亚洲免费av电影一区二区三区,日韩爱爱视频,51精品视频一区二区三区,91视频爱爱,日韩欧美在线播放视频,中文字幕少妇AV,亚洲电影中文字幕,久久久久亚洲av成人网址,久久综合视频网站,国产在线不卡免费播放

        ?

        An Efficient Three-Factor Authenticated Key Agreement Technique Using FCM Under HC-IoT Architectures

        2022-08-24 12:58:20ChandrashekharMeshramAgbotinameLuckyImoizeSajjadShaukatJamalParkashTambareAdelAlharbiandIqtadarHussain
        Computers Materials&Continua 2022年7期

        Chandrashekhar Meshram, Agbotiname Lucky Imoize, Sajjad Shaukat Jamal,Parkash Tambare, Adel R.Alharbiand Iqtadar Hussain

        1Department of Post Graduate Studies and Research in Mathematics, Jayawanti Haksar Government Post-Graduation College, College of Chhindwara University, Betul, 460001, M.P., India

        2Department of Electrical and Electronics Engineering, Faculty of Engineering, University of Lagos, Akoka, Lagos,100213, Nigeria

        3Department of Electrical Engineering and Information Technology, Institute of Digital Communication, Ruhr University,44801, Bochum, Germany

        4Department of Mathematics, College of Science, King Khalid University, Abha, Saudi Arabia

        5Water Resources & Applied Mathematics Research Lab, Nagpur, 440027, India

        6College of Computing and Information Technology, University of Tabuk, Tabuk, 71491, Saudi Arabia

        7Mathematics Program, Department of Mathematics, Statistics and Physics, College of Arts and Sciences,Qatar University, 2713, Doha, Qatar

        Abstract: The Human-Centered Internetof Things(HC-IoT)isfastbecoming a hotbed of security and privacy concerns.Two users can establish a common session key through a trusted server over an open communication channel using a three-party authenticated key agreement.Most of the early authenticated key agreement systems relied on pairing, hashing, or modular exponentiation processes that are computationally intensive and cost-prohibitive.In order to address this problem, this paper offers a new three-party authenticated key agreement technique based on fractional chaotic maps.The new scheme uses fractional chaotic maps and supports the dynamic sensing of HC-IoT devices in the network architecture without a password table.The projected security scheme utilized a hash function,which works well for the resource-limited HC-IoT architectures.Test results show that our new technique is resistant to password guessing attacks since it does not use a password.Furthermore, our approach provides users with comprehensive privacy protection, ensuring that a user forgery attack causes no harm.Finally, our new technique offers better security features than the techniques currently available in the literature.

        Keywords: Three-party authenticated key agreement; anonymity; fractional chaotic maps; Chebyshev polynomial; password table; human-centered internet of things (HC-IoT)

        1 Introduction

        Security and privacy issues are fast proliferating the Human-Centered Internet of Things (HCIoT) space [1].As billions of user data are being collected and transmitted by IoT devices via open channels, the vulnerability of user data to adversarial attacks needs to be considered and addressed appropriately.Unauthorized users can gain real-time access to the HC-IoT devices unlawfully.Consequently, sensitive user data is compromised, leading to a catastrophic disruption of safetycritical processes under HC-IoT architectures.Therefore, the need for secure authenticated key agreement protocols to mitigate the vast security and privacy issues in HC-IoT systems cannot be overemphasized.

        Several user authentications and key agreement techniques have been reported for HC-IoT systems [2].Generally, the HC-IoT devices are resource-limited [3].Therefore, applying complex cryptographic primitives to these devices is quite challenging due to their resource constraints.Some authors have proposed Elliptic Curve Cryptography (ECC) to guarantee secure session keys between legitimate users in IoT environments [4-6].However, HC-IoT devices cannot support ECC operations due to limited storage and computational resources.In order to address this problem, lightweight authentication and key agreement schemes have been proposed [5,7,8].It is worth mentioning that most of these schemes are specially designed to reduce the computational and communication costs inherent in the ECC schemes.

        Authentication schemes can support fast computational processing of user information and low communication costs.However, most of these security schemes are susceptible to various attacks and cannot provide critical security requirements [8,9].Thus, the problem of improving the authentication efficiency and simultaneously guaranteeing the security and privacy of the scheme remains.In order to solve this problem, our work presents an efficient three-factor authenticated key agreement technique using fractional chaotic maps under the HC-IoT architectures without a password table.

