EBIAS: ECC-enabled blockchain-based identity authentication scheme for IoT device

Wenyue Wang; Biwei Yan; Baobao Chai; Ruiyao Shen; Anming Dong; Jiguo Yu

doi:10.1016/j.hcc.2024.100240

High-Confidence Computing ›› 2025, Vol. 5 ›› Issue (1) : 100240 DOI: 10.1016/j.hcc.2024.100240

Research Articles

research-article

EBIAS: ECC-enabled blockchain-based identity authentication scheme for IoT device

Author information +

History +

PDF (738KB)

Abstract

In the Internet of Things (IoT), a large number of devices are connected using a variety of communication technologies to ensure that they can communicate both physically and over the network. However, devices face the challenge of a single point of failure, a malicious user may forge device identity to gain access and jeopardize system security. In addition, devices collect and transmit sensitive data, and the data can be accessed or stolen by unauthorized user, leading to privacy breaches, which posed a significant risk to both the confidentiality of user information and the protection of device integrity. Therefore, in order to solve the above problems and realize the secure transmission of data, this paper proposed EBIAS, a secure and efficient blockchain-based identity authentication scheme designed for IoT devices. First, EBIAS combined the Elliptic Curve Cryptography (ECC) algorithm and the SHA-256 algorithm to achieve encrypted communication of the sensitive data. Second, EBIAS integrated blockchain to tackle the single point of failure and ensure the integrity of the sensitive data. Finally, we performed security analysis and conducted sufficient experiment. The analysis and experimental results demonstrate that EBIAS has certain improvements on security and performance compared with the previous schemes, which further proves the feasibility and effectiveness of EBIAS.

Keywords

IoT / Blockchain / ECC / Identity authentication / Security

Cite this article

Download citation ▾

Wenyue Wang, Biwei Yan, Baobao Chai, Ruiyao Shen, Anming Dong, Jiguo Yu. EBIAS: ECC-enabled blockchain-based identity authentication scheme for IoT device. High-Confidence Computing, 2025, 5(1): 100240 DOI:10.1016/j.hcc.2024.100240

登录浏览全文

4963

注册一个新账户忘记密码

CRediT authorship contribution statement

Wenyue Wang: Conceptualization, Methodology, Software, Validation, Formal analysis, Data curation, Writing-original draft. Biwei Yan: Methodology, Writing-review & editing, Supervision. Baobao Chai: Conceptualization, Formal analysis, Investigation, Supervision. Ruiyao Shen: Methodology, Formal analysis, Visualization. Anming Dong: Writing-review & editing, Supervision. Jiguo Yu: Writing-review & editing, Supervision, Project administration, Funding acquisition.

Declaration of competing interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgments

This work was supported by the National Science Foundation of China (62272256, 62202250), the Major Program of Shandong Provincial Natural Science Foundation for the Fundamental Research (ZR2022ZD03), the National Science Foundation of Shan-dong Province (ZR2021QF079), the Talent Cultivation Promotion Program of Computer Science and Technology in Qilu University of Technology (Shandong Academy of Sciences) (2023PY059), the Pilot Project for Integrated Innovation of Science, Education and Industry of Qilu University of Technology (Shandong Academy of Sciences) (2022XD001), and the Colleges and Universities 20 Terms Foundation of Jinan City (202228093).

References

Publishing order | Descend order by publishing year | Descend order by cited within

[1]	P. Zhang, C. Wang, N. Kumar, L. Liu, Space-air-ground integrated multi-domain network resource orchestration based on virtual network architecture: A DRL method, IEEE Trans. Intell. Transp. Syst. 23 (2022) 2798-2808.

[2]	T. Zhou, J. Shen, Y. Ren, S. Ji, Threshold key management scheme for blockchain-based intelligent transportation systems, Secur. Commun. Netw. 2021 (2021) 1864514:1-1864514:8.

[3]	G.S. Aujla, A. Jindal, A decoupled blockchain approach for edge-envisioned IoT-based healthcare monitoring, IEEE J. Sel. Areas Commun. 39 (2021) 491-499.

