scholarly journals A Lightweight Three-Factor Authentication and Key Agreement Scheme in Wireless Sensor Networks for Smart Homes

Sensors ◽  
2019 ◽  
Vol 19 (9) ◽  
pp. 2012 ◽  
Author(s):  
Sooyeon Shin ◽  
Taekyoung Kwon
Keyword(s):  
Smart Home ◽  
Key Agreement ◽  
Smart Homes ◽  
Security Requirements ◽  
Wireless Sensor ◽  
Impersonation Attack ◽  
Secret Key ◽  
Session Key ◽  
Authentication And Key Agreement ◽  
Three Factor

A wireless sensor network (WSN) is used for a smart home system’s backbone that monitors home environment and controls smart home devices to manage lighting, heating, security and surveillance. However, despite its convenience and potential benefits, there are concerns about various security threats that may infringe on privacy and threaten our home life. For protecting WSNs for smart homes from those threats, authentication and key agreement are basic security requirements. There have been a large number of proposed authentication and key agreement scheme for WSNs. In 2017, Jung et al. proposed an efficient and security enhanced anonymous authentication with key agreement scheme by employing biometrics information as the third authentication factor. They claimed that their scheme resists on various security attacks and satisfies basic security requirements. However, we have discovered that Jung et al.’s scheme possesses some security weaknesses. Their scheme cannot guarantee security of the secret key of gateway node and security of session key and protection against user tracking attack, information leakage attack, and user impersonation attack. In this paper, we describe how those security weaknesses occur and propose a lightweight three-factor authentication and key agreement scheme in WSNs for smart homes, as an improved version of Jung et al.’s scheme. We then present a detailed analysis of the security and performance of the proposed scheme and compare the analysis results with other related schemes.

scholarly journals Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

2014 ◽  
Vol 2014 ◽  
pp. 1-15 ◽  
Author(s):  
Younsung Choi ◽  
Junghyun Nam ◽  
Donghoon Lee ◽  
Jiye Kim ◽  
Jaewook Jung ◽  
...  
Keyword(s):  
Key Agreement ◽  
User Authentication ◽  
Mutual Authentication ◽  
Smart Cards ◽  
Security Requirements ◽  
Impersonation Attack ◽  
Single Server ◽  
Authenticated Key Agreement ◽  
Session Key ◽  
Authentication Schemes

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

scholarly journals A Lightweight Authentication and Key Agreement Schemes for IoT Environments

Sensors ◽  
2020 ◽  
Vol 20 (18) ◽  
pp. 5350
Author(s):  
Dae-Hwi Lee ◽  
Im-Yeong Lee
Keyword(s):  
Key Agreement ◽  
Essential Element ◽  
Public Key Cryptography ◽  
Security Requirements ◽  
Public Key ◽  
Smart Devices ◽  
The Internet ◽  
Session Key ◽  
Authentication And Key Agreement ◽  
Lightweight Authentication

In the Internet of Things (IoT) environment, more types of devices than ever before are connected to the internet to provide IoT services. Smart devices are becoming more intelligent and improving performance, but there are devices with little computing power and low storage capacity. Devices with limited resources will have difficulty applying existing public key cryptography systems to provide security. Therefore, communication protocols for various kinds of participating devices should be applicable in the IoT environment, and these protocols should be lightened for resources-restricted devices. Security is an essential element in the IoT environment, so for secure communication, it is necessary to perform authentication between the communication objects and to generate the session key. In this paper, we propose two kinds of lightweight authentication and key agreement schemes to enable fast and secure authentication among the objects participating in the IoT environment. The first scheme is an authentication and key agreement scheme with limited resource devices that can use the elliptic curve Qu–Vanstone (ECQV) implicit certificate to quickly agree on the session key. The second scheme is also an authentication and key agreement scheme that can be used more securely, but slower than first scheme using certificateless public key cryptography (CL-PKC). In addition, we compare and analyze existing schemes and propose new schemes to improve security requirements that were not satisfactory.