        1.1 Motivation

        In recent years, several studies have reported the prevalent security and privacy issues in HC-IoT architectures.Generally, these architectures communicate over public channels, which are vulnerable to several attacks inside and outside the networks.In particular, sensitive user information can be compromised when a malicious user unlawfully intercepts or accesses the HC-IoT devices [9].Thus,it is imperative to adequately secure user authentication schemes to mitigate unscrupulous access to critical user data.In this case, the identities of all network users would require validation in real-time and access is denied to unauthorized users.In related works, a one-way cryptographic algorithm, a hash function, has been used to map input of any size to an individual output of a fixed length of bits.This helps to provide data integrity and guarantee security against unauthorized access.

        In the preliminary schemes, only one HC-IoT device can be accessed by a particular user at a time.Thus, repeated user identity validation is required to access multiple sensing HC-IoT devices.However, this approach is time-consuming and cost-prohibitive to implement in practice.Therefore,the need for a three-factor authenticated key agreement technique using fractional chaotic maps to access several sensing devices in real-time without a password table and establish the shared session key among the network users is not out of place.

        1.2 Contribution

        This work presents an efficient three-factor authenticated key agreement technique using fractional chaotic maps under HC-IoT architectures.The following is a list of the paper’s contributions.

        ■We present a secret sharing technique for constructing a secure three-factor authenticated key agreement without a password table.The presented technique utilized a hash function, which works well for the resource-limited HC-IoT devices.

        ■We establish the formal security proof of the presented technique using Burrows-Abadi-Needham (BAN) logic under random oracle.Specifically, our scheme differentiates a real adversary from a simulation.

        ■The three-factor authenticated key agreement technique designed using fractional chaotic maps supports the architecture’s dynamic sensing of HC-IoT devices without a password table.

        ■Finally, we present a security investigation and performance comparison of the presented technique and demonstrate that it reduces the communication and computational overhead drastically compared to existing related techniques.

        1.3 Paper Organization

        The rest of this paper is laid out as follows.In Section 2, we present the related works.Section 3 gives the preliminaries covering fractional chaotic maps and their cryptographic properties.Section 4 focuses on the proposed technique under HC-IoT architectures.Section 5 deals with the formal authentication proof of the scheme using BAN logic.Section 6 presents the security investigation of the technique and valuable discussions.Section 7 covers the performance comparison of the presented technique to demonstrate its superiority over the existing schemes.Section 8 wraps up the paper with a concise conclusion.

        2 Related Work

        Distributed private cloud servers store critical user information harvested from HC-IoT devices to allow access to legitimate users.Several authentication protocols with a key agreement for use under HC-IoT architectures have been proposed [10-12].In particular, a lightweight authentication scheme for application in Wireless Sensors Networks (WSNs) was proposed by Das [10].The scheme allows users to validate their identities by entering their secret passwords and smart cards.However,the scheme uses only the hash function, limiting its security.

        Additionally, some flaws have been identified in Das’scheme.These include the inability to resist denial-of-service attacks and node compromised attacks [11].In order to address these limitations in Das’scheme, an authentication scheme utilizing biohacking has been proposed by [11].The scheme gives a lower error rate compared to existing traditional techniques.However, Wang et al.[12]estimated several two-factor authentication techniques.They observed that the technique by Srinivas et al.[11] is susceptible to offline guessing attacks and cannot guarantee user anonymity in real-time.

        In related work, Esfahani et al.[13] anticipated an efficient authentication technique using the hash function and exclusive OR (XOR) operation.The technique was tailored for application in the Industrial Internet of Things (IIoT).The technique achieves low communication and computational costs and satisfies several security requirements.In another related work, Wazid et al.[14] presented a user authentication and key management technique that uses passwords, biometrics and a smart card for identity validation.Hossain et al.[15] proposed a cloud-assisted scheme that gives real-time patient data for healthcare applications.In work due to Li et al.[4], elliptic curve cryptography (ECC)-empowered authentication protocol was proposed.The scheme seeks to tackle the security flaws in existing schemes and enhance IIoT wireless networks’privacy.

