Introduction

Cloud computing providers handle software updates, patches, and system maintenance, ensuring that applications and infrastructure are always up-to-date without requiring user manual intervention. They also offer backup and disaster recovery solutions, resources management, applications, and data from a single location. Despite the many outstanding benefits of cloud computing, it has many drawbacks, including excessive latency, inadequate bandwidth, excessive energy consumption, dangers to data security and privacy, etc, and is not suitable directly for IoT applications. However, the edge-IoT ecosystem, focusing on decentralized computing at the network’s edge, is poised to revolutionize data processing and management, offering a promising future for IoT applications [1].

The self-change (decentralization) of the edge computing paradigm is a necessary evolution for several applications, including industrial automation and healthcare. It promises to improve responsiveness, lower latency, maximize resource usage, and increase efficiency and performance [2]. This ecosystem processes data close to its source to minimize latency, bandwidth usage, and real-time analytics, which is only possible by integrating IoT devices and the edge server, lessening the need for centralized cloud resources. One key aspect of this integration is ‘job offloading balance,’‘ a technique that distributes computational tasks between the IoT devices and the edge server, thereby significantly improving system performance [3]. In addition to limiting the resources on the user/IoT side, the edge server allows on-device data processing, which speeds up decision-making and enhances security [4]. Innovative resource management techniques are necessary because an edge server frequently lacks sophisticated analytics processing capacity [5]. Despite the many benefits of the edge-IoT ecosystem and its decentralized nature, it presents interoperability, security, and privacy issues that can only be mitigated by designing a robust, secure, and lightweight authentication system to audit the protection of critical information.

As stated, the edge computing paradigm has drawn interest from various sources by bringing processing and storage resources closer to IoT applications, significantly reducing processing time [6]. This is partially achieved by the role of edge nodes, which can perform some operations directly, reducing the pressure on cloud computing, which in turn can benefit by protecting IoT/user data security and ensuring the controllability of sensitive data [7]. It also improves the IoT/user response time and reduces network latency [8]. With these capabilities, the edge-IoT ecosystem has the potential to outperform better than other computer paradigms, leading to an exciting future for IoT technology. Therefore, the security of the edge-IoT ecosystem is of utmost importance. Making it more advanced and safe against numerous threats is crucial, as the attacker can fabricate the user/sensor/IoT side data and influence the decision and control outcomes [9]. Attackers might hack edge nodes to conduct malicious actions like a denial of service (DoS) and insider attacks to stop the authorized user/IoT from using the services of the edge server. So, it is challenging to address these concerns and maintain edge-IoT ecosystem security because they hold and process data in many application areas, including smart homes, weather forecasting, and e-healthcare systems [10]. These application areas of the edge-IoT ecosystem are more sensitive and transmit voluminous data via a hostile environment that exposes them to the possibility of being compromised by attackers. Given the sharp increase in attacks directed at edge computing infrastructures, it is critical to create robust security measures against these risks in recent years [11].

Furthermore, IoT’s resource-constrained and limited performance characteristics introduce additional challenges in developing and implementing security measures. The extensive number of sensors, wearables, and servers in the architecture can significantly affect IoT applications, especially when security techniques impose a heavy computational burden [12]. Therefore, continuous efforts are essential to tackle these challenges and urgently create a secure ecosystem, highlighting the importance of balancing performance and security trade-offs. With this critical task in mind, the key contributions of this research are as follows:

* To introduce a security mechanism for the edge-IoT ecosystem by utilizing a lightweight cryptographic method called ECC in which the sensor/IoT devices dynamically prove their authenticity in the decentralized environment and generally show resistance to all known threats, and specifically impersonation, insider, denial of service (DoS), and replay attacks.

* A Real-Or-Random (RoR) model, ProVerif validation, and informal discussions are robustly scrutinizing the security of the proposed authentication scheme. This priority of security analysis through these well-known methods provides reassurance of the proposed protocol’s robustness.

* To measure the performance by considering storage, communication, and computation costs.

* To check its efficacy and robustness, the proposed protocol will be compared with state-of-the-art protocols in terms of computational time complexity and communication cost.

* To ensure a balance among the performance-security trade-offs is challenging, as these are contradictory features, and a change in one inversely affects the other, which is often missing in existing works available in the literature.

The remainder of the article is structured as follows: the preliminaries and background section demonstrates the foundation concepts and methods utilized in this research article, the related works section overviews the existing literature and identifies loophole(s) in it, and the system model section presents the proposed network model, threats to the system in the threat model, and fixed design goals for demonstrating the proposed authentication protocol. In the proposed authentications scheme section of the article, the ECC-based protocol for the edge-IoT ecosystem has been presented utilizing the SHA256 algorithm; in the analysis and discussion section, the proof of correctness of the proposed authentication scheme has been conducted both formally and informally, while in the performance analysis section, the efficiency and efficacy of the proposed protocol have been measured by considering computation, communication, and storage costs and then compared the proposed protocol with prior works, while in the conclusion section described what we have concluded while conducting this research work.

Preliminaries and background

This section of the article presents the foundation knowledge pertaining to conducting this research work compressively. These preliminary concepts include IoT, ECC, and associated terminologies and definitions which are explained one by one as follows:

Edge-IoT ecosystem

Edge-IoT Ecosystem The edge-IoT ecosystem [13] is a complex web of interconnected layers, including the device, node, and cloud layers. These layers work in tandem to bring the virtual and real worlds together, each with its unique role and challenges.

Device layer.

This layer includes all devices, such as sensors, wearable technology, smart meters, cell phones, and video security cameras. These devices often process and transfer data from physical objects/devices to an edge server. These IoT devices have limited battery, processing, storage, and communication capabilities. The IoT device layer connects the real and virtual worlds to an edge server [13].

Node-layer.

A crucial part of the IoT, the edge node layer connects most IoT devices, such as smart thermostats, sensors, wearables, smartphones, smart watches, and other network-enable accessories. Heterogeneous networks connect all these wearables into the edge nodes to facilitate smooth transitions to the ecosystem. The voluminous data produced by these wearables can be processed and transmit control flows back to the edge node. The job offloading to the edge node is in full control until it reaches cloud servers if the task complexity exceeds the computation capabilities of the edge node layer [13].

Cloud layer.

The cloud server layer, which houses the centralized computing unit, plays a pivotal role in the IoT architecture. It is here that tasks with high complexity are offloaded from the edge nodes, thanks to the cloud servers’ strong processing capacity and ample data storage. This layer handles the highest degree of authentication, processing, and integration, making it a crucial part of the ecosystem [13].

The current research does not delve into the cloud layer, as the primary issue is concentrated in the device/node layers. However, these resource-constrained layers with limited processing capabilities and low bandwidth are vulnerable to exploitation by adversaries. The potential for an adversary to seize control of the connection between the device layer and edge layer, thereby disrupting the broadcast of sensitive information, underscores the urgency of our research.

IoT architecture

The Internet of Things (IoT) is a robust tool in today’s technological landscape, comprising three main layers: application, middleware, and network layers. Each layer can be described as follows:

Application layer.

As the topmost layer, the application layer plays a vital role in the practical implementation of IoT by processing data for various uses. Data visualization in this layer utilizes graphs, flowcharts, business models, and other formats, with applications ranging from smart homes and intelligent vehicles to smart cities and automated car parking systems. However, this layer is susceptible to various attacks, including phishing, buffer overflow, denial-of-service (DoS), cross-site scripting attacks, and concerns regarding data privacy [14].

Middleware layer.

The middleware layer serves as more than just a line between the network and application layers in the IoT architecture; it acts as a critical link that manages the implementation of vendor-specific services tailored to handle various types of IoT node data. This layer simplifies the management, pre-processing, and archiving of the data generated by IoT nodes. Nonetheless, it is a prime target for various vulnerabilities, including application security breaches, unauthorized access, and replay attacks.

Network layer.

The network layer within the IoT architecture is responsible for data routing and ensuring secure transmission throughout the system. It facilitates data communication through various protocols, such as Zigbee and 6LoWPAN [14], and is heavily dependent on the middleware layer for subsequent processing and operations. The network layer also plays a crucial role in managing the connectivity of IoT devices, ensuring that data is transmitted efficiently and securely.

IoT security models

The versatility of IoT is truly remarkable, with its applications spanning from healthcare to logistics, smart cities, infrastructure monitoring, e-governance, smart car parking, rescue and emergency support centers, and more. This wide range of uses not only underscores the increasing importance of IoT but also presents a fascinating landscape of possibilities. The transmission of data via wireless channels and its security are major concerns, and to address these, numerous organizations, researchers, and businesses have presented various models [15–19] to secure the data breaches noted in IoT. Let’s delve into some of these models:

Risk-based model.

This model offers a unique advantage by using artificial intelligence (AI), deep learning, and risk assessment algorithms to identify threats in IoT. It can also generate automated responses when data breaches occur, providing a swift and effective countermeasure [15].

Zero-trust security model.

The Zero-Trust Security Model, a robust system that protects sensitive information, holds significant promise for IoT. Its wide adoption in private networks is a testament to its potential, especially in light of the inadequacy of existing models in meeting the security requirements for IoT [16].

Machine Learning (ML) model.

The analyzed data, ML, has been used to develop algorithms that efficiently learn and adapt new risk assessment mechanisms. This model integrates ML with advanced encryption standards to build a hybrid system for IoT data security [17].

