Open Access Open Access  Restricted Access Subscription Access

Blockchain Powered Mutual Authentication and Access Control Protocol


Affiliations
1 Department of Computer Science and Engineering, Sreenidhi Institute of Science and Technology, GITAM (Deemed To Be University), Hyderabad, Telangana, India
2 Department of Computer Science and Engineering, GITAM (Deemed To Be University), Hyderabad, Telangana, India
 

With the advancement in the network connectivity, services can be subscribed for limited period of time. Subscribing for certain services is always an economic option rather than owning them. Implementing adequate procedures in the establishments, meeting the access control policies is challenging. Although the essential procedures are implemented using the centralized scheme where the single central server cater to the access control requests and the authorization mechanisms with the help of the stored identifiable attributes of the workstations in the web. In our article, we are proposing a blockchain powered lightweight, decentralized and secure framework for mutually authenticating the participating entities and levy the access control model among them. In our protocol, the device administrators (DA) can maintain their signed device policies for any of its services in the blockchain network which increases its visibility to more subscribers and at the same time, DAs can get rid of tedious job of authenticating each and every user/subscriber. On the other hand, users can also come to know about the wide range of services provided by different service providers and can avail appropriate service with the optimal constraints. We used elliptic curve cryptography (ECC) to transmit the secret sign parameters which makes our protocol lightweight. Secret sign parameters are used to verify the signature of any entity at the other end.

Keywords

Blockchain, Mutual Authentication, Elliptic Curve Cryptography, Access Control, Digital Signatures, Confidentiality, Integrity.
User
Notifications
Font Size

  • Dongxing Li, Wei Peng, Wenping Deng, FangyuGai, “A Blockchainbased Authentication and Security Mechanism for IoT”, 2018 27th International Conference on Computer Communication and Networks (ICCCN). doi:10.1109/icccn.2018.8487449.
  • Muhammad Tahir, Muhammad Sardaraz, Shakoor Muhammad, Muhammad Saud Khan, “A Lightweight Authentication and Authorization Framework for Blockchain-Enabled IoT Network in Health-Informatics”,Sustainability 2020, 12, 6960; doi:10.3390/su12176960.
  • Bennett, B. HIE Overview: A Framework for Healthcare Interoperability. Telehealth Med. Today 2017, 2, 1–6.
  • Casino, F.; Patsakis, C.; Batista, E.; Borràs, F.; Martínez-Ballesté, A. Healthy routes in the smart city: A context-aware mobile recommender. IEEE Softw. 2017, 34, 42–47.
  • Zheng, Z.; Xie, S.; Dai, H.-N.; Chen, X.; Wang, H. Blockchain challenges and opportunities: A survey. Int. J. Web Grid Serv. 2018, 14, 352–375.
  • Udokwu, C.; Kormiltsyn, A.; Thangalimodzi, K.; Norta, A. The state of the art for blockchain-enabled smart-contract applications in the organization. In Proceedings of the 2018 IvannikovIspras Open Conference (ISPRAS), Tokyo, Japan, 22–23 November 2018; pp.137–144.
  • ZibinZheng, ShaoanXie, Hongning Dai, Xiangping Chen, and HuaiminWang,”An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends”,2017 IEEE 6th International Congress on Big Data,978-1-5386-1996-4/17 DOI .1109/BigDataCongress.2017.85
  • Sharad Kumar Verma, D.B. Ojha, “A Discussion on Elliptic Curve Cryptography and Its Applications”, IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 1, No 1, January 2012.
  • Victor S. Miller. Use of elliptic curves in cryptography. In H.C. Williams, editor, Advances in Cryptology CRYPTO'85, vol. 218 of Lecture Notes in Computer Science, pp. 417-426.Springer-Verlag, 1986.
  • Whitfield Diffie and Martin E. Hellman. New directions in cryptography, IEEE Transactions of Information Theory, 22(6):644654, 1976.
  • TaherElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31(4):469- 472, 1985.
  • http://en.wikipedia.org/wiki/Elliptic_curve_cryptography.
  • Certicom, Standards for Efficient Cryptography, SEC 1: Elliptic Curve Cryptography, Version 1.0, September 2000.
  • Zhao J L, Fan S, Yan J. Overview of business innovations and research opportunities in blockchain and introduction to the special issue. Financial Innovation, 2016, 2(1):28.
  • Ouaddah A, AbouElkalam A, AitOuahman A. FairAccess: a new Blockchain based access control framework for the Internet of Things. Security & Communication Networks, 2017, 9.
  • Xu Q, Jin C, Rasid M F B M, et al. Blockchain-based decentralized content trust for docker images. Multimedia Tools & Applications, 2017(239):1-26.
  • Rodrigues B, Bocek T, Lareida A, et al. A Blockchain-Based Architecture for Collaborative DDoS Mitigation with Smart Contracts[C]// IFIP International Conference on Autonomous Infrastructure, Management, and Security. Springer, Cham, 2017:1629.
  • Zyskind G, Nathan O, Alex. Decentralizing Privacy: Using Blockchain to Protect Personal Data[C]// IEEE Security and Privacy Workshops. IEEE Computer Society, 2015:180-18.
  • Kumari S, Karuppiah M, Das A K, et al. A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers[J]. Journal of Supercomputing, 2017(4):1-26.
  • Lee B, Lee J H. Blockchain-based secure firmware update for embedded devices in an Internet of Things environment[J]. Journal of Supercomputing, 2017, 73(3):1-16.
  • Moinet A, Darties B, Baril J L. Blockchain based trust &authentication for decentralized sensor networks[J]. 2017.
  • LamraniAlaoui, Hasnae, El Ghazi, Abdellatif, Zbakh, Mustapha, Touhafi, Abdellah, Braeken An. “A Highly Efficient ECC-Based Authentication Protocol for RFID”, . Journal of Sensors, Hindawi, 2021, 10.1155/2021/8876766.
  • K. Sowjanya, M. Dasgupta, and S. Ray, “An elliptic curve cryptography based enhanced anonymous authentication protocol for wearable health monitoring systems,” International Journal of Information Security, vol. 19, no. 1, pp. 129–146, 2020
  • Zhao, Z.: An efficient anonymous authentication scheme for wireless body area networks using elliptic curve cryptosystem. J.Med. Syst. 38(2), 1–7 (2014). https://doi.org/10.1007/s10916014-0013-5
  • Amin, R., Islam, S .K .H.,Biswas, G., Khan, M .K., Kumar, N.: A robust and anonymous patient monitoring system using wireless medical sensor networks. FutureGener. Comput. Syst. 80(C), 483 495 (2016). https://doi.org/10.1016/j.future.2016.05.032
  • Jiang, Q., Ma, J., Yang, C., Ma, X., Shen, J., Chaudhry, S .A.: Efficient end-to-end authentication protocol for wearable health monitoring systems. Comput. Electr. Eng. 63(C), 182–195 (2017).https://doi.org/10.1016/j.compeleceng.2017.03.016
  • Yessad, N., Bouchelaghem, S., Ouada, F .S., Omar, M.: Secure and reliable patient body motion based authentication approach for medical body area networks. Pervasive Mob. Comput. 42(C), 351–370 (2017). https://doi.org/10.1016/j.pmcj.2017.06.009
  • Li, X., Niu, J., Kumari, S., Wu, F., Sangaiah, A .K.,Choo, K .K .R.: A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments. J. Netw. Comput. Appl. 103(C), 194–204 (2018). https://doi.org/10.1016/j.jnca.2017.07.001
  • Wu, F., Li, X., Xu, L., Kumari, S., Karuppiah, M., Shen, J.: A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server. Comput. Electr. Eng. 63(C), 168–181 (2017). https://doi.org/10.1016/j.compeleceng. 2017.04.01221.
  • Das, A.K., Zeadally, S., Wazid, M.: Lightweight authentication protocols for wearable Computer Electrical Engineering, https://doi.org/10.1016/j.compeleceng.2017.03.008
  • Liu, J., Zhang, L., Sun, R.: 1-RAAP: an efficient 1-round anonymousauthentication protocol for wireless body area networks. Sensors (2016) https://doi.org/10.3390/ s16050728.
  • Menezes, A.J. Elliptic Curve Public Key Cryptosystems; Kluwer Academic Publishers: Boston, MA, USA, 1993.
  • Hankerson D., Menezes A., Elliptic Curve Discrete Logarithm Problem. In: van Tilborg H.C.A., Jajodia S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA, 2011.
  • Junichi Yarimizu1 , Yukihiro Uchida1 and Shigenori Uchiyama, “The elliptic curve Diffie-Hellman problem and an equivalent hard problem for elliptic divisibility sequences”, JSIAM Letters Vol.6 pp.5–7 2014.

