Applied Sciences (Mar 2020)

Towards Secure and Usable Certificate-Based Authentication System Using a Secondary Device for an Industrial Internet of Things

  • Jusop Choi,
  • Junsung Cho,
  • Hyoungshick Kim,
  • Sangwon Hyun

DOI
https://doi.org/10.3390/app10061962
Journal volume & issue
Vol. 10, no. 6
p. 1962

Abstract

Read online

As the number of controllers and devices increases in Industrial Internet of Things (IIoT) applications, it is essential to provide a secure and usable user authentication system for human operators who have to manage tens or hundreds of controllers and devices with his/her password. In this paper, we propose a formally verified certificate-based authentication system using a secondary network device for such IIoT applications. In the proposed system, a user’s sign key is encrypted with a secret key that can be computed with his/her password and a secret parameter in a secondary device to securely protect the sign key. To demonstrate the feasibility of the proposed system, we implemented a prototype with standard cryptographic algorithms (AES-256, RSA-3072, and ECDSA-256). The experiment results demonstrated that the execution time overhead of the sign key recovery process was 0.039 and 0.073 s, respectively, for RSA-3072 and ECDSA-256, which was marginal compared with the total execution time (0.383 s for RSA-3072 and 0.319 s for ECDSA-256) of the conventional system. We also verified the security of the proposed protocol using a formal verification tool called ProVerif.

Keywords