A Lightweight Authentication and Key Agreement

Protocol for Secure Fog-to-Fog Collaborative

Communication
Sunday Oyinlola Ogundoyin Ismaila Adeniyi Kamil
Department of Electrical and Electronic Engineering Department of Electrical and Electronic Engineering
University of Ibadan University of Ibadan
Ibadan, Nigeria Ibadan, Nigeria
honsybee@yahoo.com ismaila.kamil@ui.edu.ng

Abstract—The fusion of peer-to-peer (P2P) fog network and model is shown in Fig. 1. It comprises the IoT, fog, and the
the traditional three-tier fog computing architecture allows fog cloud layers. The IoT (or lower) layer consists of smart devices
devices to conjointly pool their resources together for improved which collect and offload humongous heterogeneous data to
service provisioning and better bandwidth utilization. However,
any authorized access to the fog network may have calami- the fog servers in the fog (or middle) layer. Depending on the
tous consequences. In this paper, a new lightweight two-party offloading model, the fog nodes may process or offload the
authenticated and key agreement (AKA) protocol is proposed data to a neighboring fog node or cloud servers.
for fog-to-fog collaboration. The security analysis of the pro-
tocol reveals that it is resilient to possible attacks. Moreover,
the validation of the protocol conducted using the broadly-
accepted Automated Verification of internet Security Protocols
and Applications (AVISPA) shows that it is safe for practical
deployment. The performance evaluation in terms of computation
and communication overheads demonstrates its transcendence
over the state-of-the-art protocols.
Index Terms—Fog computing, Authentication Protocol,
AVISPA, IoT, Collaboration

I. I NTRODUCTION
One notable technological advancement in the last decade is
the advent of Internet of Things (IoT), where numerous smart
devices embedded with sensors, chips, and actuators collect,
store, analyze, and transmit information with the support of
their hardware devices and IP addresses – thanks to the
Internet. In the conventional cloud computing architecture,
an end user can directly offload its service requests to a
centralized cloud server which has huge resources. However,
the technology suffers several drawbacks, such as high la-
tency, network congestion, low bandwidth usage, security, and
privacy issues [1]. The introduction of IoT exacerbates the
issue due to the ultra-low latency and security requirements
for realtime and mission-critical applications such as virtual Fig. 1. A Three-tier Fog Computing Architecture
reality, augmented reality, tele-surgery, traffic management,
etc., as well as the resource-constrained nature of IoT devices. In recent times, many researchers are directing their efforts
Recently, the concept of fog computing was introduced to toward the design of P2P fog computing models where fog
address the foregoing challenges in cloud computing. The idea devices concertedly pool their resources (e.g., storage, process-
is to extend the traditional cloud computing architecture by ing, data management, networking, etc.) to provide services to
bringing resources to the network’s edge and very close to end users [2]–[4]. The fog-to-fog collaborative model provides
the end users [2]. Fog computing offers services to end users very useful benefits especially when there is intermittent or no
in a distributed way and supports delay-sensitive, realtime, connection with the cloud servers. For instance, when there is a
and mission-critical applications. A three-tier fog computing natural disaster (e.g., earthquake, tsunami, etc.) in the premises
of a cloud service provider and the cloud becomes unavailable
[2]. Moreover, since the intention behind fog computing is to
complement the cloud computing and bring resources closer to
end users, it is imperative to ensure that the bulk of the tasks
is executed at the fog layer while only the computationally-
intensive, latency-tolerant, and those requiring long-term stor-
age are offloaded to the cloud. Considering the heterogeneous
and mobility of fog devices as well as the distributed nature of
the fog computing architecture, the security of the information
transmitted is paramount and critical since fog nodes may be
used to process sensitive information such as biomedical data.
Besides, because the communication is done over an insecure
(or open) channel, any unauthorized access may disastrous
consequences. Therefore, to fully exploit the potentials of
fog-to-fog collaborative model, we design an authentication
protocol which allows two collaborating fogs to mutually
authenticate each other and share a common secret session
for secure communication.
A. Contributions
The main contributions of this study are as follows.
• Design of a lightweight mutual authentication and key
exchange protocol for secure fog-to-fog communication.
• An extensive informal security analysis is conducted to
show that the proposed protocol provides the desirable se-
curity features and resilience against well-known attacks.
