1. Introduction
Over the past few years, the IIoT has witnessed significant growth and advancement. Nowadays, large-scale deep models are deployed on numerous devices and embedded systems, which has become a successful paradigm for transforming traditional lifestyles into high-tech lifestyles [
1]. With the continuous development of computer and network technology, there has been unprecedented growth in connected devices such as embedded sensors, smart devices, and smart vehicles [
2]. The vast amounts of sensitive data generated by these devices need to be properly protected to prevent unauthorized access and potential data tampering. To address this challenge, encryption and authentication mechanisms must be implemented to ensure the security and integrity of communications between devices [
3]. In this context, blockchain technology [
4,
5,
6,
7,
8] has shown its potential in building secure and reliable distributed databases. This technology provides a platform for sharing, replication, and synchronization for the industrial Internet through distributed ledgers (often called BIIoT), thereby enhancing the stability and security of data sharing [
9,
10]. In addition, with the rise of cross-chain technology, secure access to the access chain and cross-chain identity authentication have become new focuses. To solve these problems, many industries have urged to adopt EPON as the main communication network architecture to improve overall network performance and security.
Security protocols are an important means to ensure network information security [
11]. Different from shared databases based on blockchain, the industrial sector generally adopts EPON as a Cyber–Physical System (CPS) application to strictly collect and monitor all information in physical space and then synchronize this information to cyberspace, which greatly increases the attack surface. EPON can be seamlessly connected to existing Ethernet and Fiber Channel (FC) storage devices in the data center and has the advantages of significantly reducing switching infrastructure, reducing the number of network card adapters and cables, and significantly reducing power and cooling costs. Many well-known IT companies have invested in the research development and production of EPON products, such as Brocade, Intel, Broadcom, Cisco, Qlogic, and Emulex [
12]. At the same time, the requirements for the security and protection mechanisms of EPON networks are becoming higher and higher. Due to the immaturity of research in security-protocol-related fields, EPON security issues cannot be avoided [
13]. The most typical security threats include unauthorized access, spoofing, etc. EPON can be effectively combined with various identity authentication protocols to strengthen the security of network systems. Identity authentication is a fundamental aspect when it comes to establishing a secure network system [
14]. The authentication protocols supported by EPON include FCAP, Fiber Channel Password Authentication Protocol (FCPAP), Fiber Channel Extensible Authentication Protocol (FCEAP), etc. [
15,
16]. With the advancement of technology, certificate-based authentication protocols are more in line with current and future security needs. FCAP, as a certificate-based authentication protocol, offers higher security than password-based protocols. Researchers have proposed a variety of analysis methods and means. Fabrega has [
17] introduced the concept of strand space form as a means to analyze protocol execution. The theory of strand space considers the causal dependence between events and reduces the status of the protocol combined with the theorem proving method. Therefore, strand space theory can analyze protocols of infinite size without limiting the rounds in which the subject participates in the running of the protocol, avoiding the state space explosion problem common in model-checking methods. Strand space theory expresses the execution process of the protocol through a graph-based structure, which is not only simple and intuitive but also makes it easier to analyze the protocol’s security using graph theory and algorithms [
18,
19]. In addition, with the development of group communication applications, strand space theory has gradually been applied to analyze the security of group communication protocols [
20].
In this paper, we focus on FCAP as the research object and propose improvements to the strand space model in the EPON network environment based on password systems [
21]. There is relatively little research on FCAP in the existing literature, and this paper can fill this research gap by studying FCAP. This paper makes several significant contributions, which can be summarized as follows:
We introduce an advanced strand space model for FACP to address the challenge of achieving consensus on the challenge value in symmetric cryptographic systems. We successfully meet the authentication requirements by incorporating challenge values that cannot reach consensus in message components and provide corresponding attack instances to illustrate the potential vulnerabilities and risks associated with this scenario;
For the issue of nonconsensus on principal identities in asymmetric cryptographic systems, we propose an improved strand space model for FACP. By incorporating nonconsensus principal identities into message components, we effectively fulfill the authentication requirements. We also present attack instances that highlight the implications and risks when principal identities cannot achieve consensus in asymmetric cryptographic systems;
We designed and implemented the proposed enhanced protocol, and its effectiveness and security are confirmed through simulations in various network environments.
