Abstract
Today, with the advancement of blockchain and Internet of Things (IoT) technologies, there is a growing need for authentication protocols and key exchanges to facilitate communication between these diverse technologies. Authentication and key exchange protocols are designed using symmetric and asymmetric encryption methods, each with varying computational costs. In IoT systems, where memory and computation power are often limited, researchers are actively seeking lightweight protocol designs to minimize computational burdens. Traditionally, the calculation of computational and communication costs for protocols has been a manual process, which is prone to human error. In this paper, we propose the E3C tool, which automates the calculation of computation and communication costs for authentication and key exchange protocols. E3C enables the comparison of multiple protocols in terms of their communication and processing costs, presenting the results in separate charts. By comparing the processing and communication costs of both classical and modern protocols, both manually and using E3C, we demonstrate that E3C achieves 99.99% accuracy in calculating the costs of authentication and key exchange protocols.
Similar content being viewed by others
Data availability
Data used to support this novel scheme are included within the article.
References
Karimi, M.B.: A systematic review of the combinatorial methods of service composition in the cloud computing environment. Int. J. Ind. Math. 14(4), 489–502 (2022)
Salami, Y., Hosseini, S.: BSAMS: blockchain-based secure authentication scheme in meteorological systems. Nivar 47(120–121), 181–197 (2023)
Seyfollahi, A., Moodi, M., Ghaffari, A.: MFO-RPL: A secure RPL-based routing protocol utilizing moth-flame optimizer for the IoT applications. Comput. Stand. Interfaces 82, 103622 (2022)
Salami, Y., Khajehvand, V., Zeinali, E.: SOS-FCI: a secure offloading scheme in fog–cloud-based IoT. J Supercomput 80(1), 570–600 (2024). https://doi.org/10.1007/s11227-023-05499-3
Salami, Y., Khajehvand, V., Zeinali, E.: SAIFC: A secure authentication scheme for IOV based on fog-cloud federation. Secur. Commun. Netw. 1, 1–19 (2023)
Alayi, R., Ma’arif, A., Ebazadeh, Y., Gharadaghi, F., Jahanbin, F., Shafaghatian, N.: Optimization of renewable energy consumption in charging electric vehicles using intelligent algorithms. J. Robot. Control 3(2), 138–142 (2022)
Serpush, F., Menhaj, M.B., Masoumi, B., Karasfi, B.: Wearable sensor-based human activity recognition in the smart healthcare system. Comput. Intell. Neurosci. 2022, 1391906 (2022). https://doi.org/10.1155/2022/1391906
Fotohi, R., Abdan, M., Ghasemi, S.: A self-adaptive intrusion detection system for securing UAV-to-UAV communications based on the human immune system in UAV networks. J. Grid Comput. 20(3), 1–26 (2022)
Salami, Y., Taherkhani, F., Ebazadeh, Y., Nemati, M., Khajehvand, V., Zeinali, E.: Blockchain-based internet of vehicles in green smart city: applications and challenges and solutions. Anthropog. Pollut. 7(1), 1–19 (2023)
Salami, Y., Khajevand, V., Zeinali, E.: Cryptographic algorithms: a review of the literature, weaknesses and open challenges. J. Comput. Robot. 16(2), 46–56 (2023)
Kuang, B., Fu, A., Susilo, W., Yu, S., Gao, Y.: A survey of remote attestation in Internet of Things: attacks, countermeasures, and prospects. Comput. Secur. 112, 102498 (2022)
Salami, Y., khajehvand, v, Zeinali, E.: Efficiency simultaneous key exchange-cryptography extraction from public key in fog-cloud federation-based secure offloading for automatic weather stations observing systems. Nivar 47(120–121), 153–165 (2023). https://doi.org/10.30467/nivar.2023.416270.1261
“Avispa.” http://www.avispa-project.org/
Armando, A. et al.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Computer Aided Verification, pp. 281–285 (2005)
Von Oheimb, D.: The high-level protocol specification language HLPSL developed in the EU project AVISPA. In: Proc. APPSEM 2005 Work., pp. 1–17, (2005)
Pura, M., Patriciu, V., Bica, I.: Modeling and formal verification of implicit on-demand secure ad hoc routing protocols in HLPSL and AVISPA. Int. J. Comput. Commun. 2(3), 25–32 (2009)
