Hash-based conditional privacy preserving authentication and key exchange protocol suitable for industrial internet of things

Abstract

Wireless sensor networks (WSN) are integral part of Industrial Internet of Things (IIOT), the said networks comprise of elements possessing low power processors. WSNs are used for gathering data in the monitoring region, using which vital information about the sensor and the monitoring region can be attained (placement of the sensor node is critical). Moreover, due to open nature of communication channel and resource constrained environment of nodes the privacy, integrity and confidentiality of the data becomes a big issue as we need to ensure that the said data is only accessed by a valid user in the IIOT environment. Many schemes presented various means to overcome the above issue. However, the existing works do have certain vulnerabilities which make its application in the WSNs constrained. The proposed work presents a scheme for achieving above goals in IIOT environment. Moreover, the proposed scheme presents security vulnerabilities and weaknesses in existing schemes and attempts to overcome these issues; the proposed work provides cryptanalysis of Xiong et al. scheme which is based on ECC, the direct consequence of the cryptanalysis directs to design a solution which can overcome the issues. The proposed work provides a robust hash based conditional privacy preserving authentication and probabilistic key exchange protocol which is lightweight and as a result, puts less computation overheads on the entities involved in the region. The proposed work is secure against many known attacks due to difficulty in guessing the credentials. The main motivation is to develop a lightweight scheme which can help exchange information with efficacy. The security of the proposed work is provided using both formal and informal security analysis where formal analysis comprises of AVISPA and Real-or-Random oracle model simulations whereas informal analysis depicts proofs as of how the proposed work withstands many known attacks. Thus, the proposed work is secure against many malicious attacks directing and championing its application in IIOT environment.