In Figure 1, we reduced the number of communication times compared to the existing scheme [17,18,19,20,21,22], which allowed us to speed up the authentication and key agreement process. Figure 7 compares the time required by ECDSA for AKA with existing systems and our systems (which are faster). The proposed scheme that uses ECQV is faster than the general ECDSA, and the speed of the proposed scheme is slightly faster. Table 3 shows the comparison of Figure 1 with existing systems. Figure 1 shows a smart factory where IoT devices monitor and control production facilities [6]. Authentication and key negotiation are necessary to provide information quickly and securely. Similarly, when sending data to the Manufacturing Execution System (MES), authentication and key agreement must be performed via end-to-end communication via a gateway (GW). However, existing public key infrastructure (PKI)-based authentication is too slow in real-time environments. Scheme 2 performs authentication with subkeys based on the Schnorr signature. Each subkey is generated by the CA and verified using the CA`s public key and the object`s public key. If A first sends a PuA public key and marks TA to B, the validity of the public key of A can be checked with equation (14).

If B sends a PuB public key and marks TB to A, the validity can be checked with equation (15). Mutual authentication is done in this way. In this document, we first look at the LFS protocol in and , and then propose a lightweight and authenticated key agreement protocol with fog nodes. The security analysis of the protocol is performed with BAN, ROR and ProVerif. The security and performance comparison shows that the protocol achieves higher performance in terms of computing power and communication costs compared to other protocols. In future research, we will focus on improving the security and performance of the protocol. When it comes to cloud computing processing of real-time road data, some issues are related to network delays, transmission efficiency, etc. Since the distance between the cloud computing server and the vehicles is large and the number of vehicles increases, the cloud server has to process more data in real time, which increases the computing effort. Therefore, researchers introduced fog computing to reduce the compute load on cloud servers. The data, processing and application of fog computing are stored on scattered and weak devices almost outside the cloud, so the computing power is not strong. This can help the cloud server process some data that is not needed or urgent at the moment.

If it encounters data that it cannot process, it will inform the cloud server. Fog nodes can detect dangerous driving behavior in time, issue early warnings for behavior and, if necessary, predict appropriate punishment. The application of nebula nodes in and in environments was mentioned in the articles [9-13]. In 2016, Azimi et al. [11] proposed a medical alert system based on fog calculations. In 2019, Ismail et al. [12] have proposed an implication of fog computing on the. In 2019, Ma et al. [10] protocol for fog-based networks that implemented an authenticated key agreement. In 2021, Eftekhari et al.

[9] proposed a paired secret key memorandum of understanding using a three-part authentication protocol based on fog. The typical architecture based on fog nodes is shown in Figure 1. The target model in this document is an IoT service environment, and end-to-end authentication and key agreement between two objects that make up the IoT environment can be applied. For example, in the smart factory environment shown in Figure 1, IoT sensors on the production line need to communicate in real time. If an external attacker device participates in the production line network, it can transmit false information to the MES and cause financial and physical damage to the plant. Therefore, production line devices need to exchange data with each other in real time, and Schema 1 can be applied to environments that require such a fast AKA. In addition, AKA is also required when transmitting data collected from sensors to the MES or when checking devices from the MES. Especially if the MES issues an order, sending an incorrect order message can also cause great damage. In this case, more reliable communication than schema 1 is required and schema 2 can be applied. Figure 4 shows a model in which Diagrams 1 and 2 can be applied in a smart factory environment. In the existing CL-PKC, a subkey was created through KGC that generates a key, but is unified and used as a ca to execute Schema Roles 1 and 2. The CA manages the implicit certificate and the ecQV subkey.

In existing schemas [17,18,29,31,36], an attacker can generate a key by simply listening to the transmitted data. To resolve this issue, the key is generated during authentication and the key agreement phase in the session. When granting the key, any value was used, but the key leak via a replay attack was not prevented. In our two current schemes, a key leak is possible if someone other than A and B can generate a session key. Therefore, we make it impossible to derive a key via messages transmitted through a public channel. In certificate-based AKA, an implicit certificate is received after a user has been registered by a CA as a certificate. .