User Authentication Schemes of Remote Access Devices for Smart-Home Grid Environment

One of the IoT's greatest opportunity and application still lies ahead in the form of smart home. In this ubiquitous/automated environment, due to the most likely heterogeneity of objects, communication, topology, security protocols, and the computationally limited na- ture of IoT objects, conventional authentication schemes may not comply with IoT security requirements since they are considered impractical, weak, or outdated. This thesis proposes: (1) The design of a two-factor device-to-device (D2D) Mutual Authentication Scheme for Smart Homes using OTP over Infrared Channel (referred to as D2DA-OTP-IC scheme); (2) The design of two proxy-password protected OTP-based schemes for smart homes, namely, the Password Protected Inter-device OTP-based Authentication scheme over Infrared Chan- nel and the Password Protected Inter-device OTP-based Authentication scheme using public key infrastructure; and (3) The design of a RSA-based two-factor user Authentication scheme for Smart Home using Smart Card.

Download Full-text

Authentication protocols for smart homes

10.32920/ryerson.14652960.v1 ◽

2021 ◽

Author(s):

Maninder Singh Raniyal

Keyword(s):

Smart Home ◽

User Authentication ◽

Mutual Authentication ◽

Smart Homes ◽

Authentication Scheme ◽

Security Requirements ◽

Iot Security ◽

Communication Topology ◽

User Authentication Scheme ◽

Authentication Schemes

One of the IoT's greatest opportunity and application still lies ahead in the form of smart home. In this ubiquitous/automated environment, due to the most likely heterogeneity of objects, communication, topology, security protocols, and the computationally limited na- ture of IoT objects, conventional authentication schemes may not comply with IoT security requirements since they are considered impractical, weak, or outdated. This thesis proposes: (1) The design of a two-factor device-to-device (D2D) Mutual Authentication Scheme for Smart Homes using OTP over Infrared Channel (referred to as D2DA-OTP-IC scheme); (2) The design of two proxy-password protected OTP-based schemes for smart homes, namely, the Password Protected Inter-device OTP-based Authentication scheme over Infrared Chan- nel and the Password Protected Inter-device OTP-based Authentication scheme using public key infrastructure; and (3) The design of a RSA-based two-factor user Authentication scheme for Smart Home using Smart Card.

Download Full-text

Security Analysis on “Anonymous Authentication Scheme for Smart Home Environment with Provable Security”

Wireless Communications and Mobile Computing ◽

10.1155/2020/8838363 ◽

2020 ◽

Vol 2020 ◽

pp. 1-4

Author(s):

Meijia Xu ◽

Qiying Dong ◽

Mai Zhou ◽

Chenyu Wang ◽

Yangyang Liu

Keyword(s):

Smart Home ◽

User Authentication ◽

Security Analysis ◽

Authentication Scheme ◽

Dictionary Attack ◽

Anonymous Authentication ◽

Smart Home Environment ◽

User Authentication Scheme ◽

Authentication Schemes ◽

The Internet Of Things

As an important application of the Internet of Things, smart home has greatly facilitated our life. Since the communication channels of smart home are insecure and the transmitted data are usually sensitive, a secure and anonymous user authentication scheme is required. Numerous attempts have been taken to design such authentication schemes. Recently, Shuai et al. (Computer & Security 86(2019):132146) designed an anonymous authentication scheme for smart home using elliptic curve cryptography. They claimed that the proposed scheme is secure against various attacks and provides ideal attributes. However, we show that their scheme cannot resist inside attack and offline dictionary attack and also fails to achieve forward secrecy. Furthermore, we give some suggestions to enhance the security of the scheme. These suggestions also apply to other user authentication schemes with similar flaws.

Download Full-text

G2F: A Secure User Authentication for Rapid Smart Home IoT Management

IEEE Internet of Things Journal ◽

10.1109/jiot.2021.3050710 ◽

2021 ◽

pp. 1-1

Author(s):

Hongwei Luo ◽

Chao Wang ◽

Hao Luo ◽

Fan Zhang ◽

Feng Lin ◽

...

Keyword(s):

Smart Home ◽

User Authentication

Download Full-text

Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication

Electronics ◽

10.3390/electronics10151819 ◽

2021 ◽

Vol 10 (15) ◽

pp. 1819

Author(s):

Rasa Bruzgiene ◽

Konstantinas Jurgilas

Keyword(s):

Information Systems ◽

Identity Management ◽

Critical Infrastructure ◽

User Authentication ◽

Remote Access ◽

Access To Information ◽

Digital Space ◽

Cyber Threats ◽

The Core ◽

Common Target

Information systems of critical infrastructure provide services on which the core functions of a state and its economy depend as well as welfare of society. Such systems are becoming an increasingly common target for crimes and attacks in cyberspace, as their vulnerabilities can be exploited for malicious activities seeking financial or political gain. One of the main reasons that threatens the security of these systems is the weak control of remote access, otherwise defined as management of a system’s user identity. Management of user identity depends on user authentication, authorization and the assignment of certain rights in the digital space. This paper provides the proposed two-factor (2FA) digital authentication method for remote access to an information system of a critical infrastructure. Results of testing the method’s usability and resilience to cyber threats have shown that the system, in which the method was implemented, is protected from dangerous HTTP requests and publicly available system’s endpoints are protected from threatening inputs that could cause malicious activities on the critical infrastructure. Additionally, the implementation of the authentication API application ensures the rapidity of the method for less than 500 ms for 100 users working in parallel with the system at the same time.

