Lightweight Authentication Mechanism for Industrial IoT Environment Combining Elliptic Curve Cryptography and Trusted Token

Yu-Sheng Yang; Shih-Hsiung Lee; Jie-Min Wang; Chu-Sing Yang; Yuen-Min Huang; Ting-Wei Hou

doi:10.3390/s23104970

Sensors (May 2023)

Lightweight Authentication Mechanism for Industrial IoT Environment Combining Elliptic Curve Cryptography and Trusted Token

Yu-Sheng Yang,
Shih-Hsiung Lee,
Jie-Min Wang,
Chu-Sing Yang,
Yuen-Min Huang,
Ting-Wei Hou

Affiliations

Yu-Sheng Yang: Department of Engineering Science, National Cheng Kung University, Tainan City 701, Taiwan
Shih-Hsiung Lee: Department of Intelligent Commerce, National Kaohsiung University of Science and Technology, Kaohsiung City 824, Taiwan
Jie-Min Wang: Institute of Computer and Communication Engineering, National Cheng Kung University, Tainan City 701, Taiwan
Chu-Sing Yang: Miin Wu School of Computing, National Cheng Kung University, Tainan City 701, Taiwan
Yuen-Min Huang: Department of Engineering Science, National Cheng Kung University, Tainan City 701, Taiwan
Ting-Wei Hou: Department of Engineering Science, National Cheng Kung University, Tainan City 701, Taiwan

DOI: https://doi.org/10.3390/s23104970
Journal volume & issue: Vol. 23, no. 10
p. 4970

Abstract

Read online

With the promotion of Industry 4.0, which emphasizes interconnected and intelligent devices, several factories have introduced numerous terminal Internet of Things (IoT) devices to collect relevant data or monitor the health status of equipment. The collected data are transmitted back to the backend server through network transmission by the terminal IoT devices. However, as devices communicate with each other over a network, the entire transmission environment faces significant security issues. When an attacker connects to a factory network, they can easily steal the transmitted data and tamper with them or send false data to the backend server, causing abnormal data in the entire environment. This study focuses on investigating how to ensure that data transmission in a factory environment originates from legitimate devices and that related confidential data are encrypted and packaged. This paper proposes an authentication mechanism between terminal IoT devices and backend servers based on elliptic curve cryptography and trusted tokens with packet encryption using the TLS protocol. Before communication between terminal IoT devices and backend servers can occur, the authentication mechanism proposed in this paper must first be implemented to confirm the identity of the devices and, thus, the problem of attackers imitating terminal IoT devices transmitting false data is resolved. The packets communicated between devices are also encrypted, preventing attackers from knowing their content even if they steal the packets. The authentication mechanism proposed in this paper ensures the source and correctness of the data. In terms of security analysis, the proposed mechanism in this paper effectively withstands replay attacks, eavesdropping attacks, man-in-the-middle attacks, and simulated attacks. Additionally, the mechanism supports mutual authentication and forward secrecy. In the experimental results, the proposed mechanism demonstrates approximately 73% improvement in efficiency through the lightweight characteristics of elliptic curve cryptography. Moreover, in the analysis of time complexity, the proposed mechanism exhibits significant effectiveness.

Published in Sensors

ISSN: 1424-8220 (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Technology: Chemical technology
Website: http://www.mdpi.com/journal/sensors

About the journal

Abstract

Keywords