• A formal security evaluation using the widely-accepted
AVISPA software tool [5].
• The performance evaluation to demonstrate the loftiness
of the proposed AKA protocol over the state-of-the-art
schemes.
B. paper Organization
The rest of this research article is structured as follows.
Section II presents a review of the literature on AKA protocols
in IoT and fog computing environments. The network model
considered for the fog collaborative architecture is described
briefly in section III. Section IV discusses the methodology
of the proposed AKA protocol. The formal and informal
security analyses, as well as the performance evaluation are
demonstrated in section V. The conclusion is drawn in section
VI.
II. R ELATED W ORK
A number of authenticated and key agreement (AKA)
protocols have been proposed for various IoT applications.
For example, Srinivas et al. [6] developed an AKA scheme
for IoT-oriented smart grid communication which allows a
smart meter (SM) in a consumer home and the energy service
provider to mutually authenticate each other and compute a
shared secret key for secure communication. Chen et al. [9]
also proposed an AKA protocol for edge-supported smart grid
application. The protocol allows an SM and an edge server to
authenticate each other. After demonstrating the security flaws
in some existing protocols, Rostampour et al. [8] developed an
ECC-based AKA protocol which bolsters secure interactions
between a smart device and a cloud server. Maarof et al.
[10] developed an improved authentication protocol for IoT
based on elliptic curve cryptography (ECC) where an end
device and a cloud server can authenticate each other and
compute a secret key for secure future communications. A
new authentication scheme based on bilinear pairing was
constructed in [11]. The scheme prevents unauthorized access
to the IoT network by allowing an embedded device and
a cloud server to communicate securely using a pre-shared
secret key. Li et al. [12] also designed a new protocol known
as AEP-PPA for mobile communication in IoT environment.
In the context of fog computing, there have been some
studies focusing on the design of AKA protocols for fog-based
IoT applications. For instance, Chen et al. [13] proposed an
ECC-based AKA scheme for fog computing. The scheme
allows a mobile user, a fog server, and a cloud service
provider (CSP) to authenticate one another and establish
a unique secret session key. However, the scheme cannot
achieve mutual authentication because a fog node does
not confirm the authenticity of the authentication message
received from the mobile user. In addition, the scheme cannot
prevent a replay attack. Wazid et al. [14] developed an AKA
protocol for fog-supported vehicular network. The protocol
provides a mutual authentication between a vehicle and a
fog device, an RSU and a fog device, and a fog device and
a cloud server. However, Saleem et al. [15] pointed out that
that the protocol in [14] is prone to impersonation attacks.
Amin et al. [16] proposed a new scheme where a user, a fog
server, and a cloud server can securely communicate via a
unanimous authentication and an established secret key.
Wazid et al. [17] developed a three-factor ECC-based AKA
scheme which allows a smart device and a fog server, as
well as a fog server and a cloud server to compute a shared
secret key for secure communication. However, Ali et al. [18]
demonstrated the the scheme is not resilient to clogging attack.
The authors then developed a robust scheme to remedy the
weaknesses in [18]. Considering the aforesaid, it is unequivo-
cal that efforts have been made in the past to design an AKA
protocol for IoT and fog computing applications. However,
there is no previous study on designing an AKA protocol for
fog-to-fog collaboration to the best of the authors’ knowledge.
Moreover, the existing protocols are unsuitable for fog-to-
fog communication due to their many security loopholes.
Besides, most of these schemes are inefficient making them
unfit for practical deployment in a resource-constraint, highly
mobile, and fugacious IoT environment. Therefore, it is all-
important to design a lightweight, secure, and privacy-aware
AKA protocol for P2P communication in fog computing
services.
III. N ETWORK M ODEL
In this section, we give a brief overview of the system and
adversary models used for the proposed protocol.
A. System Model
The system model of the proposed AKA protocol is shown
in Fig. 2. It consists of three entities: trusted authority (TA), a
service requester fog device (F Di ), and a service provider fog
device (F Dj ). The TA is a fully trusted entity responsible for
system setup, system management, registration, and issuance
of credentials to all the entities on the network. The service
requester is a fog node which initiates a collaborative or
connection request to another fog node on the network. The
service provider is one which is willing to collaborate with the
service requester. The communication between the TA and the
fog devices is done over a secure communication channel such
secure socket layer (SSL) while the fog nodes communicate
over an open (or insecure) channel [19].