[4]	A. Jindal, G.S. Aujla, N. Kumar, M. Villari, Guardian: Blockchain-based secure demand response management in smart grid system, IEEE Trans. Serv. Comput. 13 (2020) 613-624.

[5]	H. Tyagi, R. Kumar, S.K. Pandey, A detailed study on trust management techniques for security and privacy in IoT: challenges, trends, and research directions, High-Confid. Comput. (2023) 2667-2952.

[6]	L. Hirtan, C. Dobre, C. González-Vélez, Blockchain-based reputation for intelligent transportation systems, Eur. Phys. J. B 20 (2020) 791.

[7]	P. Zhang, C. Wang, C. Jiang, A. Benslimane, Securityaware virtual network embedding algorithm based on reinforcement learning, IEEE Trans. Netw. Sci. Eng. 8 (2021) 1095-1105.

[8]	J. Yu, S. Liu, M. Xu, H. Guo, F. Zhong, W. Cheng, An efficient revocable and searchable MA-ABE scheme with blockchain assistance for C-IoT, IEEE Internet of Things J. 10 (2023) 2754-2766.

[9]	J. Yu, B. Yan, H. Qi, S. Wang, W. Cheng, An efficient and secure data sharing scheme for edge-enabled IoT, IEEE Trans. Comput. (2023).

[10]	Y. Chen, H. Chen, Y. Zhang, M. Han, M. Siddula, Z. Cai, A survey on blockchain systems: Attacks, defenses, and privacy preservation, High-Confid. Comput. 2 (2022) 2667-2952.

[11]	Q. Xie, D.S. Wong, G. Wang, X. Tan, K. Chen, L. Fang, Provably secure dynamic ID-based anonymous twofactor authenticated key exchange protocol with extended security model, IEEE Trans. Inf. Forensics Secur. 12 (2017) 1382-1392.

[12]	D. Abbasinezhad-Mood, S.M. Mazinani, M. Nikooghadam, A.O. Sharif, Efficient provably-secure dynamic ID-based authenticated key agreement scheme with enhanced security provision, IEEE Trans. Dependable Secure Comput. 19 (2022) 1227-1238.

[13]	Y. Li, Q. Cheng, X. Liu, X. Li, A secure anonymous identity-based scheme in new authentication architecture for mobile edge computing, IEEE Syst. J. 15 (2021) 935-946.

[14]	X. Jia, M. Luo, K.-K.R. Choo, L. Li, D. He, A redesigned identity-based anonymous authentication scheme for mobile edge computing, IEEE Internet Things J. 9 (2022) 10108-10120.

[15]	S. Shamshad, M.F. Ayub, K. Mahmood, M. Rana, A. Shafiq, J.J. Rodrigues, An identity-based authentication protocol for the telecare medical information system (TMIS) using a physically unclonable function, IEEE Syst. J. 16 (2022) 4831-4838.

[16]	A. Braeken, Highly efficient symmetric key based authentication and key agreement protocol using keccak, Sensors 20 (2020) 2160.

[17]	B.A. Alzahrani, S.A. Chaudhry, A. Barnawi, W. Xiao, M. Chen, A. Al-Barakati, ILAS-IoT: An improved and lightweight authentication scheme for IoT deployment, J. Ambient Intell. Humaniz. Comput. 13 (2020) 5123-5135.

[18]	S. Banerjee, et al., A provably secure and lightweight anonymous user authenticated session key exchange scheme for Internet of Things deployment, IEEE Internet Things J. 6 (2019) 8739-8752.

[19]	A. Ghani, K. Mansoor, S. Mehmood, S.A. Chaudhry, A.U. Rahman, M.N. Saqib, Security and key management in IoT-based wireless sensor networks: An authentication protocol using symmetric key, Int. J. Commun. Syst. 32 (2019) e4139.

