Key Agreement Scheme for Authorization and Authentication of WSN in IoT-5G Using Elliptic Curve Cryptography

One of the latest technologies, which permits remote control of heterogeneous networks, is IoT. IoT makes remote control possible for certain applications through the use of technologies like WSNs across heterogeneous networks [1]. Networks of sensor nodes with constrained energy as well as memory resources, which communicate with one another wirelessly, are termed WSNs; also, they support to collect and store data regarding the monitored objects’ state that enables further evaluation, which benefits stakeholders [2]. In several applications like (A) smart home, (B) smart city, (C) smart health, and (D) smart grid, 5G is becoming an active candidate. Since 5G is becoming commercially viable, IoT has become more ingrained in daily life [3]. The potential of incorporating WSNs as well as 5G in the IoT is predictable to permit IoT to offer a variety of handy services, but simultaneously, it would also lead to novel security risks [4].

Typical WSNs are subjected to various problems associated with maintenance, scalability, and vulnerability to security threats as they depend on cloud infrastructures for tackling huge gathered data. Thus, for IoT security, systems for authorization, access control, and privacy protection are important [5]. The security solutions might be traditional cyber security approaches, namely encryption, antimalware, password protection, firewall, network segmentation, or else advanced techniques [6]. Device authentication is one of the elementary security services for securing the IoT in smart cities. For offering suitable access control for those IoT devices, it verifies the IoT devices’ identity encompassed in the communication [7].

Hash function-based authentication schemes for WSNs were introduced recently. However, they were prone to impersonation attacks, smart card loss attacks, along with SK disclosure attacks [8]. Since anyone can use the public key to confirm the authenticity and integrity of a message, the existing models resolved the issue by generating a public key. However, the authentication token, which is publicly verified by deploying the sender's public key, public-key operations, is particularly computationally costly. So, some of the other existing models used the Diffie–Hellman key agreement algorithm, Chebychev chaotic map, together with ECC for building a secured user authentication as well as key agreement protocol [9, 10]. Even though the computational cost during authentication is reduced by the prevailing models, the security of the key is not concentrated, which could lead to the hacking of information. Also, the existing models could not retrieve the original data after encryption. Thus, to address these mitigations and to improve the secured data transfer, a novel framework for data security, authentication and authorization along with key agreement using PPSECC and OSMVC-DH is proposed.

The main disadvantages of the prevailing research methodologies are:

• Most of the existing research methodologies did not concentrate the data security for continuous transactions in a network at any location. The data authorization process is affected once the generated conventional keys are hacked.
• Owing to inequality in data sensing along with distance as of Base Station, each sensor node has a diverse energy consumption rate in WSNs, which causes energy disparity amongst sensor nodes in the network which in turn shortens the network lifetime.
• Existing methodologies concentrated on secure data retrieval but they failed to focus on the integrity of data and their loss.
• Existing hashing-based node authentication techniques couldn’t retrieve the original message and produced the same hash values in some cases.
• Existing Works securely transmitted data by using crypto analysis, but they failed to protect the information sent by the node to remain unreadable for unauthorized users.

The objective of this research is detailed as follows.

• To provide data security during continuous transmission in WSN, a Session Key is generated using OSMVC-DH for each transmission.
• The lifetime of the model is improved by generating an energy-efficient routing using the GEAR method and then selecting the optimal path using the TW-COA technique.
• To prevent the data integrity and loss of information, parity bits of the data are added, and then, on the receiver side, the data is reconstructed.
• To retrieve the original data and to produce different hash values, the node authentication is done using Left Shift 2’s (LS2) complement checksum method.
• The information is protected by encrypting the data using the PPSECC model.

The rest of the article is organized as follows: Section 2 provides an overview of related research pertinent to the proposed model. Section 3 elaborates on the details of our proposed technique. Section 4 presents the results of our proposed system along with a comprehensive discussion of performance metrics. Finally, Section 5 concludes the work.

In this paper, a secure authentication, authorization, along with a key agreement scheme for WSN in 5G-integrated IoT using PPSECC and OSMVC-DH are proposed. An SK is utilized along with the public and private keys in the PPSECC to enhance data security. In Figure 1, the structural design of the proposed system is modeled.

