research-article

A Three-Factor Mutual Authentication Scheme for Cyber-Physical Systems

Authors:

Hung-Ming Chen,

Hsueh-Wen Tseng,

Shih-Chun Chou,

Yu-Ming LiaoAuthors Info & Claims

RACS '20: Proceedings of the International Conference on Research in Adaptive and Convergent Systems

Pages 113 - 118

https://doi.org/10.1145/3400286.3418236

Published: 25 November 2020 Publication History

Abstract

Identity verification, security and confidentiality are the most important topics in computer system security. Many solutions have been proposed to users to enhance the security of authentication methods based on login passwords. Mainly through the use of two-factor authentication methods. Complex systems are difficult to build and to manage, one of the major problems for cyber-physical systems is the vulnerability of authentication and provide a high efficient tunnel to transmit the program or service data. Using more features for identification will increase the difficulty of fraud. The vigorous development of biometric identification technology in recent years has also made the identification of multiple traits more feasible. This paper presents a three-factor authentication with key agreement scheme for cyber-physical systems. The proposed mechanism integrates biometrics information, IMSI identifier and identity-based remote mutual authentication scheme on elliptic curve cryptography (ECC). It supports flawless three-factor and mutual authentication of participants and agreement of session key. The proposed mechanism does not require modifying the software of clients; thus, it is highly flexible. We believe the proposed mechanism is usable for cyber-physical systems applications.

References

[1]

AS Anakath, S Rajakumar, and S Ambika. 2019. Privacy preserving multi factor authentication using trust management. Cluster Computing 22, 5 (2019), 10817--10823.

[2]

Abhilasha Bhargav-Spantzel, Anna Squicciarini, and Elisa Bertino. 2006. Privacy preserving multi-factor authentication with biometrics. In Proceedings of the second ACM workshop on Digital identity management (DIM '06). ACM, New York, NY, USA, 63--72. https://doi.org/10.1145/1179529.1179540

Digital Library

[3]

Ashok Kumar Das. 2017. A secure and effective biometric-based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor. International Journal of Communication Systems 30, 1 (2017), e2933.

[4]

Manik Lal Das, Ashutosh Saxena, and Ved P Gulati. 2004. A dynamic ID-based remote user authentication scheme. IEEE transactions on Consumer Electronics 50, 2 (2004), 629--631.

Digital Library

[5]

Derui Ding, Qing-Long Han, Zidong Wang, and Xiaohua Ge. 2019. A survey on model-based distributed control and filtering for industrial cyber-physical systems. IEEE Transactions on Industrial Informatics 15, 5 (2019), 2483--2499.

[6]

Yevgeniy Dodis, Leonid Reyzin, and Adam Smith. 2004. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In International conference on the theory and applications of cryptographic techniques. Springer, 523--540.

[7]

Lorena Gonzalez-Manzano, Jose M De Fuentes, and Arturo Ribagorda. 2019. Leveraging user-related internet of things for continuous authentication: A survey. ACM Computing Surveys (CSUR) 52, 3 (2019), 1--38.

Digital Library

[8]

Darrel Hankerson, Alfred J. Menezes, and Scott Vanstone. 2003. Guide to Elliptic Curve Cryptography. Springer-Verlag New York, Inc., Secaucus, NJ, USA.

Digital Library

[9]

Min-Shiang Hwang, Song-Kong Chong, and Te-Yu Chen. 2010. DoS-resistant ID-based password authentication scheme using smart cards. Journal of Systems and Software 83, 1 (2010), 163--172.

Digital Library

[10]

Hyun-Sung Kim, Sung-Woon Lee, and Kee-Young Yoo. 2003. ID-based password authentication scheme using smart cards and fingerprints. ACM SIGOPS Operating Systems Review 37, 4 (2003), 32--41.

Digital Library

[11]

Koblitz. 1987. Elliptic curve cryptosystem. Journal of Mathematics of Computation 48 (Nov. 1987), 203--209.

[12]

Adesh Kumari, Srinivas Jangirala, M Yahya Abbasi, Vinod Kumar, and Mansaf Alam. 2020. ESEAP: ECC based secure and efficient mutual authentication protocol using smart card. Journal of Information Security and Applications 51 (2020), 102443.

