Lightweight Broadcast Authentication Protocol for Edge-Based Applications
| Autor: | Mouna Nakkar, Riham AlTawy, Amr M. Youssef |
|---|---|
| Rok vydání: | 2020 |
| Předmět: |
Authenticated encryption
Authentication Cryptographic primitive Computer Networks and Communications Computer science business.industry 020208 electrical & electronic engineering Hash function 020206 networking & telecommunications 02 engineering and technology Hash-based message authentication code Computer Science Applications Hardware and Architecture Forward secrecy Authentication protocol Signal Processing 0202 electrical engineering electronic engineering information engineering Session (computer science) business Information Systems Computer network |
| Zdroj: | IEEE Internet of Things Journal. 7:11766-11777 |
| ISSN: | 2372-2541 |
| Popis: | In this article, we propose a lightweight authentication protocol that provides forward secrecy for edge-based applications. Motivated by the general consensus that centralized authentication solutions are not suitable for an expanding Internet of Things (IoT), our edge-based authentication reduces latency for critical applications, lowers cloud dependency, and employs cryptographic primitives, which are efficiently implemented on resource-constrained low-end devices. Moreover, the edge entity broadcast messages using session keys that are derived securely from a hash function. The protocol utilizes hash chains and authenticated encryption which makes it resilient to quantum attacks. Moreover, entities are not required to hold a permanent master key, and all session keys are derived securely from a hash function. As a use case, we present a smart emergency system where an edge application broadcasts alert messages for individual responder groups when specific events occur. We formally define and prove the main security properties of our protocol, and compare it to other lightweight protocols in terms of security and performance. The computational complexity of our protocol comprises of three decryption operations, two HMAC, and five hash computations. The required storage for each node is 96 B and the communication overhead is only 56 B per session. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|