Show simple item record

dc.contributor.authorChaudhry, Shehzad Ashraf
dc.contributor.authorShon, Taeshik
dc.contributor.authorAl-Turjman, Fadi
dc.contributor.authorAlsharif, Mohammed H.
dc.date.accessioned2020-05-16T23:42:18Z
dc.date.available2020-05-16T23:42:18Z
dc.date.issued2020en_US
dc.identifier.issn0140-3664
dc.identifier.issn1873-703X
dc.identifier.urihttps://hdl.handle.net/11363/2142
dc.descriptionDocument Information Language: English Accession Number: WOS:000527272900046en_US
dc.description.abstractThe on demand availability of resources in Cyber physical system (CPS) has emerged as a viable service providing platform to improve the resource usability and reducing the infrastructure costs. Nevertheless, the development recompenses can only be realized after avoiding security and privacy issues. A secure and reliable CPS can offer improved efficiency, usability and reliability along with autonomy. To secure such systems, in 2018 Challa a al. (2018) proposed a security system to extend an authenticated key agreement between a user and a cloud server via trusted authority; as an application, they also customized their system to work with autonomous smart meter and cloud server. Challa a al. then claimed the security of their proposed scheme through formal, informal and automated validations. However, this paper unveils the weaknesses of their scheme and shows that their scheme cannot facilitate in forming a session key between the user/smart meter and the cloud server. Precisely, in the presence of more than one registered users/smart meters, the latter in their scheme may never receive a response message because of a critical design error. Moreover, their scheme lacks the untraceable anonymity and the lack of request verification on cloud server side may also lead to replay and/or denial of services attack. The article then introduces an improved and secure authentication system free of correctness issues, to facilitate a key agreement between user and cloud server via trusted authority. As an application, the proposed system also works for smart meter and cloud server to reach a key agreement. Based on the hardness assumption of Elliptic Curve Decisional Diffi-Hellman Problem (ECDDHP), the formal Random oracle model proves the security of the proposed scheme. Moreover, the robustness of the scheme is explained through informal analysis. The proposed system while providing all known security features has slightly increased the computation and communication costs as compared with the scheme of Challa a al. The proposed scheme completes a cycle of authentication by exchanging 2080 bits in just 13.4066 ms.en_US
dc.language.isoengen_US
dc.publisherELSEVIER, RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDSen_US
dc.relation.isversionof10.1016/j.comcom.2020.02.025en_US
dc.rightsinfo:eu-repo/semantics/openAccessen_US
dc.rightsAttribution-NonCommercial-NoDerivs 3.0 United States*
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/3.0/us/*
dc.subjectCyber physical systemen_US
dc.subjectAuthenticationen_US
dc.subjectAnonymityen_US
dc.subjectElliptic curve cryptographyen_US
dc.subjectSecurityen_US
dc.subjectSmart meteren_US
dc.subjectAuthenticated key agreementen_US
dc.subjectIncorrectnessen_US
dc.subjectRandom oracle modelen_US
dc.subjectUSER AUTHENTICATIONen_US
dc.subjectINFORMATIONen_US
dc.subjectCHALLENGESen_US
dc.subjectmanagementen_US
dc.subjectFRAMEWORKen_US
dc.subjectPROTOCOLen_US
dc.subjectPRIVACYen_US
dc.titleCorrecting design flaws: An improved and cloud assisted key agreement scheme in cyber physical systemsen_US
dc.typearticleen_US
dc.relation.journalCOMPUTER COMMUNICATIONSen_US
dc.contributor.departmentMühendislik ve Mimarlık Fakültesien_US
dc.identifier.volume153en_US
dc.identifier.startpage527en_US
dc.identifier.endpage537en_US
dc.relation.publicationcategoryMakale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanıen_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

info:eu-repo/semantics/openAccess
Except where otherwise noted, this item's license is described as info:eu-repo/semantics/openAccess