LLAKEP: A Low-Latency Authentication and Key Exchange Protocol for Energy Internet of Things in the Metaverse Era
Abstract
:1. Introduction
- A low-latency ID-based two-factor authentication protocol LLAKEP has been proposed. In the case of unbalanced computing capability between the two parties of the protocol, LLAKEP reduces the computational burden on one side. Compared with 2PAKEP [17], experimental results show that LLAKEP requires less computation time and less running time;
- The security of LLAKEP is analyzed by using the ROR (Real-or-Random) model and GNY (Gong–Needham–Yahalom) logic. Analysis results show that LLAKEP achieves the security goals of an AKE protocol;
- A use case has been implemented. We applied LLAKEP to EIoT electricity transaction systems in a Metaverse scenario. Results show that LLAKEP will effectively reduce latency.
2. Related Work
3. Solution Methodology
3.1. Research Methods
3.2. Security Analysis Methods
3.3. Performance Analysis Methods
4. Preliminaries
4.1. System Model
4.2. ROR Model
- This query models the eavesdropping attack that permits to learn the messages exchanged between and .
- This query models the active attack that permits to transmit a message to a participant’s instance .
- This query models another active attack that permits to extract all the sensitive secret parameters stored in a mobile device () or microprocessor chip ().
- Before the game starts, an unbiased coin b is flipped. If is fresh, this query returns the real session key if , or a random key in the key space of if ; otherwise, if is not fresh, this query returns the invalid symbol ⊥.
4.3. Computational Assumption
5. The Low-Latency Protocol
5.1. Initialization Phase
5.2. User Registration Phase
5.3. Authentication and Key Exchange (AKE) Phase
Algorithm 1 calculates |
|
Algorithm 2 calculates |
|
5.4. Password Change
5.5. Comparison of LLAKEP and Other Protocols
6. Security Analysis
6.1. Security Proof
- This game models the original protocol LLAKEP in the ROR model, and an unbiased coin b is filpped. Therefore,
- This game excludes the eavesdropping attacks. may use the query in this game, and once the instance is accepted, proceeds to the query. In LLAKEP, and are calculated as where For getting the session key, needs ephemeral secrets and the permanent secret identity . Hence, has no advantage in winning the game through eavesdropping attack. Therefore,
- This game models the and queries. may mount an active attack to intercept messages , , and Note that all these messages involve the random nonces and the current timestamps, the only advantage can take is making the queries to find collisions. Therefore, by the birthday paradox,
- This game models the query wherein can extract all the credentials and C from a lost or stolen device or a microprocessor chip, where and Note that since could not get the secret crentials and using the queries, guessing is the only way to obtain the password and identity of a registered user from , v, and C. Therefore,
- : This game models an active attack. To derive the session key SK of and , may use queries to obtain all the intercepted messages , and , and then try to derive . Note that can derive or . However, this problem is essentially the same as solving an ECDDHP. Therefore,
6.2. GNY Logic Proof
6.2.1. Protocol Paraphrase
6.2.2. Description of Protocol
6.2.3. Goal
6.2.4. Initialization Assumption
6.2.5. Proof
6.3. Formal Verification
7. Performance Analysis
7.1. Experiment I
7.2. Experiment II
- For the average computing time on the side:
- For the average total computing time:
7.3. Experiment III
7.4. Experiment IV
7.5. Experiment V: Use Case Study
7.5.1. Scenario Description
7.5.2. Application of LLAKEP
7.5.3. Advantages
8. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Shamir, A. Identity-based cryptosystems and signature schemes. In Workshop on the Theory and Application of Cryptographic Techniques; Springer: Berlin/Heidelberg, Germany, 1984; pp. 47–53. [Google Scholar]
- Ometov, A.; Bezzateev, S.; Mäkitalo, N.; Andreev, S.; Mikkonen, T.; Koucheryavy, Y. Multi-factor authentication: A survey. Cryptography 2018, 2, 1. [Google Scholar] [CrossRef] [Green Version]
- Wang, D.; Wang, P. Offline dictionary attack on password authentication schemes using smart cards. In Information Security; Springer: Berlin/Heidelberg, Germany, 2015; pp. 221–237. [Google Scholar]
- Ah Kioon, M.C.; Wang, Z.S.; Deb Das, S. Security analysis of MD5 algorithm in password storage. Appl. Mech. Mater. 2013, 347, 2706–2711. [Google Scholar] [CrossRef] [Green Version]
- Heartfield, R.; Loukas, G. A taxonomy of attacks and a survey of defence mechanisms for semantic social engineering attacks. ACM Comput. Surv. (CSUR) 2015, 48, 1–39. [Google Scholar] [CrossRef]
- Petsas, T.; Tsirantonakis, G.; Athanasopoulos, E.; Ioannidis, S. Two-factor authentication: Is the world ready? Quantifying 2FA adoption. In Proceedings of the Eighth European Workshop on System Security, Bordeaux, France, 21 April 2015; pp. 1–7. [Google Scholar]
- Wang, D.; He, D.; Wang, P.; Chu, C.H. Anonymous two-factor authentication in distributed systems: Certain goals are beyond attainment. IEEE Trans. Dependable Secur. Comput. 2014, 12, 428–442. [Google Scholar] [CrossRef]
- Jolfaei, A.; Kant, K. A lightweight integrity protection scheme for low latency smart grid applications. Comput. Secur. 2019, 86, 471–483. [Google Scholar] [CrossRef] [Green Version]
- Mahmood, K.; Chaudhry, S.A.; Naqvi, H.; Kumari, S.; Li, X.; Sangaiah, A.K. An elliptic curve cryptography based lightweight authentication scheme for smart grid communication. Future Gener. Comput. Syst. 2018, 81, 557–565. [Google Scholar] [CrossRef]
- Lee, L.H.; Braud, T.; Zhou, P.; Wang, L.; Xu, D.; Lin, Z.; Kumar, A.; Bermejo, C.; Hui, P. All one needs to know about metaverse: A complete survey on technological singularity, virtual ecosystem, and research agenda. arXiv 2021, arXiv:2110.05352. [Google Scholar]
- Ynag, Q.; Zhao, Y.; Huang, H.; Zheng, Z. Fusing Blockchain and AI with Metaverse: A Survey. arXiv 2022, arXiv:2201.03201. [Google Scholar] [CrossRef]
- Das, M.L.; Saxena, A.; Gulati, V.P.; Phatak, D.B. A novel remote user authentication scheme using bilinear pairings. Comput. Secur. 2006, 25, 184–189. [Google Scholar] [CrossRef]
- Yang, J.H.; Chang, C.C. An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Comput. Secur. 2009, 28, 138–143. [Google Scholar] [CrossRef]
- Yoon, E.J.; Yoo, K.Y. Robust id-based remote mutual authentication with key agreement scheme for mobile devices on ECC. In Proceedings of the 2009 International Conference on Computational Science and Engineering, Vancouver, BC, Canada, 29–31 August 2009; Volume 2, pp. 633–640. [Google Scholar]
- Debiao, H.; Jianhua, C.; Jin, H. An ID-based client authentication with key agreement protocol for mobile client–Server environment on ECC with provable security. Inf. Fusion 2012, 13, 223–230. [Google Scholar] [CrossRef]
- Qi, M.; Chen, J. An efficient two-party authentication key exchange protocol for mobile environment. Int. J. Commun. Syst. 2017, 30, e3341. [Google Scholar] [CrossRef]
- Park, K.; Park, Y.; Park, Y.; Das, A.K. 2PAKEP: Provably secure and efficient two-party authenticated key exchange protocol for mobile environment. IEEE Access 2018, 6, 30225–30241. [Google Scholar] [CrossRef]
- Goriparthi, T.; Das, M.L.; Negi, A.; Saxena, A. Cryptanalysis of recently proposed Remote User Authentication Schemes. IACR Cryptol. ePrint Arch. 2006, 2006, 28. [Google Scholar]