        In another study, Li et al.[16] put forward a three-factor authentication technique for IIoT systems.The work aims at enhancing the security of the scheme to withstand sophisticated attacks and provide user anonymity.On integrating IoT with cloud computing to support IoT services, Yu et al.[17] demonstrated the possibility of achieving improved user services, leveraging IoT.However, several attacks that limit the security of cloud-based servers have been identified [18, 19].Furthermore, the work [19] proposes a better authentication scheme, which applies to Internet of Things (IoT)-assisted cloud computing architectures to resist DoS and privileged insider attacks.

        [20], chaoticmaps enabled authentication scheme was proposed for ID-based digital signatures.The security of the scheme was tested on the suppositions of complex Diffie-Hellman problems and discrete logarithm.Also, Gao et al.[21] put forward an authentication technique leveraging chaotic maps for the wireless body area networks.The technique facilitated the securely monitoring and recording of patients’health data.Performance analysis of the technique guarantees user confidentiality, and it reduces the cost of multiplication and exponentiation during computation at a low communication cost.

        In a similar vein, an anonymity preserving authentication technique was proposed in [22].Security verification of the technique was done using the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool.Test results showed enhanced performances compared to other related techniques in the literature.In several works due to Meshram et al.[3,9,23], efficient and provably secure authentication techniques using extended chaotic maps were proposed.The schemes show robust security features covering low computational and communication costs.

        In comparison with preceding techniques, the three-factor authenticated key agreement technique projected in this paper is unique in several aspects.The launched security scheme utilized a hash function, which works well for the resource-limited HC-IoT architectures.Finally, the technique uses fractional chaotic maps and supports the dynamic sensing of HC-IoT devices in the architecture without a password table.

        3 Background and Material

        Before going into the current inquiry on the presented three-factor authenticated key agreement technique, this part discusses the many fundamental principles pertaining to the work.First, a Chebyshev chaotic map implementation with a short existence is described.Following that, a Chebyshev polynomial, fractional chaotic maps utilizing the minimum approach, and a list of other techniques employed in this development are represented.The notations used in our method are briefly defined in Tab.1.

        Table 1: Notations used in our proposed scheme

        3.1 Chebyshev Chaotic Maps

        Two fundamental prerequisites in the evolution of cryptographic systems are ambiguity and dispersion.Chaotic frameworks are suitable for achieving diffusion and uncertainty assets in cryptography because of their sensitivity to primary conditions, ergodicity, and pseudo-randomness.As a result, chaotic maps have been used to create several symmetric and asymmetric key cryptosystems[24-26]:

        Definition 1.(Chaotic map).In the variationv, the Chebyshev polynomial (CP)() is anndegree polynomial.Assume that∈[-1, 1] is the edition and thatnis a big integer.The following is what CP said in general [24,27-29]:

        The Chebyshev polynomial’s recurrence relation is defined as

        In this scenario, the functionalarccos() andcos() are written asarccos: [-1, 1]→[0, ] andcos:R→[-1, 1].

        3.1.1 Properties of Chaotic Maps

        Chebyshev polynomials have the following two essential properties:

        Chaotic properties:The CP transform: [-1, 1]→ [-1, 1] with the degreen>1 is known as the chaotic maps transform.It is related to the functional (invariant density)for some positive Lyapunov exponent λ= Inn>0.

        Semi-group properties:The semigroup property of() is defined as follows:(()) =cos(τcos-1(cos(l cos-1()))) =cos(τl cos-1()) =() =(()), where τ andlare positive integers and∈[-1, 1].

        Public-key cryptography based on the Chebyshev polynomialmap semigroup property is unstable,according to Bergamo et al.[25].Zhang [26] proved, however, that the semigroup property retains an interval (-∞,+∞), which can improve the property as measured:

        whereq1is a big prime and∈(-∞,+∞).As a result, the property is:())(modq1) =()(modq1) =(())(modq1), and the semigroup property is kept as well.It is worth noting that extended Chebyshev polynomials commute under confirmation as well.

        3.1.2 Computational Problems

        By using the propositions [27-31], various computational challenges based on Chebyshev polynomials are explained in this segment.

        Definition2.(Chaotic Map-based Discrete Logarithm Problem(CMDLP)).Any polynomial time bounded technique that discovers the number τ wherey=() (mod q1) is infeasible given a random tuple〈y,〉.