Fig. 2. System Model for the Proposed AKA Protocol
B. Adversary Model
In this work, the broadly-accepted Dolev-Yao [20] adversary
model is adopted in the security evaluation of the proposed
protocol where the communication between two parties is
carried out over an insecure channel and the end devices
are assumed to be untrustworthy. Based on this model, an
adversary A is believed to have a very strong ability to take
full control of the communication channel. Simply put, A can
intercept, change, re-transmit, create, and delete any data sent
over an open channel.
IV. T HE P ROPOSED AUTHENTICATION P ROTOCOL FOR
F OG - TO -F OG C OLLABORATION
In this section, we discuss the methodology of the proposed
AKA protocol integrating three phases as described below.
1) System Setup Phase
The TA bootstraps the system and publishes the system
parameters in the following manner.
• Chooses two secure prime numbers p and q, a point
P , and a non-singular elliptic curve represented as
E : y 2 = x3 + ax + b mod p, where P represents
a generator of an additive group G which has an
order q [21].
• Picks at random d ∈ Z∗q and computes Dpub = dP ,
where d and Dpub are the TA’s secret and public (or
system) keys, respectively.
• Selects a secure one-way hash function defined by
∗
h : {0, 1} → Z∗q and then publishes the system
parameters Ppar = {P, p, q, a, b, Dpub , h}.
2) Registration Phase
In this stage, the service requester (F Di ) and the service
provider (F Dj ) register with the TA. The process is the
same for both fog devices. So we give the registration
process of (F Di ) as follows.
• F Di with identity IDi selects a random ri and
computes Ai = h(IDi , ri ). It then sends Ai to TA
over a secure channel.
• On receiving the registration request Ai from
(F Di ), TA chooses a random Ri and computes θi =
h(Ai , IDT A , d, Ri , ∇cid , Ts0 ), αi = h(Ai , Ts0 ),
βi = αi ⊕ (si k ∇cid ), and ϑi = θi ⊕ h(βi , Ts0 ),
where IDT A is the identity of TA, si the temporary
secret key of F Di , ∇cid the unique identifier of
the fog colony, and Ts0 the current timestamp. It
submits (ϑi , βi , Ts0 ) to F Di .
• Upon receiving the registration response
(ϑi , βi , Ts0 ) from TA, F Di first verifies the
freshness of the message by checking if
Ts now − Ts0 ≤ ∆Tallow , where Ts0 , Ts now ,
and ∆Tallow are the time the response
was sent, the time it was received, and the
allowable transmission delay, respectively.
If and only if the time verification holds,
F Di computes θi = ϑi ⊕ h(βi andTs0 ),
(si k ∇cid ) = βi ⊕ h(Ai , Ts0 ). It then picks
at random ai ∈ Z∗q and calculates sk i = ai + si ,
Pi = sk i P , and publishes Pi , where (sk i , Pi ) are
the secret/public key pair of F Di .
The registration process of F Dj with identity IDj
is the same. This means that F Dj also receives the
registration credentials (θj , sk, ∇cid ) after submitting
Aj = h(IDj , rj ) to TA.
3) Authentication and Key Agreement Phase
In this phase, F Di and F Dj authenticate each other
in a conjunct manner and consequently establish a
pairwise secret session key that is used for ensuing
communications involving the two entities in the fog
colony. The process is discussed as follows.
• F D i selects a random ki and computes A1 =
h(sk i Pj , ∇cid ), A2 = IDi ⊕ A1 , A3 = θi ⊕
h(A1 , ∇cid , Dpub ), A4 = ki ⊕ h(A1 , Ts1 ), and
A5 = h(IDi , θi , ki , A1 , Ts1 ), where Ts1 is the
current timestamp. It then sends a connection (or au-
thentication) request (A2 , A3 , A4 , A5 , Ts1 ) to F Dj .
• On receiving the tuple (A2 , A3 , A4 , A5 , Ts1 ), F D j
verifies the timeliness of the message by checking
if Ts now − Ts1 ≤ ∆Tallow , where Ts1 , Ts now , and
∆Tallow are the time the message was sent, the
 time it was received, and the maximum transmission
delay. The process proceeds if the time verification
holds; otherwise, it is aborted.
