Improved Secure and Lightweight Authentication Scheme for Next-Generation IoT Infrastructure

Chen, Chien-Ming; Liu, Shuangshuang

doi:https://doi.org/10.1155/2021/6537678

Security and Communication Networks

On this page

Abstract Introduction Conclusions Data Availability Conflicts of Interest References Copyright Related Articles

Special Issue

Security Hardened and Privacy Preserved Vehicle-to-Everything (V2X) Communication

View this Special Issue

Research Article | Open Access

Volume 2021 | Article ID 6537678 | https://doi.org/10.1155/2021/6537678

Improved Secure and Lightweight Authentication Scheme for Next-Generation IoT Infrastructure

Chien-Ming Chen¹and Shuangshuang Liu¹

Academic Editor: Azeem Irshad

Received25 Jun 2021

Revised01 Sept 2021

Accepted14 Sept 2021

Published30 Sept 2021

Abstract

The Internet of Things (IoT) is a huge network formed by connecting various information sensing devices through the Internet. Although IoT has been popularized in many fields, connected devices can be used only when network security is guaranteed. Recently, Rana et al. proposed a secure and lightweight authentication protocol for the next-generation IoT infrastructure. They claim that their protocol can resist major security attacks. However, in this study, we prove that their protocol is still vulnerable to offline password guessing attacks and privilege internal attacks. In order to solve these shortcomings, we propose an improved protocol, which is proved to be secure by formal and informal analysis. In addition, after comparing the time and memory consumption with other protocols, we find that our protocol has more advantages.

1. Introduction

In recent years, the Internet of Things (IoT) [1–4] has become popular in our everyday life. IoT refers to the real-time collection of any information that needs to be monitored, connected, and interacted with through the use of various devices and technologies such as sensors, radio frequency identification technology, global positioning system, and laser scanners. In the IoT environment, every object (virtual or physical) can be perceived, identified, accessed, and interconnected in a dynamic, ubiquitous network through the Internet. IoT brings great convenience to our lives. Vehicular ad hoc networks [5, 6] are considered to be one of the most promising applications of IoT. They allow people, vehicles, and roadside units to cooperate closely. IoT is also applied to medical healthcare, which is also closely related to our lives. Through the use of IoT, medical healthcare environments have taken on a new look. In an IoT-enabled healthcare system [7–9], wearable sensors can be used to collect information about patients and the surrounding environment. Another example of an IoT application is the smart home [10, 11]. Smart homes improve people’s lifestyles and make them more comfortable, safer, and more efficient. In addition, the cloud system based on IoT can help the national government manage some resources to a great extent. The management data through the cloud system greatly reduces human resources and greatly improves the utilization rate of resources. These advantages are mainly based on the principle of the cloud-based Internet of Things. The application of such technology supports legitimate users to access normal data from hospitals, homes, borders, and other areas, which can better manage data to a certain extent.

Because IoT has grown so seamlessly, many end users are ignorant of the existence of these devices. Due to their invisibility, IoT device security is crucial, yet challenging to manage. Several IoT networks have recently been taken over to carry out malicious attacks. For these reasons, addressing these IoT security challenges is critical to their successful development. However, there has been a significant expansion in the number of IoT devices. Designing security mechanisms for all of these devices is complicated due to the heterogeneity and complexity of IoT networks.

For an IoT network to be secure, all the entities (servers, end users, and devices) must mutually authenticate their identities. In addition, all communication should be encrypted to maintain data confidentiality. This means that a common session key for both sides of the communication is required. Therefore, designing a secure and efficient authenticated key agreement (AKA) scheme is crucial [12–15].

