Paper 2018/891

Breaking a Lightweight M2M Authentication Protocol for Communications in IIoT Environment

Seyed Farhad Aghili and Hamid Mala

Abstract

The concept of the Industrial Internet of Things (IIoT) can be defined as the integration of smart sensor networks and the Internet of Things (IoT). This technology can be employed in various industries such as agriculture, food processing industry, environmental monitoring, security surveillance, and so on. Generally, a smart sensor is a resource-constrained device which is responsible for gathering data from the monitored area. Machine-to-Machine (M2M) communication is one of the most important technologies to exchange information between entities in industrial areas. However, due to the insecure wireless communication channel and the smart sensor’s limitations, security and privacy concerns are the important challenges in IIoT environments. The goal of this paper is to address the security flaws of a recent M2M authentication protocol proposed for employing in IIoT including DoS, router impersonation and smart sensor traceability attacks. Moreover, we showed that an untrusted smart sensor can obtain the secret key of the router and the session key which another sensor establishes with the target router.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MAJOR revision.
Keywords
M2M communicationsIIoTAuthenticationDoS AttackTraceability AttackImpersonation attackDisclosure Attack
Contact author(s)
aghili farhad60 @ gmail com
History
2019-05-04: revised
2018-09-23: received
See all versions
Short URL
https://ia.cr/2018/891
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/891,
      author = {Seyed Farhad Aghili and Hamid Mala},
      title = {Breaking a Lightweight {M2M} Authentication Protocol for Communications in {IIoT} Environment},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/891},
      year = {2018},
      url = {https://eprint.iacr.org/2018/891}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.