A Security Enhancement to The Secure Mutual Authentication Protocol for Fog/Edge

Yeni Farida; Arsya Dyani Azzahra; Andriani Adi Lestari; Sepha Siswantyo; Annisa Dini Handayani

doi:10.23887/janapati.v14i1.84725

Authors

Yeni Farida Politeknik Siber dan Sandi Negara
Arsya Dyani Azzahra National Cyber and Crypto Agency
Andriani Adi Lestari National Cyber and Crypto Agency
Sepha Siswantyo Cryptographic Engineering, National Cyber and Crypto Polytechnic
Annisa Dini Handayani National Cyber and Crypto Agency

DOI:

https://doi.org/10.23887/janapati.v14i1.84725

Keywords:

AVISPA, Fog computing, Man-in-the-middle attack, Mutual authentication, SMAP Fog/Edge

Abstract

A secured mutual authentication protocol (SMAP Fog/Edge) has been developed for fog computing. The protocol provides secure mutual authentication which lightweight and efficient for fog computing environments. However, based on AVISPA’s verification this protocol has been found to be vulnerable to man-in-the-middle attacks due to the absence of an authentication scheme between authentication server and the edge user. The attacks are carried out assuming that the public key of the fog server is not distributed over a secure channel. We propose to modified this protocol to enhance the security of SMAP Fog/Edge and make it resistant to man-in-the-middle attacks. The proposed protocol is revalidated using the AVISPA tool to determine whether the vulnerability still exists. Additionally, we suggest a mechanism that utilizes encryption and digital signatures to substitute the secure channel for distributing the public key of the fog server and authenticating edge users by the authentication server.

References

M. Villari, M. Fazio, S. Dustdar, O. Rana, and R. Ranjan, “Osmotic Computing: A New Paradigm for Edge/Cloud Integration,” IEEE Cloud Comput., vol. 3, no. 6, pp. 76–83, 2016, doi: 10.1109/MCC.2016.124.

F. Bonomi, R. Milito, J. Zhu, and S. Addepalli, “Fog computing and its role in the internet of things,” in Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, in MCC ’12. New York, NY, USA: Association for Computing Machinery, 2012, pp. 13–16. doi: 10.1145/2342509.2342513.

A. M. Alwakeel, “An Overview of Fog Computing and Edge Computing Security and Privacy Issues,” Sensors, vol. 21, no. 24. 2021. doi: 10.3390/s21248226.

J. M. Kimeu, M. S. Mtoi, J. P. Riwa, and R. Sinde, “Internet of Things Security in Cloud: A Review on Fog Layer Security,” in 2023 IEEE AFRICON, 2023, pp. 1–6. doi: 10.1109/AFRICON55910.2023.10293490.

J. Ni, K. Zhang, X. Lin, and X. Shen, “Securing Fog Computing for Internet of Things Applications: Challenges and Solutions,” IEEE Commun. Surv. Tutorials, vol. 20, no. 1, pp. 601–628, 2018, doi: 10.1109/COMST.2017.2762345.

K. Tange, M. De Donno, X. Fafoutis, and N. Dragoni, “A Systematic Survey of Industrial Internet of Things Security: Requirements and Fog Computing Opportunities,” IEEE Commun. Surv. Tutorials, vol. 22, no. 4, pp. 2489–2520, 2020, doi: 10.1109/COMST.2020.3011208.

M. Alsamman, Y. Fazea, F. Mohammed, and M. A. M. Kehail, “Fog Computing in Smart Cities: A Systematic Review,” in 2023 3rd International Conference on Emerging Smart Technologies and Applications (eSmarTA), 2023, pp. 1–8. doi: 10.1109/eSmarTA59349.2023.10293505.

S. R. Homadi and O. A. Dawood, “Secure Mutual Authentication Scheme in Fog Computing: Survey,” in 2023 Al-Sadiq International Conference on Communication and Information Technology (AICCIT), 2023, pp. 298–303. doi: 10.1109/AICCIT57614.2023.10218090.

M. Hamada, S. A. Salem, and F. M. Salem, “LAMAS: Lightweight anonymous mutual authentication scheme for securing fog computing environments,” Ain Shams Eng. J., vol. 13, no. 6, p. 101752, 2022, doi: https://doi.org/10.1016/j.asej.2022.101752.

R. Kalaria, A. S. M. Kayes, W. Rahayu, and E. Pardede, “A Secure Mutual authentication approach to fog computing environment,” Comput. Secur., vol. 111, p. 102483, 2021, doi: https://doi.org/10.1016/j.cose.2021.102483.

