A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things

A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things

Wireless sensor networks (WSNs) have played an important role in the Internet of Things (IoT), and the 5G network is being considered as a major candidate for IoT's communication network with the advent of 5G commercialization. The potential of integrating WSNs and 5G in the IoT is expected to...

Full description

Bibliographic Details
Main Authors: Sooyeon Shin, Taekyoung Kwon
Format: Article
Language:English
Published: IEEE 2020-01-01
Series:IEEE Access
Subjects:
Three-factor authentication
authorization
key agreement
elliptic curve cryptography
anonymity
untraceability
Online Access:https://ieeexplore.ieee.org/document/9057455/
id doaj-66b2648916774d779aaee35ea4296cb4
record_format Article
spelling doaj-66b2648916774d779aaee35ea4296cb42021-03-30T03:16:39ZengIEEEIEEE Access2169-35362020-01-018675556757110.1109/ACCESS.2020.29857199057455A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of ThingsSooyeon Shin0Taekyoung Kwon1https://orcid.org/0000-0002-5513-0836Graduate School of Information, Yonsei University, Seoul, South KoreaGraduate School of Information, Yonsei University, Seoul, South KoreaWireless sensor networks (WSNs) have played an important role in the Internet of Things (IoT), and the 5G network is being considered as a major candidate for IoT's communication network with the advent of 5G commercialization. The potential of integrating WSNs and 5G in the IoT is expected to allow IoT to penetrate deeply into our daily lives and to provide various services that are convenient, but at the same time, it also brings new security threats. From this aspect, user authentication and key agreement are essential for secure end-to-end communication. As IoT devices, including sensors, collect and process more and more personal information, both anonymous authentication and authorization are also required to protect the privacy and to prevent anyone without privileges from accessing private data. Recently, Adavoudi-Jolfaei et al. proposed an anonymous three-factor authentication and access control scheme for real-time applications in WSNs. However, we found that this scheme does not provide sensor-node anonymity and suffers from user collusion and desynchronization attacks. In this paper, we introduce a system architecture by considering the integration of WSNs and 5G for IoT. Based on a cryptanalysis of Adavoudi-Jolfaei et al.'s scheme and the system architecture, we propose an elliptic curve cryptography (ECC)-based privacy-preserving authentication, authorization, and key agreement scheme for WSNs in 5G-integrated IoT. We conduct a formal and informal security analysis in order to demonstrate that the proposed scheme withstands various security attacks and guarantees all desired security features, overcoming the drawbacks of Adavoudi-Jolfaei et al.'s scheme. Finally, a performance and comparative analysis with the related schemes indicate that the proposed scheme is both efficient and more secure.https://ieeexplore.ieee.org/document/9057455/Three-factor authenticationauthorizationkey agreementelliptic curve cryptographyanonymityuntraceability
collection DOAJ
language English
format Article
sources DOAJ
author Sooyeon Shin
Taekyoung Kwon
spellingShingle Sooyeon Shin
Taekyoung Kwon
A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things
IEEE Access
Three-factor authentication
authorization
key agreement
elliptic curve cryptography
anonymity
untraceability
author_facet Sooyeon Shin
Taekyoung Kwon
author_sort Sooyeon Shin
title A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things
title_short A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things
title_full A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things
title_fullStr A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things
title_full_unstemmed A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things
title_sort privacy-preserving authentication, authorization, and key agreement scheme for wireless sensor networks in 5g-integrated internet of things
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2020-01-01
description Wireless sensor networks (WSNs) have played an important role in the Internet of Things (IoT), and the 5G network is being considered as a major candidate for IoT's communication network with the advent of 5G commercialization. The potential of integrating WSNs and 5G in the IoT is expected to allow IoT to penetrate deeply into our daily lives and to provide various services that are convenient, but at the same time, it also brings new security threats. From this aspect, user authentication and key agreement are essential for secure end-to-end communication. As IoT devices, including sensors, collect and process more and more personal information, both anonymous authentication and authorization are also required to protect the privacy and to prevent anyone without privileges from accessing private data. Recently, Adavoudi-Jolfaei et al. proposed an anonymous three-factor authentication and access control scheme for real-time applications in WSNs. However, we found that this scheme does not provide sensor-node anonymity and suffers from user collusion and desynchronization attacks. In this paper, we introduce a system architecture by considering the integration of WSNs and 5G for IoT. Based on a cryptanalysis of Adavoudi-Jolfaei et al.'s scheme and the system architecture, we propose an elliptic curve cryptography (ECC)-based privacy-preserving authentication, authorization, and key agreement scheme for WSNs in 5G-integrated IoT. We conduct a formal and informal security analysis in order to demonstrate that the proposed scheme withstands various security attacks and guarantees all desired security features, overcoming the drawbacks of Adavoudi-Jolfaei et al.'s scheme. Finally, a performance and comparative analysis with the related schemes indicate that the proposed scheme is both efficient and more secure.
topic Three-factor authentication
authorization
key agreement
elliptic curve cryptography
anonymity
untraceability
url https://ieeexplore.ieee.org/document/9057455/
work_keys_str_mv AT sooyeonshin aprivacypreservingauthenticationauthorizationandkeyagreementschemeforwirelesssensornetworksin5gintegratedinternetofthings
AT taekyoungkwon aprivacypreservingauthenticationauthorizationandkeyagreementschemeforwirelesssensornetworksin5gintegratedinternetofthings
AT sooyeonshin privacypreservingauthenticationauthorizationandkeyagreementschemeforwirelesssensornetworksin5gintegratedinternetofthings
AT taekyoungkwon privacypreservingauthenticationauthorizationandkeyagreementschemeforwirelesssensornetworksin5gintegratedinternetofthings
_version_ 1724183755434754048

Similar Items