• F Dj computes A1 ∗ = h(sk j Pi , ∇cid ), IDi =
A2 ⊕ Ai ∗ , θi = A3 ⊕ h(A1 ∗ , ∇cid , Dpub ), ki =
A4 ⊕ h(A1 ∗ , Ts1 ), A5 ∗ = h(IDi , θi , ki , A1 ∗ , Ts1 ),
and checks if A5 = A5 ∗ . The process continues if
and only if the verification holds.
• F Dj chooses a random kj and computes
K1 = h(IDi , IDj , θi , θj , ki , kj ), B1 = (A2 , A3 , A4 , A5 , Ts1 ) sent by F Di and replays it. The
h(sk j Pi , ∇cid ), B2 = IDj ⊕ B1 , B3 =
θj ⊕ h(B1 , ∇cid , Dpub ), B4 = kj ⊕ h(B1 , Ts2 ), and
Bk = h(IDi , θi , K1 , Ts2 ), and deletes B1 , where
Ts2 is the current timestamp and K1 the secret
session key. It then submits (B2 , B3 , B4 , Bk , Ts2 )
to F Di .
• Upon receiving the connection response message
(B2 , B3 , B4 , Bk , Ts2 ) from F Dj , F Di verifies the
freshness of the message by checking if Ts now −
Ts2 ≤ ∆Tallow , where Ts2 , Ts now , and ∆Tallow
are the time the message was sent, the time it was
received, and the permissible network delay. If and
only if the freshness check succeeds, F Di computes
IDj = B2 ⊕A1 , θj = B3 ⊕h(A1 , ∇cid , Dpub ), kj =
B4 ⊕ h(A1 , Ts2 ), K2 = h(IDi , IDj , θi , θj , ki , kj ),
Bk ∗ = h(IDi , θi , K2 , Ts2 ), deletes A1 , and checks
if Bk = Bk ∗ . With this, F Di has successfully
computed the secret session key K2 and confirmed
that F Dj has also done so.
Apparently, mutual authentication and key exchange
have been expounded between F Di and F Dj . The
outcome is an established pairwise secret session key
K = K1 = K2 which would be used for secure future
communications between the two parties. Fig. 3 sum-
marizes the mutual authentication and key agreement
process of the proposed protocol.
Fig. 3. The Authentication and Key Management of the Proposed Protocol
V. S ECURITY A NALYSIS AND PERFORMANCE E VALUATION
A. Security Analysis
In this section, we demonstrate how the proposed AKA
protocol can withstand various attacks and provide some
security features.
• Replay attack - as mentioned earlier, A can capture
and re-transmit a communication message between F Di
and F Dj . Assuming A intercepts the request message
authentication process cannot succeed even if the fresh-
ness check holds because the timestamp Ts1 is also used
to compute A4 = ki ⊕ h(A1 , Ts1 ). the same goes to the
rsponse message (B2 , B3 , B4 , Bk , Ts2 ) transmitted from
F Dj to F Di .
• Impersonation attack - as presented in section III (B),
after A has captured the request message sent by F Di or
the response message forwarded to F Di by F Dj , it may
try to impersonate F Di or F Dj . Suppose A intercepts
the message (A2 , A3 , A4 , A5 , Ts1 ) and try to forge it so
as to impersonate F Di . It cannot succeed because it must
know the secret key sk i and the secret values IDi , ki ,
and θi of IDi . If A tries to extract the F Di ’s secret key,
it will encounter the Discrete Logarithm Problem (DLP),
which is infeasible to solve. In the same way, A cannot
impersonate F Dj .
• Insider attack - suppose during the registration process, A
has the ability to access the communication channel and
retrieve the credential Ai = h(IDi , ri ) of F Di . However,
A cannot extract the secret values IDi and ri due to the
one-way property of hash function. Likewise, A cannot
retrieve the secret values IDj and rj of F Dj .
• Denial-of-service attack - in this attack, A gener-
ates and transmits bogus messages continuously to the
entities in order to use up their resources. A can
also use the previously utilized authentication messages
(A2 , A3 , A4 , A5 , Ts1 ) and (B2 , B3 , B4 , Bk , Ts2 ), and re-
peatedly sends mammoth amount of these messages to
F Dj and F Di , respectively. However, the attack cannot
succeed because the entities can check the freshness of
the messages using their timestamps and then discard the
malicious ones immediately without further action.