Blockchain-based model.

This is the newer technology adopted for IoT to provide better security, confidentiality, privacy, and integrity of exchanged information. Blockchain-based security models enhance transparency in analyzing the data received from IoT, self-executing capabilities, and decreasing the risk of unauthorized access [18].

Multi-factor authentication model.

The Multi-factor Authentication Model, a comprehensive system that uses passwords, hardware, biometrics, and unique identities, offers not only faster services but also robust security in IoT [19]. Its robustness provides a sense of reassurance in the face of IoT’s security challenges.

In this context, Nakkar et al. [20] introduced a multi-factor authentication model for the edge computing paradigm, emphasizing the potential of edge computing as a beacon of hope in the decentralized network topologies of the IoT era. Despite its security challenges, primarily due to the inherent wireless communication channel in the edge IoT structure, which introduces numerous security risks, the model based on symmetric cryptography offers a ray of hope. This model claims to provide robust security features like forward/backward secrecy, anonymity, and mutual authentication, instilling a strong sense of security and confidence in the potential of edge computing. Liu et al. [21] also proposed an adaptive and efficient multi-factor authentication model for edge-IoT environments that utilizes a simple hash-cryptographic algorithm to secure resource-constrained IoT applications. Jan et al. [22] also presented the same model for the dew computing paradigm using the ECC technique, and Zhang et al. [23] also presented a multi-factor model for an edge–fog–cloud architecture, enhancing security through a stateless mechanism.

Elliptic Cure Cryptography (ECC).

The algebraic structure of elliptic curves over finite fields is the foundation for the modern public-key encryption method called Elliptic Curve Cryptography (ECC). Compared to traditional cryptographic techniques such as RSA, ECC provides strong security with considerably smaller key sizes, making it a preferred choice for secure data transmission, encryption, and digital signatures, used by [21].

ECC is represented by the mathematical equation y² = x³ + ax + b, where a and b are constants. An interesting property of this curve is that any straight line that intersects it twice will also intersect it a third time. This point can be reflected across the x-axis to create a new curve point. In this process, a randomly selected integer acts as the private key, while a pre-defined base point (known as the generator point) on the elliptic curve is multiplied by the private key to generate the corresponding public key adopted by [23]. Although this computation is straightforward, reversing it is considerably difficult.

The robust security offered by ECC is a significant factor in its widespread adoption across contemporary cybersecurity applications, including IoT, cloud computing, edge computing, fog computing, and dew computing. ECC stands out as a powerful and efficient cryptographic technique, delivering strong security with minimal resource consumption, thus instilling in users a sense of safety and protection.

IoT security requirements

Security is still a major concern for IoT. The following are the key requirements for developing a security model/scheme for exchanging information from IoT systems into edge servers over a wireless channel [24–26].

Confidentiality.

Data secrecy is not just a desirable feature, but an essential one to prevent data from being disclosed. Many low-resource IoT applications communicate sensitive information, and an attacker can intercept and hack valuable information when transmitted from IoT towards the edge server. This eavesdropping may cause catastrophic harm to the edge-IoT ecosystem because the adversary can use the information and user for several malicious activities. The potential risks of not ensuring confidentiality are significant and should be a primary concern in IoT security [24]. ECC in combination with SHA256 can guarantee this security feature in the proposed protocol.

Integrity.

Integrity is not just a security feature, but a requirement for the information communicated over an insecure channel. Without ensuring integrity, an attacker may change the content of messages sent from IoT to the edge server or the intended recipient. The potential for catastrophic harm in the absence of integrity is significant, making it a critical aspect of IoT security [25].

Availability.

Availability is a critical aspect of IoT security, particularly in ensuring continuous access to data. IoT’s efficient operation relies on monitoring physical environments, gathering information, storing and analyzing data, and transmitting it to the edge server over wireless communication channels. If this security feature is not ensured, an attacker could compromise the gathered sensitive information, potentially leading to catastrophic effects in life-saving applications due to delays or unavailability of essential data [26].

Authentication.

Authentication can be either a message or device authentication. It is a critical component of all security models. Without proper authentication, no one guarantees security, privacy, and all associated security features because it allows the verification of a reliable end device while transmitting data to the edge server [25,26].

Related works

The edge-IoT ecosystem faces several critical security issues and challenges impacting its optimum performance and integration. These challenges, which stem from the complexity of managing diverse IoT, ensuring security, and maintaining efficient data processing, are urgent and require immediate attention [27,28]. The heterogeneity and resource-constrained nature of edge-connected IoT exhibit significant diversity in hardware and software, complicating application deployment and management across multiple sites. These resource-constrained devices need more computational power for complex analytics, necessitating innovative resource management strategies [29]. However, security is still a major concern due to the decentralized and distributed nature of the edge computing paradigm that easily introduces new security vulnerabilities and can only be managed by requiring robust measures for protecting sensitive data [30]. Privacy, scalability, and interoperability issues arise when the data is transferred from IoT to the edge server over a wireless channel. The task-offloading algorithm and effective security protocol can handle such problems by integrating numerous heterogeneous IoT devices with edge servers [31]. Ensuring scalability, privacy, security, and flexibility challenges for the edge IoT ecosystem can significantly present opportunities for innovation in edge computing technologies, leading to more resilient and efficient IoT ecosystems [32,33]. Addressing these issues will be essential for developing smart applications and services for such a decentralized environment [34].

The IoT network is rapidly expanding, with billions of low-cost devices connecting, which poses a potential security threat. With their limited energy, storage, and computation capabilities, these devices are increasingly vulnerable as they access the open network. It is important to note that these limitations often make protecting those using traditional cryptographic techniques impossible. Consequently, numerous researchers have proposed various innovative security mechanisms to protect these transmissions. For instance, the research by Dubrova et al. [35] examined whether the restrictions of resource-constrained IoT devices are met by the Cipher-based Message Authentication Code (CMAC) and KECCAK Message Authentication Code (KMAC). They [35] further demonstrated that CMAC is smaller and more potent than KMAC, providing robust security while using minimal resources. The researchers from [36,37] argued that public key cryptography required a large percentage of processing overhead; existing techniques based on public key cryptography still need to be improved for resource-constrained IoT applications. Therefore, they [36,37] proposed innovative security mechanisms for substantial computational complexity, robust authentication, data security, and the preservation of privacy using group management techniques, which could significantly enhance the security of the IoT network.

Similarly, the researcher in [38] suggested a certificate-based method for secure authentication across the edge-IoT ecosystem. Their [38] scenario offered a mutual authentication among the wearables/sensors embedded in the patient’s bodies and confirmed the confidentiality, and data leakage did not occur while using their scheme. They [38] also presented a low-complexity security and authentication system to reduce energy consumption and increase the lifespan of the medical system because each IoT device has a limited battery capacity. The researchers of [39] presented an implementation scenario for a hospital in the healthcare platform using ZigBee mesh technology, a practical and efficient solution. In contrast, the researchers in [40] demonstrated that numerous wireless media are available in clinical settings, including one with a particular purpose related to m-health and e-health. They proposed a reassuring solution using NFC for the patient data of type m-health status, arguing that information would be gathered from that exact room using Bluetooth technology and onward be transmitted to the edge node in a secure method; they [40] proposed IPv6 over Low-Power Wireless Personal Area Networks (6LowPAN) for the data of type e-health by monitoring each unit of the healthcare industry.

Yenuganti et al. [41] used accelerometer data from sensors to establish sensor authentication, checking whether the devices were being used by the same person’s body around the waist. They [41] stated that accelerometer data, which measures the body’s movement, can easily be used to analyze a person’s walking patterns. The results they [41] obtained from the method based on these walking patterns, collected through a cellphone with accelerometers placed in the exact location in the person’s body, revealed that these patterns are similar. In [42], the symmetric and asymmetric security technique for IoT was discussed in detail, providing practical insights for implementation. This practical guidance is particularly valuable for professionals in the field. The researchers in [43,44] have discussed using a global hash function for defining the HMAC. The algorithms they [42–44] have discussed include SHA-1, MD5, RIPEMD, and several HMAC variants like HMAC-SHA1, HMAC-MD5, and HMAC-RIPEMD.

The authors in [45] proposed a key agreement scheme, [46] presented a privacy-preserving security mechanism, and [47] designed an ECC-based scheme for resource-constrained IoT applications. They demonstrated that blockchain technology, a pioneering solution, is an efficient and secure message authentication solution. This technology can easily authenticate the edge-IoT ecosystem by controlling unauthorized user data and users’ transmitting security over the decentralized network. They [45–47] further highlighted the benefits of blockchain operations by thoroughly examining, revealing, and formally validating their mechanisms. Their [45–47] implementation approaches have achieved all the security goals defined and said that the ECC usage for authentication, compared to the other methods, provides an unparalleled level of security, instilling a sense of confidence in the data transmission from IoT. However, managing them requires a lot of computing and storage resources. They [48] have compared the CRC and KECCAK in the same environments, along with a combination of MD5 and SHA-1. After that, in [49], the MD5 and SHA-1 were used to design the IBOOS scheme. Radiofrequency (RF) is used to regulate software-defined networks (SDN) by providing error control and secure authentication [50]. A power-efficient solution was proposed in shipping identification and storage management using back-scatter technology [51] and tagged data transmitted through regulated sources. They [51] have simulated via MatLab by showing that their proposed scheme is efficient performance, offering detailed benefits of the efficient performance.

