Ajou University repository

Correcting design flaws: An improved and cloud assisted key agreement scheme in cyber physical systems
  • Chaudhry, Shehzad Ashraf ;
  • Shon, Taeshik ;
  • Al-Turjman, Fadi ;
  • Alsharif, Mohammed H.
Citations

SCOPUS

78

Citation Export

Publication Year
2020-03-01
Publisher
Elsevier B.V.
Citation
Computer Communications, Vol.153, pp.527-537
Keyword
AnonymityAuthenticated key agreementAuthenticationCyber physical systemElliptic curve cryptographyIncorrectnessRandom oracle modelSecuritySmart meter
Mesh Keyword
AnonymityAuthenticated key agreementElliptic curve cryptographyIncorrectnessRandom Oracle modelSecurity
All Science Classification Codes (ASJC)
Computer Networks and Communications
Abstract
The on demand availability of resources in Cyber physical system (CPS) has emerged as a viable service providing platform to improve the resource usability and reducing the infrastructure costs. Nevertheless, the development recompenses can only be realized after avoiding security and privacy issues. A secure and reliable CPS can offer improved efficiency, usability and reliability along with autonomy. To secure such systems, in 2018 Challa et al. (2018) proposed a security system to extend an authenticated key agreement between a user and a cloud server via trusted authority; as an application, they also customized their system to work with autonomous smart meter and cloud server. Challa et al. then claimed the security of their proposed scheme through formal, informal and automated validations. However, this paper unveils the weaknesses of their scheme and shows that their scheme cannot facilitate in forming a session key between the user/smart meter and the cloud server. Precisely, in the presence of more than one registered users/smart meters, the latter in their scheme may never receive a response message because of a critical design error. Moreover, their scheme lacks the untraceable anonymity and the lack of request verification on cloud server side may also lead to replay and/or denial of services attack. The article then introduces an improved and secure authentication system free of correctness issues, to facilitate a key agreement between user and cloud server via trusted authority. As an application, the proposed system also works for smart meter and cloud server to reach a key agreement. Based on the hardness assumption of Elliptic Curve Decisional Diffi-Hellman Problem (ECDDHP), the formal Random oracle model proves the security of the proposed scheme. Moreover, the robustness of the scheme is explained through informal analysis. The proposed system while providing all known security features has slightly increased the computation and communication costs as compared with the scheme of Challa et al. The proposed scheme completes a cycle of authentication by exchanging 2080 bits in just 13.4066 ms.
Language
eng
URI
https://dspace.ajou.ac.kr/dev/handle/2018.oak/31155
DOI
https://doi.org/10.1016/j.comcom.2020.02.025
Fulltext

Type
Article
Show full item record

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Related Researcher

SHON, TAE SHIK Image
SHON, TAE SHIK손태식
Department of Cyber Security
Read More

Total Views & Downloads

File Download

  • There are no files associated with this item.