1.png

Figure 1. Structural design of the proposed system

Experimental Setup:

The performance of the proposed work depends on the sensor nodes of the WSN. The sensor nodes are chosen for efficient data transfer, and in this work, the sensor nodes in the range of (100 to 500) are taken for processing. For each node, the node Identification (ID) and Media Access Control (MAC) address are provided, and along with that, the power consumed by the node and the location of the node are also considered for this model. The dynamic nodes are chosen because the fluctuations present in the nodes of WSN can be identified by the dynamic consideration of nodes. Other parameter details included for the effective secured data transfer in WSN are as follows: the network size of 100*100 square meters, base station location of 50*50 meters, data packet size of 4000 bits, energy of 0.5 Joules and Data Aggregation Energy cost of 50 nJ/bit (nano Joules per bit) is taken for analysis. In the experiment, the input data are passed through the optimal path. Then, the data present in the path is encrypted and transferred to the receiver side.

Experiment Dataset:

The Intel Lab data dataset is taken for processing the proposed model. This dataset contains 14400 data collected from 54 sensors deployed in the Intel Berkeley Research Lab. A total of 52 attributes are available in the dataset and these attributes are used for processing. The proposed framework is explained in detail as follows.

3.1 Node registration

Primarily, the proposed methodology starts with the node registration phase. The nodes entering the network are registered using their Node ID and Media Access Control (MAC) address. The registered nodes $(\mathfrak{R})$ are expressed as,

$\mathfrak{R}=\left\{\mathfrak{R}_1, \mathfrak{R}_2, \mathfrak{R}_3, \ldots \ldots ., \mathfrak{R}_n\right\}$      (1)

Here, $\mathfrak{R}_n$ implies the n^th number of nodes.

3.2 Authenticated node connection establishment

Here, for the registered nodes $(\mathfrak{R})$, authenticated node connection establishment is performed. The proposed works consider the checksum value from the MAC address of the corresponding nodes to verify the authentication of nodes. The checksum value represents the number of bits in a transmission message. The conventional checksum is prone to hacking. Thus, the LS2 complement checksum is utilized here to enhance security. The authentication process based on the LS2 checksum is explained as follows,

• Primarily, the MAC address of the node is divided into the q number of blocks with data bits in each block.
• Next, all the $\kappa$ data blocks are added. The additional output is complemented using the 2’s complement and finally left shift is performed.
• The computed output is the LS2 checksum value of the corresponding node. Likewise, the checksum values are computed for the nodes $\mathfrak{R}$.
• The LS2 checksum value is integrated and transmitted to the receiver node to perform authenticated node connection establishment.
• The received value is divided into the $\kappa$ number of blocks on the receiver node.

The divided data blocks along with the LS2 checksum value of the receiver node are added and the output is complemented using 2’s compliment and left shift.

If the obtained result is 0, then there is no error and the connection between the nodes is established.

If the obtained result is not 0, the node is declined.

In the end, the nodes are verified by establishing connections centered on the LS2 checksum. The authenticated nodes are denoted as $\mathfrak{R}_{\text {auth}}$.

3.3 Route creation

To perform data transmission, suitable routes between the source as well as destination node are obtained. For secure routing, the GEAR algorithm is utilized. For routing a packet to the target region, GEAR deploys energy-aware as well as geographically-informed node selection techniques. This algorithm comprises three assumptions:

1. Every packet is destined for a target region.
2. Every node is aware of its location and remaining energy. level, along with its neighbors’ location and remaining energy level.
3. The links between the nodes are bidirectional.

For transferring the packets towards the target region, GEAR selects the closest node as the next-hop when a neighbor that is closer to the destination exists. When every neighbor is farther away, the next-hop node chosen by GEAR minimizes the cost value of this neighbor.

For propagating the packet within the region, the Recursive Geographic Forwarding algorithm is used. In some cases, restricted flooding is wielded by low-density networks to prevent routing loops.

