BCmECC: A Lightweight Blockchain-Based Authentication and Key Agreement Protocol for Internet of Things

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F04274644%3A_____%2F21%3A%230000824" target="_blank" >RIV/04274644:_____/21:#0000824 - isvavai.cz</a>

Výsledek na webu

<a href="https://www.mdpi.com/2227-7390/9/24/3241" target="_blank" >https://www.mdpi.com/2227-7390/9/24/3241</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.3390/math9141655" target="_blank" >10.3390/math9141655</a>

Jazyk výsledku

angličtina

Název v původním jazyce

BCmECC: A Lightweight Blockchain-Based Authentication and Key Agreement Protocol for Internet of Things

Popis výsledku v původním jazyce

In this paper, targeting efficient authentication and key agreement in an IoT environment, we propose an Elliptic Curve Cryptography-(ECC) based lightweight authentication protocol called BCmECC which relies on a public blockchain to validate the users’ public key to provide desired security. We evaluate the security of the proposed protocol heuristically and validate it formally, which demonstratse the high level of the security. For the formal verification we used the widely accepted formal methods, i.e., BAN logic and the Scyther tool. In this paper we also analyse the security of recently proposed blockchain-based authentication protocols and show that this protocol does not provide the desired security against known session-specific temporary information attacks in which the adversary has access to the session’s ephemeral values and aims to retrieve the shared session key. In addition, the protocol lacks forward secrecy, in which an adversary with access to the server’s long-term secret key can retrieve the previous session keys, assuming that the adversary has already eavesdropped the transferred messages over a public channel in the target session. The proposed attacks are very efficient and their success probability is ‘1’, while the time complexity of each attack could be negligible. Besides, we show that BCmECC is secure against such attacks.

Název v anglickém jazyce

BCmECC: A Lightweight Blockchain-Based Authentication and Key Agreement Protocol for Internet of Things

Popis výsledku anglicky

In this paper, targeting efficient authentication and key agreement in an IoT environment, we propose an Elliptic Curve Cryptography-(ECC) based lightweight authentication protocol called BCmECC which relies on a public blockchain to validate the users’ public key to provide desired security. We evaluate the security of the proposed protocol heuristically and validate it formally, which demonstratse the high level of the security. For the formal verification we used the widely accepted formal methods, i.e., BAN logic and the Scyther tool. In this paper we also analyse the security of recently proposed blockchain-based authentication protocols and show that this protocol does not provide the desired security against known session-specific temporary information attacks in which the adversary has access to the session’s ephemeral values and aims to retrieve the shared session key. In addition, the protocol lacks forward secrecy, in which an adversary with access to the server’s long-term secret key can retrieve the previous session keys, assuming that the adversary has already eavesdropped the transferred messages over a public channel in the target session. The proposed attacks are very efficient and their success probability is ‘1’, while the time complexity of each attack could be negligible. Besides, we show that BCmECC is secure against such attacks.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Rok uplatnění

2021

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Mathematics

ISSN

2227-7390

e-ISSN

—

Svazek periodika

9

Číslo periodika v rámci svazku

14

Stát vydavatele periodika

CH - Švýcarská konfederace

Počet stran výsledku

17

Strana od-do

1-17

Kód UT WoS článku

000735590100001

EID výsledku v databázi Scopus

2-s2.0-85121295252