        Definition 3.(Chaotic Map-based Diffie-Hellman problem (CMDHP)).Any polynomial timebounded procedure that attempts to find the estimate() (mod q1) for a given random tuple<,(),Tl()>fails.

        3.2 Fractal Chaotic Maps (FCM)

        Historically, the Fractal Calculus (FC) was called a local fractional calculus [32,33].However,fractional calculus accepts possessions (derivatives of non-integer power).FC takes precedence over the related preparation:

        Assume that the formal expression for a random fractional-order μ?[0, 1] defines the fractional difference operator ξμ.Then,

        and the fractal integral operator is the same as this.

        It can be approximated using the formula in (1)

        We get the following formulation (2) by generalising the polynomial, with the FC concept:

        The FCP stands for the fractal Chebyshev polynomial (see Fig.1).

        Figure 1: 3D-FCP when μ= 0, 1/2 and 3/4 respectively

        3.2.1 Properties of Fractal Chaotic Maps

        Two of the FCP’s soothing properties are as follows:

        Definition 4(Chaotic possessions of FCM).The fractal Chaotic maps [33,34] satisfy the recurrent relations under the chaotic possessions,i.e.,(mod q1).When μ→0 is utilized, the usual prominent effect, as observed in Yang et al.[32], is well understood.

        Definition 5(Semi-group possessions of FCM).The semi-group possessions hold, i.e., for FCMs on the interval (-∞,∞) [33].

        4 The Proposed Technique Under the HC-IoT Architecture

        This section will show you the steps of our newthree-party authenticated key agreement technique.Fig.2 depicts the layout of our strategy.Please note that the term U→V:()isusedinallfivephases to indicate that U deliver a message to V.Our plan consists of five steps, which are outlined in Tab.2 as follows.

        Table 2: The steps of our new three-party authenticated key agreement technique

        Figure 2: Our proposed framework

        5 The Formal Authentication Proof Using BAN Logic

        The BANlogic is a well-known method of ensuring that information exchange protocols are valid.In this section, we will examine the accuracy of the session key among U and V using BAN logic[35,36].To begin, the following are the notations, goals, and assumptions:

        5.1 Notations

        The notations and syntax of the BAN logic are defined here.The specific participants are defined as U and V, the trusted server is S, and the formula is X (statement).The following are some guidelines [1,17]:

        1.U|≡X means U trusts the formulation X is true.

        2.U|≡V means U trusts V’s act.

        3.U?X means U holds or sees the formulation X.

        4.U|~X means U has said the formulation X.

        5.U|?X means U has comprehensive control over the formulation X.

        8.UV meansxis a secret key, or secret info shared among U and V.

        9.{X}κmeans X is encrypted by the key κ.

        5.2 Goals

        In our system, there are three roles: U and V are the users who must use the trusted server (S) to generate a common session key between them.

        In the language of BAN logic, our strategy aims to achieve four objectives:

        Because U and V must generate a shared session key to communicate, U must believe that the server believes V and that V possesses the session key Sκ, and vice versa.

        5.3 Suppositions

        The assumptions must be presented once the goals have been established:

        S1·U?idU

        S2·U?idV

        S3·V?idV

        S4·U|?r

        S5·V|?w

        S6·S|?((idU),(idV))

        U and V each have their own identities in assumptions S1 through S3.Because U desires to create a common session key with V, U must first possess the identity of V, so that the server S can verify the identities of both parties in this connection.In suppositions S4 through S6, U, V and S must each choose their private keys, which they control entirely.

        5.4 Verification

        We will use the BAN logic to check the accuracy of our suggested framework in this part.The main steps in the evidence are as follows:

        V and U believe the server has saidSVandSUin formulation V9 and formula V13.Because the server must check the certificate before givingSVandSU, both U and V assume the other is an authorized user.Because U hasr,(idV), in formula V15, U may compute the session key Sκ.When U can decodeand has Sκ, U can believeVU, which leads U to believe that V has the secret value Sκ.Similarly,Vbelievesthat Upossessesthesecretvalue Sκ informulation V17.U and Vcan generate a common session key using this secret value.We may deduce that our approach accomplishes the goals using formulas V9, V13, V15, and V17.

