A Secure and Lightweight Authentication Protocol for IoT-Based Smart Homes
Reads0
Chats0
TLDR
Wang et al. as discussed by the authors proposed a secure and lightweight authentication protocol for IoT-based smart homes to resolve the security flaws of Xiang and Zheng's protocol, which can suffer from stolen smart device, impersonation, and session key disclosure attacks and fails to provide secure mutual authentication.Abstract:
With the information and communication technologies (ICT) and Internet of Things (IoT) gradually advancing, smart homes have been able to provide home services to users. The user can enjoy a high level of comfort and improve his quality of life by using home services provided by smart devices. However, the smart home has security and privacy problems, since the user and smart devices communicate through an insecure channel. Therefore, a secure authentication protocol should be established between the user and smart devices. In 2020, Xiang and Zheng presented a situation-aware protocol for device authentication in smart grid-enabled smart home environments. However, we demonstrate that their protocol can suffer from stolen smart device, impersonation, and session key disclosure attacks and fails to provide secure mutual authentication. Therefore, we propose a secure and lightweight authentication protocol for IoT-based smart homes to resolve the security flaws of Xiang and Zheng’s protocol. We proved the security of the proposed protocol by performing informal and formal security analyses, using the real or random (ROR) model, Burrows–Abadi–Needham (BAN) logic, and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. Moreover, we provide a comparison of performance and security properties between the proposed protocol and related existing protocols. We demonstrate that the proposed protocol ensures better security and lower computational costs than related protocols, and is suitable for practical IoT-based smart home environments.read more
Citations
More filters
Journal ArticleDOI
Secure ECC-based Three-Factor Mutual Authentication Protocol for Telecare Medical Information System
TL;DR: This paper proposes a secure ECC-based three-factor mutual authentication protocol that guarantees the privacy of patients for TMIS and has lower communication costs, and better security features compared to related existing protocols.
Journal ArticleDOI
Design of Secure Decentralized Car-Sharing System Using Blockchain
TL;DR: Wang et al. as discussed by the authors designed a decentralized car-sharing scheme using blockchain, which can solve various urban problems by providing shared vehicles to people and reducing the operation of personal vehicles. But, the car sharing system has security problems, such as the user's identity, location information, and access code.
Proceedings ArticleDOI
Certificate Based Authentication Scheme for Smart Homes
TL;DR: In this paper, an ECC based lightweight authentication scheme is presented, which offers anonymity and untraceability, and is resilient against man-in-the-middle (MitM), impersonation, packet replays and denial of service (DoS) attacks.
Journal ArticleDOI
Reliable Internet of Things: Challenges and Future Trends
TL;DR: An overview of future IoT applications, and their major communication requirements, is presented and some of the important challenges for reliable IoT related to machine learning techniques, 6G communications and blockchain based security that need further investigation are highlighted.
Journal ArticleDOI
A Secure, Lightweight, and Anonymous User Authentication Protocol for IoT Environments
TL;DR: This study proposes a novel authentication scheme that uses only hash and exclusive-or operations to be applicable in IoT environments, and shows that the proposed protocol has better security and performance compared with existing authentication protocols.
References
More filters
Journal ArticleDOI
On the security of public key protocols
Danny Dolev,Andrew Chi-Chih Yao +1 more
TL;DR: Several models are formulated in which the security of protocols can be discussed precisely, and algorithms and characterizations that can be used to determine protocol security in these models are given.
Journal ArticleDOI
A logic of authentication
TL;DR: This paper describes the beliefs of trustworthy parties involved in authentication protocols and the evolution of these beliefs as a consequence of communication, and gives the results of the analysis of four published protocols.
Book ChapterDOI
Password-Based authenticated key exchange in the three-party setting
TL;DR: This paper presents a natural generic construction of a three-party protocol, based on any two-party authenticated key exchange protocol, and proves its security without making use of the Random Oracle model, which is the first provably-secure password-based protocol in the three- party setting.
Journal Article
Universally composable notions of key exchange and secure channels
Ran Canetti,Hugo Krawczyk +1 more
TL;DR: Canetti and Krawczyk as discussed by the authors showed that the notion of SK-security is strictly weaker than a fully-idealized notion of key exchange security, but it is sufficiently robust for providing secure composition with arbitrary protocols.
Journal ArticleDOI
Automated Security Protocol Analysis With the AVISPA Tool
TL;DR: Experimental results indicate that the AVISPA Tool is a state-of-the-art tool for Internet security protocol analysis as, to the authors' knowledge, no other tool exhibits the same level of scope and robustness while enjoying the same performance and scalability.