Tan et al. [52] highlighted the challenges to the industrial Internet of Things (IIoT) by arguing that the transformation of data in a conventional manner is not safe and is very slow; the IIoT collects, processes, stores, and transmits data among various machines for mechanical activity. However, collecting and transmitting IIoT data can be done through the open network, which can be affected when an unauthorized user can participate in the network. To eliminate the harmful activity of an attacker in the IIoT network, authentication is the most attractive technique that can be fulfilled through a digital signature [52]. For the authentication of users in the IIoT ecosystem, Karati et al. [53] proposed a certificateless signature-based scheme. They claimed that [53] is efficient regarding computation and communication overheads and safe against type 1 and 2 adversaries. Type 1 adversaries are those who can intercept and modify the communication between legitimate users, while type 2 adversaries are those who can impersonate a legitimate user. However, according to the detailed cryptanalysis of Karati et al. [53], Zhang et al. [54], and Zhang et al. [55], these schemes are not secure from type 1 and type 2 adversaries. Zhang et al. [55] also presented a certificateless signature-based scheme utilizing ECC and claimed that their scheme requires less computational effort. Xiong et al. [56] have developed a certificate-based approach for the IIoT environment, leveraging key insulation utilizing ECC. Rezaeibagha et al. [57] have introduced an enhanced approach using the same certificateless signature-based scheme that showed resilience to both type 1 and 2 adversaries. However, their scheme, like many others, is unsafe against forgery attacks, which can severely impact IIoT security.

Finally, Ali et al. [58] devised a certificateless approach for the IIoT environment, employing hyper-elliptic curve cryptography. They argued that their scheme is more efficient regarding computational and communication costs than the existing certificate-based signature schemes for the IIoT environment. However, their [58] scheme has these flaws, including the use of certificateless cryptography, which can affect the partial private key distribution algorithm and fails to provide the facilities for data aggregations. Verma et al. [59] present a significant advancement with their new approach that removes the partial private key distribution problem using certificate-based cryptography and includes the data aggregation technique that performs aggregation on data in run time. However, their [59] approach cannot withstand type 1 and type 2 adversaries and concerns unforgeability property [59]. Then, utilizing the bilinear pairing operation with the key insulation method, the authors in [60] used the certificate-based aggregate signature scheme. However, due to heavy operations in bilinear pairing, their scheme is not efficient and effective in performance. Hwang and Lee [61] proposed a certificate-based aggregate signature scheme using the elliptic curve point multiplication operations with a key insulation method.

In conclusion to the prolonged literature survey, it was crystal clear that despite the many advantages of cloud computing—including flexibility, accessibility, efficiency, and cost savings—it still faces challenges such as potential data loss, security issues, limited control, and availability concerns. To address these challenges, experts have introduced the edge computing paradigm, which aims to outperform cloud computing in these areas. Edge computing is directly connected to the Internet of Things (IoT), sensors, and wearable devices in a decentralized manner, distributing processing power closer to the data source rather than relying on a central cloud server for all computations. This approach enables faster data processing and reduced latency by handling data locally at the network’s edge, where it is generated. However, the resource-constrained nature of IoT devices, sensors, and wearables has led to numerous data breaches due to vulnerabilities associated with sensitive data proximity, physical tampering, privacy concerns stemming from user proximity to data collection, and the challenges of managing security across a multitude of edge devices. Current authentication schemes have not adequately addressed the security requirements of the edge computing paradigm; they often have design flaws, are vulnerable to various threats—such as impersonation, insider attacks, denial of service (DoS), and replay attacks—or suffer from inadequate performance due to reliance on resource-intensive cryptographic algorithms, such as modular exponentiations. Given the urgent need for robust security mechanisms in the dynamic and vulnerable edge IoT ecosystem, this article proposes an ECC-based robust authentication scheme tailored for resource-constrained IoT environments.

System models

This section of the article presents the proposed network model and potential threats to the system. It outlines the objectives for designing a robust authentication protocol tailored for the edge-IoT ecosystem. The following sections will explain these fundamental concepts one by one:

Network model

The proposed network model is a robust system that powerfully underscores the security challenges of the edge-IoT environment, which is not only resource-constrained but also dynamic and vulnerable to potential threats. The proposed network model consisted of mainly three essential entities: the sensor/IoT device, the gateway node, and the edge server. The gateway node plays a critical role by facilitating networking and communication with a strengthened focus on security. Once registered with the gateway node, the IoT/sensor devices and edge server can be activated to execute various practical and tactical tasks, enhancing the practicality of the network model. This focus on security generates a network model suitable for multiple applications, including logistics, transportation, smart cities, car parking, and infrastructure surveillance, e-healthcare, and pipeline inspection. A diagrammatic representation of the network model is depicted in Fig 1. The functions of the participants in the proposed network model are detailed as follows:

[Figure omitted. See PDF.]

Edge server.

The edge server, functioning similarly to a traditional server, is placed in individualistic locations. This strategic placement allows data processing close to the end user, particularly in environments like self-driving cars, smart homes, industrial settings (IIoT), hospitals powered by IoT technologies, search and resecure operations and support logistics. An edge server enhances responsiveness, enabling real-time solutions for processing and storing data from multiple IoT devices within the respective application areas while facilitating multi-tenant virtualization. However, this proximity introduces significant security risks, as adversaries may compromise system operations by infiltrating these processing units from both internal and external sources. Addressing this critical concern, this article will soon present a promising solution that is aimed at securing this emerging paradigm. This solution is a key part of the article and will be discussed in detail in the upcoming section.

Gateway.

The centralized entity/participant, a trusted contributor to the proposed Network model, facilitates edge IoT services for its clients. The employing approach generates parameters/credentials and executes secret keys stored in the memories of the participating entities for later establishing a mutual authentication and cross-synchronization of the ecosystem. The reliability of this entity is not just a feature but a foundational element of the system’s security, underscoring its importance and impact on the overall system. It offers networking capabilities to the entire system, registers each participant, and deploys them for effective task execution.

IoT/sensing devices.

The term “Internet of Things” refers to a category of objects capable of communicating with other devices and systems via the Internet or other communication networks. These devices, which are equipped with sensors, processors, software, and various technologies, have considerable potential to transform how we interact with technology and our surrounding environment. In the proposed network model, IoT/sensing devices will be placed in the application area for real-time data collection, should be sent to the gateway through a wireless channel, and from there, will be securely forwarded to the edge server for purposes, ensuring the utmost confidence in data transmission.

Threat model

This research utilizes the threat models established by Canetti-Krawczyk (CK) [62] and Dolev-Yao (DY) [63]. According to these models, a system that offers online services may encounter a variety of threats, including the following:

False data injection threat.

Under the False Data Injection Threat, an adversary could manipulate the information collected by sensors or wearable devices, potentially capturing sensitive credentials for malicious use. The potential damage of such an attack underscores the urgency of robust security measures.

Privacy threat.

An adversary could exploit an open network channel by employing identity theft techniques, redirecting packet flows, and de-authenticating the involved entities [64]. Such actions would jeopardize the privacy of the end user and other system participants.

Traffic analysis threat.

An adversary may intercept packets exchanged among participants, analyze their content, and exploit this information maliciously. Since data collection occurs through sensors or wearables utilizing wireless communication, this medium presents vulnerabilities that can be exploited. If the security mechanisms are inadequate, an adversary can easily scrutinize the transmitted credentials and messages, potentially extracting sensitive internal information from these packets.

Access control threat.

In the case of an Access Control Threat, an adversary can uncover policies, rules, and the legitimacy of authorized participants, subsequently gaining unauthorized control. This threat underscores the necessity for robust security measures, as proactive strategies are essential to mitigate such risks.

Identity spoofing threat.

An adversary gaining access through a spoofed identity can impersonate a legitimate user or a system component. This allows the adversary to gain unauthorized access or potentially disrupt normal operations.

Replay attack.

In a Replay Attack, an attacker can capture data from an open channel, eavesdrop on communications, and later utilize this information for illegal system access. This threat underscores the importance of continuous monitoring and vigilance, as security measures should be persistent rather than one-off efforts.

Desynchronization threat.

When a legitimate user attempts to update their identity for an upcoming session, they may remain unaware of changes to their user identity, leading to a desynchronization threat. This can result in the user being unable to connect with the legitimate server for services, significantly disrupting their experience. Furthermore, if an adversary gains access to the server and disrupts shared memory synchronization, the desynchronization threat is exacerbated.

Man-in-the-middle (MITM) attack.

In this scenario, an adversary intercepts packets transmitted to the server, reroutes them, modifies the communication flow, and steals the identity of the original sender, thereby impersonating the entire system. The stealth and complexity of this attack make it crucial for us to have advanced detection and prevention measures in place.

Stolen-verifier attack.

Here, an attacker steals a sensor, wearable device, or IoT device and extracts its internal secret credentials. These stolen credentials can be misused for potential replay, masquerade, or denial-of-service (DoS) attacks, highlighting the severity of the situation.

Analytical attack.