        6 Security Analysis and Discussions

        v perfect forward secrecy, and user anonymity.Additionally, we put the suggested technique to the test against several attacks, including the man-in-the-middle attack, privileged insider attack, knownkey secrecy, perfect forward secrecy, password guessing attacks, Clock synchronization problem, and the user identity forgery.

        Hypothesis 1:The proposed technique can successfully resist the man-in-the-middle attack.

        Justification:The attacker cannot manufacture a valid message using the suggested technique since the attacker does not have access to the secret values(idU) and(idV), which are used to generate the hash valuesandFurthermore, by checking hash values, both users (U and V)and the server might determine whether the received messages were edited or substituted.The server examinesandin step 3.The user V checksandin steps (4) and (6), while the user U checksandin step (5).As a result, the proposed technique can successfully defend against a man-in-the-middle attack.

        Hypothesis 2:The proposed technique can offer mutual authentication among the users U, V and the server S.

        Justification:Mutual authentication is a critical aspect of user authentication techniques since it allows any scheme member to authenticate the others.By computing secret keys κSUand κSV, the server S can extract idUand idVfrom1and idVfrom2using the proposed technique.The hash valuesandcan then be computed.The server S can authenticate both users by checking whether=and=are equal.The user U can computeand authenticate the server S by checking if=in step (5).She/he can also verify the identity of user V by looking at the received valueVU.The user V can calculateSVand verify if=to authenticate the server.V authenticates the user U in step (6) by checking the received value.As a result, all parties can establish mutual authentication using the proposed technique.

        Hypothesis 3:The proposed technique protects the user’s anonymity.

        Justification:When the two users create their shared session key, they must inform each other and the server S of their identities.In other words, the sender’s identity is included in the message transmitted from one user to another.In our technique, the identity in the message sent during communication is encrypted using fractional chaotic maps rather than plaintext.If a malicious attacker intercepts the communication, the attacker will be unable to deduce the user’s true identity by examining the message.

        Hypothesis 4:The proposed technique protects against user identity forgery.

        Justification:The identities of the two users are included in the message sent to server S.(one encrypted by using the fractional chaotic maps and the other not).When the server S receives the communication, it can quickly decrypt it and verify the identities of both users.

        Hypothesis 5:The proposed technique need not require a password table.

        Justification:A password table must exist on the server-side for a password authentication technique to effectively save and update the legal participants’passwords.An insider attack could occur if the server has malicious intentions, and passwords could be exploited or manipulated.There is no password table on the server-side of our technique because we do not maintain the participants’passwords.Hence there is no possibility of an insider attack.

        Hypothesis 6: The proposed technique is secured against password guessing attacks.

        Justification:A password authentication mechanism will always be vulnerable to a password guessing attack.After intercepting a transmission, the attacker will guess the proper password.If the password is accurately guessed, the attacker can use it to commit fraud.Unlike password authentication techniques, our technique does not rely on passwords, it is immune to password guessing attacks.

        Hypothesis 7: The proposed technique is secured against the Clock synchronization problem.

        Justification:Unlike many previous key agreement techniques, the proposed key agreement technique could continue to work even if the clock is out of sync, ensuring secure communication between sender and receiver.Because the timestamp is merely relative to the receiver’s clock, synchronized clocks are unnecessary.The timestamp generated by the receiver is the only one he verifies.

        Hypothesis 8: The proposed technique can offer known-key secrecy.

        Justification:Mutual authentication is a critical aspect of user authentication techniques since itallows any scheme member to authenticate the others.known-key secrecy because the next session keys cannot be exposed.If a sender intercepts a session key Sκ=and knows the random parameters w andr, she will be unable to obtain the preceding and subsequent session keys due to the unknown random parameters.

        Hypothesis 9:The proposed technique can offer perfect forward secrecy.

        Justification:Creating a session key among communication entities is independent of previously generated session keys.Our presented technique can ensure perfect forward secrecy.Even though the sender can intercept the parameters(idV) and(idV), which are typically transmitted overa channel, they are unable to compute the following session key Sκ=(idV) due to the intractability of the fractional chaotic maps-based Diffie-Hellman (FCMDH) and fractional chaotic maps-based Discrete Logarithm (FCMDL) problems, and Alice hasn’t been able to get the following session key before.