[20]	J. Liu, X. Li, Q. Jiang, M.S. Obaidat, P. Vijayakumar, Bua: A blockchain-based unlinkable authentication in VANETs, in: Proc. IEEE Int. Conf. Commun., ICC, 2020, pp. 1-6.

[21]	G. Sang, J. Chen, Y. Liu, H. Wu, Y. Zhou, S. Jiang, PACM: Privacy-preserving authentication scheme with on-chain certificate management for VANETs, IEEE Trans. Netw. Serv. Manag. 20 (2023) 216-228.

[22]	Q. Feng, D. He, S. Zeadally, K. Liang, "BPAS: Blockchainassisted privacy-preserving authentication system for vehicular ad hoc networks, IEEE Trans. Ind. Inform. 16 (2020) 4146-4155.

[23]	A. Garba, et al., "LightCert4IoTs: Blockchain-based lightweight certificates authentication for IoT applications, IEEE Access. 11 (2023) 28370-28383.

[24]	X. Li, T. Jing, R. Li, H. Li, X. Wang, D. Shen, BDRA: Blockchain and decentralized identifiers assisted secure registration and authentication for VANETs, IEEE Internet of Things J. 10 (2023) 12140-12155.

[25]	K. Xue, X. Luo, Y. Ma, J. Li, J. Liu, D.S.L. Wei, A distributed authentication scheme based on smart contract for roaming service in mobile vehicular networks, IEEE Trans. Veh. Technol. 71 (2022) 5284-5297.

[26]	S. Liu, J. Yu, Y. Xiao, Z. Wan, S. Wang, B. Yan, BC-SABE: Blockchain-aided searchable attribute-based encryption for cloud-IoT, IEEE Internet of Things J. 7 (2020) 7851-7867.

[27]	N. Szabo, Smart contracts, 1994, Available: http://szabo.best.vwh.net/smart.contracts.html.

[28]	K. Christidis, M. Devetsikiotis, Blockchains and smart contracts for the Internet of Things, IEEE Access. 4 (2016).

[29]	G. Indra, R. Taneja, An ECC-time stamp based mutual authen-tication and key management scheme for WSNs, in:Proc. 27th Int. Conf. Adv. Inf. Netw. Appl. Workshops, Barcelona, Spain, 2013, pp. 883-889.

[30]	X. Lu, F. Yang, L. Zou, P. Lio, P. Hui, An LTE authentication and key agreement protocol based on the ECC SelfCertified public key, IEEE/ACM Trans. Netw. 31 (2023) 1101-1116.

[31]

B.D. Yulianto, L. Budi Handoko, E.H. Pujiono Rachmawanto, M.A. Soeleman,Digital certificate authentication with three-level cryptography (SHA-256, DSA, 3DES), in: 2022 International Seminar on Application for Technology of Information and Communication, iSemantic, Semarang, Indonesia, 2022, pp. 343-350.

[32]	Z.L. Xie, L.Y. Jiang, An improved authentication scheme for Internet of Things, in:Proc. IOP Conf. Series Mater. Sci. Eng., Shanghai, China, 2019, p. 12031.

[33]	X. Li, J. Peng, F. Wu, M. Khan, C. Chen, "A secure three-factor user authentication protocol with forward secrecy for wireless medical sensor network systems, IEEE Syst. J. 14 (2020) 39-50.

[34]	J. Srinivas, A.K. Das, X. Li, M.K. Khan, M. Jo, Designing anonymous signature-based authenticated key exchange scheme for Internet of Things-enabled smart grid systems, IEEE Trans. Ind. Inform. 17 (2021) 4425-4436.

[35]	H. Far, M. Bayat, A.K. Das, M.I. Fotouhi, S. Pournaghi, M. Doostari, LAP-TAS: Lightweight anonymous privacypreserving three-factor authentication scheme for WSN-based IIoT, Wirel. Netw. 27 (2021) 1389-1412.

[36]	M. Karuppiah others, Secure remote user mutual authentication scheme with key agreement for cloud environment, Mobile Netw. Appl. 24 (2019) 1046-1062.