An adversary employs cryptanalysis, power analysis, and reverse engineering techniques to derive valuable parameters from exchanged messages. This enables them to quickly recover cryptographic session keys, which they can then exploit to establish their own session with the system.

Design goals

When designing a security protocol, several key features and objectives must be achieved, including mutual authentication, anonymity, confidentiality of identities, unforgeability of messages, forward secrecy, mitigation of secret key leakage, and identity authentication [62–64]. The primary design goals for the proposed security mechanism are as follows:

Mutual authentication.

This fundamental aspect of network security ensures that all participating entities authenticate one another through a communication channel. This process not only guarantees that network users are interacting with genuine entities but also provides a sense of security to servers, assuring them that all sensors, wearables, or IoT devices seeking access are doing so for authorized purposes.

Anonymity.

Safeguarding the identity of sensors, wearables, or IoT devices over a public channel is crucial in the design of the security scheme. There must be no means to link an individual’s actions to a valid identity within an edge server or gateway node that claims to maintain anonymity. While achieving anonymity is an essential design goal in cryptographic systems, it comes with challenges; the system’s overall security may be compromised if not implemented correctly.

Confidentiality.

The data generated by sensors, wearables, or IoT devices must be kept confidential and accessible solely to the designated edge server or legitimate recipient. The ciphertext should remain unrecognizable to an attacker on the public network and should not resemble the plaintext in any way. Only the edge server or authorized IoT device should be able to decrypt the ciphertext and retrieve the original plaintext to ensure confidentiality.

Unforgeability.

If a forgery can generate a valid message from an open network channel that successfully passes through the hash function, then the protocol fails to ensure unforgeability. However, the proposed scheme effectively mitigates this risk.

Forward secrecy.

Perfect Forward Secrecy (PFS), often referred to as Forward Secrecy (FS), is a protocol feature that continuously changes the keys for encrypting and decrypting data. This ongoing process ensures that even if the most recent key is compromised, only a limited amount of sensitive data is exposed, instilling confidence in the system’s resilience and preventing an adversary from accessing other credentials in the system.

Secret key leakage.

It occurs when the single key necessary for encrypting and decrypting communications is a shared secret between the sender and recipient.

Identity authentication.

Authentication is an essential component of network security that validates individuals’ identities. It relies on additional information that is only accessible to a specific person. By incorporating an extra layer of identity verification, authentication not only validates the identity but also expands the range of identifying information required to achieve a valid match, ensuring the thoroughness of the security measures.

Proposed authentication scheme

This section of the research work continues the discussion by illustrating the proposed solution for the system architecture presented in section 4 of the article. The proposed solution consists of sequential stages, including edge server registration, user registration, and mutual authentication. These phases of the proposed protocol are explained separately, and Table 1 displays the terminology for the different notations used for designing the protocol.

[Figure omitted. See PDF.]

Setup phase

In this protocol phase, the gateway node (GWN) meticulously selects a curve E_P(x, y) over a finite field F_P and chooses a point α on a curve. The gateway node (GWN) then determines an integer number S_GWN, called a secret key and calculates PK_α=S_GWN×α with utmost precision as the public key. Further, the gateway node (GWN) selects two points (x, y) as secret numbers. The secret keys with the GWN are {x, y, S_GWN}, and the public keys are {PK_α, α, E_P}. These keys are then securely shared through a public network channel to all the participating entities, ensuring that attackers can’t pick this public key at any stage for potential attacks.

Edge server registration phase

This phase is accomplished in the following steps:

Step 1: First, the operator selects a unique identity ID_ES for the edge server and sends it {ID_ES} to the gateway node (GWN) over a secure channel.

Step 2: The gateway node (GWN), upon receiving the {ID_ES} message, checks {ID_ES} in its reliable and secure database. If found in the record of gateway, it advises the operator to choose another identity for the edge server (ES), for not matching the identity the GWN computes K_GWN = h(ID_ES||x||y) and sends it back to the edge server (ES) over the same private channel.

Step 3: Upon receiving {K_GWN} message from the GWN, the edge server (ES) stores it in its memory for future correspondence, specifically, the computed key {K_GWN}, as shown in Fig 2.

[Figure omitted. See PDF.]

Sensing/IoT device registration phase

The sensor wearable or IoT registration, or simply user registration, is the crucial phase of the proposed protocol. This highly technical process involves a series of complex steps, demonstrating the sophistication of the system.

Step 1: The legitimate user operating the senor node/IoT device can provide a unique identity ID_SN, imprint biometrics (B_SN), and a unique password (PW_SN) through the application installed for their access. Upon entering these credentials, the device randomly picks a number r₁, computes HPW_SN = h(PW_SN||ID_SN||r₁), A_SN = H(B_SN||r₁), and transmits {ID_SN, HPW_SN, A_SN} message towards the gateway node (GWN) over a secure path, ensuring the highest level of security in the process.

Step 2: The gateway node (GWN), when receiving {ID_SN, HPW_SN, A_SN} message, confirms whether the sensor node is already registered or a new one; if the record matches with the stored record, a message will display to tell the operator for registering another IoT/sensing device which is not previously registered, if not, it computes HID_SN = h(ID_SN||x||y), C_SN = HID_SN ⊕ h(HPW_SN||A_SN), D_SN = h(ID_SN||HPW_SN||A_SN), G_SN1 = h(ID_SN||x), and G_SN2 = h(ID_SN||y). The gateway node (GWN) chooses two points in the curve, Z₁=(G_SN1, G_SN2) and Z₂=(HID_SN, HPW_SN), and calculates the sandwich (middle) points between Z₁ and Z₂ denoted by (uv₁, uv₂), which is obtained through uv₁=(Z₁ + HID_SN)/2 and uv₂=(Z₂ + HPW_SN)/2. The gateway node (GWN) computes I₁ = h(HID_SN||HPW_SN) × α, I₂=(uv₁, uv₂)+h(HID_SN||HPW_SN) ×PK_α) and stores {C_SN, D_SN, I₁, I₂, h(.), H(.)} in the memory of gateway and sends {C_SN, D_SN, I₁, I₂, h(.), H(.)} message towards the user side senor node/IoT via a secure channel.

Step 3: The user/sensor node/IoT, when receiving {C_SN, D_SN, I₁, I₂, h(.), H(.)} message, plays a crucial role in completing the registration process. By computing J_SN = r₁ ⊕ h(ID_SN||PW_SN) and storing the necessary data, as shown in Fig 3.

[Figure omitted. See PDF.]

Mutual authentication phase

All three participants must agree on a single session key, which is then used for secure communication. Such mutual authentication of all the participants requires five (5) steps described as follows:

Step 1: The operator provides a legal identity (ID_SN) issued to them by the authorities, a password (PW_SN) that they have set for themselves, and imprints biometrics (B_SN) that were already generated to the system during the registration phase, and computes r₁ = J_SN ⊕ h(ID_SN||PW_SN), A_SN = h(B_SN||r₁), HPW_SN = h(ID_SN||PW_SN||r₁)

D_SN^* = h(ID_SN||HPW_SN||A_SN), confirms D_SN? = D_SN^*; if it doesn’t match, the system discarded and considers a potential reply attack; otherwise, the system computes HID_SN = C_SN ⊕ h(HPW_SN||A_SN), extracted a nonce N_SN, and note the time T, calculates E₁ = N_SN×α, E₂=(HID_SN, HPW_SN)+N_SN × PK_α, E₃ = N_SN ⊕ h(HPW_SN||uv₁||I₁), E₄ = h(HID_SN||N_SN||uv₂||I₂||T), and sends {E₁, E₂, E₃, E₄, T} message towards the gateway node (GWN), a critical component, over an open channel.

Step 2: The gateway node (GWN), upon receiving {E₁, E₂, E₃, E₄, T} message, verifies the timestamp through a matching algorithm by calculating the received timestamp from the current time T_c-T≤∆T if it doesn’t validate for the pre-defined time-threshold, should be considered an outdated message and a potential man-in-the-middle attack, the process is terminated and denies message is displayed. While for successful verification of the time, the GWN recovers ID_SN, HPW_SN from E₂ utilizing the private key of gateway d_GWN (ID_SN, HPW_SN)=E₂-d_GWN × E₁, calculates HID_SN = h(ID_SN||x||y), I₁ = h(ID_SN||x), I₂ = h(ID_SN||y), E₁=(uv₁, uv₂)=((HID_SN + I₁)/2, (HPW_SN + I₂)/2), N_SN = E₃ ⊕ h(HPW_SN||uv₁||I₁), E₄^* = h(HID_SN||N_SN||uv₂||I₂||T), and verifies E₄^*? = E₄, if it doesn’t verify, again the process stops and terminated for potential MIT, DoS or replay attacks, however, if found valid, the gateway node (GWN) generates a nonce N_GWN and note the present time T, calculates E₅ = K_GWN×α, E₆=(I₁, I₂)+K_GWN × PK_α, E₇=(uv₁, uv₂)+K_GWN × PK_α, E₈=(N_GWN||N_SN)⊕h(HID_SN||HPW_SN||T), E₉ = h(N_GWN||N_SN||T||I₁||uv₁||HPW_SN), and transmits {E₅, E₆, E₇, E₈, E₉, T} message to the edge server (ES) over an insecure (wireless) channel.

