{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,13]],"date-time":"2026-02-13T13:52:27Z","timestamp":1770990747863,"version":"3.50.1"},"reference-count":54,"publisher":"MDPI AG","issue":"12","license":[{"start":{"date-parts":[[2021,6,12]],"date-time":"2021-06-12T00:00:00Z","timestamp":1623456000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Electronics"],"abstract":"<jats:p>Fog computing as an extension to the cloud computing infrastructure has been invaluable in enhancing the applicability of the Internet of Things (IoT) paradigm. IoT based Fog systems magnify the range and minimize the latency of IoT applications. However, as fog nodes are considered transient and they offer authenticated services, when an IoT end device loses connectivity with a fog node, it must authenticate freshly with a secondary fog node. In this work, we present a new security mechanism to leverage the initial authentication to perform fast lightweight secondary authentication to ensure smooth failover among fog nodes. The proposed scheme is secure in the presence of a current de-facto Canetti and Krawczyk (CK)-adversary. We demonstrate the security of the proposed scheme with a detailed security analysis using formal security under the broadly recognized Real-Or-Random (ROR) model, informal security analysis as well as through formal security verification using the broadly-used Automated Validation of Internet Security Protocols and Applications (AVISPA) software tool. A testbed experiment for measuring computational time for different cryptographic primitives using the Multiprecision Integer and Rational Arithmetic Cryptographic Library (MIRACL) has been done. Finally, through comparative analysis with other related schemes, we show how the presented approach is uniquely advantageous over other schemes.<\/jats:p>","DOI":"10.3390\/electronics10121417","type":"journal-article","created":{"date-parts":[[2021,6,14]],"date-time":"2021-06-14T10:30:25Z","timestamp":1623666625000},"page":"1417","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":23,"title":["Lightweight Failover Authentication Mechanism for IoT-Based Fog Computing Environment"],"prefix":"10.3390","volume":"10","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6455-5134","authenticated-orcid":false,"given":"Soumya","family":"Banerjee","sequence":"first","affiliation":[{"name":"Department of Information Technology, Jadavpur University, Salt Lake City, Kolkata 700 098, India"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5196-9589","authenticated-orcid":false,"given":"Ashok Kumar","family":"Das","sequence":"additional","affiliation":[{"name":"Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad 500 032, India"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8929-9605","authenticated-orcid":false,"given":"Samiran","family":"Chattopadhyay","sequence":"additional","affiliation":[{"name":"Department of Information Technology, Jadavpur University, Salt Lake City, Kolkata 700 098, India"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5852-1955","authenticated-orcid":false,"given":"Sajjad Shaukat","family":"Jamal","sequence":"additional","affiliation":[{"name":"Department of Mathematics, College of Science, King Khalid University, Abha 61413, Saudi Arabia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8657-3800","authenticated-orcid":false,"given":"Joel J. P. C.","family":"Rodrigues","sequence":"additional","affiliation":[{"name":"Federal University of Piau\u00ed (UFPI), Teresina-Pi 64049-550, Brazil"},{"name":"Instituto de Telecomunica\u00e7\u00f5es, 6201-001 Covilh\u00e3, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0406-6547","authenticated-orcid":false,"given":"Youngho","family":"Park","sequence":"additional","affiliation":[{"name":"School of Electronics Engineering, Kyungpook National University, Daegu 41566, Korea"}]}],"member":"1968","published-online":{"date-parts":[[2021,6,12]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"110","DOI":"10.1016\/j.future.2018.06.027","article-title":"Taxonomy and analysis of security protocols for Internet of Things","volume":"89","author":"Das","year":"2018","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Zeadally, S., Das, A.K., and Sklavos, N. (2019). Cryptographic technologies and protocol standards for Internet of Things. Internet Things, 14.","DOI":"10.1016\/j.iot.2019.100075"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"1645","DOI":"10.1016\/j.future.2013.01.010","article-title":"Internet of Things (IoT): A vision, architectural elements, and future directions","volume":"29","author":"Gubbi","year":"2013","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_4","first-page":"1","article-title":"A Survey of Communication Protocols for Internet of Things and Related Challenges of Fog and Cloud Computing Integration","volume":"51","author":"Carpio","year":"2019","journal-title":"ACM Comput. Surv."