Rotating behind Privacy: An Improved Lightweight Authentication Scheme for Cloud-based IoT Environment

The advancements in the internet of things (IoT) require specialized security protocols to provide unbreakable security along with computation and communication efficiencies. Moreover, user privacy and anonymity has emerged as an integral part, along with other security requirements. Unfortunately, many recent authentication schemes to secure IoT-based systems were either proved as vulnerable to different attacks or prey of inefficiencies. Some of these schemes suffer from a faulty design that happened mainly owing to undue emphasis on privacy and anonymity alongside performance efficiency. This article aims to show the design faults by analyzing a very recent hash functions-based authentication scheme for cloud-based IoT systems with misunderstood privacy cum efficiency tradeoff owing to an unadorned design flaw, which is also present in many other such schemes. Precisely, it is proved in this article that the scheme of Wazid et al. cannot provide mutual authentication and key agreement between a user and a sensor node when there exists more than one registered user. We then proposed an improved scheme and proved its security through formal and informal methods. The proposed scheme completes the authentication cycle with a minor increase in computation cost but provides all security goals along with privacy.

Download Full-text

A Secure IoT-Based Authentication System in Cloud Computing Environment

Sensors ◽

10.3390/s20195604 ◽

2020 ◽

Vol 20 (19) ◽

pp. 5604

Author(s):

Hsiao-Ling Wu ◽

Chin-Chen Chang ◽

Yao-Zhu Zheng ◽

Long-Sheng Chen ◽

Chih-Cheng Chen

Keyword(s):

Cloud Computing ◽

Mutual Authentication ◽

Authentication Scheme ◽

Security Requirements ◽

The Internet ◽

Computing Environment ◽

Cloud Computing Environment ◽

Authentication System ◽

Lightweight Authentication ◽

The Internet Of Things

The Internet of Things (IoT) is currently the most popular field in communication and information techniques. However, designing a secure and reliable authentication scheme for IoT-based architectures is still a challenge. In 2019, Zhou et al. showed that schemes pro-posed by Amin et al. and Maitra et al. are vulnerable to off-line guessing attacks, user tracking attacks, etc. On this basis, a lightweight authentication scheme based on IoT is proposed, and an authentication scheme based on IoT is proposed, which can resist various types of attacks and realize key security features such as user audit, mutual authentication, and session security. However, we found weaknesses in the scheme upon evaluation. Hence, we proposed an enhanced scheme based on their mechanism, thus achieving the security requirements and resisting well-known attacks.

Download Full-text

An Enhanced Lightweight IoT-based Authentication Scheme in Cloud Computing Circumstances

Sensors ◽

10.3390/s19092098 ◽

2019 ◽

Vol 19 (9) ◽

pp. 2098 ◽

Cited By ~ 8

Author(s):

Rafael Martínez-Peláez ◽

Homero Toral-Cruz ◽

Jorge R. Parra-Michel ◽

Vicente García ◽

Luis J. Mena ◽

...

Keyword(s):

Cloud Computing ◽

Key Agreement ◽

Mutual Authentication ◽

Authentication Scheme ◽

Security Requirements ◽

The Internet ◽

Authentication Protocols ◽

Security Vulnerabilities ◽

Rapid Deployment ◽

The Internet Of Things

With the rapid deployment of the Internet of Things and cloud computing, it is necessary to enhance authentication protocols to reduce attacks and security vulnerabilities which affect the correct performance of applications. In 2019 a new lightweight IoT-based authentication scheme in cloud computing circumstances was proposed. According to the authors, their protocol is secure and resists very well-known attacks. However, when we evaluated the protocol we found some security vulnerabilities and drawbacks, making the scheme insecure. Therefore, we propose a new version considering login, mutual authentication and key agreement phases to enhance the security. Moreover, we include a sub-phase called evidence of connection attempt which provides proof about the participation of the user and the server. The new scheme achieves the security requirements and resists very well-known attacks, improving previous works. In addition, the performance evaluation demonstrates that the new scheme requires less communication-cost than previous authentication protocols during the registration and login phases.