Step 3: The edge server (ES), upon receiving {E₅, E₆, E₇, E₈, E₉, T} message, again verifies the timestamp through a matching algorithm by calculating the received timestamp from the current time T_c-T≤∆T; if it doesn’t verify, the ES considered the received message an outdated one, the process become terminated and deny message will be displayed, however, for successful verification of the time, the edge server (ES) calculates (I₁, I₂)=E₆-K_GWN × E₅, (uv₁, uv₂)=E₇-K_GWN × E₅, HID_SN = 2 × uv₁–I₁, HPW_SN = 2 × uv₂–I₂, (N_GWN||N_SN)=E₈ ⊕ h(HID_SN||HPW_SN||T), E₉^* = h(N_GWN||N_SN||T||I₁||uv₁||HPW_SN), confirms E₉^*? = E₉, if doesn’t confirm, the process terminated, the message discarded and deny message displayed, however, for successful validation of E9*? = E9, the edge server (ES) also generates a nonce N_ES, records the present timestamp T, calculates E₁₀=(N_ES||N_GWN)⊕h(HPW_SN||N_SN), E₁₁=((HID_SN + uv₁)/2, (HPW_SN + uv₂)/2), L₂=(HID_SN ⊕ T||HPW_HC), C_SN = HID_SN ⊕ h(HPW_SN||A_SN) and sends {E₁₀, E₁₁, L₂, C_SN, T} message back to the Gateway node GWN over a wireless channel.

Step 4: The GWN, when receiving E₁₀, E₁₁, L₂, C_SN, T} message, again verify the timestamp through a matching algorithm by calculating the received timestamp from the current time T_c-T≤∆T if it doesn’t qualify for the pre-defined time-threshold, the GWN considered it a potential MITM attack, the process is terminated and denies message displayed, however, for successful verification of the timestamp, the GWN calculates HID_SN = 2 × uv₁-I₁, HPW_SN = 2 × uv₂–I₂, C_SN = HID_SN ⊕ h(HPW_SN||A_SN), L₂^*=(HID_SN ⊕ T||HPW_SN), again verifies L₂^*? = L₂; if doesn’t, discarded and terminate the process, but for successful validity, the GWN note the present time T and transmits {E₁₀, β, T} message to the user/senor/IoT/mobile-device over a public channel.

Step 5: The user/senor/IoT/mobile device, upon receiving {E₁₀, β, T} message, is tasked with a complex process. They verify the timestamp through a matching algorithm by calculating the received timestamp from the current time T_c-T≤∆T. If the verification fails, the process is terminated. However, for successful verification of the timestamp, the user side also confirms w₁, w₂ from L₂^*=(HID_SN ⊕ T||HPW_SN) and E₁₁=((HID_SN + uv₁)/2, (HPW_SN + uv₂)/2), generates two lines in the curve, S₁ and S₂, where S₁ intersect (I₁, I₂), (uv₁, uv₂) and S₂ intersect w₁ and w₂. If the intersection of S₁ and S₂ is S₃ and becomes equal to w2, it signifies that the participants are successfully matched. This process, with its intricate details, computes the session key SK = h(HID_SN||HPW_SN||N_SN||N_GWN||N_ES) and E₁₂ = h(SK||uv₁||I₁) and sends {E₁₂} to both gateway node (GWN) and edge server (ES). There, they both note and calculate SK = h(HID_SN||HPW_SN||N_SN||N_GWN||N_ES), E₁₂^* = h(SK||uv₁||I₁), confirmed E₁₂^* = E₁₂ and keep SK as session secret key, as shown in Fig 4.

[Figure omitted. See PDF.]

Analysis and discussions

This section presents the security analysis formally through real or random (RoR) model [65] and informally through realistic discussion while the performance analysis of the proposed protocol can be tackled through measuring storage, communication and computation costs. These are explained one by one as follows:

Formal security analysis

Suppose ƿ means the protocol/partnering/participants, Ʀ is the responder, i is the i^th instance of SN, j is the j^th instance of GWN, and k is the k^th instance of the ES. And let the adversary ?? persistently run different queries on the oracle with the help of challenger ℂ, demonstrating their determination to break the protocol. The ?? action while running the different queries is discussed as follows:

a: Send(), Send(), and Send(): In these instances, the challenger ℂ executes the different instances (i^th, j^th, and k^th) along with a message M. The results obtained by ℂ are then shared with ??.

b: Hash(), Hash(), and Hash(): The challenger ℂ plays a crucial role in maintaining a list of tuples, initially storing L_K as empty in its memory at the first stage, and later, (M, O). When ℂ retrieves a value from L_K and compares it with the list using the oracle, it obtains a value, says O, which it then shares with ??.

c: Login(), Login(), Login(): This query is executed by the adversary ?? by launching an eavesdropping attack on ƿ including SN, GWN and ES participants.

d: Corrupt(), Corrupt(), Corrupt(): ?? launching a forgery attack on ƿ by stealing secrets from the memory of the GWN.

e: Reveal(, Reveal(, Reveal(: ?? disclosing the SK computed by ƿ containing SN, GWN and ES.

f: Test(, Test(, Test(: In these tests, ℂ desires to check some specific parameters d_ES (secret key) called λ^∊ in the SK and sends to ??. The secret key is a crucial element in the protocol, and its compromise could lead to a breach of security. However, ?? doesn’t know whether the secret key is authentic or not; for making the exact decision regarding the secret key, ?? flips a coin; if the value they get is 1 means ?? win the value ℂ return is d_ES (secret key), and if get 0, means ?? doesn’t succeed for d_ES (secret value), but it is also a chance with ?? not to get anything ⟘ means “null”.

g: Semantic Security: Suppose ?? runs the Test(.) query on ƿ by polynomial times attempts t. According to the birthday paradox [66], multi-collision of hash queries includes q_E (execute query), q_S (send query), and q_H (hash query). If ?? desires to launch a hash collision attack on it, then the advantage with ?? for breaking ƿ in polynomial times attempts t is expressed mathematically as under:

(1)

Suppose L_h is a list of many of the same images of the hash function, and when ?? obtained any output, it matches with the list while the average length of hash codes in bits is . The adversary ?? is now trying to break the semantic security of the ƿ in the following steps:

Step 1: In this step, ?? launches an active attack on ƿ; to do so, ?? has winning chances that can be expressed mathematically as follows:

(2)

Step 2: In this step, ?? hack ƿ and compute SK; the winning chances with ?? in doing so can be expressed mathematically as follows:

(3)

Step 3: in this step, ?? has the potential to try to crack the publically transmitted key of ƿ; the advantage with ?? in winning the cracking key polynomial times attempt (t) can mathematically be represented as:

(4)

Step 4: The ?? launches a hash collision attack created in ƿ; the mathematical representation of the winning chances with ?? in the hash collision attack is:

(5)

and

(6)

From eq: (1–6), we get

(7)(8)

ProVerif validation

The verification process, which rigorously checks for correctness, robustness, and random numbers cross-verification, involved simulating the proposed protocol using the esteemed software verification toolkit ProVerif [67]. The summary of the results after execution demonstrated that the attacker couldn’t breach the session secret key SK at any stage. The result summary also confirms that the confidentiality and the secure exchange of the SK among all the participants are key highlights and correct. This secure exchange of the session key should instil confidence in the security and correctness of the proposed protocol and the secure cross-synchronization of random numbers among the participants, as shown below:

---------------------------------------------------------

Verification summary

Query inj-event(endSN(IDSN)) ==> injevent(startSN(IDSN)) is true.

Query inj-event(endGWN(IDGWN)) ==> inj-event(startGWN(IDGWN)) is true.

Query inj-event(endES(IDES)) ==> inj-event(startES(IDES)) is true.

Query not attacker(SK[]) is true.

---------------------------------------------------------

Informal security analysis

The pragmatic discussions regarding well-known attacks for the proposed protocol are now presented in this section of the article as follows:

Resists replay attack.

Suppose ?? is retransmitting an irrelevant message towards the system using the proposed protocol or tries to intercept the open channel interactively. We have set timestamp check T_c-T≤∆T at each round trip of the protocol, which strongly prohibits the adversary from launching a replay attack. Also, the proposed protocol, fortified with a 160-bit long ECC key, 60-bit random numbers, secret keys, curve points, and unique identities, is designed to prevent such attacks. The message, a random number in ciphertext format, is critical in the computation and verification process, underscoring its importance. In this context, the authentication phase also consisted of D_SN? = D_SN^*, E₅ = K_GWN×α, and L₂^*? = L₂ checks, a key factor in ensuring an attacker cannot launch a replay attack. Therefore, the proposed protocol is resisting a replay attack.

Withstands impersonation attack.

The proposed protocol is designed to withstand impersonation attacks; if ?? impersonates as a legal user, they have to generate exact biometrics B_SN, password PW_SN and identity ID_SN and use the information in the transmitted message like ECC-key PK_α, and random nonce N_SN to interaction the other participant which of course they cannot succeed.

Resists man-in-the-middle attack.

If ?? intercepts the communication line and copies the first message {E₁, E₂, E₃, E₄, T} of the protocol, and ?? desires to find out something useful using for later on showing their self as a legitimate user, they have to passes from several computation steps like E₁ = N_SN×α, E₂=(HID_SN, HPW_SN)⊕N_SN × PK_α, E₃ = N_SN ⊕ h(HPW_SN||uv₁||I₁), and E₄ = h(HID_SN||N_SN||uv₂||I₂||T), which of course cannot calculate the hash code, long public key, and other credentials. Therefore, the proposed ECC-based authentication protocol is designed to resist man-in-the-middle attacks.