The energy-efficient neighbor is selected based on the cost estimated the estimated cost is based on the distance to the target region from a node dist$\left(\mathfrak{R}_{\text {auth }}, \mathfrak{I}\right)$ and residual energy at the node. The estimated cost est$\left(\mathfrak{R}_{\text {auth }}, \mathfrak{I}\right)$ is described as,

$\operatorname{est}\left(\Re_{\text {auth }}, \mathfrak{I}\right)=\mu \cdot \operatorname{dist}\left(\Re_{\text {auth }}, \mathfrak{I}\right)+(1-\mu) e\left(\Re_{\text {auth }}\right)$       (2)

Here, $\mathfrak{I}$ implies the target region, $\mu$ signifies the tunable weight, and $e\left(\mathfrak{R}_{\text {auth }}\right)$ denotes the consumed energy by the node. While receiving the packet, the node routes toward the destination, and in the meantime, it ensures that all of its neighbors consume the same amount of energy. This trade-off is accomplished by the nodes by reducing the learning cost. The learned cost learn$\left(\mathfrak{R}_{\text {auth }}, \mathfrak{I}\right)$ is defined as,

$\operatorname{learn}\left(\Re_{\text {auth }}, \mathfrak{S}\right)=\operatorname{learn}\left(\Re_{\text {auth }}^{\min }, \mathfrak{I}\right)+\operatorname{est}\left(\Re_{\text {auth }}, \Re_{\text {auth }}^{\min }\right)$       (3)

Here, $\mathfrak{R}_{\text {auth }}^{\min }$ implies the cost-minimized node. GEAR selects the neighbors, and the next hop node, and performs routing by minimizing the cost. Hence, the possible routes between the source and target nodes are created. The created routes are expressed as,

$H=\left\{h_1, h_2, h_3, \ldots \ldots \ldots, h_m\right\}$     (4)

Here, H implies the total number of routes created and h_m signifies the m^th number of the routes created.

3.4 Optimal path selection

After creating the routes H, by employing the TW-COA, the optimal path is selected. The Coati Optimization Algorithm (COA) is based on the hunting strategy of the coatis. The conventional COA is selected for its evident superiority in optimal path selection and it has high convergence speed. However, in the exploration phase, the coati attacked the iguana in a random manner, which led to a problem of falling into local optima. Thus, the Triangle Walk (TW) strategy that positions the iguana in search of food is introduced in the exploration phase of COA to enhance the prey search approach.

The TW-COA starts by randomly initializing the coati’s position in the search space. Here, the routes H are considered as the coati population. The initialization is expressed as,

$H_{i, j}=\ell_j+r *\left(v_j-\ell_j\right), i=1,2, \ldots, N, j=1,2, \ldots, K$      (5)

Here, $\ell_j$ and $v_j$ signifies the lower and upper bounds, r implies the random number of range [0, 1], N denotes the total number of coatis, and K delineates the number of decision variables. Now, the initialized members are identified using a population matrix, which is expressed:

$H=\left[\begin{array}{c}h_1 \\ \vdots \\ h_i \\ \vdots \\ h_N\end{array}\right]_{N \times K}=\left[\begin{array}{ccccc}h_{1,1} & \cdots & h_{1, j} & \cdots & h_{1, K} \\ \vdots & \ddots & \vdots & \ddots & \vdots \\ h_{i, 1} & \cdots & h_{i, j} & \cdots & h_{i, K} \\ \vdots & \ddots & \vdots & \ddots & \vdots \\ h_{N, 1} & \cdots & h_{N, j} & \cdots & h_{N, K}\end{array}\right]_{N \times K}$       (6)

Here, h_i  implies the i^th candidate of the population. The fitness (F) is calculated for every candidate solution and is described as,

$F(H)=\langle\min (R), \max (E)\rangle$     (7)

where, fitness is based on the minimum response time (R) and maximum energy (E). The member with the best fitness value is regarded to be the best solution. The TW-COA works under two phases explained as follows:

Hunting strategy on iguana: The coatis reach trees to attack the iguana in the hunting phase. Half of the members climb the tree and their position is described by the expression,

$H_{i, j}^{(1)}=H_{i, j}+r\left(I_j-\Lambda \cdot H_{i, j}\right), i=1,2, \ldots .,\left[\frac{N}{2}\right]$      (8)