van Oorschot, P.C.: An alternate explanation of two BAN-logic ‘failures. In: Workshop on the Theory and Application of of Cryptographic Techniques, pp. 443–447 (1993)
Yogesh, P.R.: Formal verification of secure evidence collection protocol using BAN logic and AVISPA. Proc. Comput. Sci. 167, 1334–1344 (2020)
Fan, K., Li, H., Wang, Y.: Security analysis of the kerberos protocol using BAN logic. In: 2009 Fifth International Conference on Information Assurance and Security, vol. 2, pp. 467–470, (2009)
“Scyther.” https://people.cispa.io/cas.cremers/scyther/. Accessed 17 Nov 2020
Cremers, C.J.F.: The Scyther Tool: Verification, falsification, and analysis of security protocols. In: International Conference on Computer Aided Verification, pp. 414–418 (2008)
Taha, A.M., Abdel-Hamid, A.T., Tahar, S.: Formal verification of IEEE 802.16 security sublayer using Scyther tool. In: 2009 International Conference on Network and Service Security, pp. 1–5 (2009)
Sangwan, A., Singh, V.R.: A secure authentication scheme for WiMax network and verification using scyther tool. Int. J. Appl. Eng. Res. 12(11), 3002–3008 (2017)
Blanchet, B., Smyth, B., Cheval, V., Sylvestre, M.: ProVerif 2.00: automatic cryptographic protocol verifier, user manual and tutorial (2018)
“Proverif.” https://bblanche.gitlabpages.inria.fr/proverif/. Accessed 26 Jan 2020
Küsters, R., Truderung, T.: Using ProVerif to analyze protocols with Diffie-Hellman exponentiation. In: 2009 22nd IEEE Computer Security Foundations Symposium, pp. 157–171 (2009)
Babenko, L., Pisarev, I.: Translation of cryptographic protocols description from Alice-Bob format to CAS+ specification language. In: International Conference on Intelligent Information Technologies for Industry, pp. 309–318 (2019)
Kilinc, H.H., Yanik, T.: A survey of SIP authentication and key agreement schemes. IEEE Commun. Surv. Tutor. 16(2), 1005–1023 (2014). https://doi.org/10.1109/SURV.2013.091513.00050
Burrows, M., Kas, K., Ta, T.: Wide mouthed frog. In: Secur. Protoc. Open Repos. http://www.lsv.ens-cachan.fr/Software/spore/wideMouthedFrog.html (1989). Accessed 17 Nov 1989
Dojen, R., Jurcut, A., Coffey, T., Gyorodi, C.: On establishing and fixing a parallel session attack in a security protocol. In: Badica, C., Mangioni, G., Carchiolo, V., Burdescu, D.D. (eds.) Intelligent Distributed Computing, Systems and Applications, pp. 239–244. Springer (2008)
Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: International Workshop on Tools and Algorithms for the Construction and Analysis of Systems, pp. 147–166 (1996)
Lowe, G.: An Attack on the Needham− Schroeder Public− Key Authentication Protocol. Inf. Process. Lett. 56(3), 131–133 (1995)
Backes, M.: A cryptographically sound Dolev-Yao style security proof of the Otway-Rees protocol. In: European Symposium on Research in Computer Security, pp. 89–108 (2004)
Liu, K.,Ye, J., Wang, Y.: The security analysis on Otway-Rees protocol based on BAN logic. In: 2012 Fourth International Conference on Computational and Information Sciences, pp. 341–344 (2012)
Salami, Y., Khajehvand, V.: SMAK-IOV: secure mutual authentication scheme and key exchange protocol in fog based IoV. J. Comput. Robot. 13(1), 11–20 (2020)
Salami, Y., Ebazadeh, Y., Khajehvand, V.: CE-SKE: cost-effective secure key exchange scheme in Fog Federation. Iran J. Comput. Sci. 4(3), 1–13 (2021)
Salami, Y., Khajehvand, V.: LSKE: lightweight secure key exchange scheme in fog federation. Complexity 2021, 4667586 (2021)
Funding
This research received no specific grant from any funding agency in the public, commercial, or not-for-profit sectors.
Author information
Authors and Affiliations
Contributions
YS and VK conceived the presented idea. EZ developed the theory and performed the computations. YS carried out the experiment. VK and EZ verified the analytical methods and supervised the findings of this work. All authors discussed the results and contributed to the final manuscript.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflicts of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Salami, Y., Khajehvand, V. & Zeinali, E. E3C: a tool for evaluating communication and computation costs in authentication and key exchange protocol. Iran J Comput Sci 7, 325–335 (2024). https://doi.org/10.1007/s42044-024-00176-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s42044-024-00176-x