• Man-in-the-middle attack - suppose A can eavesdrops
the authentication message (A2 , A3 , A4 , A5 , Ts1 ) and
(B2 , B3 , B4 , Bk , Ts2 ). However, it cannot modify them
to deceive the other party because it will need to extract
the secret key of F Di and F Dj which is computationally
infeasible due to the intractability of the DLP.
• Perfect forward secrecy - by taking the advantages of the
randomness of the random numbers and the timeliness
of the timestamps used in the proposed protocol, differ-
ent unique secret session keys are computed for every
session. Hence A cannot generate the secret key used in
the previous session or the one that would be used in
the subsequent session, even if the current session key is
compromised.
 • Strong Anonymity - in the proposed protocol, the identi-
ties of IDi and IDj of F Di and F Dj , respectively are
not sent in clear text. For example, A can capture A2 and
tries to extract IDi . However, it cannot succeed since it
must know the secret key sk i or sk j to be able to retrieve
IDi . Unfortunately, it will be faced with the DLP which
is intractable. Similarly, A cannot extract IDj from B2 .
hence, our protocol guarantees strong anonymity.
• Session key establishment - the proposed protocol does
not only provide mutual authentication, but also sup-
ports session key agreement. The session key K =
(IDi , IDj , θi , θj , ki , kj ) consists of (IDi , θi , ki ) and
(IDj , θj , kj ) contributed by F Di and F Dj , respectively.
Since the session key is protected with the hash function Fig. 4. Simulation Results in OFMC and CL-AtSe Back-ends
(which is non-invertible), A cannot generate the key
without the knowledge of these parameters. It is also in-
based point multiplication, ECC-based point addition,
feasible for A to guess these secret values in polynomial-
and one-way hash function operations as Tmtp , Tp ,
time.
Tp−m , Tp−a , Texp , Te−m , Te−a , and Th , respectively.
B. Formal Verification of the Proposed Protocol According to [23], the costs of Tmtp , Tp , Tp−m , Tp−a ,
Texp , Te−m , Te−a , and Th are 14.293 ms, 17.001 ms,
We validate the security of the proposed AKA protocol
5.485 ms, 0.023 ms, 0.874 ms, 0.986 ms, 0.004 ms, and
using AVISPA tool. We implement the protocol using a role-
0.001 ms, respectively. The computation overheads of
based High Level Protocol Specification Language (HLPSL)
the proposed protocol and the related ones are summa-
and specify some roles for the three entities (F Di , F Dj , and
rized in Table I. As we can see, the cost of computation
TA), as well as for goals, session, and environment. The goal
on the SR is less in the proposed protocol compared
and session roles instantiate the entities’ roles and initialize
to those in [6], [8], [9], [10], [11], and [12] with about
their communication sessions. The environment comprises
66.55 %, 83.23 %, 0.3 %, 49.75 %, 84.45 %, and 93.9
some global constants, sessions, and the knowledge of an
%, respectively. Likewise, the computation overhead on
intruder i. Four communication sessions are established,
SP is better than those in [6], [8], [10], and [11], and
where all are executed with the involvement of i except
coincides with those in [9], and [12].