The structure of the paper unfolds as follows: The second
Section 2 presents a comprehensive survey of FACP and protocol formal analysis methods. The FCAP protocol and strand space model are given in
Section 3, and the attacker model is elaborated here. The extended testing methods for certification are detailed in
Section 4.
Section 5 has showcased the model analysis of the extended FCAP strand space model. In
Section 6, we conduct security and performance tests on the improved protocol. Finally,
Section 7 summarizes the findings and concludes the paper.
2. Related Works
With the rise of Industry 4.0, IIoT is rapidly becoming a key driver of intelligent manufacturing and automation. The high-reliability requirements of IIoT stem from its role in critical infrastructure and systems such as energy management, traffic control, and smart manufacturing. Failures in these systems can lead to significant economic losses, safety risks, and even loss of life. Therefore, ensuring the security and stability of IIoT networks is crucial for maintaining the continuity and efficiency of industrial operations. This study aims to explore how to build a secure and efficient IIoT environment by integrating the strand space model with EPON architecture. We proposed a novel authentication method to enhance the authentication process of users and devices and contributed to a niche area of study that is vital for advancing network security protocols.
In the realm of IIoT, the convergence of blockchain technology with EPON architectures is emerging as a pivotal strategy to bolster network security and streamline user authentication processes. Blockchain’s decentralized ledger offers an innovative framework for managing the authentication of users and devices within the IIoT, reducing reliance on centralized authorities and fortifying the system against a single point of failure. We called this type of architecture BIIoT. Usman and his team developed a highly scalable regional access control system based on blockchain technology [
22]. The system is designed to deal with data leakage and data integrity issues that resource-constrained devices in the IIoT may encounter and is committed to improving the efficiency and response speed of information management. As an efficient communication architecture, EPON can be combined with blockchain technology to provide more stable and high-quality services and meet the high-reliability requirements of IIoT. To mitigate security risks in the system, Roh [
23], for instance, designed an authentication and session key exchange protocol as a solution, but this increased the cost due to the need for an authentication server. Pedro et al. [
24] introduced a method to enhance system security through a key exchange protocol. In the context of EPON, encryption of the preamble in each frame is employed to ensure its uniqueness, but this approach can significantly increase system delays. To ensure the security of the EPON protocol in the industrial environment, researchers have explored different analysis methods and models, including the formal logic method [
25] and the formal analysis method [
26].
The formal logic method is a method based on mathematical logic for describing and verifying the properties and properties of security protocols. Burrows et al. [
27] first proposed Burrows–Abadi–Needham (BAN) logic based on knowledge and belief using formal logic methods. This logic was used to analyze the security of several classic authentication protocols, such as Needham–Schroeder and Kerberos, and successfully discovered known and unknown vulnerabilities in the protocols. It describes the security requirements of the protocol by defining the protocol’s status, messaging, and attack models and using logical formulas. Subsequently, the researchers have expanded the BAN logic and proposed GNY logic [
28], AT logic, VO logic, and SVO logic [
29]. Formal logic methods can be used to discover logical loopholes and weaknesses in protocols and verify whether the protocol meets expected security properties.
The formal analysis method is a method of detailed analysis and verification of protocols using mathematical tools and techniques. A variety of model-checking tools have emerged, such as Brutus [
30] for analyzing security protocols and Symbolic Model Checking (SMV) based on symbolic model-checking technology developed in [
31]. Another type of formal analysis method is the method based on theorem proving, which is a new research hotspot in security protocols. The most representative of the theorem proving methods are the inductive method [
32] and strand space theory [
33,
34,
35]. Researchers have conducted a lot of work on applying strand space theory to the formal analysis of security protocols and achieved corresponding results. Dong et al. [
36] performed a comprehensive analysis by combining the chain space model with cross-routing attacks, specifically targeting the route reply phase of routing protocols. This analysis aims to identify and understand the potential vulnerabilities and risks associated with this phase and deduce various attacks that could potentially result in the nonexistence of routes. Focardi [
35] proposed an innovative approach to key management by introducing a policy model based on the strand space theory. Xiao [
37] made significant contributions by expanding the strand space theory and applying a hybrid chain space model to analyze the security of the AKA protocol. Through this analysis, they were able to identify and expose multiple previously unknown attacks.