Download Full-text

A Robust Two-Factor User Authentication Scheme-Based ECC for Smart Home in IoT

IEEE Systems Journal ◽

10.1109/jsyst.2021.3127438 ◽

2021 ◽

pp. 1-12

Author(s):

Shihong Zou ◽

Qiang Cao ◽

Chenyu Wang ◽

Zifu Huang ◽

Guoai Xu

Keyword(s):

Smart Home ◽

User Authentication ◽

Authentication Scheme ◽

User Authentication Scheme

Download Full-text

Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

The Scientific World JOURNAL ◽

10.1155/2014/281305 ◽

2014 ◽

Vol 2014 ◽

pp. 1-15 ◽

Cited By ~ 19

Author(s):

Younsung Choi ◽

Junghyun Nam ◽

Donghoon Lee ◽

Jiye Kim ◽

Jaewook Jung ◽

...

Keyword(s):

Key Agreement ◽

User Authentication ◽

Mutual Authentication ◽

Smart Cards ◽

Security Requirements ◽

Impersonation Attack ◽

Single Server ◽

Authenticated Key Agreement ◽

Session Key ◽

Authentication Schemes

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

Download Full-text

MyMaster : A Multifactor Authentication Scheme for Smart Home Device

Journal of IT in Asia ◽

10.33736/jita.3856.2021 ◽

2021 ◽

Vol 9 (1) ◽

pp. 89-96

Author(s):

EMILLI LIJAU

Keyword(s):

Smart Home ◽

Mutual Authentication ◽

Remote Access ◽

The Internet ◽

Home Gateway ◽

Privacy Leakage ◽

Intelligent Home ◽

Multifactor Authentication ◽

Intelligent Devices ◽

Privacy And Confidentiality

Smart homes are one of the Internet of Things (IoT) applications most significant to enable people to operate intelligent devices on the Internet in their homes. However, when users can access an intelligent home system remotely, they have major privacy and confidentiality difficulties to overcome. Nothing has been done to improve the safety characteristics of an intelligent home with current research on authentication approaches. For example, to address these issues and to develop a reciprocal tracking authentication system with a critical aspect of a deal, we recommend an Internet based Smart Home System (IFTTT) model. As a controller and a safety guard, an IFTTT-Home Gateway provides a user with remote access to a Smart Home System within their company. The system is designed for mutual authentication with security features such as anonymity and full advance security by using Elliptical Curve Encryption, Nonces, XOR or cryptographic Hash functions. We also incorporate multi factor authentication (MFA) into the model to ensure more security and preventing privacy leakage.

Download Full-text

Offline Password Guessing Attacks on Smart-Card-Based Remote User Authentication Schemes

Proceedings of the 6th International Asia Conference on Industrial Engineering and Management Innovation ◽

10.2991/978-94-6239-145-1_9 ◽

2015 ◽

pp. 81-89 ◽

Cited By ~ 1

Author(s):

Xue-lei Li ◽

Qiao-yan Wen ◽

Hua Zhang ◽

Zheng-ping Jin ◽

Wen-min Li

Keyword(s):

Smart Card ◽

User Authentication ◽

Remote User Authentication ◽

Authentication Schemes ◽

Remote User

Download Full-text

A New Approach in Cloud Computing User Authentication

Web Services ◽

10.4018/978-1-5225-7501-6.ch072 ◽

2019 ◽

pp. 1393-1410

Author(s):

Alaa Hussein Al-Hamami ◽

Rafal A. Al-Khashab

Keyword(s):

Cloud Computing ◽

High Performance ◽

User Authentication ◽

Low Cost ◽

Remote Access ◽

Security And Privacy ◽

Main Concern ◽

Security Measures ◽

User Privacy ◽

Is Security

Cloud computing provides the full scalability, reliability, high performance and relatively low cost feasible solution as compared to dedicated infrastructure. These features make cloud computing more attractive to users and intruders. It needs more and complex security measures to protect user privacy and data centers. The main concern in this chapter is security, privacy and trust. This chapter will give a discussion and a suggestion for using cloud computing to preserve security and privacy. The malicious hacker and other threats are considering the major cause of leaking security of the personal cloud due to centralized location and remote accesses to the cloud. According to attacks, a centralized location can be easier target rather than several goals and remote access is insecure technologies which offer a boundary of options for attackers to infiltrate enterprises. The biggest concern is attackers that will use the remote connection as a jumping point to get deeper into an organization.

Download Full-text