Security and Privacy Analysis of Vinoth et al.’s Authenticated Key Agreement Scheme for Industrial IoT

Vinoth et al. proposed an authenticated key agreement scheme for industrial IoT (Internet of Things) applications. Vinoth et al.’s scheme aimed to protect the remote sensing data of industrial IoT devices under hostile environments. The scheme is interesting because the authorized user is allowed si...

Full description

Saved in:
Bibliographic Details
Published inSymmetry (Basel) Vol. 13; no. 10; p. 1952
Main Author Sun, Da-Zhi
Format Journal Article
LanguageEnglish
Published Basel MDPI AG 01.10.2021
Subjects
Online AccessGet full text

Cover

Loading…
More Information
Summary:Vinoth et al. proposed an authenticated key agreement scheme for industrial IoT (Internet of Things) applications. Vinoth et al.’s scheme aimed to protect the remote sensing data of industrial IoT devices under hostile environments. The scheme is interesting because the authorized user is allowed simultaneously to access the multiple IoT sensing devices. Therefore, we carefully analyzed the security and privacy implications of Vinoth et al.’s scheme. Our findings are summarized as follows. One, Vinoth et al.’s scheme failed to defeat user impersonation attacks. Second, Vinoth et al.’s scheme did not prevent IoT sensing device impersonation attacks. Third, Vinoth et al.’s scheme suffered from replay attacks. Fourth, Vinoth et al.’s scheme was vulnerable to desynchronization attacks. Fifth, Vinoth et al.’s scheme could not maintain user privacy. As a case study, our analysis results enlighten researchers and engineers on the design of robust and efficient authenticated key agreement schemes for IoT applications.
ISSN:2073-8994
2073-8994
DOI:10.3390/sym13101952