Abstract Views: 486

PDF Views: 3




  • Blockchain Powered Mutual Authentication and Access Control Protocol

Abstract Views: 486  |  PDF Views: 3

Authors

Geeta Kakarla
Department of Computer Science and Engineering, Sreenidhi Institute of Science and Technology, GITAM (Deemed To Be University), Hyderabad, Telangana, India
S. Phani Kumar
Department of Computer Science and Engineering, GITAM (Deemed To Be University), Hyderabad, Telangana, India

Abstract


With the advancement in the network connectivity, services can be subscribed for limited period of time. Subscribing for certain services is always an economic option rather than owning them. Implementing adequate procedures in the establishments, meeting the access control policies is challenging. Although the essential procedures are implemented using the centralized scheme where the single central server cater to the access control requests and the authorization mechanisms with the help of the stored identifiable attributes of the workstations in the web. In our article, we are proposing a blockchain powered lightweight, decentralized and secure framework for mutually authenticating the participating entities and levy the access control model among them. In our protocol, the device administrators (DA) can maintain their signed device policies for any of its services in the blockchain network which increases its visibility to more subscribers and at the same time, DAs can get rid of tedious job of authenticating each and every user/subscriber. On the other hand, users can also come to know about the wide range of services provided by different service providers and can avail appropriate service with the optimal constraints. We used elliptic curve cryptography (ECC) to transmit the secret sign parameters which makes our protocol lightweight. Secret sign parameters are used to verify the signature of any entity at the other end.

Keywords


Blockchain, Mutual Authentication, Elliptic Curve Cryptography, Access Control, Digital Signatures, Confidentiality, Integrity.

References





DOI: https://doi.org/10.22247/ijcna%2F2022%2F211629