U. Verma and D. Bhardwaj, “Elliptic Curve Cryptography based Centralized Authentication Protocol for Fog enabled Internet of Things,” Int. J. Comput. Digit. Syst., vol. 11, no. 1, pp. 95–105, 2022, doi: 10.12785/ijcds/110107.

U. Verma and D. Bhardwaj, “A secure lightweight anonymous elliptic curve cryptography-based authentication and key agreement scheme for fog assisted-Internet of Things enabled networks,” Concurr. Comput. Pract. Exp., vol. 34, no. 23, p. e7172, Oct. 2022, doi: https://doi.org/10.1002/cpe.7172.

M. S. Pardeshi, R.-K. Sheu, and S.-M. Yuan, “Hash-Chain Fog/Edge: A Mode-Based Hash-Chain for Secured Mutual Authentication Protocol Using Zero-Knowledge Proofs in Fog/Edge,” Sensors, vol. 22, no. 2. 2022. doi: 10.3390/s22020607.

M. S. Pardeshi and S.-M. Yuan, “SMAP Fog/Edge: A Secure Mutual Authentication Protocol for Fog/Edge,” IEEE Access, vol. 7, pp. 101327–101335, 2019, doi: 10.1109/ACCESS.2019.2930814.

A. D. Azzahra, Y. Farida, and A. A. Lestari, “Formal Analysis of SMAP Fog/Edge Protocol Using AVISPA,” in 2022 1st International Conference on Smart Technology, Applied Informatics, and Engineering (APICS), 2022, pp. 31–35. doi: 10.1109/APICS56469.2022.9918818.

L. Viganò, “Automated Security Protocol Analysis With the AVISPA Tool,” Electron. Notes Theor. Comput. Sci., vol. 155, pp. 61–86, 2006, doi: https://doi.org/10.1016/j.entcs.2005.11.052.

S. Goudarzi et al., “A privacy-preserving authentication scheme based on Elliptic Curve Cryptography and using Quotient Filter in fog-enabled VANET,” Ad Hoc Networks, vol. 128, p. 102782, 2022, doi: https://doi.org/10.1016/j.adhoc.2022.102782.

H. Rhim, K. Tamine, R. Abassi, D. Sauveron, and S. Guemara, “Enhancing security using digital signature in an efficient Network Coding-enabled WSN,” in 2021 18th International Multi-Conference on Systems, Signals & Devices (SSD), 2021, pp. 70–78. doi: 10.1109/SSD52085.2021.9429522.

R. Indah Lestari, V. Suryani, and A. Arif Wardhana, “Digital Signature Method to Overcome Sniffing Attacks on LoRaWAN Network 533 Original Scientific Paper,” Int. J. Electr. Comput. Eng. Syst., vol. 13, no. 7, pp. 533–539, 2022.

L. Dong and K. Chen, “Automated Analysis of Cryptographic Protocols Based on Trusted Freshness,” in Cryptographic Protocol, L. Dong and K. Chen, Eds., Berlin, Heidelberg: Springer Berlin Heidelberg, 2012, pp. 341–369. doi: 10.1007/978-3-642-24073-7_9.

A. H. Shinde, U. A.J., and P. N.R., “Cryptographic Protocols Specification and Verification Tools - a Survey,” ICTACT J. Commun. Technol., vol. 08, no. 02, pp. 1533–1539, 2017, doi: 10.21917/ijct.2017.0226.

J. Dreier, L. Hirschi, S. Radomirovic, and R. Sasse, “Automated Unbounded Verification of Stateful Cryptographic Protocols with Exclusive OR,” in 2018 IEEE 31st Computer Security Foundations Symposium (CSF), 2018, pp. 359–373. doi: 10.1109/CSF.2018.00033.

E. Lara, L. Aguilar, and J. A. García, “Lightweight Authentication Protocol Using Self-Certified Public Keys for Wireless Body Area Networks in Health-Care Applications,” IEEE Access, vol. 9, pp. 79196–79213, 2021, doi: 10.1109/ACCESS.2021.3084135.

H. Khalid, S. J. Hashim, S. M. Ahmad, F. Hashim, and M. A. Chaudhary, “SELAMAT: A New Secure and Lightweight Multi-Factor Authentication Scheme for Cross-Platform Industrial IoT Systems,” Sensors, vol. 21, no. 4. 2021. doi: 10.3390/s21041428.