An anonymous authentication scheme for multi-domain machine-to-machine communication in cyber-physical systems

The Internet has made our planet a smaller world while the cyber world and the physical world have not been integrated seamlessly. In the future cyber-physical system (CPS), all objects in the physical world would be connected to the cyber world for achieving faster information processing, more accurate control and real-time response. Our abilities of controlling facilities and handling events will be much more powerful to make our lives much better. In the CPS, the machine-to-machine (M2M) communication, which is in charge of data collection, utilizes both wireless and wired systems to monitor environmental conditions and transmits the information among different systems without direct human intervention. As a part of the CPS, the M2M communication is considerable important while being fragile at the same time since M2M communication still faces lots of security threats. There are some security vulnerabilities that yet to be solved. In this paper, we propose an anonymous authentication scheme for multi-domain M2M environment. The proposed scheme applies hybrid encryption scheme involving certificateless cryptography and advanced encryption standard (AES) to achieve the authentication and anonymity properties. The security analysis with Burrows-Abadi-Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) shows that the proposed scheme is well designed and could withstand multiple attacks, such as man-in-the-middle attacks, replay attacks, DoS attacks, impersonation attacks and compromised attacks.