Various AKA schemes for IoT have been proposed. In 2004, Kumari et al. [16] found that Chang et al.’s scheme [17] is vulnerable to offline password-guessing attacks, internal attacks, and server masquerading attacks. They also pointed out that the protocol [17] has security vulnerabilities during the password update phase. To overcome these security weaknesses, Kumari et al. designed an improved scheme. Kumari et al. claimed that their scheme is more secure, more efficient, and more suitable for real-life IoT network use. However, Kaul and Awasthi [18] discovered that Kumari et al.’s protocol [16] is still vulnerable to some attacks. In their scheme, attackers can easily capture some security parameters transmitted on a public channel and then calculate the session key. In response to this, Kaul and Awasthi [18] proposed a robust and secure user authentication protocol based on resource-friendly symmetric cryptographic primitives. Unfortunately, Rana et al. [19] proved that the protocol [18] cannot resist various types of attacks. Therefore, they proposed a secure, lightweight AKA scheme for next-generation IoT infrastructure.

In this study, however, we found that Rana et al.’s scheme [19] is still vulnerable to offline password-guessing attacks and privileged-insider attacks. In their scheme [19], an illegal insider or malicious attacker can calculate the session key or guess passwords if they can capture a user’s smart card. Therefore, we propose a new AKA scheme. In the proposed scheme, we utilize the biological information of the users because it is difficult for attackers to obtain this information. To demonstrate that the proposed scheme is indeed secure, we analyze it using Burrows–Abadi–Needham (BAN) logic [20] and also show that it is secure against various types of attacks. Compared with the previous scheme, the proposed scheme has better performance in terms of memory overhead.

The remainder of this paper is organized as follows. In Section 2, we briefly review the scheme proposed by Rana et al. [19]. Section 3 demonstrates that Rana et al.’s scheme [19] is vulnerable to offline password-guessing attacks and privileged-insider attacks. Our proposed scheme is described in Section 4. Sections 5 and 6 provide security and performance analyses and comparisons. Finally, Section 7 concludes the paper.

2. Review of Rana et al.’s Scheme

In this section, we briefly review Rana et al.’s AKA scheme. Their scheme contains three phases: user registration, login, and authentication, and the steps of their scheme are described below. Notations used in this paper are listed in Table 1.

2.1. User Registration Phase

(1)First, the user selects their own identification , password , and an arbitrary number . Then, the following is calculated: and is transmitted to the server through a secure channel.(2)After the server receives the information from the user, it selects an arbitrary number and calculates(3)Then, the server stores the parameters in the smart card memory and sends them to the user through a secure channel.(4)Finally, the user calculates and stores in the smart card. Now, the smart card contains parameters .

2.2. Login Phase

When a registered user wants to log in to the system, they perform the following operations:(1)User enters their and and inserts the smart card(2)The smart card reader extracts parameters and (3)Further, the smart card reader can extract parameters and and calculate If , it means that the legitimate user is allowed to log in; otherwise, the login is refused(4)After verifying the legitimacy of the user, the reader calculates

The reader then sends the login request to the server through a secure channel.

2.3. Authentication Phase

In this phase, the smart card reader and server authenticate each other by performing the following steps:(1) first verifies the validity of the timestamp by calculating -. If the calculated value is less than the given threshold , the login request proceeds; otherwise, it is rejected.(2)After that, extracts and calculates using = and then calculates the values: Then, verifies the validity of the login by comparing the calculated with the stored . If the two are equal, the verification passes; otherwise, the verification fails and the server refuses to accept the login request.(3)After verifying the correctness of , the server continues to calculatez Then, sends the calculated and timestamp to .(4)When receives the information from the server, it first verifies the validity of and then calculates checks whether is equal to . If so, is successfully verified.(5)Finally, after mutual verification, the session key can be calculated:

3. Cryptanalysis of Rana et al.’s Scheme

In this section, we first describe the threat model. Then, we show that Rana et al.’s scheme is insecure against offline password-guessing attacks and privileged-insider attacks.

3.1. Threat Model

This threat pattern shows the capabilities of an adversary, which are also considered and discussed in [21, 22]. capabilities are as follows:(1) can perform complete access control on the transmission channel. It can block, change, remove, replay, and hinder the messages passed between participants through a public channel.(2) can get the information stored in the smart card using power analysis [23, 24].(3) can obtain the information in the smart card and the information transmitted by the user on the secure channel during the registration process [25].(4) can simultaneously obtain the information in the smart card and perform offline password guessing as stated in [26, 27].(5) can know any two of the user’s password, smart card, and biological information.(6) can obtain the session key that the user communicated with the server before.(7) can register as a legitimate user in a legitimate way.

