BCmECC: A Lightweight Blockchain-Based Authentication and Key Agreement Protocol for Internet of Things

【Author】 Lansky, Jan; Rahmani, Amir Masoud; Ali, Saqib; Bagheri, Nasour; Safkhani, Masoumeh; Hassan Ahmed, Omed; Hosseinzadeh, Mehdi

【Source】MATHEMATICS

【影响因子】2.592

【Abstract】In this paper, targeting efficient authentication and key agreement in an IoT environment, we propose an Elliptic Curve Cryptography-(ECC) based lightweight authentication protocol called BCmECC which relies on a public blockchain to validate the users' public key to provide desired security. We evaluate the security of the proposed protocol heuristically and validate it formally, which demonstratse the high level of the security. For the formal verification we used the widely accepted formal methods, i.e., BAN logic and the Scyther tool. In this paper we also analyse the security of recently proposed blockchain-based authentication protocols and show that this protocol does not provide the desired security against known session-specific temporary information attacks in which the adversary has access to the session's ephemeral values and aims to retrieve the shared session key. In addition, the protocol lacks forward secrecy, in which an adversary with access to the server's long-term secret key can retrieve the previous session keys, assuming that the adversary has already eavesdropped the transferred messages over a public channel in the target session. The proposed attacks are very efficient and their success probability is '1', while the time complexity of each attack could be negligible. Besides, we show that BCmECC is secure against such attacks.

【Keywords】authentication; blockchain; security; cryptanalysis

【发表时间】2021 DEC

【收录时间】2022-01-06

【文献类型】期刊

【主题类别】

区块链技术--