        7 Performance Comparisons

        We demonstrate the efficiency of the presented technique in this portion of the article.Tab.3 compares the security features of our suggested technique to those of Lee et al.[37], Zhao et al.[38],Farash et al.[39], Xie et al.[40], and Jabbari et al.[41] techniques.Under key considerations, our proposed technique provides higher security than the other techniques.In addition, we compared the computational primitives employed in our proposed technique’s positioning of the users and server to those used in other relevant techniques.

        Table 3: Security characteristics comparisons between the provided and other similar techniques

        In this contrast study, we employed the four-time complexity notations listed below.:,,,anddescribed performance time for a one-way hash function, a Chebyshev chaotic map operation,a symmetric encryption/decryption operation, and one modular multiplication, respectively.The relations between:,,, andwith respect to(= 0.32ms) have been known in several works [3,9,33], and γ= 1/2 since γ∈[0,1] [33]).The relationship and order of computational complexity between the metrics are as follows:≈,≈,≈2.5, and≈≈<.Tab.4 shows the performance evaluation of the proposed technique and the existing techniques’primary consuming techniques.Fig.3 also displays millisecond (ms) comparisons of overall processing costs.

        Table 4: Performance evaluation of the proposed scheme and other relevant techniques

        Figure 3: Total communication cost (ms)

        On the other hand, our proposed technique can provide comprehensive security assurance at a cheap computing cost while displaying very high-efficiency thanks to Chebyshev chaotic maps and hash functions.

        8 Conclusion

        This paper proposed an efficient three-factor authenticated key agreement technique using fractional chaotic maps under the HC-IoT architecture without a password table.Our novel technique is entirely immune to password guessing attacks.Furthermore, our technique ensures that users’privacy is fully protected, ensuring that a user forging attack has no adverse consequences.Our novel strategy outperforms the currently available technique in terms of security.Also, we performed a BAN logic test and confirmed the correctness of our technique.However, the current paper has not deployed the experimental setting for the proposed scheme.In future work, we would focus on a lightweight three-factor authentication and key agreement technique for IoT multi-gateway wireless sensor networks leveraging extended Chebyshev chaotic maps.

        Acknowledgement:The authors extend their gratitude to the Deanship of Scientific Research at King Khalid University for funding this work through the research group program under grant number R.G.P.1/72/42.The work of Agbotiname Lucky Imoize is supported by the Nigerian Petroleum Technology Development Fund (PTDF) and the German Academic Exchange Service (DAAD)through the Nigerian-German Postgraduate Program under grant 57473408.

        Funding Statement:The authors received no specific funding for this study.

        Conflicts of Interest:The authors declare that they have no conflicts of interest to report regarding the present study.

        中文字幕爆乳julia女教师| 中文字幕乱码日本亚洲一区二区| 毛片av在线尤物一区二区| 99蜜桃在线观看免费视频| 人妻丰满熟妇aⅴ无码| 在线播放真实国产乱子伦| 免费人成视频在线观看网站| 日本高清一区二区不卡视频| 极品少妇一区二区三区| 国产午夜av秒播在线观看| 97精品人妻一区二区三区香蕉| 精品人伦一区二区三区蜜桃麻豆 | 99精品热这里只有精品| 国产精品自产拍在线观看中文| 亚洲av色香蕉一区二区三区av| 国产精品国产亚洲精品看不卡| 国产精品美女久久久久| 中国精品视频一区二区三区| 亚洲av天堂在线免费观看| 免费a级毛片在线播放不收费| 久久精品中文字幕一区| 视频二区精品中文字幕| 日韩中文字幕不卡在线| 无码字幕av一区二区三区| 亚洲色图+国产精品| 精品国产97av一区二区三区| 91精品国产92久久久| 欧美大肥婆大肥bbbbb| 亚洲日韩中文字幕在线播放 | 色yeye在线观看| 久久人妻中文字幕精品一区二区| 影音先锋男人av鲁色资源网| 亚洲无码专区无码| 天堂av在线播放观看| 99re66在线观看精品免费| 天天爽夜夜爽夜夜爽| 国产精品成人av电影不卡| 亚洲国产精品情侣视频| 天天鲁在视频在线观看 | 成人免费丝袜美腿视频| 亚洲中文字幕一二区精品自拍 |