3.2. Offline Password-Guessing Attack

(1)First, the attacker steals the smart card and gets the information (2) guesses the user’s and at the same time(3)According to the user’s , password , and and values obtained from the smart card, calculates(4)Finally, obtains the session key according to the value of and calculated above:

3.3. Privileged-Insider Attack

(1)First, the attacker steals the smart card and gets the information (2)Then, privileged insiders can obtain the information and of legitimate users during registration(3) can calculate the following parameters by using the information obtained in the smart card and the information and obtained during user registration:(4)Finally, the attacker can calculate the session key according to the above parameters:

4. Proposed Scheme

In this section, we describe the specific process of the protocol and the overall architecture diagram. The main body of the protocol includes users and servers. The agreement consists of four phases: user registration, login, authentication, and password change. Figure 1 illustrates the architecture of the proposed protocol. User represents the main participant in the communication, and server represents the entity that communicates with the user.

4.1. User Registration Phase

Figure 2 illustrates the user registration phase. The detailed steps are as follows:(1)First, selects their , password , and bio information , as well as an arbitrary number , to calculate Then, is used to encrypt , with the result: then transmits to through a secure channel.(2)After receiving the information from , selects an arbitrary number to decrypt , obtains the value of , and then calculates(3)Finally, the calculated parameters are stored in the smart card, and sends the smart card to through a secure channel. calculates after receiving the message: Then, is saved in the smart card, and the registration process of the user is complete.

4.2. Login Phase

(1) enters their own , , and bio information .(2)After inputting the information, calculate Then, verify whether and are equal. If they are equal, the verification passes; otherwise, the login request sent by to is rejected.(3)If the verification passes, the reader will calculate

Then, the login request is sent to the server.

4.3. Authentication Phase

This section describes the process of mutual authentication between and . After the user sends the login request to the server, the server starts to verify whether is legitimate by calculating a series of parameters, and verifies the validity of by calculating the values of some parameters. The authentication process is described in detail below. The login phase and authentication phase are shown in Figure 3.(1)After receives the request from , it first verifies whether the present timestamp is reasonable. It then decrypts to obtain and calculates verifies whether and are equal. If not, rejects the login request from . If equal, receives the login request from and then calculates the session key of both sides:(2)After calculating the session key, continues to calculate Then, passes to (3)After receiving the message from , the user first verifies the validity of the timestamp and then calculates verifies whether is equal to . If it is equal, calculates the session key:

Here, the authentication process for and is completed.

4.4. Password Change Phase

If wants to change their password to , the following steps are performed:(1) first inserts their own smart card and enters their , current password , bio information , and new password .(2)According to some parameter values in the smart card and their own identity information, the following are calculated: If the calculated value of is equal to the value of stored in the smart card, the user is considered legitimate and allowed to change the password.(3)Some parameter values need to be updated in the process of password modification. The specific calculation process is as follows:(4)Finally, the values stored in the smart card are updated to the modified values , and the process of password modification is completed.

5. Security Analysis

5.1. Formal Security Analysis

Burrows–Abadi–Needham (BAN) logic [20] has been used in several studies to prove whether a protocol can be executed securely. This section uses BAN logic to prove the security and reliability of our proposed protocol. This proof verifies that our protocol can successfully establish and share a session key between the user and server. In the following proof, represents the user and represents the server. The specific proof rules and process are as follows:

5.1.1. BAN Logic Rules

(i)Message-meaning rule (R1): and (ii)Nonce-verification rule (R2): (iii)Jurisdiction rule (R3): (iv)Freshness rule (R4): (v)Belief rule (R5): (vi)Session key rule (R6):

5.1.2. Goals

(i)G1: (ii)G2: (iii)G3: (iv)G4:

5.1.3. Idealizing Communication

(i)M1: : (ii)M2: :