},{"key":"ref_5","unstructured":"Buyya, R., and Vahid Dastjerdi, A. (2016). Chapter 4\u2014Fog Computing: Principles, architectures, and applications. Internet of Things, Morgan Kaufmann."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"475","DOI":"10.1016\/j.future.2018.09.017","article-title":"Design of secure key management and user authentication scheme for fog computing services","volume":"91","author":"Wazid","year":"2019","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Wazid, M., Das, A.K., Bhat, K.V., and Vasilakos, A.V. (2020). LAM-CIoT: Lightweight authentication mechanism in cloud-based IoT environment. J. Netw. Comput. Appl., 150.","DOI":"10.1016\/j.jnca.2019.102496"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"3572","DOI":"10.1109\/JIOT.2018.2888821","article-title":"Design and Analysis of Secure Lightweight Remote User Authentication and Key Agreement Scheme in Internet of Drones Deployment","volume":"6","author":"Wazid","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"25808","DOI":"10.1109\/ACCESS.2017.2764913","article-title":"On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services","volume":"5","author":"Roy","year":"2017","journal-title":"IEEE Access"},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"3376","DOI":"10.1109\/ACCESS.2017.2673239","article-title":"Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks","volume":"5","author":"Jiang","year":"2017","journal-title":"IEEE Access"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"30","DOI":"10.1109\/TCE.2016.7448560","article-title":"SEAP: Secure and efficient authentication protocol for NFC applications using pseudonyms","volume":"62","author":"Odelu","year":"2016","journal-title":"IEEE Trans. Consum. Electron."},{"key":"ref_12","first-page":"121","article-title":"An Enhanced Access Control Scheme in Wireless Sensor Networks","volume":"21","author":"Chatterjee","year":"2014","journal-title":"Ad-Hoc Sens. Wirel. Netw."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"171","DOI":"10.1007\/s12083-014-0321-z","article-title":"A secure and efficient ECC-based user anonymity-preserving session initiation authentication protocol using smart card","volume":"9","author":"Mishra","year":"2016","journal-title":"Peer- Netw. Appl."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"1267","DOI":"10.1016\/j.future.2018.04.019","article-title":"Design and analysis of authenticated key agreement scheme in cloud-assisted cyber\u2013physical systems","volume":"108","author":"Challa","year":"2020","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"2070","DOI":"10.1002\/sec.1464","article-title":"An efficient multi-gateway-based three-factor user authentication and key agreement scheme in hierarchical wireless sensor networks","volume":"9","author":"Das","year":"2016","journal-title":"Secur. Commun. Netw."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"64","DOI":"10.1109\/MCOM.2017.1700390","article-title":"Security and Privacy for the Internet of Drones: Challenges and Solutions","volume":"56","author":"Lin","year":"2018","journal-title":"IEEE Commun. Mag."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"1634","DOI":"10.1109\/JIOT.2017.2706752","article-title":"Secure Authentication Scheme for Medicine Anti-Counterfeiting System in IoT Environment","volume":"4","author":"Wazid","year":"2017","journal-title":"IEEE Internet Things J."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"8804","DOI":"10.1109\/JIOT.2019.2923611","article-title":"AKM-IoV: Authenticated Key Management Protocol in Fog Computing-Based Internet of Vehicles Deployment","volume":"6","author":"Wazid","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"1133","DOI":"10.1109\/TDSC.2018.2857811","article-title":"Anonymous Lightweight Chaotic Map-Based Authenticated Key Agreement Protocol for Industrial Internet of Things","volume":"17","author":"Srinivas","year":"2020","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"91","DOI":"10.1016\/j.comcom.2020.12.005","article-title":"Private blockchain-based access control mechanism for unauthorized UAV detection and mitigation in Internet of Drones environment","volume":"166","author":"Bera","year":"2021","journal-title":"Comput. Commun."},{"key":"ref_21","first-page":"155","article-title":"Security and Efficiency Enhancement of Robust ID Based Mutual Authentication and Key Agreement Scheme Preserving User Anonymity in Mobile Networks","volume":"34","author":"Li","year":"2018","journal-title":"J. Inf. Sci. Eng."