$\Lambda=\frac{\psi}{\wp}$     (9)

Here, $H_{i, j}^{(1)}$ implies the position in the first phase, I_jsignifies the position of the iguana, $\Lambda$ delineates the triangle walk strategy, $\psi$ elucidates the angular velocity, and $\wp$ implies the tangential velocity of the path. In search of the iguana, the remaining half of the population on the ground moves in a triangular trajectory. It is expressed as,

$H_{i, j}^{(1)}= \begin{cases}H_{i, j}+r *\left(I_j-\Lambda \cdot H_{i, j}\right), & F_I<F_i ; \\ H_{i, j}+r *\left(H_{i, j}-I_j\right), & \text { else }\end{cases}$      (10)

Here, F_I implies the iguana’s fitness function. Now, the position update based on fitness in phase is explained by the following expression,

$H_i= \begin{cases}H_i^{(1)}, & F_i^{(1)}<F_i \\ H_i, & \text { else }\end{cases}$   (11)

Escaping from Predators: To escape from the predators, the coatis move to a safer position. The position of the coatis based on the escaping behavior is expressed as,

$H_{i, j}^{(2)}=H_{i, j}+(1-2 \times r) *\left(\ell_j^{\text {local }}+r \cdot\left(v_j^{\text {local }}-\ell_j^{\text {local }}\right)\right)$   (12)

$\ell_j^{\text {local }}=\frac{\ell_j}{t}, v_j^{\text {local }}=\frac{v_j}{t}, \quad t=1,2, \ldots, \tau$       (13)

Here, $H_{i, j}^{(2)}$ implies the newer position of the coatis in phase (2), $\ell_j^{\text {local }}$ and $v_j^{\text {local }}$ signifies the local lower and upper bounds, t implies the iteration counter, and $\tau$ elucidates the total number of iterations. The position update in this phase (2) is defined by the following expression,

$H_i= \begin{cases}H_i^{(2)}, & F_i^{(2)}<F_i ; \\ H_i, & \text { else }\end{cases}$     (14)

Here, $F_i^{(2)}$ implies the fitness value obtained in phase 2. Until the termination criterion is met, the steps are repeated and the position is updated. In the end, the best solution (H_opt) with the best fitness is obtained as output by the TW-COA. The procedure of TW-COA is explained in Algorithm 1.

Algorithm 1. TW-COA Technique

Hence, by using TW-COA, the optimal paths (H_opt) with maximum energy and minimum response time are selected.

3.5 Data splitting

Now, to protect the data from security breaches, the data sensed (d) from the registered nodes $(\mathfrak{R})$ are split into n number of shares. Next, each share $(\gamma)$ is given a parity bit $(\rho)$, which is a check bit added for error detection. It is implemented to verify the data accuracy and allows the target to evaluate whether the data was accurately received. The parity bit added data (P) is expressed as,

$P=\sum_{i=1}^n \gamma_i+\rho$    (15)

The parity-added data is carried out for the encryption process.

3.6 Key agreement scheme-based encryption

Here, by employing the PPSECC algorithm, the parity bit added data P is encrypted. The key-based Elliptic Curve Cryptography (ECC) is selected for data encryption since it encrypts and decrypts the data faster and satisfies high security. But, the ECC can be vulnerable to key attacks, which leads to information loss. Therefore, to mitigate this issue and enhance data security, the ECC aims to pair public and private keys along with SK for every data transmission. The SK is created using a key agreement scheme, which is explained as follows.

3.6.1 Session key creation

Here, by utilizing the OSMVC-DH technique, the SK is created. To add perfect forward secrecy to secure transmission, the conventional Diffie Hellman (DH) method that securely exchanges the key during data transfer is used. However, the DH process does not contain an encryption step, which affects data security. Thus, the Vigenere Cipher (VC) text that alters the plain text into different cipher text at the exchanging phase is used along with DH. Moreover, to avoid the repetition of the key in VC, the One Sample Median (OSM), which interprets the median value of the ciphered text for encryption is used for altering the length of the key at each transmission.