5.1.4. Initial State Assumptions

(i)A1: (ii)A2: (iii)A3: (iv)A4: (v)A5: (vi)A6: (vii)A7: (viii)A8: (ix)A9:

5.1.5. Detailed Steps

By considering the message M1 and using the seeing rule, we get S1: . Using S1, we get S2: . Under the assumption of A2, using S2, R1 can be used to obtain S3: . With conclusion S3, using A3 and R2, the following can be obtained: S4: . Using A4, R3, and conclusion S4, the following can be obtained: S5: . According to conclusion S1, the following can be obtained: S6: . Using A6, R1, and conclusion S6, the following can be obtained: S7: . Using A3, R2, and conclusion S7, the following can be obtained: S8: . Using A7, R3, and conclusion S8, the following can be obtained: S9: . Because , using S5 and S9, we obtain S10: (G2). Using A3 and R4, we can obtain S11: (G4). In addition, considering the message M2, we obtain S12: . By using A6, S1, and R1, we obtain S13: . With conclusion S13, using A8 and applying R2, we obtain S14: . Applying A9, S14, and R3, we obtain S15: . Because , using S5 and S9, we obtain S16: (G1). With conclusion S16, using A8 and R4, we can obtain S17: (G3).

5.2. ROR Formal Security Proof

5.2.1. ROR Model

This paper follows the ROR (Random Oracles) model under the proof of security, and two participants and are mentioned in the paper. First, let and as the user and server, respectively. Then, let and can perform the following operations. : by executing this query, can get the messages transmitted by and through the common channel. : with the help of send query, can send messages to and . In addition, can also receive response messages from two participants. : with the help of this query, can obtain the parameters information stored in the smart card as well as some temporary parameters information and long-term key. : by performing this operation, can obtain the value in the hash. : this operation is mainly used to verify whether the session key between the user and the server is secure. By tossing a homogeneous coin , the result of the coin is known only to . If , can know the correct session key. If , a null value is an output.

Definition 1. (one-way anticollision hash function): this is a common mathematical function that inputs a variable length field and then produces a fixed length output. If for at most run time , the hash function is considered hash collision proof.

Definition 2. Symmetric encryption method is used in the proposed protocol. Suppose are encryption methods based on different keys . In the model, the probability that can crack the correct session key is .

Theorem 1. If is a polynomial time opponent executing our scheme under the model and we choose to look at Zipf’s law [28] for the user’s password, the possibility of damaging the session key is + where represents the length of the password.

5.2.2. Security Proof

Proof. In the proof process, we define six games to and prove the theorem mentioned above according to the defined six game rules. represents the probability of success in the game. The specific proof is as follows. : in the initial game, does not perform any query operations. According to the definition of security primitives, we can get . : adds the operation on the basis of , that is, can intercept and tamper with the information transmitted on the public channel = and = . However, cannot obtain the session keys of both parties according to the information obtained on the public channel, so the probability of is equal to that of , . : adds and query operations on the basis of . According to the birthday paradox, it can be concluded that the maximum probability of hash collision is . Therefore, it can be concluded that the maximum probability of hash collision of text transmitted by both sides of the session is . Finally, we can draw a conclusion . The symbol appearing in the formula represents the length of the hash value and represents the length of the transmitted text. : on the basis of the above game rules, we added the provision that can obtain the parameters information stored in the smart card in the new round of game, that is, can obtain the parameters by executing the operation. On this basis, we perform an offline password guessing attack. First, calculates , , but identity and biological information are confidential to us, so they cannot be obtained. According to Zipf’s law [28], we can draw a conclusion: . : in this game rule, we analyze the security of the communication session key between both sides. We mainly analyze it from the following three aspects. The first is to prove that the protocol has perfect forward security. The second is to prove that can block the user impersonation attacks. The third is that can block the known session-specific temporary information attacks. Perfect forward security: obtains the value of the long-term key through . Known session-specific temporary information attacks: obtains the value of temporary information or through query. User impersonation attacks: obtains the information transmitted by both communication parties through the public channel through query, but identity is obtained by symmetric encryption with the long-term key . However, the value of the long-term key cannot be obtained. The session key of both communication parties: in the first case, must obtain the values of and in order to obtain the session key, but the value of needs biological information. In the second case, obtains the value of temporary information, but identity is obtained through symmetric encryption. In the third case, because identity is obtained through symmetric encryption, cannot obtain real identity, so it is impossible to carry out simulated attacks. Therefore, we can conclude that . : in the final rule of the game, uses hash query ; then, can guess the possibility of the session key: .As we all know, the probability of guessing the session key correctly is .
To sum up, we can get it according to the above formula:So, we come to the final conclusion .