scholarly journals A Lightweight Secure User Authentication and Key Agreement Protocol for Wireless Sensor Networks

2019 ◽  
Vol 2019 ◽  
pp. 1-17 ◽  
Author(s):  
Jiaqing Mo ◽  
Hang Chen
Keyword(s):  
Wireless Sensor Networks ◽  
Sensor Networks ◽  
Secure Communication ◽  
Key Agreement ◽  
Wireless Channel ◽  
Wireless Sensor ◽  
Session Key ◽  
Key Agreement Protocol ◽  
Authentication Mechanism ◽  
Three Factor

Wireless sensor networks (WSNs) have great potential for numerous domains of application because of their ability to sense and understand unattended environments. However, a WSN is subject to various attacks due to the openness of the public wireless channel. Therefore, a secure authentication mechanism is vital to enable secure communication within WSNs, and many studies on authentication techniques have been presented to build robust WSNs. Recently, Lu et al. analyzed the security defects of the previous ones and proposed an anonymous three-factor authenticated key agreement protocol for WSNs. However, we found that their protocol is vulnerable to some security weaknesses, such as the offline password guessing attack, known session-specific temporary information attack, and no session key backward secrecy. We propose a lightweight security-improved three-factor authentication scheme for WSNs to overcome the previously stated weaknesses. In addition, the improved scheme is proven to be secure under the random oracle model, and a formal verification is conducted by ProVerif to reveal that the proposal achieves the required security features. Moreover, the theoretical analysis indicates that the proposal can resist known attacks. A comparison with related works demonstrates that the proposed scheme is superior due to its reasonable performance and additional security features.

scholarly journals BCmECC: A Lightweight Blockchain-Based Authentication and Key Agreement Protocol for Internet of Things

Mathematics ◽  
2021 ◽  
Vol 9 (24) ◽  
pp. 3241
Author(s):  
Jan Lansky ◽  
Amir Masoud Rahmani ◽  
Saqib Ali ◽  
Nasour Bagheri ◽  
Masoumeh Safkhani ◽  
...  
Keyword(s):  
Key Agreement ◽  
Success Probability ◽  
Secret Key ◽  
Session Key ◽  
Authentication And Key Agreement ◽  
Key Agreement Protocol ◽  
High Level ◽  
Lightweight Authentication ◽  
Previous Session

In this paper, targeting efficient authentication and key agreement in an IoT environment, we propose an Elliptic Curve Cryptography- (ECC) based lightweight authentication protocol called BCmECC which relies on a public blockchain to validate the users’ public key to provide desired security. We evaluate the security of the proposed protocol heuristically and validate it formally, which demonstratse the high level of the security. For the formal verification we used the widely accepted formal methods, i.e., BAN logic and the Scyther tool. In this paper we also analyse the security of recently proposed blockchain-based authentication protocols and show that this protocol does not provide the desired security against known session-specific temporary information attacks in which the adversary has access to the session’s ephemeral values and aims to retrieve the shared session key. In addition, the protocol lacks forward secrecy, in which an adversary with access to the server’s long-term secret key can retrieve the previous session keys, assuming that the adversary has already eavesdropped the transferred messages over a public channel in the target session. The proposed attacks are very efficient and their success probability is `1’, while the time complexity of each attack could be negligible. Besides, we show that BCmECC is secure against such attacks.

An efficient anonymous user authentication and key agreement protocol for wireless sensor networks

2021 ◽  
Vol 34 (5) ◽  
Author(s):  
Devender Kumar ◽  
Harmanpreet Singh Grover ◽  
Damandeep Kaur ◽  
Adarsh Verma ◽  
Khushil Kumar Saini ◽  
...  
Keyword(s):  
Wireless Sensor Networks ◽  
Sensor Networks ◽  
Key Agreement ◽  
User Authentication ◽  
Wireless Sensor ◽  
Authentication And Key Agreement ◽  
Key Agreement Protocol
Sign in / Sign up

Export Citation Format

Share Document