Download Full-text

Authentication protocols for smart homes

10.32920/ryerson.14652960 ◽

2021 ◽

Author(s):

Maninder Singh Raniyal

Keyword(s):

Smart Home ◽

User Authentication ◽

Mutual Authentication ◽

Smart Homes ◽

Authentication Scheme ◽

Security Requirements ◽

Iot Security ◽

Communication Topology ◽

User Authentication Scheme ◽

Authentication Schemes

One of the IoT's greatest opportunity and application still lies ahead in the form of smart home. In this ubiquitous/automated environment, due to the most likely heterogeneity of objects, communication, topology, security protocols, and the computationally limited na- ture of IoT objects, conventional authentication schemes may not comply with IoT security requirements since they are considered impractical, weak, or outdated. This thesis proposes: (1) The design of a two-factor device-to-device (D2D) Mutual Authentication Scheme for Smart Homes using OTP over Infrared Channel (referred to as D2DA-OTP-IC scheme); (2) The design of two proxy-password protected OTP-based schemes for smart homes, namely, the Password Protected Inter-device OTP-based Authentication scheme over Infrared Chan- nel and the Password Protected Inter-device OTP-based Authentication scheme using public key infrastructure; and (3) The design of a RSA-based two-factor user Authentication scheme for Smart Home using Smart Card.

Download Full-text

Authentication protocols for smart homes

10.32920/ryerson.14652960.v1 ◽

2021 ◽

Author(s):

Maninder Singh Raniyal

Keyword(s):

Smart Home ◽

User Authentication ◽

Mutual Authentication ◽

Smart Homes ◽

Authentication Scheme ◽

Security Requirements ◽

Iot Security ◽

Communication Topology ◽

User Authentication Scheme ◽

Authentication Schemes

Download Full-text

A New Threshold Password Authentication Scheme

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.143-144.915 ◽

2010 ◽

Vol 143-144 ◽

pp. 915-919

Author(s):

Yung Cheng Lee

Keyword(s):

Ad Hoc Networks ◽

Mobile Devices ◽

Ad Hoc ◽

Mutual Authentication ◽

Authentication Scheme ◽

Network Infrastructure ◽

Password Authentication ◽

Unauthorized Access ◽

Authentication Schemes ◽

Hoc Networks

The well-known password authentication mechanisms are widely used in networks to protect resources from unauthorized access. The ad hoc networks, due to their dynamic and lack of network infrastructure features, require authentication schemes to ensure security. In this paper, we propose a new threshold password authentication scheme for ad hoc networks. Our scheme can be efficiently implemented in mobile devices, and can achieve mutual authentication with registered users.

Download Full-text

Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

The Scientific World JOURNAL ◽

10.1155/2014/281305 ◽

2014 ◽

Vol 2014 ◽

pp. 1-15 ◽

Cited By ~ 19

Author(s):

Younsung Choi ◽

Junghyun Nam ◽

Donghoon Lee ◽

Jiye Kim ◽

Jaewook Jung ◽

...

Keyword(s):

Key Agreement ◽

User Authentication ◽

Mutual Authentication ◽

Smart Cards ◽

Security Requirements ◽

Impersonation Attack ◽

Single Server ◽

Authenticated Key Agreement ◽

Session Key ◽

Authentication Schemes

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

Download Full-text

A systematic Study of Security Challenges and Infrastructures for Internet of Things

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i4.36.24226 ◽

2018 ◽

Vol 7 (4.36) ◽

pp. 700

Author(s):

N. Koteswara Rao ◽

Gandharba Swain

Keyword(s):

Internet Of Things ◽

Secure Communication ◽

Smart Cities ◽

Security Requirements ◽

The Internet ◽

Security Challenges ◽

Authentication And Authorization ◽

New Applications ◽

Privacy And Anonymity ◽

The Internet Of Things

The proliferation of smart objects with capability of sensing, processing and communication has grown in recent years. In this scenario, the Internet of Things (IoT) connects these objects to the Internet and provides communication with users and devices. IoT enables a huge amount of new applications, with which academics and industries can benefit, such as smart cities, health care and automation. In this environment, compose of constrained devices, the widespread adoption of this paradigm depends of security requirements like secure communication between devices, privacy and anonymity of its users. This paper presents the main security challenges and solutions to provide authentication and authorization on the Internet of Things.