- Chou, C.H.; Tsai, K.Y.; Lu, C.F. Two ID-based authenticated schemes with key agreement for mobile environments. J. Supercomput. 2013, 66, 973–988. [Google Scholar] [CrossRef]
- Yang, H.; Chen, J.; Zhang, Y. An improved two-party authentication key exchange protocol for mobile environment. Wirel. Pers. Commun. 2015, 85, 1399–1409. [Google Scholar] [CrossRef]
- Yang, W.; Wang, S.; Hu, J.; Zheng, G.; Chaudhry, J.; Adi, E.; Valli, C. Securing mobile healthcare data: A smart card based cancelable finger-vein bio-cryptosystem. IEEE Access 2018, 6, 36939–36947. [Google Scholar] [CrossRef]
- Zheng, L.; Song, C.; Cao, N.; Li, Z.; Zhou, W.; Chen, J.; Meng, L. A new mutual authentication protocol in mobile RFID for smart campus. IEEE Access 2018, 6, 60996–61005. [Google Scholar] [CrossRef]
- Shouqi, C.; Wanrong, L.; Liling, C.; Xin, H.; Zhiyong, J. An improved authentication protocol using smart cards for the Internet of Things. IEEE Access 2019, 7, 157284–157292. [Google Scholar] [CrossRef]
- Zhang, Y.; Zhao, S.; Qin, Y.; Yang, B.; Feng, D. Trusttokenf: A generic security framework for mobile two-factor authentication using trustzone. In Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA, Helsinki, Finland, 20–22 August 2015; Volume 1, pp. 41–48. [Google Scholar]
- Koutroumpouchos, N.; Ntantogian, C.; Xenakis, C. Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone. Sensors 2021, 21, 520. [Google Scholar] [CrossRef] [PubMed]
- Brasser, F.; Kim, D.; Liebchen, C.; Ganapathy, V.; Iftode, L.; Sadeghi, A.R. Regulating arm trustzone devices in restricted spaces. In Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services, Singapore, 26–30 June 2016; pp. 413–425. [Google Scholar]
- Abdalla, M.; Fouque, P.A.; Pointcheval, D. Password-based authenticated key exchange in the three-party setting. In Proceedings of the International Workshop on Public Key Cryptography, Les Diablerets, Switzerland, 23–26 January 2005; pp. 65–84. [Google Scholar]
- Bellare, M.; Pointcheval, D.; Rogaway, P. Authenticated key exchange secure against dictionary attacks. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Bruges, Belgium, 14–18 May 2000; pp. 139–155. [Google Scholar]
- Gong, L.; Needham, R.M.; Yahalom, R. Reasoning about Belief in Cryptographic Protocols. In Proceedings of the 1990 IEEE Symposium on Security and Privacy, Oakland, CA, USA, 7–9 May 1990; pp. 234–248. [Google Scholar] [CrossRef]
- Standard, S.H. National Institute of Standards and Technology (NIST) Federal Information Processing Standard (FIPS) 186-4. 2013. Available online: https://csrc.nist.gov/publications/detail/fips/186/4/final (accessed on 19 July 2013).
Protocol | Characteristics | Limitations and Disadvantages |
---|---|---|
D protocol [12] | Based on pairing and smart card | Not resistant to forgery attacks |
YC protocol [13] | Based on identity | Prone to simulated attacks Cannot provide perfect forward security |
YY protocol [14] | An improved ID-based mobile device key authentication scheme based on elliptic curves | Cannot provide perfect forward security |
HDB protocol [15] | A key agreement remote mutual authentication protocol based on identity | Unable to resist impersonation attacks and unknown key sharing attacks |
QC protocol [16] | Based on elliptic curves in mobile environments | Not resistant to impersonated user attacks, password changes, insider attacks, and offline password guessing attacks |
2PAKEP [17] | Two-factor authentication, based on identity | Not efficient |
LLAKEP | A low-latency ID-based two-factor authentication protocol | ∖ |
Symbol | Meaning |
---|---|
Electric bike riders | |
Microprocessor chip | |
Battery swap station | |
Adversary | |
Identity of an electric bike rider | |
Password of an electric bike rider | |
Private key of X | |
Public key of X | |