In asymmetric cryptographic systems, if a consensus on the principal identity cannot be reached, it means that the parties involved in the communication cannot effectively verify each other’s identity. This situation can lead to serious security risks, including identity impersonation, Man-in-the-Middle attacks (MITM), and breaches of data integrity and confidentiality, as well as Denial-of-Service attacks (DoS). Once the consensus on identity is missing, the entire security architecture may be compromised, making the system vulnerable to exploitation by attackers. Therefore, ensuring accurate consensus on principal identity in asymmetric cryptographic systems is crucial for maintaining communication security and data protection.
With the support of blockchain technology, a series of analysis methods and models provide in-depth analysis and solid verification tools to improve the security of the EPON protocol. This paper specifically focuses on developing a secure EPON protocol based on strand space theories for the blockchain-based industrial Internet, which can be used to identify potential security risks, discover vulnerabilities and weaknesses in protocols, and provide guidance for improving protocol design. By applying these methods and models, the security of the EPON protocol in the blockchain-based industrial Internet can be strengthened, ensuring the confidentiality and integrity of critical business operations and data.
3. FCAP Protocol and Strand Space Model
3.1. Security Certification of FCAP Protocol
Blockchain-based industrial Internet security is an important component of cyberspace security. FCAP is a secure authentication protocol used for authenticating and encrypting fiber channel network communication, aimed at providing secure data transmission and identity verification to protect the security of communication traffic in the blockchain-based industrial Internet. The authentication process of the FCAP protocol is illustrated in
Figure 1.
The authentication process in the FCAP protocol involves the negotiation of hash functions and Diffie–Hellman (DH) [
38,
39] identifiers through the
message. Upon receiving the
message, the authentication responder selects the hash functions and
identifiers based on the initiator’s supported parameters and sends an
message containing
, the selected hash
and
, and the responder’s certificate
.
After receiving the message, the authentication initiator validates the responder’s certificate and generates its own random number and a random value y. The initiator then sends an message to the responder, including its own parameters , parameters , certificate , and signature . Next, the authentication responder verifies the initiator’s certificate and signature , computes the session key if the verification is successful, and sends an message containing its own signature and parameters to the authentication initiator. Finally, the authentication initiator validates the responder’s signature by decrypting it with the RSA public key of the responder. If the signature verification succeeds, the initiator computes the session key and sends an message to the responder to indicate the completion of the authentication process.
3.2. The FCAP Strand Space Model Based on Cryptosystem
The strand space model is an algebraic theorem proving method based on the invariant set, which transforms the description of the protocol and the target security attributes into a graph structure [
40]. This is conducive to protocol security analysis with the help of graph theories and algorithms. In the theory of strand space models, strands are used to describe the behavior of entities participating in the protocol sending and receiving messages [
41]. A strand is a sequence of actions by honest actors or attackers in the protocol. For an honest party, a strand represents the behavior in a round of the protocol. The strand of an attacker represents a series of actions where the attacker receives messages, tampers with messages, and sends messages. The execution of a protocol is represented by a bundle consisting of multiple strands of honest actors and attackers. Here are some basic definitions in strand space [
42].
Definition 1. The strand space model is commonly represented by a tuple , where ∑ is the set of strands and is the trajectory mapping. The construction method for strand space can be described as follows:
- (1)
A node is is represented as a tuple , where and i is an integer that meets . The set of nodes is denoted as N. Each node belongs to a unique strand s.
- (2)
For a node , we define , , and . Here, represents the i-th symbol item in strand s.
- (3)
The relation “→” is defined as follows: for nodes , indicates that and . This means sends message t to , or receives message t from . This relation captures a causal connection in the strand space.
- (4)
The relation “⇒” is defined as follows: for nodes , represents that is the direct causal predecessor of on strand s. “” is used to denote causal predecessors on the same strand s, which may not necessarily be direct causal predecessors.
- (5)
An unsigned term t appears in a node if and only if .
- (6)
Let I be a set of unsigned terms. A node is called the entry point of I if and only if for some . Additionally, for all nodes , it must satisfy .
- (7)
An unsigned term t originates from a node if and only if n is the entry point of the set .
- (8)
An unsigned term t has a unique origin if and only if t originates from a unique node .
