Addressing security requirements in industrial IoT: A robust three-factor authentication scheme with enhanced features

Abstract

Authentication and Key Agreement (AKA) is a critical component for ensuring access control for legitimate users in the Industrial Internet of Things (IIoT). Traditional three-factor AKA schemes rely on the user’s password, biometric data, and smart card to provide robust security. However, existing schemes often suffer from vulnerabilities, such as password guessing attacks, which can occur if either the biometric data or the smart card is compromised. Additionally, several crucial security requirements, including Perfect Forward Secrecy (PFS), user anonymity, un-traceability, and resistance to Ephemeral Secret Leakage (ESL) and node capture attacks, have remained unaddressed in prior approaches. This paper presents a comprehensive solution to these challenges by proposing an improved three-factor AKA scheme for IIoT. The scheme effectively integrates the three factors—biometric data, smart card, and password—to achieve three-factor security. These three factors include: (1) Biometric Data: The scheme uses fuzzy extractors to handle the inherent noise in biometric data while extracting consistent cryptographic keys. This ensures that even if the biometric template is compromised, the extracted key remains secure. (2) Smart Card: The smart card stores a securely hashed version of the user’s credentials and a unique identifier. It employs modular arithmetic on hash functions (e.g., SHA-256) to generate and manage session keys, ensuring lightweight yet robust security. (3) Password: The user’s password is combined with the biometric key and smart card data through a one-way hash function and modular arithmetic operations. This creates a multi-layered authentication mechanism that prevents password guessing attacks even if one factor is compromised. To address the critical security requirements, the proposed scheme employs the following techniques to realize a robust security: (i) Perfect Forward Secrecy (PFS): PFS is achieved using Elliptic Curve Diffie–Hellman (ECDH) key exchange over elliptic curves. Each session generates a unique ephemeral key pair, ensuring that even if long-term keys are compromised, past sessions remain secure. (ii) Resistance to Ephemeral Secret Leakage (ESL): The scheme incorporates key derivation functions (KDFs) and salted hashes to ensure that ephemeral secrets cannot be exploited even if leaked during a session. (iii) Resistance to Node Capture Attacks: To defend against node capture attacks, the scheme uses two sets of pseudo-identities and distributed secret sharing. The main pseudo-identity and secret key of the user are never stored in the sensor, ensuring that capturing a sensor node does not compromise the user’s credentials or the overall system. The security of the proposed scheme is rigorously analyzed using formal verification methods, including BAN logic and ProVerif, to demonstrate its resilience against known attack vectors. Experimental results show that the scheme achieves strong computational performance and minimizes communication overhead compared to existing alternatives. Furthermore, simulations on the NS-3 platform confirm its practical feasibility for IIoT environments.