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Bera, B., Saha, S., Das, A.K., Kumar, N., Lorenz, P., and Alazab, M. (2020). Blockchain-Envisioned Secure Data Delivery and Collection Scheme for 5G-Based IoT-Enabled Internet of Drones Environment. IEEE Trans. Veh. Technol.","DOI":"10.1109\/TVT.2020.3000576"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"6903","DOI":"10.1109\/TVT.2019.2911672","article-title":"TCALAS: Temporal Credential-Based Anonymous Lightweight Authentication Scheme for Internet of Drones Environment","volume":"68","author":"Srinivas","year":"2019","journal-title":"IEEE Trans. Veh. Technol."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"9390","DOI":"10.1109\/TVT.2020.2971254","article-title":"Unified Biometric Privacy Preserving Three-Factor Authentication and Key Agreement for Cloud-Assisted Autonomous Vehicles","volume":"69","author":"Jiang","year":"2020","journal-title":"IEEE Trans. Veh. Technol."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Wazid, M., Das, A.K., and Lee, J.H. (2018). Authentication protocols for the internet of drones: Taxonomy, analysis and future directions. J. Ambient. Intell. Humaniz. Comput.","DOI":"10.1007\/s12652-018-1006-x"},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"2495","DOI":"10.1007\/s00500-017-2504-z","article-title":"A novel three-party password-based authenticated key exchange protocol with user anonymity based on chaotic maps","volume":"22","author":"Li","year":"2018","journal-title":"Soft Comput."},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Wazid, M., Bera, B., Mitra, A., Das, A.K., and Ali, R. (2020, January 25). Private Blockchain-Envisioned Security Framework for AI-Enabled IoT-Based Drone-Aided Healthcare Services. Proceedings of the 2nd ACM MobiCom Workshop on Drone Assisted Wireless Communications for 5G and Beyond (DroneCom\u201920), London, UK.","DOI":"10.1145\/3414045.3415941"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Bera, B., Das, A.K., Garg, S., Piran, M.J., and Hossain, M.S. (2021). Access Control Protocol for Battlefield Surveillance in Drone-Assisted IoT Environment. IEEE Internet Things J.","DOI":"10.1109\/JIOT.2020.3049003"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"455","DOI":"10.1016\/j.comcom.2020.02.067","article-title":"A lightweight authentication and key agreement scheme for Internet of Drones","volume":"154","author":"Zhang","year":"2020","journal-title":"Comput. Commun."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"223","DOI":"10.1016\/j.cose.2019.06.003","article-title":"LAAP: Lightweight anonymous authentication protocol for D2D-Aided fog computing paradigm","volume":"86","author":"Gope","year":"2019","journal-title":"Comput. Secur."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Canetti, R., and Krawczyk, H. (2001, January 6\u201310). Analysis of key-exchange protocols and their use for building secure channels. Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Innsbruck, Austria.","DOI":"10.1007\/3-540-44987-6_28"},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1186\/s13673-020-00232-y","article-title":"SMCP: A Secure Mobile Crowdsensing Protocol for fog-based applications","volume":"10","author":"Concone","year":"2020","journal-title":"Hum.-Centric Comput. Inf. Sci."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"772","DOI":"10.1109\/JIOT.2017.2666783","article-title":"A Privacy-Preserving Vehicular Crowdsensing-Based Road Surface Condition Monitoring System Using Fog Computing","volume":"4","author":"Basudan","year":"2017","journal-title":"IEEE Internet Things J."},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"9076","DOI":"10.1109\/JIOT.2019.2927497","article-title":"An efficient and safe road condition monitoring authentication scheme based on fog computing","volume":"6","author":"Cui","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_35","first-page":"1","article-title":"Fog-Centric Authenticated Key Agreement Scheme Without Trusted Parties","volume":"2020","author":"Guo","year":"2020","journal-title":"IEEE Syst. J."},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Ali, Z., Chaudhry, S.A., Mahmood, K., Garg, S., Lv, Z., and Zikria, Y.B. (2020). A clogging resistant secure authentication scheme for fog computing services. Comput. Netw., 185.","DOI":"10.1016\/j.comnet.2020.107731"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","article-title":"On the security of public key protocols","volume":"29","author":"Dolev","year":"1983","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"541","DOI":"10.1109\/TC.2002.1004593","article-title":"Examining smart-card security under the threat of power analysis attacks","volume":"51","author":"Messerges","year":"2002","journal-title":"IEEE Trans. Comput."