Session key | |
An elliptic curve E over a prime finite field with p being a large prime | |
n | Order of base point P |
{1, 2, ⋯, } | |
Scalar multiplication on elliptic curves and P is a base point in | |
Concatenation operation between A and B | |
XOR operation between A and B | |
Derivate key from | |
A one-way hash function that generates digests | |
X sends message to Y by using a secure channel, where X and Y are two entities. | |
X sends message to Y by using a public channel |
Electric Bike Riders/Microprocesser Chip () | Battery Swap Station () |
---|---|
EBR inputs and | |
MC generates and | |
MC computes | |
Checks whether and are valid | |
Calculates and stores | |
Calculates | |
Stores , v and C secretly |
Electric Bike Riders/Microprocesser Chip () | Battery Swap Station () |
---|---|
EBR inputs identity and password | |
MC calculates , and | |
MC Checks whether | |
Generates and | |
Computes , , | |
and | |
Validates the received timestamp | |
Computes | |
Computes and , | |
Checks whether | |
Generates and | |
Computes , | |
Verifies the received timestamp | |
Calculates | |
Checks whether | |
Generates and computes | |
Validates the timestamp | |
Calculates the session key | |
Checks whether |
Electric Bike Riders () | Microprocesser Chip () |
---|---|
EBR inputs and | |
MC Computes | |
, | |
and | |
Checks if | |
Asks to input a new password | |
Chooses a new password | |
Calculate | |
, | |
, | |
and . | |
Stores , and , deletes old parameters |
Protocol | ||
---|---|---|
YC protocol [13] | ||
YY protocol [14] | ||
HDB protocol [15] | ||
QC protocol [16] | ||
2PAKEP [17] | ||
LLAKEP |
Symbol | Meaning |
---|---|
Conjunction of A and B. | |
A one-way hash function of A. | |
A is a not-originated-here formula. | |
P is told A. | |
A possesses, or is capable of possessing A. | |
P once said A. | |
P believes that A is fresh, that is, A has not been used before | |
P can recognize A, that is, P has certain expectations for the content of A. | |
P believes that is a suitable secret | |
for P and Q. |
Device | CPU | Core | RAM | Programming Language | |
---|---|---|---|---|---|
Experiment I | Laptop | i5-8250U 1.8 GHz | 4 | 16 GB | Python |
Laptop | i5-8250U 1.8 GHz | 4 | 16 GB | Python | |
Experiment II/III/IV/V | Laptop | i5-8250U 1.8 GHz | 4 | 16 GB | Python |
Raspberry Pi | 1.2 GHz ARM | 4 | 1 GB | Python |
Message | Number of Bits |
---|---|
Identity | 160 |
Message digest | 160 |
Nonce | 160 |
Timestamp | 160 |
Elliptic curve point | 320 |
Protocol | Number of Bits | Bit Rate (Bit per Second) |
---|---|---|
2PAKEP [17] | 1376 | 6048.8 |
LLAKEP | 1216 | 6197.8 |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Zhang, X.; Huang, X.; Yin, H.; Huang, J.; Chai, S.; Xing, B.; Wu, X.; Zhao, L. LLAKEP: A Low-Latency Authentication and Key Exchange Protocol for Energy Internet of Things in the Metaverse Era. Mathematics 2022, 10, 2545. https://doi.org/10.3390/math10142545
Zhang X, Huang X, Yin H, Huang J, Chai S, Xing B, Wu X, Zhao L. LLAKEP: A Low-Latency Authentication and Key Exchange Protocol for Energy Internet of Things in the Metaverse Era. Mathematics. 2022; 10(14):2545. https://doi.org/10.3390/math10142545
Chicago/Turabian StyleZhang, Xin, Xin Huang, Haotian Yin, Jiajia Huang, Sheng Chai, Bin Xing, Xiaohua Wu, and Liangbin Zhao. 2022. "LLAKEP: A Low-Latency Authentication and Key Exchange Protocol for Energy Internet of Things in the Metaverse Era" Mathematics 10, no. 14: 2545. https://doi.org/10.3390/math10142545
APA StyleZhang, X., Huang, X., Yin, H., Huang, J., Chai, S., Xing, B., Wu, X., & Zhao, L. (2022). LLAKEP: A Low-Latency Authentication and Key Exchange Protocol for Energy Internet of Things in the Metaverse Era. Mathematics, 10(14), 2545. https://doi.org/10.3390/math10142545