5.3. Informal Security Analysis

In this section, we further show that the proposed scheme is secure against the following attacks.

5.3.1. Privileged-Insider Attack

In this protocol, even if the attacker obtains the information of the user in the registration process and the information in the smart card, they cannot successfully obtain the session key. Because and the user’s is encrypted by before being transmitted to the server, even if the attacker obtains the value of and , the attack is futile. Therefore, this protocol can resist privileged-internal attacks.

5.3.2. Offline Password-Guessing Attacks

Suppose the attacker gets the message in the smart card; then, based on this message, they can guess the password offline. Even if the value in the smart card is obtained and the values of and are guessed, the offline password-guessing operation cannot be successful. This is because the calculation of also involves the value of the user’s biological information , and the value of is difficult to obtain. Therefore, this protocol can effectively resist offline password-guessing attacks.

5.3.3. Replay Attack

Suppose that the malicious attacker intercepts the login information and authentication information and attempts to replay the login request. The request is invalid because we use the timestamp in the protocol to verify whether the time difference is within the set time threshold. Similarly, if the attacker intercepts the authentication message and attempts to make the authentication request, the user will also test the validity of the timestamp. Therefore, the protocol can effectively resist replay attacks.

5.3.4. Forward Secrecy

Assuming that the attacker obtains the value of the long-term password , they can only use this value to decrypt to obtain the value of the user’s . However, because , it is not sufficient to only know the value of the user’s . The values of the parameters and cannot be obtained. Therefore, this protocol can provide perfect forward security.

5.3.5. Known Session-Specific Temporary Information Attacks

Assuming that the attacker obtains the value of temporary session information or , the session key cannot be obtained successfully. Because the session key calculation is composed of , but is encrypted by long-term key , the cannot be obtained by the attacker. Therefore, this protocol can successfully resist known session-specific temporary information attacks.

5.3.6. User Impersonation Attacks

Suppose that the attacker wants to carry out a user impersonation attack. They must first obtain the value of , but is encrypted by the long-term key , and so, it is difficult for the attacker to obtain its value. In addition, assuming that the attacker intercepts the message from the public channel and sends it to the server for verification, the user needs a certain amount of time to decrypt . Therefore, when the server receives the message from the attacker for verification of the timestamp, it will find that the timestamp exceeds the set time domain and reject the login request. In this way, our protocol successfully resists user impersonation attacks.

5.3.7. Mutual Authentication

In this protocol, users and servers can successfully authenticate each other. First of all, the server authenticates the user through the value of sent by the user. Similarly, the user can verify whether the server is legitimate through the value of sent by the server. Only legitimate users and servers can pass the authentication. Therefore, this protocol can effectively provide mutual authentication between users and servers.

6. Security and Performance Comparisons

This section discusses the security and performance analysis of the proposed protocol. Security analysis is mainly conducted through a comparison with other proposed protocols in the resistance of some common attacks, and performance analysis is mainly performed through a comparison with the time and communication costs of other protocols.

6.1. Security Comparisons

In this section, the protocol proposed in this study is compared with recent related protocols. Owing to the development of different types of attack technology and methods, previous protocols are now incapable of resisting some common attacks. At present, the common network attacks include A1: privileged-internal attack, A2: offline password-guessing attack, A3: replay attack, A4: perfect forward secrecy, A5: known session-specific temporary information attacks, and A6: user impersonation attacks. The comparison results are presented in Table 2. A “” means that the protocol can resist the attack, whereas a “” means that it cannot.

