Journal
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY
Volume 18, Issue -, Pages 1080-1094Publisher
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
DOI: 10.1109/TIFS.2023.3234873
Keywords
Protocols; Authentication; Security; Servers; Industrial Internet of Things; Resilience; Machine-to-machine communications; Industrial IoT; historical data; authentication; authenticated confidential channel establishment; multi-factor authentication; security enhancement service
Ask authors/readers for more resources
Industrial Internet of Things (IIoT) is a new paradigm for intelligent industrial control systems. Establishing a secure channel for machine-to-machine (M2M) communication in IIoT is crucial to prevent attacks and information leakage. This paper proposes a historical data based multi-factor authenticated and confidential channel establishment (HMACCE) approach, which uses a symmetric secret key, historical data, and secret tags to establish secure communication between client and server. The HMACCE protocols are lightweight, tailored for resource-constrained IIoT devices, and have bounded historical tag leakage resilience.
Industrial Internet of Things (IIoT) is a new paradigm for building intelligent industrial control systems, and how to establish a secure channel in IIoT for machine-to-machine (M2M) communication is a critical problem because the devices in IIoT suffer from various attacks and may leak confidential information. Traditional authenticated and confidential channel establishment (ACCE) protocols neither apply for resource-constrained IIoT devices nor satisfy leakage resilience. In this paper, we introduce a new security notion: historical data based multi-factor ACCE (HMACCE) to address this issue and propose two HMACCE protocols. Our HMACCE protocols use three authentication factors, i.e., a symmetric secret key, historical data, and a set of secret tags associated with the historical data, to establish a secure communication channel between the client and the server. The key idea is to use the secret key managed by an IIoT edge device to quickly verify the relationship between the historical data and its associated tags stored on the server. Our HMACCE has the following remarkable features. First, it is lightweight and tailored for resource-constrained IIoT devices. Second, it is bounded historical tag leakage resilience, which means that if a small portion of the secret tags is leaked to an adversary, it will not affect its security with an overwhelming probability. Moreover, as a security enhancement service, our HMACCE can be easily integrated with legacy IIoT devices by running simple authenticated key exchange protocols.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available