Therefore, it can be seen that the strand space is constituted by a node set N and edge relations “→” and “⇒”, forming an oriented graph .
Definition 2. In the context of an oriented graph , a bundle refers to a subgraph denoted as C, which satisfies the following conditions:
- (1)
C is a finite set of nodes.
- (2)
For any node where , there exists a unique node that satisfies .
- (3)
If and , then .
- (4)
C is noncyclic.
Definition 3. Let C be a bundle. The C-height of a strand s, denoted as C-height(s), is defined as the maximum value of i such that .
3.3. Attacker Model
The adversary model is the most important component in the formalized model of security protocols.
Table 1 is the behavior trace of the attacker.
Complex security protocols often consist of multiple individual protocols, including composite security protocols that utilize the D-H protocol as a foundation. The original authentication testing method has certain limitations in analyzing such protocols, as it only considers some simple operations and cannot describe the increasingly prevalent DH calculation operations used in security protocols. Therefore, an extension to the strand space model is needed.
Assume
D is a new set of data types representing the values obtained by DH calculation. The elements of
D are
, where each element represents a tuple
. Here,
g represents the generator, and
n is an arbitrary exponent. In order to enable the strand space model to describe the DH calculation used in security protocols, its formal definition is as follows:
For example, , with . For the message item, it is necessary to add the following on the existing basis: (1) Add random values from the set to the message item. (2) Add DH calculation to the corresponding atomic item. Use D to represent the generator g and the values , , obtained from DH calculation. (3) Add the free DH assumption in the corresponding free assumption. If , then it follows that and . (4) Establish the subitem relationship in the corresponding scenario if and only if or or . (5) Append DH calculation to the behavioral trajectory of the attacker’s string.
5. Model Analysis of Extended FCAP Strand Space Model
The FCAP strand space model consists of legitimate strands (initiator and responder) and illegitimate strands (attacker). In the model, the collections of initiator strings (), responder strings (), and attacker strands (P) are denoted as . The DH values obtained after modulo operation in specific protocols are represented by , , and . We use the serial space model to describe FCAP.
5.1. Analysis Method and Extended FCAP Strand Space Model Based on Symmetric Cryptographic System
The analysis of FCAP within the framework of a symmetric cryptographic system is conducted using the extended authentication testing approach in the strand space model. Here, K represents a shared key between entities M and N. The analysis of FCAP using the extended authentication testing method is as follows, where represents the ith node of strand s. The goal of FCAP is to achieve mutual authentication between M and N.
First, according to the goal of the protocol, N authenticates M. The authentication process is analyzed as follows:
- (1)
Construction of test components: As both and are uniquely generated at node , serves as the combined test component for .
- (2)
Extended input testing: Since and uniquely originate from , there exist regular nodes such that , and represents the transition edge for and .
- (3)
Definition of node : It can be determined that is a positive node belonging to the chain initiated by protocol participants, represented as
, , and .
- (4)
Comparison strand content: By comparing with the components in the initiator strand, the following observations can be made: , , , . From , it can be deduced that and .
Therefore, it can be inferred that does not necessarily equal , indicating that N cannot definitively reach consensus with M on .
Secondly, according to the goal of the protocol, M certifies N. The certification process is analyzed as follows:
- (1)
Constructing test components. As both and are uniquely generated at node , serves as the combined test component for . constructs the combined input test involving and in .
- (2)
Apply the extended input testing method. Since and uniquely originate from , there exists a normal node making , and are the transition edges of , in .
- (3)
Definition of node : Based on the outcome of (ii), is a positive node. Assuming is a node in the responder strand in the protocol,
, , and .
- (4)
Comparison strand content: By comparing and the components in the initiator strand, it can be observed that: , , , . From , we can deduce and .
Based on the analysis above, it is concluded that during the
N authentication
M process,
N can only verify that
M has participated in one round of the protocol but cannot ensure the successful completion of the entire protocol. Furthermore, consensus cannot be reached on the challenge value
due to the lack of verification for
. To address these issues, it is proposed to incorporate
into the message component
to ensure consensus on the temporary value. Similar conclusions can be drawn for the authentication process of
M authenticating
N, where consensus cannot be reached on challenge value
due to the lack of verification for
. Likewise, we suggested including
in the message component
. As a result, an advanced model of the symmetric cryptographic system is obtained, as shown in
Figure 4.