While the other related protocols each fail in some of the security attacks mentioned above, our proposed protocol can resist all the attacks, making our proposed protocol more secure and reliable.

6.2. Performance Comparisons

To better analyze the performance of this protocol, we compared it with a previous protocol. To obtain more convincing results, we analyzed the protocol using the same tools and under the same conditions and used the data provided by Rana et al. [19] The results show that different protocols have different execution times in the same execution environment. The time required for the connection operation and the noncollision hash function was 0.00014 ms and 0.00089 ms, respectively. The time required for the exception and encryption and decryption operations was extremely small, and so, it was not calculated. In addition, the number of bits required for the user name, password, arbitrary number, and integer was 160; the number of bits required for the private key and public key of the server was 256; the number of bits required for encryption and decryption was 512; and, the number of bits required for the exclusive or operation and noncollision hash function was 160 and 256, respectively. The symbols for each encryption operation are as follows: : time required for connection operation : time required for XOR operation : time required for encryption/decryption : time required for hash operation

First, we compared the communication cost of our proposed protocol with that of previous protocols. In particular, our protocol was compared with those proposed by Rana et al. [19], Kaul and Awasthi [18], Khan et al. [31], Chang et al. [17], and Kumari et al. [16]. The communication overhead of our protocol is 3136 bits, whereas that of the protocols proposed by Rana et al. [19], Kaul and Awasthi [18], Khan et al. [31], Chang et al. [17], and Kumari et al. [16] are 3296, 2668, 3744, 2336, and 3296 bits, respectively. As shown in Figure 4, the communication cost of our protocol is lower than that of Rana et al. and Khan et al., but slightly higher than that of Kaul and Awasthi [18]. Although the communication cost of Chang et al. is small, the protocol proposed by them cannot effectively resist privilege internal attacks, offline password guessing attacks, and replay attacks.

Next, we compare the running time cost of our proposed protocol with those of the three protocols mentioned above. The operating cost of our protocol is 0.01512 ms, whereas that of the protocols proposed by Rana et al. [19], Kaul and Awasthi [18], Khan et al. [31], Chang et al. [17], and Kumari et al. [16] are 0.0215 ms, 0.021 ms, 0.01965 ms, 0.01318 ms, and 0.02191 ms, respectively. As shown in Figure 5, the running time of our proposed protocol is shorter than that of the four protocols mentioned above. Although the time consumption of the protocol proposed by us is a little higher than that proposed by Chang et al., the protocol proposed by Chang et al. has the problem of security. It can be said that our protocol has better performance than the ones mentioned above.

Through the analysis of Tables 2 and 3, our protocol is slightly higher than Kaul and Awasthi’s [18] protocol in terms of communication cost, but Kaul and Awasthi’s [18] protocol cannot resist user simulation attacks. Because our proposed protocol can more effectively resist various security attacks, our protocol is more applicable in future works.

7. Conclusions

In this study, we analyzed the next generation Internet of Things remote protocol proposed by Rana et al., and found that their protocol cannot resist all kinds of security attacks as they claim. Specifically, we found that their protocols are vulnerable to offline password-guessing attacks and privileged-insider attacks. To solve these problems, we introduced a three-factor security protocol utilizing biological information. In addition, we proved the security and reliability of the protocol through BAN logic and ROR analysis. Finally, we compared the proposed protocol with the previous related protocols and found that our protocol is better in terms of both communication cost and time cost. Therefore, our proposed protocol is more applicable and referential for the development of the future work.

Data Availability

No data were used to support this study.

Conflicts of Interest

The authors declare that they have no conflicts of interest.