Resists traceability attack.

The proposed method ensures an attacker cannot follow any legal participant session due to interactive data, i.e., {E₅, E₆, E₇, E₈, E₉, T} sent between the GWN and the edge-server. Suppose ?? tries to trace out the sensor, wearables or any IoT device. In that case, ?? has to pass from these computation steps r₁ = J_SN ⊕ h(ID_SN||PW_SN), A_SN = h(B_SN||r₁), HPW_SN = h(ID_SN||PW_SN||r₁), D_SN^* = h(ID_SN||HPW_SN||A_SN) and HID_SN = C_SN ⊕ h(HPW_SN||A_SN) which is not possible for ?? to do, because the messages communicated are built from numerous credentials utilize distinct random integers for every new session. The authorized IoT uses r₁, N_SN and PK_α, and the gateway uses r₂, N_GWN and d_GWN to update all the associated parameters like identities, password and biometrics that ensure the utilization of numerous credentials for SK computation for different sessions. Ultimately, the IoT/sensor devices hide the sensor’s identity during many visits following a single authentication using the gateway’s identification and the current timestamp. According to the communication messages, ?? cannot track down any participant in the proposed protocol.

Offers perfect forward & backward secrecy.

Even if ?? knows the system’s long-term shared key, still ?? cannot calculate the session key because SK is fully dependent on ECC key, identities, and random numbers, which is different in each session. The ?? faces complications because of the requirement for secret shares to calculate SK; however, generating the new random numbers for every session adds another layer of security, making it difficult to decipher the session key SK of earlier or later sessions. ?? only hope to determine the current session key or recreate the prior ones, which requires high proficiency in messaging.

Comparative analysis (Security Functionalities)

When comparing the proposed protocol with state-of-the-art schemes regarding security functionalities, the results demonstrate that the proposed protocol offers comprehensive security coverage. It resists all known threats and incorporates the mentioned security functionalities, as shown in Table 2.

[Figure omitted. See PDF.]

In contrast, the scheme presented by Alghamdi et al. [68] is not safe against MITM, and replay attacks, Algarni et al. [69] is not secure against impersonation and replay attacks, Jan et al. [70] is not offering perfect forward and backward secrecy, Irshad et al. [71] lacks the anonymity and is vulnerable to a traceability attack, and Ghani et al. [72] has a backward secrecy issue. The proposed protocol, on the other hand, is a robust solution, resisting replay, impersonation, MITM, and traceability attacks, and offering perfect forward and backward secrecy.

Performance analysis

The significant features of the proposed protocol can be measured by considering storage overheads, communication, and computation costs. It is worth mentioning that the proposed protocol has been integrated into the highly reputable MIRACL Crypto SDK [https://miracl.com/]. This cloud-based platform is renowned for its password-less, multi-factor authentication capabilities and is widely used across various works, including [68,69,72,76]. The execution time taken by different cryptographic operations is demonstrated in bullets.

* Hash Cryptographic Function (TH) ≈ 0.149 ms

* ECC Point multiplication (TX) ≈ 0.35 ms

* ECC point addition (T+) ≈ 0.78 ms

The cost of the remaining cryptographic operations is too small, equal to zero, and should be neglected.

.

Computation costs.

The computation costs are the cryptographic operations in the protocol’s authentication phase. Suppose T_H denotes hash cryptographic operations in the authentication phase, point multiplication is T_X, and point addition is T₊; xor and concatenation are too small, so we neglect them. Then, the computation costs of the proposed protocol are 22T_H + 12 T_X + 17T₊. According to [73], the hash function requires 0.149 ms time to execute, ECC point multiplication is 0.35 ms, ECC point addition is 0.78 ms. By putting these values in the computation cost, i.e., 22T_H + 12 T_X + 17T₊ = 22(0.149) + 12 (0.35) + 17(0.78) = 3.28 + 4.2 + 13.26 = 20.74 ms, as plotted in Fig 5.

[Figure omitted. See PDF.]

Storage overheads.

The credentials stored during the registration phase of the protocol are the storage costs. In this regard, SN/IoT device stores {ID_SN, B_SN, PW_SN} = 64 + 512 + 56 = 632 bits, GWN stores {x, y, S_GWN}, {PK_α, α, E_P}, {ID_ES}, {K_GWN}, and {C_SN, D_SN, I₁, I₂, h(.), H(.)} = 32 + 32 + 64 + 160 + 32 + 160 + 64 + 160 + 256 + 256 + 256 + 256 = 1568 bits, and the ES stores {C_SN, D_SN, J_SN, I₁, I₂, PK_α, α} = 256 + 256 + 256 + 256 + 160 + 60 = 1244 bits. By summing up the storage cost of SN, GWN and ES, i.e., 632 + 1568 + 1244 = 3444 bits; therefore, the storage costs of the proposed protocol is 3444 bits as plotted diagrammatically in Fig 6.

[Figure omitted. See PDF.]

Communication costs.

Exchanging messages among the participants in the authentication phase means communication costs. In this regard, the message communicated between SN and GWN is {E₁, E₂, E₃, E₄, T}, GWN and ES is {E₅, E₆, E₇, E₈, E₉, T}, ES and GWN is {E₁₀, E₁₁, L₂, C_SN, T} and GWN towards SN is {E₁₀, β, T}. Again, according to [73], the hash image is 256 bits, the random number is 32 bits, the key is 160 bits, and the timestamp is 26 bits. The communications costs are counted as shown in Table 3 and plotted in Fig 7.

[Figure omitted. See PDF.]

[Figure omitted. See PDF.]

Comparative analysis performance metrics.

When comparing the proposed protocol with Mohit et al. [74], Zhou et al. [75], Alzahrani et al. [76], Deebak et al. [77], Krishnasrija et al. [78], Chandrakar et al. [79], and Jia et al. [80], the proposed scheme is outperformed better, as shown in Table 4. The communication cost of Mohit et al. [74] is 5312 bits, and the computation cost is 208.6 ms. This means the proposed protocol is 33.20% better in communication cost and 90.05% in computation cost. The communication cost of Zhou et al. [75] is 5856 bits, and the computation cost is 111.35 ms. This means the proposed protocol is 39.41% better in communication cost and 81.37% in computation cost. The scheme proposed by Alzahrani et al. [76] has a cost of 4320 bits, and computation is 21.71 ms, which means the proposed protocol is 17.87% better in communication and 4.46% in computation cost. Deebak et al. [77] have a communication cost of 7648 bits and a computation cost of 120.87 bits, which means the proposed protocol, is 53.60% better in communication and 82.74% better in computation cost. Overall, the proposed protocol demonstrates its superiority by outperforming all its competitors, as shown in Table 4, and depicted in Fig 8.

[Figure omitted. See PDF.]

[Figure omitted. See PDF.]

Conclusion

Securing the edge IoT ecosystem is a critical task, given the unique challenges posed by decentralized data processing and the vulnerabilities of edge servers. A comprehensive approach is needed to address these security concerns effectively. Therefore, this article presents an authentication protocol that utilizes elliptic curve cryptography (ECC), SHA2, and XOR operations. The scheme offers dynamic key computation that strongly resists various attacks, making it suitable for resource-constrained IoT devices. However, it’s crucial to balance security and performance to ensure sustainable operations, which the proposed protocol has, due to random checks in different protocol round trips while maintaining data security and privacy. This balance underscores the urgent need for adaptive security measures in edge environments. The protocol’s robustness has been confirmed through the ROR model, ProVerif simulation, and pragmatic discussion, while the performance metrics have been measured by considering storage, computation, and communication costs. The results from the different analysis sections demonstrated that the proposed protocol is lightweight, robust, and easily implemented for the edge-IoT ecosystem. The same protocol will be used in the future, but the key should be exchanged through modern cryptographic techniques involving AI, ML, and quantum computing; also plan to simulate the security through the Scyther toolkit to fortify the Edge-IoT ecosystem against evolving threats.

Acknowledgments

The authors extend their appreciation to the Deputyship for Research & Innovation, Ministry of Education in Saudi Arabia for funding this research work through the project number MoE-IF-UJ-R2-22-04100412-1.

References

1. 1. Shen S, Zhang K, Zhou Y, Ci S. Security in edge-assisted Internet of Things: challenges and solutions. Sci China Inf Sci. 2020;63(12).

* View Article

* Google Scholar

2. 2. Souza P, Ferreto T, Calheiros R. Maintenance Operations on Cloud, Edge, and IoT Environments: Taxonomy, Survey, and Research Challenges. ACM Computing Surveys. 2024; 56(10):1–38.

* View Article

* Google Scholar

3. 3. Zhang J, Chen B, Zhao Y, Cheng X, Hu F. Data Security and Privacy-Preserving in Edge Computing Paradigm: Survey and Open Issues. IEEE Access. 2018;6:18209–37.

* View Article

* Google Scholar

4. 4. Wang K, Song M, Bian G, Shao B, Huang K. A Lightweight Identity-Based Network Coding Scheme for Internet of Medical Things. Electronics. 2024;13(7):1316.

