Lightweight authentication and key agreement scheme for dew computing-enabled IoT environment

An emerging paradigm of computing called dew computing expands cloud and fog computing capabilities close to the network edge. In the dew computing paradigm, data are kept locally on the dew server when an instance of the internet is not accessible. A new set of privacy and security issues has been raised by this new computing paradigm. Many authentication and key agreement mechanisms have been proposed in the past to ensure the security of transferred data between the server and device. However, the majority of the schemes suffer significant security flaws. The computational efficiency of the entire authentication process is a crucial issue that needs to be addressed, in addition to the security and privacy concerns. Many authentication methods are incompatible with the resource-constrained dew computing paradigm due to their high computational costs and lack of security. To address these issues in dew computing, a provably secure authentication and key agreement scheme is introduced using elliptic curve cryptography (ECC) primitives. The formal security verification is performed using Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation under constraint logic-based attack searcher (CL-AtSe) and on-the-fly model-checker (OFMC) backends. CL-AtSe examined 5 states with 0.24s translation times, and OFMC examined 128 visited nodes with 4 plies using 1.61s search time. The proposed scheme was analyzed using the CL-AtSe and OFMC backends under the Dolev-Yao (DY) threat model, and no attack traces were identified during the verification process. The descriptive security analysis demonstrates the robustness of the proposed scheme against security and privacy attacks. Furthermore, the computational overhead of the proposed scheme is approximately 17TH + 7TEM + TEA ≈ 0.4609005 s, demonstrating that the approach effectively balances security with performance. Moreover, the comparative analysis is conducted, which demonstrates that our scheme provides better security features than existing schemes.