MSAUPL: A multi-server authentication and key agreement protocol for industrial IoT based on user privacy level

With the rapid development of the Industrial Internet of Things (IIoT), industrial control systems are characterized by increasing complexity of access users and diversity of data sources, making it crucial to implement hierarchical data transmission protocols for industrial servers based on user privacy level. However, traditional industrial systems often lack the flexibility to provide hierarchical services to access users according to their privacy level, leading to frequent incidents of data or privacy disclosure. This study addresses the need for hierarchical data services for various access users in an IIoT environment by proposing a multi-server authentication and key agreement protocol based on user privacy level (MSAUPL). To enhance the security and integrity of message transmission, a multi-factor authentication mechanism is adopted. Considering the computational and storage limitations of IIoT devices, the MSAUPL protocol primarily relies on hash functions for authentication and key agreement. Moreover, to allow access users to derive keys with lower privilege level after completing a single authentication for their privacy level, a key derivation scheme based on a directed graph is introduced. Additionally, to alleviate the storage burden on servers, a multi-level user privilege scheme based on a Merkle tree structure is proposed, enabling servers to efficiently compute different user access level. Finally, security analysis and comprehensive performance evaluation demonstrate that the MSAUPL protocol not only enhances functionality but also significantly reduces resource consumption, making it well-suited for multi-server IIoT environments.