the first. There are four back-end checkers in the AVISPA
namely, OFMC, Cl-AtSe, SATMC, and TA4SP. The last
TABLE I
two do not support exclusive-OR (xor) operation; hence, C OST OF C OMPUTATION C OMPARISON
they are not considered in our analysis. With the backends,
the protocol reports “SAFE” if no attack is detected and Scheme Service Requester (ms) Service Provider (ms)
Srinivas et 3Te−m + Te−a + 7Th = 3Te−m + Te−a + 7Th =
“UNSAFE” otherwise. We refer interested readers to [22] al. [6] 2.969 2.969
for detailed description of AVISPA. Fig. 4 shows the results Rostampour 6Te−m + Te−a = 5.92 6Te−m + Te−a = 5.92
obtained from the verification of the proposed protocol using et al. [8]
the OFMC and CL-AtSe back-ends. It is crystal-clear that Chen et al. Te−m + 10Th = 0.996 Te−m + 8Th = 0.994
[9]
the proposed protocol is safe based on the validation results Maarof et al. 2Te−m + 4Th = 1.976 3Te−m + 4Th = 2.962
Hence, the protocol is resilient to both passive and active [10]
attacks such as replay and man-in-the-middle. Wu et al. Tp−m + Tp−a + Texp + Tp + Texp + 4Th =
[11] 4Th = 6.386 17.879
Li et al. [12] T mtp + 2Te−m + Te−a Te−m + 6Th = 0.992
+ 6Th = 16.275
C. Performance Evaluation Proposed Te−m + 7Th = 0.993 Te−m + 9Th = 0.995
In this subsection, we demonstrate the efficiency of our
protocol in terms of computation and communication over- 2) Communication Overhead - we analyze the transmis-
heads, and then make comparisons with the state-of-the-art sion overhead of the developed protocol and the state-
protocols. Since there is no previous AKA protocol for fog- of-the-art schemes. The bit length for pairing-based
to-fog collaborative network, we select the state-of-the-art and ECC-based schemes are 1024 bits and 320 bits,
two-party protocols in IoT environment [6], [8]–[12] for our respectively [23]. We consider the sizes of hash function,
comparison. timestamp, and identity as 160 bits, 32 bits, and 32
1) Cost of Computation - for clarity and ease of un- bits, respectively. As depicted in Fig. 5, communication
derstanding, we denote the execution times of map-to- cost of an SR in the proposed protocol is lower than
point, bilinear pairing, pairing-based point multiplica- those in [6], [8], [11], and [12] and tallies with those in
tion, pairing-based point addition, exponentiation, ECC- [9] and [10]. Similarly, the communication overhead of
 an SP is also lower than those [6], [11], and [12] and
slightly higher than those in [8], [9], and [10]. Overall,
the proposed protocol outperforms those in [6], [8], and
[11] in terms of communication overhead. Even though
the protocols in [9], [10], and [12] have slightly lower
overheads than the proposed one, they are not contextual
to fog computing and most importantly, they suffer
various drawbacks as earlier mentioned making them
unsuitable for deployment in fog computing services.
Fig. 5. Communication Overhead Comparison
VI. C ONCLUSION
In this paper, a lightweight ECC-based authentication and
key agreement protocol has been developed for secure P2P
communication in fog computing. We demonstrated that the
protocol is secure using the broadly-accepted AVISPA toolkit
and corroborate it using informal security analysis. The per-
formance evaluation showed that the protocol is very efficient
and suitable for practical deployment in a resource-limited fog-
oriented IoT environment.
R EFERENCES
[1] T. Aladwani “Scheduling IoT healthcare tasks in fog computing based
on their importance,” Procedia COmputer Science, vol. 163, pp. 560–
569, 2019.
[2] A. Yousefpour, C. Fung, T. Nguyen, K. Kadiyala, F. Jalali, A. Niakan-
lahiji, J Long, and J.P. Jue “All one needs to know about fog computing
and related edge computing paradigms: a complete survey,” Journal of
Systems Architecture, vol. 98, pp. 289–330, 2019.
[3] D. Tracey, and C. Sreenan, “How to see through the Fog? Using Peer to
Peer (P2P) for the Internet of Things,” in 2019 IEEE 5th World Forum
on Internet of Things (WF-IoT), 15–18 April, 2019, Limerick, Ireland.
[4] M. Al-khafajiy, T. Baker, H. Al-Libawy, Z. Maamar, M. Aloqaily,
and Y. Jararweh “Improving fog computing performance via Fog-2-
Fog collaboration,” Future Generation Computer Systems, vol. 100, pp.
266–280, 2019.
[5] AVISPA “ Automated validation of internet security protocols and
applications,” 2021, http://www.avispa-project.org/ (accessed on March
29).
[6] J. Srinivas, A.K. Das, X. Li, M.K. Khan, and M. Jo “Designing
Anonymous Signature-Based Authenticated Key Exchange Scheme for
IoT-Enabled Smart Grid Systems,” IEEE Transactions on Industrial
Informatics, In Press, https://doi.org/10.1109/TII.2020.3011849.
[7] S.D. Kaul, and A.K. Awasthi “Security enhancement of an improved re-
mote user authentication scheme with key agreement,” Wireless Personal
Communications, vol. 89, no. 2, pp. 621-637, 2016.
