAN-logic are described as follows: • If P believes that K is a shared secret key between P and Q and has received messages containing X, P believes that Q has sent messages containing the message X.

P|≡#(X),P|≡Q|∼X P|≡Q|≡X
or P believes f resh(X),P believes Q said x P believes Q believes X If P believes that X is a fresh message and Q has sent messages containing the message X, P believes that Q believes the message X.

P|≡Q⇒X,P|≡Q|≡X P|≡X
or P believes Q controls X, P believes Q believes X P believes X If P believes that Q controls the message X and Q believes the message X, P believes the message X. If P believes that X is a fresh message, P believes (X, Y) is fresh messages.
• Belief rule(BR): P|≡(X,Y) P|≡X or P believes (X,Y) P believes (X) If P believes the messages (X, Y), P believes the message X.
Our proposed scheme can realize the establishment of a secret session key SK between U and S, and the following goals can be achieved after the protocol execution. The exchange of messages during the authentication phase is depicted as follows: To proceed the derivation, the initial state assumptions are set as A1-A9: U and S intend to share a session key SK to achieve confidential communication. As stated above, the mutual authentication between U and S shows that Goal 1 and Goal 2 can be achieved in the end. The result is proved as follows: • From Message 1, we have: According to the belief rule, if the Formula (4) holds, we can get: S believes that GW N believes K GW N is a shared secret key between GW N and S.

•
According to the jurisdiction rule, if the Formula (5) and the state assumption A6 hold at the same time, we can obtain: S believes that K GW N is a shared secret key between GW N and S.

•
From Message 2, we can have: S has received the message {r U P, r GW N P, t 2 , t 1 , (U According to the message-meaning rule, if the Formula (6) and (7) hold at the same time, we can infer that: S believes that GW N has sent the message {r U P, r GW N P, t 2 , t 1 , (U According to the freshness rule, if the state assumption A2 holds, we can deduce: S believes the messages {r U P, r GW N P, t 2 , t 1 , (U According to the nonce-verification rule, if the Formula (8) and (9) hold at the same time, we can get: S believes that GW N believes the message {r U P, r GW N P, t 2 , t 1 , (U According to the belief rule, if the Formula (10) holds, we can obtain: U is a shared secret key between U and S.

•
According to the jurisdiction rule, if the Formula (11) and the state assumption A7 hold at the same time, we can have: U is a shared secret key between U and S.

•
According to the belief rule, if the Formula (12) holds, the Formula (13) holds, we can infer: S believes that SK is a shared secret key between U and S, which can be seen that Goal 2 has been achieved.

•
From Message 3, we can get: U has received the message {r S P, t 4 , (U According to the message-meaning rule, if the Formula (14) and the state assumption A5 hold at the same time, we can deduce: U believes that GW N has sent the message {r S P, t 4 , (U According to the freshness rule, if the state assumption A3 holds, we can have: U believes the message {r S P, t 4 , (U According to the nonce-verification rule, if the Formula (15) and (16) hold at the same time, we can obtain: U believes that GW N believes the message {r S P, t 4 , (U According to the belief rule, if the Formula (17) holds, we can infer: U believes that GW N believes r GW N Q U is a shared secret key between U and GW N.

•
According to the jurisdiction rule, if the Formula (18) and the state assumption A8 hold at the same time, we can deduce: U believes that r GW N Q U is a shared secret key between U and GW N.

•
From Message 4, we can get: which means that U has received the message {r S P, t 3 , t 4 , (U According to the message-meaning rule, if the Formula (19) and (20) and the state assumption A5 hold at the same time, we can deduce: which means that U believes that GW N has sent the message {r S P, t 3 , t 4 , (U Game G 0 : In G 0 , a real attack against our proposed scheme from A is simulated. Firstly, the value of b is selected randomly. According to the above definitions, we obtain: Game G 1 : To increase the probability that A wins game, the query Execute is used to model the eavesdropping attacks. Since its goal is to get some information about SK, A has to compute sk U or sk S according to the definition of the proposed scheme; however, sk U = r S (r U + N (x) U )P, where r U , r S are unknown. Without corrupting the gateway node GW N to get d GW N , the probability of success would not be increased just by eavesdropping the transmitted messages, which implies that Game G 2 : The game is transferred from G 1 is used to simulate active attacks by adding H 1 , H 2 and Send oracles in which A tries to forge messages. By arbitrarily issuing queries to H 1 , H 2 , A attempts to capture collisions. The probability of collisions is at most ( . Therefore, we get: Game G 3 : G 3 models the attack that the the gateway node GW N has been corrupted. By issuing Corrupt(∏ k P ) oracles, A can get the long-term key of GW N. According to the definition, the common secret value sk S or sk U are the core of the session key SK. Considering the following fact, Thus, A can use the long-term key d GW N to compute partial value from transcripts. The probability of success of A between G 3 and G 2 would not be greater than the advantage of solving ECCDH problem instance. Let Adv ECCDH A be the advantage that the adversary A solves ECCDH problem instance within t in this game. Hence, we get To win the game G 3 , A has no choice but guess the bit b, which leads to the following result

Deniable Authentication
In our proposed scheme, the polynomial time deniability means that the gateway node as a receiver can simulate the messages sent by the user which are indistinguishable for any third party. The concrete simulation process of GW N is as follows: 1. GW N selects a random number r U ∈ z * q , computes E U = r U P and GW N chooses a user pseudo-identity h(ID U ) and a public key, computes GW N sends E U , AID U , h U , t 1 to the third party. After receiving the message, the third party cannot get any information related to the user by AID U . In addition, h U can be calculated by the user or the gateway. Hence, the third party is unable to determine the true source of the message. Therefore, our proposed scheme achieves deniable authentication.

