Practical Three-Factor Authentication Protocol Based on Elliptic Curve Cryptography for Industrial Internet of Things

Abstract

Because the majority of information in the industrial Internet of things (IIoT) is transmitted over an open and insecure channel, it is indispensable to design practical and secure authentication and key agreement protocols. Considering the weak computational power of sensors, many scholars have designed lightweight authentication protocols that achieve limited security properties. Moreover, these existing protocols are mostly implemented in a single-gateway scenario, whereas the multigateway scenario is not considered. To deal with these problems, this paper presents a novel three-factor authentication and key agreement protocol based on elliptic curve cryptography for IIoT environments. Based on the elliptic curve Diffie–Hellman problem, we present a protocol achieving desirable forward and backward secrecy. The proposed protocol applies to single-gateway and is also extended to multigateway simultaneously. A formal security analysis is described to prove the security of the proposed scheme. Finally, the comparison results demonstrate that our protocol provides more security attributes at a relatively lower computational cost.