Digital Library

[13]

Chin-Fu Kuo and Yung-Feng Lu. 2015. Task assignment with energy efficiency considerations for non-DVS heterogeneous multiprocessor systems. ACM SIGAPP Applied Computing Review 14, 4 (2015), 8--18.

Digital Library

[14]

Edward A Lee. 2008. Cyber physical systems: Design challenges. In 11th IEEE Symposium on Object Oriented Real-Time Distributed Computing (ISORC). IEEE, 363--369.

Digital Library

[15]

Jay Lee, Behrad Bagheri, and Hung-An Kao. 2015. A cyber-physical systems architecture for industry 4.0-based manufacturing systems. Manufacturing letters 3 (2015), 18--23.

[16]

Shancang Li, Shanshan Zhao, Po Yang, Panagiotis Andriotis, Lida Xu, and Qin-dong Sun. 2019. Distributed consensus algorithm for events detection in cyber-physical systems. IEEE Internet of Things Journal 6, 2 (2019), 2299--2308.

[17]

Han-Yu Lin. 2017. Efficient mobile dynamic ID authentication and key agreement scheme without trusted servers. International Journal of Communication Systems 30, 1 (2017), e2818.

[18]

Yung-Feng Lu and Chin-Fu Kuo. 2013. Robust and Flexible Tunnel Management for Secure Private Cloud. SIGAPP Appl. Comput. Rev. 13, 1 (March 2013), 41--50. https://doi.org/10.1145/2460136.2460140

Digital Library

[19]

Yung-Feng Lu, Chin-Fu Kuo, and Ai-Chun Pang. 2012. A Novel Key Management Scheme for Wireless Embedded Systems. SIGAPP Appl. Comput. Rev. 12, 1 (April 2012), 50--59. https://doi.org/10.1145/2188379.2188384

Digital Library

[20]

Yung-Feng Lu, I-Chih Shu, Hsueh-Wen Tseng, and Shih-Chun Chou. 2014. An NFC-phone mutual authentication scheme for smart-living applications. In 2014 International Conference on Information Science, Electronics and Electrical Engineering, Vol. 2. IEEE, 1053--1057.

[21]

Victor S Miller. 1986. Use of elliptic curves in cryptography. In Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85. Springer-Verlag New York, Inc., New York, NY, USA, 417--426. http://dl.acm.org/citation.cfm?id=18262.25413

[22]

Ragunathan Rajkumar, Insup Lee, Lui Sha, and John Stankovic. 2010. Cyberphysical systems: the next computing revolution. In Design automation conference. IEEE, 731--736.

[23]

Yenumula B Reddy. 2014. Cloud-based cyber physical systems: Design challenges and security needs. In 2014 10th International Conference on Mobile Ad-hoc and Sensor Networks. IEEE, 315--322.

Digital Library

[24]

Muhammad Sajjad, Salman Khan, Tanveer Hussain, Khan Muhammad, Arun Kumar Sangaiah, Aniello Castiglione, Christian Esposito, and Sung Wook Baik. 2019. CNN-based anti-spoofing two-tier multi-factor authentication system. Pattern Recognition Letters 126 (2019), 123--131.

[25]

Antonio Savoldi and Paolo Gubian. 2007. SIM and USIM Filesystem: A Forensics Perspective. In Proceedings of the 2007 ACM Symposium on Applied Computing (SAC '07). ACM, New York, NY, USA, 181--187. https://doi.org/10.1145/1244002.1244050

Digital Library

[26]

André Schaller, Taras Stanko, Boris Škorić, and Stefan Katzenbeisser. 2018. Eliminating leakage in reverse fuzzy extractors. IEEE Transactions on Information Forensics and Security 13, 4 (2018), 954--964.

[27]

Jian Shen, Shaohua Chang, Jun Shen, Qi Liu, and Xingming Sun. 2018. A lightweight multi-layer authentication protocol for wireless body area networks. Future Generation Computer Systems 78 (2018), 956--963.

