HMACCE: Establishing Authenticated and Confidential Channel From Historical Data for Industrial Internet of Things

Industrial Internet of Things (IIoT) is a new paradigm for building intelligent industrial control systems, and how to establish a secure channel in IIoT for machine-to-machine (M2M) communication is a critical problem because the devices in IIoT suffer from various attacks and may leak confidential information. Traditional authenticated and confidential channel establishment (ACCE) protocols neither apply for resource-constrained IIoT devices nor satisfy leakage resilience. In this paper, we introduce a new security notion: historical data based multi-factor ACCE (HMACCE) to address this issue and propose two HMACCE protocols. Our HMACCE protocols use three authentication factors, i.e., a symmetric secret key, historical data, and a set of secret tags associated with the historical data, to establish a secure communication channel between the client and the server. The key idea is to use the secret key managed by an IIoT edge device to quickly verify the relationship between the historical data and its associated tags stored on the server. Our HMACCE has the following remarkable features. First, it is lightweight and tailored for resource-constrained IIoT devices. Second, it is bounded historical tag leakage resilience, which means that if a small portion of the secret tags is leaked to an adversary, it will not affect its security with an overwhelming probability. Moreover, as a security enhancement service, our HMACCE can be easily integrated with legacy IIoT devices by running simple authenticated key exchange protocols.

Automated summary

Industrial Internet of Things (IIoT) is a new paradigm for intelligent industrial control systems. Establishing a secure channel for machine-to-machine (M2M) communication in IIoT is crucial to prevent attacks and information leakage. This paper proposes a historical data based multi-factor authenticated and confidential channel establishment (HMACCE) approach, which uses a symmetric secret key, historical data, and secret tags to establish secure communication between client and server. The HMACCE protocols are lightweight, tailored for resource-constrained IIoT devices, and have bounded historical tag leakage resilience.