References

E. K. Wang, C.-M. Chen, M. M. Hassan, and A. Almogren, “A deep learning based medical image segmentation technique in internet-of-medical-things domain,” Future Generation Computer Systems, vol. 108, pp. 135–144, 2020.
View at: Publisher Site | Google Scholar
C.-T. Li, C.-C. Lee, C.-Y. Weng, and C.-M. Chen, “Towards secure authenticating of cache in the reader for RFID-based IoT systems,” Peer-to-Peer Networking and Applications, vol. 11, no. 1, pp. 198–208, 2018.
View at: Publisher Site | Google Scholar
H. Xiong, Y. Zhao, Y. Hou et al., “Heterogeneous signcryption with equality test for IIoT environment,” IEEE Internet of Things Journal, 2020.
View at: Publisher Site | Google Scholar
T. Y. Wu, T. Wang, Y. Q. Lee, W. Zheng, S. Kumari, and S. Kumar, “Improved authenticated key agreement scheme for fog-driven IoT healthcare system,” Security and Communication Networks, vol. 2021, Article ID 6658041, 16 pages, 2021.
View at: Publisher Site | Google Scholar
T.-Y. Wu, Z. Lee, L. Yang, C.-M. Chen, and R. Tso, “A provably secure authentication and key exchange protocol in vehicular ad hoc networks,” Security and Communication Networks, vol. 2021, Article ID 9944460, 17 pages, 2021.
View at: Publisher Site | Google Scholar
P. Wang, C. M. Chen, S. Kumari, M. Shojafar, R. Tafazolli, and Y. N. Liu, “HDMA: hybrid D2D message authentication scheme for 5G-enabled VANETs,” IEEE Transactions on Intelligent Transportation Systems, vol. 22, 2020.
View at: Publisher Site | Google Scholar
Z. Ali, A. Ghani, I. Khan, S. A. Chaudhry, S. H. Islam, and D. Giri, “A robust authentication and access control protocol for securing wireless healthcare sensor networks,” Journal of Information Security and Applications, vol. 52, Article ID 102502, 2020.
View at: Publisher Site | Google Scholar
Q. Jiang, J. Ma, C. Yang, X. Ma, J. Shen, and S. A. Chaudhry, “Efficient end-to-end authentication protocol for wearable health monitoring systems,” Computers & Electrical Engineering, vol. 63, pp. 182–195, 2017.
View at: Publisher Site | Google Scholar
M. F. Ayub, K. Mahmood, S. Kumari, and A. K. Sangaiah, “Lightweight authentication protocol for e-health clouds in IoT-based applications through 5G technology,” Digital Communications and Networks, vol. 7, no. 2, pp. 235–244, 2021.
View at: Publisher Site | Google Scholar
A. T. Khan, S. Li, and X. Cao, “Control framework for cooperative robots in smart home using bio-inspired neural network,” Measurement, vol. 167, Article ID 108253, 2021.
View at: Publisher Site | Google Scholar
X. Chen, A. Li, X. e. Zeng, W. Guo, and G. Huang, “Runtime model based approach to IoT application development,” Frontiers of Computer Science, vol. 9, no. 4, pp. 540–553, 2015.
View at: Publisher Site | Google Scholar
C. M. Chen, L. Chen, Y. Huang, S. Kumar, and J. M. T. Wu, “Lightweight authentication protocol in edge-based smart grid environment,” EURASIP Journal on Wireless Communications and Networking, vol. 2021, no. 1, pp. 1–18, 2021.
View at: Publisher Site | Google Scholar
R. Vinoth, L. J. Deborah, P. Vijayakumar, and N. Kumar, “Secure multifactor Authenticated key agreement scheme for industrial IoT,” IEEE Internet of Things Journal, vol. 8, no. 5, pp. 3801–3811, 2020.
View at: Google Scholar
Y. Yu, L. Hu, and J. Chu, “A secure authentication and key agreement scheme for IoT-based cloud computing environment,” Symmetry, vol. 12, no. 1, p. 150, 2020.
View at: Publisher Site | Google Scholar
M. Soni and D. K. Singh, “LAKA: lightweight Authentication and key agreement protocol for Internet of things based wireless body area network,” Wireless Personal Communications, vol. 1–18, 2021.
View at: Publisher Site | Google Scholar
S. Kumari, M. K. Khan, and X. Li, “An improved remote user authentication scheme with key agreement,” Computers & Electrical Engineering, vol. 40, no. 6, pp. 1997–2012, 2014.
View at: Publisher Site | Google Scholar
Y. F. Chang, W. L. Tai, and H. C. Chang, “Untraceable dynamic-identity-based remote user authentication scheme with verifiable password update,” International Journal of Communication Systems, vol. 27, no. 11, pp. 3430–3440, 2014.
View at: Google Scholar
S. D. Kaul and A. K. Awasthi, “Security enhancement of an improved remote user authentication scheme with key agreement,” Wireless Personal Communications, vol. 89, no. 2, pp. 621–637, 2016.
View at: Publisher Site | Google Scholar
M. Rana, A. Shafiq, I. Altaf et al., “A secure and lightweight authentication scheme for next generation IoT infrastructure,” Computer Communications, vol. 165, pp. 85–96, 2021.
View at: Publisher Site | Google Scholar
M. Burrows, M. Abadi, and R. M. Needham, “A logic of authentication,” Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences, vol. 426, no. 1871, pp. 233–271, 1989.
View at: Publisher Site | Google Scholar
D. Wang, D. He, P. Wang, and C. H. Chu, “Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment,” IEEE Transactions on Dependable and Secure Computing, vol. 12, no. 4, pp. 428–442, 2014.
View at: Google Scholar
D. Wang and P. Wang, “Two birds with one stone: two-factor authentication with security beyond conventional bound,” IEEE Transactions on Dependable and Secure Computing, vol. 15, no. 4, pp. 708–722, 2016.
View at: Publisher Site | Google Scholar
P. Kocher, J. Jaffe, B. Jun, and P. Rohatgi, “Introduction to differential power analysis,” Journal of Cryptographic Engineering, vol. 1, no. 1, pp. 5–27, 2011.
View at: Publisher Site | Google Scholar
T. S. Messerges, E. A. Dabbish, and R. H. Sloan, “Examining smart-card security under the threat of power analysis attacks,” IEEE Transactions on Computers, vol. 51, no. 5, pp. 541–552, 2002.
View at: Publisher Site | Google Scholar
D. Kumar, H. S. Grover, D. Kaur, A. Verma, K. K. Saini, and B. Kumar, “An efficient anonymous user authentication and key agreement protocol for wireless sensor networks,” International Journal of Communication Systems, vol. 34, no. 5, Article ID e4724, 2021.
View at: Publisher Site | Google Scholar
S. Kumari and K. Renuka, “Design of a password authentication and key agreement scheme to access e-healthcare services,” Wireless Personal Communications, vol. 117, pp. 1–19, 2019.
View at: Publisher Site | Google Scholar
D. Kang, H. Lee, Y. Lee, and D. Won, “Lightweight user authentication scheme for roaming service in GLOMONET with privacy preserving,” PLoS One, vol. 16, no. 2, Article ID e0247441, 2021.
View at: Publisher Site | Google Scholar
D. Wang, H. Cheng, P. Wang, X. Huang, and G. Jian, “Zipf's law in passwords,” IEEE Transactions on Information Forensics and Security, vol. 12, no. 11, pp. 2776–2791, 2017.
View at: Publisher Site | Google Scholar
K. Xue, P. Hong, and C. Ma, “A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture,” Journal of Computer and System Sciences, vol. 80, no. 1, pp. 195–206, 2014.
View at: Publisher Site | Google Scholar
I.-C. Lin, M.-S. Hwang, and L.-H. Li, “A new remote user authentication scheme for multi-server architecture,” Future Generation Computer Systems, vol. 19, no. 1, pp. 13–22, 2003.
View at: Publisher Site | Google Scholar
A. A. Khan, V. Kumar, M. Ahmad, and S. Rana, “LAKAF: lightweight authentication and key agreement framework for smart grid network,” Journal of Systems Architecture, vol. 116, Article ID 102053, 2021.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2021 Chien-Ming Chen and Shuangshuang Liu. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

1027

Downloads

668

Citations