On-line Access: 2024-07-31

Received: 2024-06-09

Revision Accepted: 2024-06-16

Lightweight authentication scheme for edge control systems in Industrial Internet of Things

Author(s):  Wenli SHANG, Xudong WEN, Zhuo CHEN, Wenze XIONG, Zhiwei CHANG, Zhong CAO

Affiliation(s):  School of Electronics and Communication Engineering, Guangzhou University, Guangzhou 510006, China; more

Corresponding email(s):   zhongc@gzhu.edu.cn

Key Words:  Edge intelligent controller (EIC), Edge control systems (ECSs), Terminal devices (TDs), Anonymous authentication, Lightweight authentication

In edge computing-based industrial control systems (referred to as edge control systems, ECSs), edge computing places higher demands on the local processing power of data. The traditional industrial programmable logic controller (PLC) cannot complete this task. Edge intelligent controllers (EICs) have been developed according to the demand of edge computing. As the core component of edge computing, the security and reliable operation of the EIC has great significance and influence on the development and promotion of edge computing. The EIC needs to communicate sensitive information with terminal devices (TDs); hence, there is an urgent need to address the authentication issue between the EIC and TDs. The TDs that need to access the EIC have limited computing and storage capacity, and the traditional asymmetric cryptography-based authentication scheme is difficult to deploy on resource-constrained devices due to its high computational cost. Therefore, this paper designs a lightweight authentication scheme for ECSs using low-computational-cost hash functions and Exclusive OR (XOR) operations; this scheme can achieve bidirectional anonymous authentication and key agreement between the EIC and TDs to protect the privacy of the devices. Through security analysis, we demonstrate that the authentication scheme is able to provide the necessary security features and can resist major known attacks. Furthermore, performance analysis and comparisons indicate that the proposed authentication scheme is not only effective and feasible for deployment in ECSs but is also lightweight.