[8] S. Rostampour, M. Safkhani, Y. Bendavid, and N. Bagheri “ ECCbAP:
A secure ECC based authentication protocol for IoT edge devices,”
Pervasive and Mobile Computing, vol. 67, 101194, 2020.
[9] C. Chen, L. Chen, Y. Huang, S. Kumar, and J.M. Wu “Lightweight
Authentication Protocol in Edge-based Smart Grid Environment,”
EURASIP Journal of Wireless Communications and Networking, pp.
1–17, 2020, https://doi.org/10.21203/rs.3.rs-53314/v1.
[10] A. Maarof, M. Senhadji, Z. Labbi, and M. Belkasmi “ Authentication
Protocol for Securing Internet of Things,” in Proceedings of the Fourth
International Conference on Engineering & MIS 2018, June 19–21,
2018, Istanbul, Turkey.
[11] H. Wu, C. Chang, and L. Chen “ Secure and anonymous authentication
scheme for the Internet of Things with pairing,” Pervasive and Mobile
Computing, vol. 67, 101177, 2020.
[12] J. Li, W. Zhang, V. Dabra, K.R. Choo, S. Kumari,and D. Hogrefe “ AEP-
PPA: An anonymous, efficient and provably-secure privacy-preserving
authentication protocol for mobile services in smart cities,” Journal of
Network and Computer Applications, vol. 134, 52-61, 2019.
[13] C. Chen, Y. Huang, K. Wang, S. Kumari, and M. Wu “ A secure authenti-
cated and key exchange scheme for fog computing,” Enterprise Informa-
tion Systems, In Press, https://doi.org.10.1080/17517575.2020.1712746.
[14] M. Wazid, P. Bagga, A.K. Das, S. Shetty, J.J.P.C. Rodrigues, and Y.
Park “ AKM-IoV: Authenticated Key Management Protocol in Fog
Computing-Based Internet of Vehicles Deployment,” IEEE Internet of
Things Journal, vol. 6, no. 5, 8804-8817, 2019.
[15] M. A. Saleem, K. Mahmood, and S. Kumari “ Comment on ”AKM-
IoV: Authenticated Key Management Protocol in Fog Computing-Based
Internet of Vehicles Deployment”,” IEEE Internet of Things Journal, vol.
7, no. 5, 4671-4675, 2020.
[16] R. Amin, S. Kunal, A. Saha, D. Das, and A. Alamri “ Comment on
“ CFSec: Password based secure communication protocol in cloud-fog
environment,” Journal of Parallel and Distributed Computing, vol. 140,
52-62, 2020.
[17] M. Wazid, A.K. Das, N Kumar, and A.V. Vasilakos “ Design of secure
key management and user authentication scheme for fog computing
services,” Future Generation Computer Systems, vol. 91, 475-492, 2019.
[18] Z. Ali, S.A. Chaudhry, K. Mahmood, S. Garg, Z. Lv, and Y.B. Zikria
“ A clogging resistant secure authentication scheme for fog computing
services,” Computer Networks, vol. 185, 107731, 2021.
[19] I.A. Kamil, and S.O. Ogundoyin “ EPDAS: Efficient privacy-preserving
data analysis scheme for smart grid network,” Journal of King Saud
University – Computer and Information Sciences, vol. 33, pp. 208–217,
2021.
[20] D. Dolev, and A.C. Yao “ On the security of public key protocols,” IEEE
Transactions on Information Theory, vol. 29, no. 2, pp. 198-208, 1983.
[21] I.A. Kamil, and S.O. Ogundoyin “ A big data anonymous batch
verification scheme with conditional privacy preservation for power
injection over vehicular network and 5G smart grid slice,” Sustainable
Energy, Grids and Networks, vol. 20, 100260, 2019.
[22] I.A. Kamil, and S.O. Ogundoyin “ A lightweight mutual authentication
and key agreement protocol for remote surgery application in Tactile
Internet environment,” Computer Communications, vol. 170, 1-18, 2021.
[23] I.A. Kamil, and S.O. Ogundoyin “ Lightweight privacy-preserving power
injection and communication over vehicular networks and 5G smart grid
slice with provable security,” Internet of Things, vol. 8, 100116, 2019.