Primarily, the private keys for both sender $\left(\Phi_1^{\text {priv }}\right)$ and receiver $\left(\Phi_2^{p r i}\right)$ are chosen randomly over the curve. Public keys for both sender and receiver are calculated by considering the private keys. The public keys are generated as,

$\Phi_1^{p n b}=\Phi_1^{\text {priv }} * \bmod (\eta)$     (16)

$\Phi_2^{p u b}=\Phi_2^{p r i v} * \bmod (\eta)$      (17)

Here, $\Phi_1^{p u b}$ and $\Phi_2^{p u b}$ imply the public keys of the sender and receiver, respectively, and $\eta$ signify the point on the curve. Now, both of them exchange their public keys. The exchanged key is converted into cipher text using VC. It applies a transferring mechanism that shifts every character using the Vigenere Table, which is a matrix of 26 rows and 26 columns. The VC encryption process is defined as,

$\varsigma=\left(\Phi^{p u b}+u\right) \bmod 26$         (18)

Here, $\varsigma$ is the converted cipher and u implies the key length, which is altered by the OSM as,

$u=\frac{\Phi_1^{p u b} / v_1-\Phi_2^{p u b} / v_2}{\sqrt{z(1-z)} 1 / v_1+1 / v_2}$   (19)

Here, v₁ and v₂ implies the sample size, and z signifies the median parameter. Based on the cipher text, the SK $(\delta)$ is generated as,

$\delta=(\varsigma) \bmod (\eta)$       (20)

To increase the security of transmission, this SK is used in the encryption and decryption process of the PPSECC.

3.6.2 Data encryption

In data encryption using PPSECC, an elliptic curve is used for generating points, and the curve is defined as,

$x^3=a^3+a y+b$     (21)

Here, a, b implies integers, and x, y signifies the parameters that define the function. The sender encrypts the data with the receiver's public key and the receiver decrypts the data employing their private key. The private (ƛ_priv) and public keys (ƛ_pub) are generated to obtain encryption and decryption. The equation used to generate the public key is,

ƛ_pub = e *  ƛ_priv    (22)

Here, e implies the point on the curve. Now, the input data is encrypted. The SK $(\delta)$ is multiplied by the encryption formula during the encryption process. The encrypted data consists of two cipher texts $(\chi)$, which are defined as,

$\chi_1=(e * \sigma) * \delta$     (23)

$\chi_2=\left(P+ƛ_{p u b} * \sigma\right) * \delta$      (24)

Here, $\sigma$ implies a random number of ranges (1, n-1). On the receiver side, the data can be decrypted using the equation,

$P=\frac{\chi_2-ƛ_{\text {priv }} * \chi_1}{\delta}$      (25)

In the end, the sensed data is encrypted using PPSECC and transmitted to the receiver through the optimal paths H_opt.

3.7 Hashcode generation

Here, for the purpose of data authorization, the sensed data, the sender and receiver’s public keys, and the SK are converted into hashcodes using SC-SHA-512. Existing SHA-512 is a faster hashing technique. However, it has a collision problem. To overcome this problem, the Separate Chaining (SC) strategy is wielded in SHA-512.

Text of any length is converted into a fixed-size string by the SC-SHA-512. It works on a message in 1024-bit blocks and produces a 512-bit message. Primarily, the input is padded to a length of 896 mod 1024 and the message length is joined as a 128-bit binary number. The message is established into $n \times 1024-b i t$ blocks of data. Next, ‘8’ working variables S, T, U, V, W, X, Y, Z are initialized as 64-bit words. 80 rounds of the SC-SHA-512 compression function are performed on the first 1024-bit block data. In Figure 2, the operation involved in the compression function is shown.