* View Article

* Google Scholar

5. 5. Mahadevappa P, Al-amri R, Alkawsi G, Alkahtani A, Alghenaim M, Alsamman M. Analyzing Threats and Attacks in Edge Data Analytics within IoT Environments. IoT. 2024;5(1):123–54.

* View Article

* Google Scholar

6. 6. Wang T, Bhuiyan MZA, Wang G, Qi L, Wu J, Hayajneh T. Preserving Balance Between Privacy and Data Integrity in Edge-Assisted Internet of Things. IEEE Internet Things J. 2020;7(4):2679–89.

* View Article

* Google Scholar

7. 7. Ranaweera P, Jurcut AD, Liyanage M. Survey on Multi-Access Edge Computing Security and Privacy. IEEE Commun Surv Tutorials. 2021;23(2):1078–124.

* View Article

* Google Scholar

8. 8. Singh A, Chatterjee K. Edge computing based secure health monitoring framework for electronic healthcare system. Cluster Comput. 2023;26(2):1205–20. pmid:36091662

* View Article

* PubMed/NCBI

* Google Scholar

9. 9. Alwakeel AM. An Overview of Fog Computing and Edge Computing Security and Privacy Issues. Sensors (Basel). 2021;21(24):8226. pmid:34960320

* View Article

* PubMed/NCBI

* Google Scholar

10. 10. Younas MI, Iqbal MJ, Aziz A, Sodhro AH. Toward QoS Monitoring in IoT Edge Devices Driven Healthcare-A Systematic Literature Review. Sensors (Basel). 2023;23(21):8885. pmid:37960584

* View Article

* PubMed/NCBI

* Google Scholar

11. 11. Singh A, Chatterjee K. Securing smart healthcare system with edge computing. Computers & Security. 2021;108:102353.

* View Article

* Google Scholar

12. 12. Rafique W, Qi L, Yaqoob I, Imran M, Rasool RU, Dou W. Complementing IoT Services Through Software Defined Networking and Edge Computing: A Comprehensive Survey. IEEE Commun Surv Tutorials. 2020;22(3):1761–804.

* View Article

* Google Scholar

13. 13. Pathak A, Al-Anbagi I, Hamilton HJ. Blockchain-enhanced Zero Knowledge Proof-based Privacy-preserving Mutual Authentication for IoT Networks. IEEE Access. 2024.

* View Article

* Google Scholar

14. 14. Li S, Iqbal M, Saxena N. Future industry internet of things with zero-trust security. Information Systems Frontiers. 2022:1–14.

* View Article

* Google Scholar

15. 15. Atlam HF, Wills GB. An efficient security risk estimation technique for Risk-based access control model for IoT. Internet of Things. 2019;6:100052.

* View Article

* Google Scholar

16. 16. Samaniego M, Deters R. Zero-trust hierarchical management in IoT. In: 2018 IEEE International Congress on Internet of Things (ICIOT). IEEE; 2018. p. 88–95.

17. 17. Amouri A, Alaparthy VT, Morgera SD. A Machine Learning Based Intrusion Detection System for Mobile Internet of Things. Sensors (Basel). 2020;20(2):461. pmid:31947567

* View Article

* PubMed/NCBI

* Google Scholar

18. 18. Liu H, Han D, Li D. Fabric-iot: A Blockchain-Based Access Control System in IoT. IEEE Access. 2020;8:18207–18.

* View Article

* Google Scholar

19. 19. Ometov A, Petrov V, Bezzateev S, Andreev S, Koucheryavy Y, Gerla M. Challenges of Multi-Factor Authentication for Securing Advanced IoT Applications. IEEE Network. 2019;33(2):82–8.

* View Article

* Google Scholar

20. 20. Nakkar M, AlTawy R, Youssef A. Lightweight Authentication and Key Agreement Protocol for Edge Computing Applications. 2021 IEEE 7th World Forum on Internet of Things (WF-IoT). 2021:415–20.

* View Article

* Google Scholar

21. 21. Liu K, Guan J, Hu X, Zhang J, Liu J, Zhang H. AEAKA: An Adaptive and Efficient Authentication and Key Agreement Scheme for IoT in Cloud-Edge-Device Collaborative Environments. arXiv preprint arXiv:2411.09231. 2024 Nov 14.

* View Article

* Google Scholar

22. 22. Jan SU, Ghani A, Alzahrani A, Tariq MU, Algarni F, Naqvi HA. SKALP: Secure key agreement and lightweight protocol for dew‐assisted IoT enabled edge computing. Trans Emerging Tel Tech. 2024;35(9).

* View Article

* Google Scholar

23. 23. Zhang J, Ouda A, Abu-Rukba R. Authentication and Key Agreement Protocol in Hybrid Edge–Fog–Cloud Computing Enhanced by 5G Networks. Future Internet. 2024;16(6):209.

* View Article

* Google Scholar

24. 24. Pal S, Hitchens M, Rabehaja T, Mukhopadhyay S. Security Requirements for the Internet of Things: A Systematic Approach. Sensors (Basel). 2020;20(20):5897. pmid:33086542

* View Article

* PubMed/NCBI

* Google Scholar

25. 25. Jaiswal S, Gupta D. Security requirements for internet of things (IoT). In: Proceedings of International Conference on Communication and Networks: ComNet 2016. Springer; 2017. p. 419–27.

26. 26. Alqassem I, Svetinovic D. A taxonomy of security and privacy requirements for the Internet of Things (IoT). In: 2014 IEEE International Conference on Industrial Engineering and Engineering Management. IEEE; 2014. p. 1244–8.

27. 27. Patel K, Patel S, Scholar P. Internet of things-IOT: definition, characteristics, architecture, enabling technologies, application & future challenges. International journal of engineering science and computing. 2016;6(5).

* View Article

* Google Scholar

28. 28. Gomathi RM, Krishna GHS, Brumancia E, Dhas YM. A survey on IoT technologies, evolution and architecture. In: 2018 International Conference on Computer, Communication, and Signal Processing (ICCCSP). IEEE; 2018. p. 1–5.

29. 29. Zhaofeng M, Xiaochang W, Jain DK, Khan H, Hongmin G, Zhen W. A blockchain-based trusted data management scheme in edge computing. IEEE Transactions on Industrial Informatics. 2019 Aug 6;16(3):2013–21.

* View Article

* Google Scholar

30. 30. Sharma N, Shamkuwar M, Singh I. The history, present and future with IoT. Internet of things and big data analytics for smart generation. 2019. p. 27–51.

31. 31. Hussain S, Afzaal R, Batool SA. Lightweight Message Authentication Protocol for Low-Resource IoT Devices. International Journal of Emerging Engineering and Technology. 2023;2(1):35–45.

* View Article

* Google Scholar

32. 32. Worlu C, Jamal AA, Mahiddin NA. Wireless sensor networks, internet of things, and their challenges. International Journal of Innovative Technology and Exploring Engineering. 2019;8(12S2):556–66.

* View Article

* Google Scholar

33. 33. Ojo MO, Giordano S, Procissi G, Seitanidis IN. A Review of Low-End, Middle-End, and High-End Iot Devices. IEEE Access. 2018;6:70528–54.

* View Article

* Google Scholar

34. 34. Singh S, Sharma PK, Moon SY, Park JH. Advanced lightweight encryption algorithms for IoT devices: survey, challenges and solutions. Journal of Ambient Intelligence and Humanized Computing. 2024:1–18.

* View Article

* Google Scholar

35. 35. Dubrova E, N̈aslund M, Selander G. CRC-based message authentication for 5G mobile technology. In: 2015 IEEE Trustcom/BigDataSE/ISPA. vol. 1. IEEE; 2015. p. 1186–91.

36. 36. He D, Wang D. Robust Biometrics-Based Authentication Scheme for Multiserver Environment. IEEE Systems Journal. 2015;9(3):816–23.

* View Article

* Google Scholar

37. 37. Shim K-A. Universal Forgery Attacks on Remote Authentication Schemes for Wireless Body Area Networks Based on Internet of Things. IEEE Internet Things J. 2019;6(5):9211–2.

* View Article

* Google Scholar

38. 38. Keoh SL, Lupu E, Sloman M. Securing body sensor networks: Sensor association and key management. In: 2009 IEEE International Conference on Pervasive Computing and Communications. IEEE; 2009. p. 1–6.

39. 39. Shen J, Gui Z, Ji S, Shen J, Tan H, Tang Y. Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks. Journal of Network and Computer Applications. 2018;106:117–23.

* View Article

* Google Scholar

40. 40. Kodali RK, Swamy G, Lakshmi B. An implementation of IoT for healthcare. In: 2015 IEEE Recent Advances in Intelligent Computational Systems (RAICS). IEEE; 2015. p. 411–6.

41. 41. Yenuganti N. Authentication in wireless body area networks (WBAN). University of South Florida. 2016. p. 1–42.

42. 42. Simmons GJ. Symmetric and Asymmetric Encryption. ACM Comput Surv. 1979;11(4):305–30.

* View Article

* Google Scholar

43. 43. Krawczyk H, Bellare M, Canetti R. RFC2104: HMAC: Keyed-hashing for message authentication; 1997.

44. 44. Noh J, Jeon S, Cho S. Distributed Blockchain-Based Message Authentication Scheme for Connected Vehicles. Electronics. 2020;9(1):74.