Furthermore, considering the failure of achieving consensus on challenge value
, various attack instances can be derived. As shown in
Table 2, when authenticating
M to
N with the same password configuration for
M,
N, and
P, attackers
and
impersonate entities
M and
N, respectively. By relaying messages in the first and second rounds, and modifying the challenge value in the third round to a new value
, the attacker has successfully completed the protocol with entity
N. This attack is possible due to the absence of challenge value validation in
.
5.2. Analysis Method and Extended FCAP Strand Space Model Based on Asymmetric Cryptographic System
Similarly, the following basic assumptions are made: (1) and are uniquely generated; (2) and are uniquely generated; and (3) ; (4) . According to the goal of the protocol, M authenticates N. For M to authenticate N, we assumed that the key in the fourth message is the private key of N, and . The authentication process is as follows:
- (1)
Construct the test components. Since and are uniquely generated at node , is the joint test component of . constructs the joint in-test of and in .
- (2)
Apply the in-test method extension. Since and originate solely from , there exists a normal node make , and is the transition edge of and in .
- (3)
Define node . From the result of step (2), is a positive node. Assume that is a node in the strand of some responder in the protocol,
, , and .
- (4)
Compare the contents of the strands. By comparing with the components in the initiator strand, we can determine , , , . From , then we can deduce and .
From this, it can be seen that
does not necessarily equal
M, indicating that
M cannot reach a consensus with
N on
M. The improvement method is to include
M in the message component of the fourth step,
, resulting in an enhanced strand space model under asymmetric cryptographic systems, as shown in
Figure 5.
It is not difficult to see that in asymmetric cryptographic systems, authentication is mainly provided by the signature of the private key. However, if there is no subject identity identification in the signature, it can be easily forwarded or replayed. In other words, the absence of proper verification of the counterparty’s subject identity during authentication paves the way for an MITM attack. Attack instances can be derived as illustrated in
Table 3, considering the scenario of authenticating
N to
M, where
M,
N, and
P share the same password configuration. Here,
P represents the attacker, while
and
act as impersonators of
M and
N, respectively.
6. Experiments and Test Validation
In the process of testing identity authentication, the results can be categorized as successful authentication and failed authentication. Successful authentication can be further classified into one-way authentication and mutual authentication, depending on the password configuration at each end. Failed authentication can occur due to unsuccessful parameter negotiation or incorrect password configuration. Here, this paper focuses on discussing the case of incorrect password configuration.
6.1. Experiment Environments
The choice of the testing environment being based on Comware V7 devices and HP Network Simulator for identity authentication and security testing is primarily due to its popularity and practicality. Comware V7 has become an industry standard due to its wide application across various network devices, including routers, switches, FC switches, and network security devices. Meanwhile, the HP Network Simulator serves as a powerful network simulation tool that can efficiently simulate complex network environments at a low cost, making it highly suitable for learning and testing purposes. The practicality of this environment is reflected in its ability to support the testing of different network topologies, including connections between centralized and distributed switches. Comware V7 devices use the Comware network operating system, which includes various traditional routers, switches, FC switches, wireless network devices, and network security devices. In this test, Comware V7 devices primarily refer to FC switches. The HP Network Simulator is an X86-based network simulator that can simulate the networking environment of Comware V7 devices. The Comware virtual machines in the HP Network Simulator run on the VirtualBox emulator. Due to the limitations of VirtualBox, the performance of Comware virtual machines is lower than that of actual devices. However, for the protocol improvement testing, the performance of Comware virtual machines is sufficient.
6.2. Experiment Settings
For security enhancement testing, this paper modifies the content of the messages manually and sends them with delayed timers for verification. For performance testing, we analyzed the time attributes during the authentication process. Switches can be classified into two types: centralized and distributed. During testing, different networking scenarios need to be tested, including centralized-to-centralized, centralized-to-distributed, and distributed-to-distributed connections. Their corresponding virtual machine networking configurations are shown in
Figure 6,
Figure 7 and
Figure 8.