2.png

Figure 2. A round of the SC-SHA-512 compression function

The compression function performs logical functions AND, XOR. A round of the compression functions is described as follows,

$\begin{gathered}\sum_0^{512}(S)=(S>>>>28)\oplus(S>>>34) \oplus(S>>>>39)\end{gathered}$   (26)

$\omega(S, T, U)=(S \wedge T) \oplus(S \wedge U) \oplus(T \wedge U)$      (27)

$\phi_{2, i}=\sum_0^{512}(S)+\omega(S, T, U)$      (28)

$\begin{gathered}\sum_1^{512}(W)=(W>>>14) \oplus(W \gg>>18) \oplus(W \gg>>41)\end{gathered}$       (29)

$\varphi(W, X, Y)=(W \wedge X) \oplus(\bar{W} \wedge Y)$       (30)

$\phi_{1, i}=Z+\sum_1^{512}(W)+\varphi(W, X, Y)+\varepsilon_i+\hbar_i$       (31)

$\left(Z_{i+1}, Y_{i+1}, X_{i+1}, W_{i+1}\right)=\left(Y_i, X_i, W_i, V_i+\phi_{1, i}\right)$       (32)

$\left(V_{i+1}, U_{i+1}, T_{i+1}, S_{i+1}\right)=\left(U_i, T_i, S_i, \phi_{1, i}+\phi_{2, i}\right)$      (33)

Here, $\omega(S, T, U)$ and $\varphi(W, X, Y)$ imply the majority and choice of the bit-wise operations, respectively, $\phi$ signifies the summation of the functions performed, the term >>>> represents the right shifting, $\varepsilon_i$ implies one among the 64-bit words, and $\hbar_i$ denotes the message schedule of 64-bit values. Each message block is passed through the message schedule, which is represented by 16 words and is expressed as,

$\hbar_i=\left\{\begin{array}{lc}\Phi_i^{p u b}+\delta_i+d_i & 0 \leq i \leq 15 \\ \left(g_{1, i}^{512}+\hbar_{i-7}+g_{0, i}^{512}+\hbar_{i-16}\right) \Omega & 16 \leq i \leq 79\end{array}\right.$          (34)

Here, $g_{0, i}^{512}$ and $g_{1, i}^{512}$ signifies hash parameters, which are computed by the following expressions,

$g_{0, i}^{512}=\left(\hbar_{i-15}>>>1\right) \oplus\left(\hbar_{i-15}>>>>\right) \oplus\left(\hbar_{i-15}>>7\right)$        (35)

$g_{1, i}^{512}=\left(\hbar_{i-2}>>>19\right) \oplus\left(\hbar_{i-2}>>>61\right) \oplus\left(\hbar_{i-2}>>6\right)$           (36)

The term $\Omega$ implies the SC strategy. Instead of utilizing a list or linked list to chain a colliding bit, this strategy uses a binary search tree. SC is defined as,

$\Omega(1+n) \rightarrow \Omega(\log n)$      (37)

By using the 512-bit output from the first round, the eight variables of the subsequent data block are now initialized. The set of eight variables is rotated word-wise in each round. After all data blocks have been completed, the eight intermediate hash values are combined to produce the final 512-bit digest. The SC-SHA-512 procedure is elucidated in Algorithm 2.

Algorithm 2. SC-SHA-512

For data and user authorization, this hashed output is sent to the receiver.

3.8 Data authentication

Then, by using PPSECC, the receiver decrypts the data. Next, the parity bits added to the data are removed from the decrypted data. Moreover, data reconstruction is performed in which the split shares are combined. The reconstructed data along with the SK and sender and receiver’s public keys are converted into hashcode and the resulting hash is verified with the hash, which is received from the sender. If both the hashs match, then the transmission is successful. If they do not match, then the data reconstruction is performed again.

Hence, the proposed key agreement scheme-based framework securely transmits the data. The proposed methodology’s efficacy is evaluated in the following section.

This paper proposed an effective architecture for secured authentication, authorization, and key agreement schemes for WSNs in 5G-integrated IoT. First, the node was registered and then authenticated using the LS2 Checksum method. The routing was done by using the GEAR model. Then, after routing, the optimal path was selected in 24754 ms with a 98.345% fitness value using TW-COA. Next, the data was encrypted in 1137 ms using the PPSECC technique. During encryption, the SK was created using the OSMVC-DH technique in 1600ms. Later, for a successful transaction, the Hashcode was generated using the SC-SHA-512 model in 310ms. The hashcode-matched data was finally decrypted in 1254ms. Thus, it is concluded that the proposed model effectively secured the data and transmitted the data successfully.