Efficient privacy-preserving user authentication scheme with forward secrecy for industry 4.0

Industry 4.0, which combines information technology, network and industrial production, is expected to have a tremendous impact on our daily lives. In such a complex and security-critical system with resource-constrained sensor nodes, the design of a secure user authentication scheme for preventing real-time data from unauthorized access is full of challenges, and the main crux lies in how to realize the important property of forward secrecy. Existing schemes either fail to achieve forward secrecy or achieve forward secrecy with high computation cost on sensor nodes. Besides, they often fail to conform to the development trend of industry 4.0 systems where a cloud center is necessary to help intelligent decision-making and alleviate computation and storage pressure. Therefore, in this paper, we propose an efficient privacy-preserving user authentication scheme with forward secrecy for industry 4.0, and formally prove its security in the random oracle model. Compared with previous schemes, it has three advantages: (1) all eleven state-of-the-art criteria are achieved; (2) its computation cost on sensor nodes is comparable to those insecure schemes that employ only symmetric cryptographic algorithms, and is superior to those that also use asymmetric cryptographic algorithms; (3) it takes the advantage of the computation and storage capabilities of the cloud center to achieve user anonymity and the resistance to offline dictionary attack without performing any asymmetric cryptographic algorithms on gateways. Our computation cost on gateways is the smallest among all state-of-the-art relevant schemes for comparison.

Automated summary

In this paper, we propose an efficient privacy-preserving user authentication scheme for industry 4.0, which achieves forward secrecy. Compared with other schemes, it meets the latest standards, has reasonable computation cost on sensor nodes, and utilizes the computation and storage capabilities of the cloud center to achieve user anonymity and resistance to offline dictionary attacks.