In the implementation, an enumeration type is defined as the return type for authentication results. The specific definition is in
Table 4. For the three different networking scenarios, the experiment should be performed separately for the FC port and VFC port. First, we tested the case where the connection is centralized. During testing, double-sided authentication is used because two-way authentication can be considered a special case of double-sided authentication, eliminating the need for redundant work. The test cases and corresponding results are provided below. We assume
: 20:00:00:00:00:00:00:01 and
: 20:00:00:00:00:00:00:02.
6.3. Security Testing
For three different networking scenarios, we tested the FC port and VFC port, respectively. During testing, it is all two-factor two-way authentication, because two-factor two-way authentication can be regarded as a special two-way authentication, and there is no need to perform repeated work. In the certification test of FC ports and VFC ports, we conducted three different cases: successful certification, Type 1 certification failure, and Type 2 certification failure. For successful authentication, this work configured the passwords on devices M and N to match correctly. The test methods for centralized-to-distributed and distributed-to-distributed scenarios are the same as those for centralized-to-centralized scenarios, and the test results obtained are also in line with expectations. All test scenarios were successfully verified. For security testing, we used the above networking diagram to simulate replay attacks and malicious modifications by manually modifying the sending of messages (starting the delay timer) and modifying the message content. After testing, the improved protocol has a certain resistance to replay attacks and malicious modifications, and its security has been improved.
6.4. Performance Testing
To test the performance, we executed the original protocol’s
version and the enhanced protocol’s
version separately using the HP Network Simulator. The network configurations for all three scenarios remained consistent with those described in the preceding section. We captured packet information using the packet capturing tool
. In the notation,
and
denote centralized and distributed devices, respectively.
and
denote the starting and ending times of authentication in the original protocol, while
and
represent the starting and ending times of authentication in the improved protocol. The specific values of the timing attributes (ignoring the leading common bits, measured in seconds) that we obtained are shown in
Table 5.
The required time and the percentage improvement in efficiency of the original protocol with one-way mutual authentication and the improved protocol with two-way mutual authentication can be calculated from
Table 2 for three network scenarios. The percentage improvement in efficiency here refers to the percentage increase in efficiency of the improved protocol running once (with two-way mutual authentication) compared with the efficiency improvement of the original protocol with two authentications. This information is shown in
Table 6.
According to
Table 6, the improved protocol shows increased efficiency compared with the original protocol in three different networking scenarios. When connecting centralized devices to centralized devices, the efficiency improves by
. When connecting centralized devices to distributed devices, the efficiency improves by
. When connecting distributed devices to distributed devices, the efficiency improves by
. It is possible that there may be some errors between the measured values and the actual values in these three scenarios, as the timing of packet capture by the sniffing tool may have a slight deviation from the actual packet transmission and reception timing. However, these errors are not expected to be significant. Overall, the improved protocol has achieved certain performance improvements compared with the original protocol. In conclusion, we believe that the improved protocol not only achieves identity authentication functionality but also enhances security and performance.
7. Conclusions
Due to the original strand space model only considering simple operations and not taking into account cumbersome operations such as DH calculations, this paper first introduces a new data type, DH calculation, and extends the strand space model. Then, addressing the issue of the original authentication testing method not supporting the analysis of two data items, the authentication testing method is expanded. Subsequently, the extended authentication testing method is used to analyze the FCAP security based on symmetric and asymmetric cryptographic systems. To address the problem of consensus failure in random values under cryptographic systems, the initial FCAP strand space model is improved, resulting in a secure strand space model for symmetric cryptographic systems. The same method is then applied to analyze FCAP under asymmetric cryptographic systems. The test results are consistent with expectations, demonstrating the feasibility and effectiveness of the proposed approach. Our improved protocol shows increased efficiency compared with the original protocol across three different network configurations. There was a 6.43% increase in efficiency when centralized devices were connected to centralized devices, a 5.81% increase in efficiency when centralized devices were connected to distributed devices, and a 6.32% increase in efficiency when distributed devices were connected to distributed devices. In order to address the problem of consensus failure in subject identification under asymmetric cryptographic systems, the strand space model was further improved based on the improved strand space model for symmetric cryptographic systems, achieving authentication requirements under asymmetric cryptographic systems. In future work, we will investigate other protocols and how the improved protocol can defend against potential security threats, thereby demonstrating the effectiveness of the refinement measures.