Anonymity
Since the transmitted authentication messages are carried via a public channel, an outside adversary can easily eavesdrop the communication. However, our proposed scheme can preserve the anonymity of the user. Suppose that an adversary A intercepts {E U , AID U , h U , t 1 } during the authentication phase and attempts to reveal some information about the user's identity. A obtains U , which MID U = h(ID U ). Due to the utilization of random number r U and one-way hash function, A cannot calculate N U and get ID U . Since the use of the timestamps and random numbers, those intercepted messages by A are unique and dynamic for each authentication between U, S and GW N. Therefore, the proposed scheme ensures user anonymity.

Mutual Authentication
and Auth S = H 1 (sk U t 3 ) and checks the validity of GW N and S by the equivalence Auth GW N = Auth GW N and Auth S = Auth S . If the above verification processes are successfully completed, our protocol provides mutual authentication.

Unlinkability
In our proposed scheme, the real identities or related information of all participants are not sent in plaintext over the insecure network because each transmitted message contains timestamps, random values and one-way hash function values. An outside adversary A cannot determine whether two or more authentication messages come from the same participant. Therefore, the transmitted messages cannot be linked by the adversary.

Traceability
In our proposed scheme, given a disputed message {E U , AID U , h U , t 1 }, only the trusted gateway node(GW N) can reveal the identity of the user. With above message, GW N computes U to get the user's identity MID U . In addition, the tracing process does not need real user to participate because the message {E U , AID U , h U , t 1 } sent by the user contains sufficient information to derive the user identity. Therefore, our proposed scheme achieves traceability.

Resistance to Impersonation Attack
Assume an adversary A intercepts message {E U , AID U , h U , t 1 } to impersonate a user, where . By following the authentication process, the adversary produces a timestamp t 1 and a value r U ∈ Z * q randomly to get E U , AID U and K U . However, A is unable to successfully compute h U because he or she does not has the user's real identity ID U and private key d U . Hence, our scheme can resist such attacks according to the above analysis.

Resistance to Replay Attack
Suppose an adversary A intercepts all transmitted messages between participants and then attempts to replay some or all of them. In our scheme, however, timestamps and random numbers are integrated into the generation of the messages for U, GW N, S, thus the freshness of messages is well preserved. Therefore, the proposed protocol can resist replay attacks.

Forward Security
Assume an adversary A could get the private keys of all participants, i.e., d U , d GW N , d S . Even if the adversary A had obtained the current session key SK = H 2 (sk U E S E U t 3 t 1 ), he or she cannot derive the previous session key. However, due to sk U = sk S = (r U + N (x) U )E S = r U r S P + (d GW N E U ) (x) E S , where r U and r S are chosen randomly by U and S respectively. A can never obtain the previous session key since the difficulty of the ECCDH problem. So, our proposed scheme achieves forward security.

Performance Comparison
In this section, we evaluate the performance of our scheme regarding the computational cost in the authentication phase. Moreover, we present the comparison between the proposed scheme and some existing similar schemes [15,16,21,[23][24][25]. For convenience, we use the symbols in Table 2 to denote the computational cost regarding hash operation, ECC-based operation and bilinear paring operation and the approximate running time required of various operations is presented in Table 2.

Operation Description Computation Time (ms)
T h a hash function 3 × 10 −3 T bp a bilinear pairing 2.14 × 10 −1 T pmul a ECC-based point multiplication 1.6 × 10 −2 T padd a ECC-based point addition 6.07 × 10 −1 Please note that we only consider the operations listed in Table 2 since the running time of addition operation and XoR operation is ignorable. To fairly compare the computational time cost of these similar protocols. The experiments use OpenSSL and JPBC cryptographic libraries, and then are programmed with Visual C language. Table 3 and Figure 3 presents the comparisons among the other protocols [15,16,21,[23][24][25] and ours. Table 4 presents the comparison of security properties between ours and the above protocols. According to the experimental results, it is observed that our scheme costs 3.791 ms, which is better than [15,16,24,25]. We sort the time consumption on the operations as below: T h < T padd < T pmul < T bp . The hash function spends the least time, while the bilinear pairing operation takes the more time.
To fully demonstrate the proposed scheme's advantage, we define T [others] − T [ours] /T [others] , where T [others] denotes computational cost of the other schemes and T [ours] represents computational cost of ours, as the improved ratio of ours compared with others [15,16,24,25]. Hence, the improved ratios of the proposed scheme compared with [15,16,24,25]