Privacy-Preserving Mutual Authentication Protocol With Forward Secrecy for IoT–Edge–Cloud

The three-tier IoT–Edge–Cloud paradigm enables low-end devices to use the computation capabilities of the more powerful edge nodes to meet efficiency constraints for real-time applications. Many symmetric-key-based schemes rely on an online trusted cloud admin (CA) to establish session keys between IoT devices and edge nodes. In this study, we propose a new provably-secure mutual authentication privacy-preserving protocol with forward secrecy (MAPFS), which eliminates the requirement for an online CA during IoT authentication. To achieve anonymity, our construction utilizes zero-knowledge proofs and randomizes the IoT authentication request. The security of our construction is based on the well-studied discrete logarithm and decisional Diffie–Hellman assumptions in elliptic curve groups. We formally prove that MAPFS ensures mutual authentication and semantic security for session keys. We also evaluate MAPFS performance in terms of the communication overhead, storage requirements, and computation complexity. Finally, we test the performance of MAPFS on a Raspberry Pi 4 and compare it against other certificate-less protocols.

• Publication year

  2024

• Venue

  IEEE Internet of Things Journal

• Publication date

  2024-03-01

• Fields of study

  Computer Science, Engineering

• Identifiers
  DOI 10.1109/JIOT.2023.3318180
• External record

  Open on Semantic Scholar

• Source metadata

  Semantic Scholar

• No claims are published for this paper.

• No concepts are published for this paper.

• A Lightweight and Conditional Privacy-Preserving Authenticated Key Agreement Scheme With Multi-TA Model for Fog-Based VANETs

  2023cited by this paper
• Anonymous and Efficient Authentication Scheme for Privacy-Preserving Distributed Learning

  2022influential reference
• Efficient Certificateless Online/Offline Signcryption Scheme for Edge IoT Devices

  2022influential reference
• A Provably Secure and Practical PUF-Based End-to-End Mutual Authentication and Key Exchange Protocol for IoT

  2021influential reference
• A Redesigned Identity-Based Anonymous Authentication Scheme for Mobile-Edge Computing

  2021influential reference
• Efficient Inter-Cloud Authentication and Micropayment Protocol for IoT Edge Computing

  2021cited by this paper
• A Secure Anonymous Identity-Based Scheme in New Authentication Architecture for Mobile Edge Computing

  2021influential reference
• Lightweight Broadcast Authentication Protocol for Edge-Based Applications

  2020cited by this paper
• LiKe: Lightweight Certificateless Key Agreement for Secure IoT Communications

  2020cited by this paper
• A Provably Secure and Efficient Identity-Based Anonymous Authentication Scheme for Mobile Edge Computing

  2020influential reference
• A Lightweight Authentication and Inter-Cloud Payment Protocol for Edge Computing

  2020cited by this paper
• A Lightweight Mutual Authentication and Key Agreement Scheme for Medical Internet of Things

  2019cited by this paper
• Lightweight remote user authentication protocol for multi-server 5G networks using self-certified public key cryptography

  2019influential reference
• An Anonymous ECC-Based Self-Certified Key Distribution Scheme for the Smart Grid

  2018cited by this paper
• The Role of Edge Computing in Internet of Things

  2018cited by this paper
• Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks

  2018cited by this paper
• Provably Secure and Lightweight Certificateless Signature Scheme for IIoT Environments

  2018influential reference
• A Robust and Energy Efficient Authentication Protocol for Industrial Internet of Things

  2018cited by this paper
• On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags

  2017cited by this paper
• Security and Privacy for Cloud-Based IoT: Challenges

  2017cited by this paper
• Challenges and Opportunities in Edge Computing

  2016cited by this paper
• Secure and Scalable Data Collection With Time Minimization in the Smart Grid

  2016cited by this paper
• Edge Computing: Vision and Challenges

  2016cited by this paper
• A Design of Key Agreement Scheme Between Lightweight Devices in IoT Environment

  2016cited by this paper
• Security Arguments for Digital Signatures and Blind Signatures

  2015cited by this paper
• Security Enhanced User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography

  2014cited by this paper
• Provably secure dynamic identity-based three-factor password authentication scheme using extended chaotic maps

  2014cited by this paper
• A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion

  2014cited by this paper
• Towards viable certificate-based authentication for the internet of things

  2013cited by this paper
• A New User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography

  2013cited by this paper
• An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks

  2013cited by this paper
• Beyond eCK: perfect forward secrecy under actor compromise and ephemeral-key reveal

  2012cited by this paper
• A Lightweight Message Authentication Scheme for Smart Grid Communications

  2011cited by this paper
• A note on leakage-resilient authenticated key exchange

  2009cited by this paper
• Security Enhancement on a New Authentication Scheme With Anonymity for Wireless Environments

  2006cited by this paper
• Efficient signature generation by smart cards

  2004cited by this paper
• A Note on Negligible Functions

  2002cited by this paper
• Canada

  2002cited by this paper
• Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels

  2001cited by this paper
• Elliptic Curve Arithmetic

  2001cited by this paper
• How to Leak a Secret: Theory and Applications of Ring Signatures

  2001cited by this paper
• Security Proofs for Signature Schemes

  1996cited by this paper
• Group Signatures

  1991cited by this paper
• Efficient Identification and Signatures for Smart Cards (Abstract)

  1989cited by this paper
• How to Prove Yourself: Practical Solutions to Identification and Signature Problems

  1986cited by this paper
• New Directions in Cryptography

  1976cited by this paper

• Edge-Cloud Collaborative Computing on Distributed Intelligence and Model Optimization: A Survey

  2025influential citation
• Privacy-Preserving Interdomain Authorization and Authentication for Internet of Things

  2025cites this paper
• Privacy-Preserving Authentication With Service Analytics for Forensic-Aware Cyber-Physical Systems

  2025cites this paper
• Securing the IoT-enabled smart healthcare system: A PUF-based resource-efficient authentication mechanism

  2024cites this paper
• A Lightweight Certificateless Mutual Authentication Scheme Based on Signatures for IIoT

  2024cites this paper
• Privacy-preserving and Anonymous Certificateless Mutual Authentication Protocol for WBAN

  2024cites this paper
• Secure and Efficient Biometric-Based Anonymous Authentication Scheme for Mobile-Edge Computing

  2024cites this paper
• A Secure Authentication Scheme with Local Differential Privacy in Edge Intelligence-Enabled VANET

  2024cites this paper