Download Full-text

A Survey of Authentication Schemes in the Internet of Things

International Journal of Smart Security Technologies ◽

10.4018/ijsst.2019010102 ◽

2019 ◽

Vol 6 (1) ◽

pp. 15-30 ◽

Cited By ~ 1

Author(s):

Yasmine Labiod ◽

Abdelaziz Amara Korba ◽

Nacira Ghoualmi-Zine

Keyword(s):

Internet Of Things ◽

Security Requirements ◽

Security And Privacy ◽

The Internet ◽

Privacy And Security ◽

Depth Study ◽

Authentication Schemes ◽

Iot Devices ◽

Privacy Issues ◽

The Internet Of Things

In the recent years, the Internet of Things (IoT) has been widely deployed in different daily life aspects such as home automation, electronic health, the electric grid, etc. Nevertheless, the IoT paradigm raises major security and privacy issues. To secure the IoT devices, many research works have been conducted to counter those issues and discover a better way to remove those risks, or at least reduce their effects on the user's privacy and security requirements. This article mainly focuses on a critical review of the recent authentication techniques for IoT devices. First, this research presents a taxonomy of the current cryptography-based authentication schemes for IoT. In addition, this is followed by a discussion of the limitations, advantages, objectives, and attacks supported of current cryptography-based authentication schemes. Finally, the authors make in-depth study on the most relevant authentication schemes for IoT in the context of users, devices, and architecture that are needed to secure IoT environments and that are needed for improving IoT security and items to be addressed in the future.

Download Full-text

A Lattice-Based Authentication Scheme for Roaming Service in Ubiquitous Networks with Anonymity

Security and Communication Networks ◽

10.1155/2020/2637916 ◽

2020 ◽

Vol 2020 ◽

pp. 1-19

Author(s):

Yousheng Zhou ◽

Longan Wang

Keyword(s):

Privacy Preservation ◽

Mutual Authentication ◽

Public Key Cryptography ◽

Mobile User ◽

Authentication Scheme ◽

Home Networks ◽

Mobile Nodes ◽

Foreign Agent ◽

Ubiquitous Networks ◽

Authentication Schemes

In the ubiquitous networks, mobile nodes can obtain roaming service that enables them to get access to the services extended by their home networks in the field of foreign network. To provide secure and anonymous communication for legal mobile users in roaming services, there should be a mutual authentication between mobile user and foreign agent with the help of home agent. There are many roaming authentication schemes which have been proposed; however, with the progress of quantum computation, quantum attack poses security threats to many traditional public key cryptography-based authentication schemes; thus, antiquantum attack roaming authentication schemes need to be investigated. On account of the limitation of computational resources for mobile nodes, a lightweight anonymous and antiquantum authentication schemes need to be developed to enable mobile nodes to roam across multiple service domains securely and seamlessly. In consideration of the advantages of lattice in antiquantum, an NTRU-based authentication scheme with provable security and conditional privacy preservation is proposed to remedy these security weaknesses. Compared with the existing scheme, the proposed scheme not only improves efficiency but also can resist the quantum attack.

Download Full-text

Biometric-Based Remote Mutual Authentication Scheme for Mobile Device

10.21203/rs.3.rs-454092/v1 ◽

2021 ◽

Author(s):

Sheng-Kai Chen ◽

Jenq-Shiou Leu ◽

Hsieh Wen-Bin ◽

Jui-Tang Wang ◽

Tian Song

Keyword(s):

Smart Card ◽

Mobile Device ◽

Communication Channel ◽

User Authentication ◽

Mutual Authentication ◽

Authentication Scheme ◽

Mobile Payment ◽

Remote Authentication ◽

Authentication Schemes ◽

Remote User

Abstract Remote user authentication schemes provide a system to verify the legitimacy of remote users’ authentication request over insecure communication channel. In last years, many authentication schemes using password and smart card have been proposed. However, password might be revealed or forgotten and smart card might be shared, lost or stolen. In contrast, the biometrics, such as face, ﬁngerprint or iris, have no such weakness. With the trend of mobile payment, more and more applications of mobile payment use biometrics to replace password and smart card. In this paper, we propose a biometric-based remote authentication scheme substituting biometric and mobile device bounded by user for password and smart card. This scheme is more convenient, suitable and securer than the schemes using smart cards on mobile payment environment.

Download Full-text