Digital Library

[28]

Hung-Min Sun, Shiuan-Tung Chen, Jyh-Haw Yeh, and Chia-Yun Cheng. 2018. A shoulder surfing resistant graphical authentication system. IEEE Transactions on Dependable and Secure Computing 15, 2 (2018), 180--193.

[29]

Xiaoguang Tu, Zheng Ma, Jian Zhao, Guodong Du, Mei Xie, and Jiashi Feng. 2020. Learning generalizable and identity-discriminative representations for face anti-spoofing. ACM Transactions on Intelligent Systems and Technology (TIST) 11, 5 (2020), 1--19.

Digital Library

[30]

Ding Wang and Ping Wang. 2018. Two birds with one stone: Two-factor authentication with security beyond conventional bound. IEEE transactions on dependable and secure computing 15, 4 (2018), 708--722.

[31]

Wayne H Wolf. 2009. Cyber-physical systems. IEEE Computer 42, 3 (2009), 88--89.

Digital Library

[32]

Li Da Xu and Lian Duan. 2019. Big data for cyber physical systems in industry 4.0: a survey. Enterprise Information Systems 13, 2 (2019), 148--169.

[33]

Jen-Ho Yang and Chin-Chen Chang. 2009. An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Computers & security 28, 3-4 (2009), 138--143.

[34]

Yanjiang Yang, Jianying Zhou, Jun Wen Wong, and Feng Bao. 2010. Towards practical anonymous password authentication. In Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC '10). ACM, New York, NY, USA, 59--68. https://doi.org/10.1145/1920261.1920271

Digital Library

Cited By

Theodoropoulos CKoutras DDouligeris CKotzanikolaou P(2024)An Edge Multi Factor Authentication System for Cyber Physical Systems Based on OTP2024 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC61673.2024.10733619(1-3)Online publication date: 26-Jun-2024
https://doi.org/10.1109/ISCC61673.2024.10733619

Index Terms

A Three-Factor Mutual Authentication Scheme for Cyber-Physical Systems
1. Computer systems organization
  1. Dependable and fault-tolerant systems and networks
    1. Redundancy
  2. Embedded and cyber-physical systems
    1. Embedded systems
2. Networks
  1. Network properties
    1. Network security

Recommendations

Three-Factor Anonymous Authentication and Key Agreement Scheme for Telecare Medicine Information Systems

Nowadays, with comprehensive employment of the internet, healthcare delivery services is provided remotely by telecare medicine information systems (TMISs). A secure mechanism for authentication and key agreement is one of the most important security ...
An efficient improvement remote user mutual authentication and session key agreement scheme for E-health care systems

The E-health care systems allow patients to gain the health monitoring facility and access medical services remotely. A secure mechanism for mutual authentication and session key agreement is the most important requirements for E-Health Care Systems. ...
Secure remote user authentication scheme using bilinear pairings
WISTP'07: Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems

In 2006, Das et al. proposed a remote user authentication scheme using the properties of bilinear pairings. The current paper, however, demonstrates that Das et al.'s scheme is still vulnerable to an impersonation attack and an off-line password ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

RACS '20: Proceedings of the International Conference on Research in Adaptive and Convergent Systems

October 2020

300 pages

ISBN:9781450380256

DOI:10.1145/3400286

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGAPP: ACM Special Interest Group on Applied Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 November 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

RACS '20

Sponsor:

SIGAPP

RACS '20: International Conference on Research in Adaptive and Convergent Systems

October 13 - 16, 2020

Gwangju, Republic of Korea

Acceptance Rates

RACS '20 Paper Acceptance Rate 42 of 148 submissions, 28%;

Overall Acceptance Rate 393 of 1,581 submissions, 25%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
102
Total Downloads

Downloads (Last 12 months)25
Downloads (Last 6 weeks)5

Reflects downloads up to 25 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Theodoropoulos CKoutras DDouligeris CKotzanikolaou P(2024)An Edge Multi Factor Authentication System for Cyber Physical Systems Based on OTP2024 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC61673.2024.10733619(1-3)Online publication date: 26-Jun-2024
https://doi.org/10.1109/ISCC61673.2024.10733619

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents