具有高效快速重连的安全增强IoT-WLAN认证协议

IF 9.2 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Mobile Computing Pub Date : 2025-03-29 DOI:10.1109/TMC.2025.3569593

Weizheng Wang;Qipeng Xie;Zhaoyang Han;Chunhua Su;Joel J. P. C. Rodrigues;Kaishun Wu

{"title":"具有高效快速重连的安全增强IoT-WLAN认证协议","authors":"Weizheng Wang;Qipeng Xie;Zhaoyang Han;Chunhua Su;Joel J. P. C. Rodrigues;Kaishun Wu","doi":"10.1109/TMC.2025.3569593","DOIUrl":null,"url":null,"abstract":"The increasing integration of Internet of Things (IoT) devices in Wireless Local Area Networks (WLANs) necessitates robust and efficient authentication mechanisms. While existing IoT authentication protocols address certain security concerns, they often fail to provide comprehensive protection against threats such as perfect forward secrecy violations, insider attacks, and key compromise impersonation, or impose significant computational and communication overhead on resource- constrained IoT systems. This paper presents a novel Extensible Authentication Protocol (EAP) based scheme for IoT-WLAN environments that addresses these security challenges while maintaining cost-effectiveness. Our approach utilizes elliptic curve cryptography and incorporates advanced features including perfect forward secrecy, strong identity protection, and explicit key confirmation. We provide a thorough security analysis using informal heuristics, formal methods (Random Oracle Model and BAN Logic), and automated verification with ProVerif. Performance evaluations demonstrate that our protocol achieves lower communication, storage, and computational costs compared to state-of-the-art solutions, with an average 79.6% reduction in computation time. A detailed comparison with existing schemes highlights the efficiency and enhanced security features of our proposed authentication mechanism for IoT-WLAN deployments.","PeriodicalId":50389,"journal":{"name":"IEEE Transactions on Mobile Computing","volume":"24 10","pages":"10085-10098"},"PeriodicalIF":9.2000,"publicationDate":"2025-03-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Secure Enhanced IoT-WLAN Authentication Protocol With Efficient Fast Reconnection\",\"authors\":\"Weizheng Wang;Qipeng Xie;Zhaoyang Han;Chunhua Su;Joel J. P. C. Rodrigues;Kaishun Wu\",\"doi\":\"10.1109/TMC.2025.3569593\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The increasing integration of Internet of Things (IoT) devices in Wireless Local Area Networks (WLANs) necessitates robust and efficient authentication mechanisms. While existing IoT authentication protocols address certain security concerns, they often fail to provide comprehensive protection against threats such as perfect forward secrecy violations, insider attacks, and key compromise impersonation, or impose significant computational and communication overhead on resource- constrained IoT systems. This paper presents a novel Extensible Authentication Protocol (EAP) based scheme for IoT-WLAN environments that addresses these security challenges while maintaining cost-effectiveness. Our approach utilizes elliptic curve cryptography and incorporates advanced features including perfect forward secrecy, strong identity protection, and explicit key confirmation. We provide a thorough security analysis using informal heuristics, formal methods (Random Oracle Model and BAN Logic), and automated verification with ProVerif. Performance evaluations demonstrate that our protocol achieves lower communication, storage, and computational costs compared to state-of-the-art solutions, with an average 79.6% reduction in computation time. A detailed comparison with existing schemes highlights the efficiency and enhanced security features of our proposed authentication mechanism for IoT-WLAN deployments.\",\"PeriodicalId\":50389,\"journal\":{\"name\":\"IEEE Transactions on Mobile Computing\",\"volume\":\"24 10\",\"pages\":\"10085-10098\"},\"PeriodicalIF\":9.2000,\"publicationDate\":\"2025-03-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Mobile Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/11017696/\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Mobile Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/11017696/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

随着无线局域网（wlan）中物联网（IoT）设备的日益集成，需要强大而高效的认证机制。虽然现有的物联网身份验证协议解决了某些安全问题，但它们通常无法提供全面的保护，以抵御诸如完美的前向保密违规、内部攻击和密钥泄露冒充等威胁，或者在资源受限的物联网系统上施加重大的计算和通信开销。本文提出了一种新的基于可扩展认证协议（EAP）的IoT-WLAN环境方案，该方案在保持成本效益的同时解决了这些安全挑战。我们的方法利用椭圆曲线加密技术，并结合了先进的特性，包括完美的前向保密、强身份保护和显式密钥确认。我们使用非正式启发式，正式方法（随机Oracle模型和BAN逻辑）以及ProVerif的自动验证提供全面的安全性分析。性能评估表明，与最先进的解决方案相比，我们的协议实现了更低的通信、存储和计算成本，计算时间平均减少了79.6%。与现有方案的详细比较突出了我们提出的IoT-WLAN部署认证机制的效率和增强的安全特性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Secure Enhanced IoT-WLAN Authentication Protocol With Efficient Fast Reconnection

The increasing integration of Internet of Things (IoT) devices in Wireless Local Area Networks (WLANs) necessitates robust and efficient authentication mechanisms. While existing IoT authentication protocols address certain security concerns, they often fail to provide comprehensive protection against threats such as perfect forward secrecy violations, insider attacks, and key compromise impersonation, or impose significant computational and communication overhead on resource- constrained IoT systems. This paper presents a novel Extensible Authentication Protocol (EAP) based scheme for IoT-WLAN environments that addresses these security challenges while maintaining cost-effectiveness. Our approach utilizes elliptic curve cryptography and incorporates advanced features including perfect forward secrecy, strong identity protection, and explicit key confirmation. We provide a thorough security analysis using informal heuristics, formal methods (Random Oracle Model and BAN Logic), and automated verification with ProVerif. Performance evaluations demonstrate that our protocol achieves lower communication, storage, and computational costs compared to state-of-the-art solutions, with an average 79.6% reduction in computation time. A detailed comparison with existing schemes highlights the efficiency and enhanced security features of our proposed authentication mechanism for IoT-WLAN deployments.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Transactions on Mobile Computing 工程技术-电信学

CiteScore

12.90

自引率

2.50%

发文量

403

审稿时长

6.6 months

期刊介绍： IEEE Transactions on Mobile Computing addresses key technical issues related to various aspects of mobile computing. This includes (a) architectures, (b) support services, (c) algorithm/protocol design and analysis, (d) mobile environments, (e) mobile communication systems, (f) applications, and (g) emerging technologies. Topics of interest span a wide range, covering aspects like mobile networks and hosts, mobility management, multimedia, operating system support, power management, online and mobile environments, security, scalability, reliability, and emerging technologies such as wearable computers, body area networks, and wireless sensor networks. The journal serves as a comprehensive platform for advancements in mobile computing research.