A Time Bound Dynamic Group Key Distribution Scheme with Anonymous Three-Factor Identification for IoT-Based Multi-Server Environments

Fifth generation (5G) mobile technology enables a new kind of network which provides high peak data rates, ultra-low latency communication and high user density. In 5G-enabled Internet of Thing (IoT) systems, data is stored and shared with high efficiency and reliability. When the number of IoT devices is increasing, security and privacy issues become prominent. Existing two-factor authentication mechanism is not secure against potential attacks. In addition, it is not possible for single-server architecture to satisfy the needs of the users since they must store massive credentials. Group communication has played an important role in IoT environment where the users of the same groups use common group services. In this paper, our work introduces a time bound dynamic group key distribution scheme with anonymous three-factor identification for IoT-based multi-server environments. The contributions of this work are the following: (1) we introduce a time bound-based dynamic group key distribution scheme which allows the server to distribute dynamic group keys to the users for specific use of group services; (2) our scheme provides a high security environment with three-factor authentication integrating password, smart card and biometrics; (3) we propose a multi-server-based architecture to alleviate the network load and save overhead; and (4) the results of security analysis and performance evaluation indicate that our scheme achieves a stronger security, and bears a rational computation cost compared with its predecessor schemes.