An Improved Ultra-Lightweight Anonymous Authenticated Key Agreement Protocol for Wearable Devices

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Mobile Computing Pub Date : 2025-01-06 DOI:10.1109/TMC.2025.3526076

Xin Ai;Akhtar Badshah;Shanshan Tu;Muhammad Waqas;Iftekhar Ahmad

{"title":"An Improved Ultra-Lightweight Anonymous Authenticated Key Agreement Protocol for Wearable Devices","authors":"Xin Ai;Akhtar Badshah;Shanshan Tu;Muhammad Waqas;Iftekhar Ahmad","doi":"10.1109/TMC.2025.3526076","DOIUrl":null,"url":null,"abstract":"For wearable devices with constrained computational resources, it is typically required to offload processing tasks to more capable servers. However, this practice introduces vulnerabilities to data confidentiality and integrity due to potential malicious network attacks, unreliable servers, and insecure communication channels. A robust mechanism that ensures anonymous authentication and key agreement is therefore imperative for safeguarding the authenticity of computing entities and securing data during transmission. Recently, Guo et al. proposed an anonymous authentication key agreement and group proof protocol specifically designed for wearable devices. This protocol, benefiting from the strengths of previous research, is designed to thwart a variety of cyber threats. However, inaccuracies in their protocol lead to issues with authenticity verification, ultimately preventing the establishment of secure session keys between communication entities. To address these design flaws, an improved ultra-lightweight protocol was proposed, employing cryptographic hash functions to ensure authentication and privacy during data transmission in wearable devices. Supported by rigorous security validations and analyses, the proposed protocol significantly boosts both security and efficiency, marking a substantial advancement over prior methodologies.","PeriodicalId":50389,"journal":{"name":"IEEE Transactions on Mobile Computing","volume":"24 5","pages":"4543-4557"},"PeriodicalIF":7.7000,"publicationDate":"2025-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Mobile Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10824854/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

For wearable devices with constrained computational resources, it is typically required to offload processing tasks to more capable servers. However, this practice introduces vulnerabilities to data confidentiality and integrity due to potential malicious network attacks, unreliable servers, and insecure communication channels. A robust mechanism that ensures anonymous authentication and key agreement is therefore imperative for safeguarding the authenticity of computing entities and securing data during transmission. Recently, Guo et al. proposed an anonymous authentication key agreement and group proof protocol specifically designed for wearable devices. This protocol, benefiting from the strengths of previous research, is designed to thwart a variety of cyber threats. However, inaccuracies in their protocol lead to issues with authenticity verification, ultimately preventing the establishment of secure session keys between communication entities. To address these design flaws, an improved ultra-lightweight protocol was proposed, employing cryptographic hash functions to ensure authentication and privacy during data transmission in wearable devices. Supported by rigorous security validations and analyses, the proposed protocol significantly boosts both security and efficiency, marking a substantial advancement over prior methodologies.

查看原文本刊更多论文

一种改进的可穿戴设备超轻量匿名认证密钥协议

对于计算资源有限的可穿戴设备，通常需要将处理任务卸载到功能更强大的服务器上。然而，由于潜在的恶意网络攻击、不可靠的服务器和不安全的通信通道，这种做法引入了数据机密性和完整性的漏洞。因此，为了保证计算实体的真实性和传输过程中的数据安全，需要一种可靠的机制来确保匿名身份验证和密钥协议。最近，Guo等人提出了一种专门针对可穿戴设备的匿名认证密钥协议和组证明协议。该协议得益于先前研究的优势，旨在挫败各种网络威胁。然而，它们的协议中的不准确性导致了真实性验证的问题，最终阻碍了在通信实体之间建立安全会话密钥。为了解决这些设计缺陷，提出了一种改进的超轻量级协议，采用加密哈希函数来确保可穿戴设备数据传输过程中的身份验证和隐私。在严格的安全验证和分析的支持下，所提出的协议大大提高了安全性和效率，标志着比以前的方法有了实质性的进步。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Mobile Computing 工程技术-电信学

CiteScore

12.90

自引率

2.50%

发文量

403

审稿时长

6.6 months

期刊介绍： IEEE Transactions on Mobile Computing addresses key technical issues related to various aspects of mobile computing. This includes (a) architectures, (b) support services, (c) algorithm/protocol design and analysis, (d) mobile environments, (e) mobile communication systems, (f) applications, and (g) emerging technologies. Topics of interest span a wide range, covering aspects like mobile networks and hosts, mobility management, multimedia, operating system support, power management, online and mobile environments, security, scalability, reliability, and emerging technologies such as wearable computers, body area networks, and wireless sensor networks. The journal serves as a comprehensive platform for advancements in mobile computing research.