Lightweight Authentication Mechanism for Industrial IoT Environment Combining Elliptic Curve Cryptography and Trusted Token
Author:
Yang Yu-Sheng1, Lee Shih-Hsiung2ORCID, Wang Jie-Min3, Yang Chu-Sing4, Huang Yuen-Min1ORCID, Hou Ting-Wei1
Affiliation:
1. Department of Engineering Science, National Cheng Kung University, Tainan City 701, Taiwan 2. Department of Intelligent Commerce, National Kaohsiung University of Science and Technology, Kaohsiung City 824, Taiwan 3. Institute of Computer and Communication Engineering, National Cheng Kung University, Tainan City 701, Taiwan 4. Miin Wu School of Computing, National Cheng Kung University, Tainan City 701, Taiwan
Abstract
With the promotion of Industry 4.0, which emphasizes interconnected and intelligent devices, several factories have introduced numerous terminal Internet of Things (IoT) devices to collect relevant data or monitor the health status of equipment. The collected data are transmitted back to the backend server through network transmission by the terminal IoT devices. However, as devices communicate with each other over a network, the entire transmission environment faces significant security issues. When an attacker connects to a factory network, they can easily steal the transmitted data and tamper with them or send false data to the backend server, causing abnormal data in the entire environment. This study focuses on investigating how to ensure that data transmission in a factory environment originates from legitimate devices and that related confidential data are encrypted and packaged. This paper proposes an authentication mechanism between terminal IoT devices and backend servers based on elliptic curve cryptography and trusted tokens with packet encryption using the TLS protocol. Before communication between terminal IoT devices and backend servers can occur, the authentication mechanism proposed in this paper must first be implemented to confirm the identity of the devices and, thus, the problem of attackers imitating terminal IoT devices transmitting false data is resolved. The packets communicated between devices are also encrypted, preventing attackers from knowing their content even if they steal the packets. The authentication mechanism proposed in this paper ensures the source and correctness of the data. In terms of security analysis, the proposed mechanism in this paper effectively withstands replay attacks, eavesdropping attacks, man-in-the-middle attacks, and simulated attacks. Additionally, the mechanism supports mutual authentication and forward secrecy. In the experimental results, the proposed mechanism demonstrates approximately 73% improvement in efficiency through the lightweight characteristics of elliptic curve cryptography. Moreover, in the analysis of time complexity, the proposed mechanism exhibits significant effectiveness.
Funder
National Science and Technology Council of Taiwan
Subject
Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry
Reference33 articles.
1. Schwab, K. (2017). The Fourth Industrial Revolution, Crown Business. 2. Jeschke, S., Brecher, C., Meisen, T., Özdemir, D., and Eschert, T. (2017). Industrial Internet of Things, Springer. 3. Fovino, I.N., Carcano, A., Masera, M., and Trombetta, A. (2009, January 23–25). Design and implementation of a secure modbus protocol. Proceedings of the Critical Infrastructure Protection III: Third Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, Hanover, NH, USA. Revised Selected Papers 3. 4. Rescorla, E. (2018). The Transport Layer Security (TLS) Protocol Version 1.3, Available online: https://www.rfc-editor.org/rfc/rfc8446. 5. The state of elliptic curve cryptography;Koblitz;Des. Codes Cryptogr.,2000
Cited by
6 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
|
|