},{"key":"ref_39","unstructured":"May, W.E. (2021, February 10). Secure Hash Standard, Available online: http:\/\/nvlpubs.nist.gov\/nistpubs\/FIPS\/NIST.FIPS.180-4.pdf."},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Abdalla, M., Fouque, P., and Pointcheval, D. (2005, January 23\u201326). Password-based authenticated key exchange in the three-party setting. Proceedings of the 8th International Workshop on Theory and Practice in Public Key Cryptography (PKC\u201905), Lecture Notes in Computer Science (LNCS), Les Diablerets, Switzerland.","DOI":"10.1007\/978-3-540-30580-4_6"},{"key":"ref_41","unstructured":"AVISPA (2021, January 10). Automated Validation of Internet Security Protocols and Applications. Available online: http:\/\/www.avispa-project.org\/."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"391","DOI":"10.1109\/TDSC.2017.2764083","article-title":"Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment","volume":"17","author":"Wazid","year":"2020","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"357","DOI":"10.1109\/TWC.2015.2473165","article-title":"A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks","volume":"15","author":"Chang","year":"2016","journal-title":"IEEE Trans. Wirel. Commun."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1145\/1880022.1880027","article-title":"A Simple and Generic Construction of Authenticated Encryption with Associated Data","volume":"13","author":"Sarkar","year":"2010","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"85627","DOI":"10.1109\/ACCESS.2019.2926578","article-title":"Physically secure lightweight anonymous user authentication protocol for internet of things using physically unclonable functions","volume":"7","author":"Banerjee","year":"2019","journal-title":"IEEE Access"},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Banerjee, S., Roy, S., Odelu, V., Das, A.K., Chattopadhyay, S., Rodrigues, J.J., and Park, Y. (2020). Multi-Authority CP-ABE-Based user access control scheme with constant-size key and ciphertext for IoT deployment. J. Inf. Secur. Appl., 53.","DOI":"10.1016\/j.jisa.2020.102503"},{"key":"ref_47","unstructured":"von Oheimb, D. (2005, January 12\u201315). The high-level protocol specification language hlpsl developed in the eu project avispa. Proceedings of the 3rd APPSEM II (Applied Semantics II) Workshop (APPSEM\u201905), Frauenchiemsee, Germany."},{"key":"ref_48","unstructured":"AVISPA (2021, January 10). SPAN, the Security Protocol ANimator for AVISPA. Available online: http:\/\/www.avispa-project.org\/."},{"key":"ref_49","unstructured":"(2021, March 10). MIRACL Cryptographic SDK: Multiprecision Integer and Rational Arithmetic Cryptographic Library. Available online: https:\/\/github.com\/miracl\/MIRACL."},{"key":"ref_50","unstructured":"(2021, February 10). Advanced Encryption Standard (AES), 2001. FIPS PUB 197, National Institute of Standards and Technology (NIST), U.S. Department of Commerce, November 2001, Available online: http:\/\/csrc.nist.gov\/publications\/fips\/fips197\/fips-197.pdf."},{"key":"ref_51","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1137\/060651380","article-title":"Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data","volume":"38","author":"Dodis","year":"2008","journal-title":"SIAM J. Comput."},{"key":"ref_52","unstructured":"Knuth, D.E. (1997). The Art of Computer Programming: Seminumerical Algorithms, Addison-Wesley Longman Publishing Co., Inc.. [3rd ed.]."},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"2681","DOI":"10.1109\/TIFS.2015.2473820","article-title":"An Efficient Identity-Based Conditional Privacy-Preserving Authentication Scheme for Vehicular Ad Hoc Networks","volume":"10","author":"He","year":"2015","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_54","unstructured":"(2021, May 10). Raspberry Pi 3 Model B+. Available online: https:\/\/www.raspberrypi.org\/products\/raspberry-pi-3-model-b-plus\/."}],"container-title":["Electronics"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2079-9292\/10\/12\/1417\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T06:13:41Z","timestamp":1760163221000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2079-9292\/10\/12\/1417"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,6,12]]},"references-count":54,"journal-issue":{"issue":"12","published-online":{"date-parts":[[2021,6]]}},"alternative-id":["electronics10121417"],"URL":"https:\/\/doi.org\/10.3390\/electronics10121417","relation":{},"ISSN":["2079-9292"],"issn-type":[{"value":"2079-9292","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,6,12]]}}}