* View Article

* Google Scholar

45. 45. Liu L, Wang Y, Zhang J, Yang Q. A Secure and Efficient Group Key Agreement Scheme for VANET. Sensors (Basel). 2019;19(3):482. pmid:30682844

* View Article

* PubMed/NCBI

* Google Scholar

46. 46. Wang M, Liu D, Zhu L, Xu Y, Wang F. LESPP: lightweight and efficient strong privacy preserving authentication scheme for secure VANET communication. Computing. 2014;98(7):685–708.

* View Article

* Google Scholar

47. 47. Almulhim M, Islam N, Zaman N. A lightweight and secure authentication scheme for IoT based e-health applications. International Journal of Computer Science and Network Security. 2019;19(1):107–20.

* View Article

* Google Scholar

48. 48. Yu Y, Tao S, Dubrova E. Comparison of CRC and KECCAK Based Message Authentication for Resource-Constrained Devices. In: 2018 16th IEEE International New Circuits and Systems Conference (NEWCAS). IEEE; 2018. p. 217–20.

49. 49. Kar J, Naik K, Abdelkader T. A Secure and Lightweight Protocol for Message Authentication in Wireless Sensor Networks. IEEE Systems Journal. 2021;15(3):3808–19.

* View Article

* Google Scholar

50. 50. Jagtap RR, Paradeshi S. CRC method in SDN networks. In: AIP Conference Proceedings. vol. 2717. AIP Publishing; 2023. p. 25–40.

51. 51. Chen Z, Luo D, Luo Y, Wu J. A research on internet of things with CRC method. In: 2021 International Conference on Wireless Communications and Smart Grid (ICWCSG). IEEE; 2021. p. 138–42.

52. 52. Tan SF, Samsudin A. Recent Technologies, Security Countermeasure and Ongoing Challenges of Industrial Internet of Things (IIoT): A Survey. Sensors (Basel). 2021;21(19):6647. pmid:34640967

* View Article

* PubMed/NCBI

* Google Scholar

53. 53. Karati A, Islam SH, Karuppiah M. Provably Secure and Lightweight Certificateless Signature Scheme for IIoT Environments. IEEE Trans Ind Inf. 2018;14(8):3701–11.

* View Article

* Google Scholar

54. 54. Zhang B, Zhu T, Hu C, Zhao C. Cryptanalysis of a Lightweight Certificateless Signature Scheme for IIOT Environments. IEEE Access. 2018;6:73885–94.

* View Article

* Google Scholar

55. 55. Zhang Y, Deng RH, Zheng D, Li J, Wu P, Cao J. Efficient and Robust Certificateless Signature for Data Crowdsensing in Cloud-Assisted Industrial IoT. IEEE Trans Ind Inf. 2019;15(9):5099–108.

* View Article

* Google Scholar

56. 56. Xiong H, Mei Q, Zhao Y. Efficient and Provably Secure Certificateless Parallel Key-Insulated Signature Without Pairing for IIoT Environments. IEEE Systems Journal. 2020;14(1):310–20.

* View Article

* Google Scholar

57. 57. Rezaeibagha F, Mu Y, Huang X, Yang W, Huang K. Fully Secure Lightweight Certificateless Signature Scheme for IIoT. IEEE Access. 2019;7:144433–43.

* View Article

* Google Scholar

58. 58. Muhammad A, Amin NU, Ullah I, Alsanad A, Hussain S, Al-Hadhrami S, et al. An efficient scheme for industrial internet of things using certificateless signature. Mathematical Problems in Engineering. 2021;2021(1):9960264.

* View Article

* Google Scholar

59. 59. Verma GK, Singh BB, Kumar N, Chamola V. CB-CAS: Certificate-Based Efficient Signature Scheme With Compact Aggregation for Industrial Internet of Things Environment. IEEE Internet Things J. 2020;7(4):2563–72.

* View Article

* Google Scholar

60. 60. Hou Y, Xiong H, Huang X, Kumari S. Certificate-Based Parallel Key-Insulated Aggregate Signature Against Fully Chosen Key Attacks for Industrial Internet of Things. IEEE Internet Things J. 2021;8(11):8935–48.

* View Article

* Google Scholar

61. 61. Hwang YW, Lee Y. A Lightweight Certificate-Based Aggregate Signature Scheme Providing Key Insulation. Computers, Materials & Continua. 2021;69(2).

* View Article

* Google Scholar

62. 62. Canetti R, Krawczyk H. Analysis of key-exchange protocols and their use for building secure channels. In: International conference on the theory and applications of cryptographic techniques. Springer; 2001. p. 453–474.

63. 63. Cervesato I. The Dolev-Yao intruder is the most powerful attacker. In: 16th Annual Symposium on Logic in Computer Science—LICS. vol. 1. Citeseer; 2001. p. 1–2.

64. 64. Jan SU, Qayum F. Mitigating the desynchronisation attack in multiserver environment. IET Communications. 2020;14(13):2210–21.

* View Article

* Google Scholar

65. 65. Dodis Y, Pointcheval D, Ruhault S, Vergniaud D, Wichs D. Security analysis of pseudo-random number generators with input:/dev/random is not robust. In: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security; 2013. p. 647–58.

66. 66. Suzuki K, Tonien D, Kurosawa K, Toyota K. Birthday paradox for multi-collisions. In: Information Security and Cryptology–ICISC 2006: 9th International Conference, Busan, Korea, November 30-December 1, 2006. Proceedings 9. Springer; 2006. p. 29–40.

67. 67. Blanchet B, Smyth B, Cheval V, Sylvestre M. ProVerif 2.00: automatic cryptographic protocol verifier, user manual and tutorial. Version from. 2018;16:05–16.

* View Article

* Google Scholar

68. 68. Alghamdi AM. Design and analysis of lightweight and robust authentication protocol for securing the resource constrained IIoT environment. PLoS One. 2025;20(2):e0318064. pmid:39913636

* View Article

* PubMed/NCBI

* Google Scholar

69. 69. Algarni F, Ullah Jan S. A lightweight and secure protocol for teleworking environment. PLoS One. 2024;19(3):e0298276. pmid:38512972

* View Article

* PubMed/NCBI

* Google Scholar

70. 70. Jan SU, Qayum F. A Robust Authentication Scheme for Client-Server Architecture With Provable Security Analysis. NCT. 2018;3(1):6.

* View Article

* Google Scholar

71. 71. Irshad A, Chaudhry SA, Ghani A, Mallah GA, Bilal M, Alzahrani BA. A low-cost privacy preserving user access in mobile edge computing framework. Computers & Electrical Engineering. 2022;98:107692.

* View Article

* Google Scholar

72. 72. Ghani A, Jan SU, Chaudhry SA, Ahmad R, Kim DH. MCDH-SLKAP: Modified Computational Diffie-Hellman based Secure and Lightweight Key Agreement Protocol for Decentralized Edge Computing Networks. IEEE Access. 2024 Sep 13.

* View Article

* Google Scholar

73. 73. Kilinc HH, Yanik T. A Survey of SIP Authentication and Key Agreement Schemes. IEEE Commun Surv Tutorials. 2014;16(2):1005–23.

* View Article

* Google Scholar

74. 74. Mohit P, Amin R, Karati A, Biswas GP, Khan MK. A Standard Mutual Authentication Protocol for Cloud Computing Based Health Care System. J Med Syst. 2017;41(4):50. pmid:28213882

* View Article

* PubMed/NCBI

* Google Scholar

75. 75. Zhou L, Li X, Yeh KH, Su C, Chiu W. Lightweight IoT-based authentication scheme in cloud computing circumstance. Future generation computer systems. 2019 Feb 1;91:244-–51.

* View Article

* Google Scholar

76. 76. Alzahrani A. Developing a Provable Secure and Cloud-Centric Authentication Protocol for the e-Healthcare System. IEEE Access. 2024;12:183665–87.

* View Article

* Google Scholar

77. 77. Deebak BD, Al-Turjman F. Smart mutual authentication protocol for cloud based medical healthcare systems using internet of medical things. IEEE Journal on Selected Areas in Communications. 2020 Sep 7;39(2):346-–60.

* View Article

* Google Scholar

78. 78. Krishnasrija R, Mandal AKr, Cortesi A. A lightweight mutual and transitive authentication mechanism for IoT network. Ad Hoc Networks. 2023;138:103003.

* View Article

* Google Scholar

79. 79. Chandrakar P, Sinha S, Ali R. Cloud-based authenticated protocol for healthcare monitoring system. J Ambient Intell Human Comput. 2019;11(8):3431–47.

* View Article

* Google Scholar

80. 80. Jia X, He D, Kumar N, Choo K-KR. Authenticated key agreement scheme for fog-driven IoT healthcare system. Wireless Netw. 2018;25(8):4737–50.

* View Article

* Google Scholar

Citation: Alzahrani N (2025) Security importance of edge-IoT ecosystem: An ECC-based authentication scheme. PLoS One 20(6): e0322131. https://doi.org/10.1371/journal.pone.0322131

About the Authors:

Naif Alzahrani

Roles: Writing – review & editing

E-mail: [email protected]

Affiliation: College of Computer Science and Engineering, University of Jeddah, Jeddah, Saudi Arabia

ORICD: https://orcid.org/0000-0002-0413-9136

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]