|
Literature | Methods | Continuous authentication | Multifactor authentication | Strengths | Weakness |
|
Kothmayr et al. [20] | Datagram Transport Layer Security (DTLS) protocol, RSA-based asymmetric encryption, X.509 authentication | No | No | The system architecture follows the IoT model and inherits the security properties of UDP. | The protocol has eight handshakes, which is computationally expensive |
Verma et al. [21] | Certificate | Yes | No | The protocol has better performance in terms of throughput, end-to-end delay, and packet loss. Has a small amount of computation and communication overhead | No discussion of resilience to foreign attacks |
Kumar and Gandhi [22] | Certificateļ¼ Advanced Encryption Standard Counter and Cipher Block Chain Message Authentication Code (AESCCM), Elliptic Curve Digital Signature Algorithm (ECDSA) | No | No | Overcome the denial of service attack server vulnerable to DTLS protocol | This protocol is used in medical and health monitoring, but the collected body information is not used for identity authentication, but only as transmitted data information. |
Shivraj et al. [23] | Elliptic Curve Cryptographic (ECC) | No | Two-factor | The protocol is scalable, with small keys and robustness | As the size of the OTP increases, the computational complexity also increases, and the time consumption increases significantly |
Kumar et al. [24] | Symmetric key, hash function | No | No | The scheme provides important security properties, including protection against a variety of common attacks, such as denial of service attacks and eavesdropping attacks | Preliminary evaluation and feasibility testing was carried out through the implementation of the proof of concept |
Syed et al. [25] | Cryptography | Yes | No | The protocol can be adapted to devices with limited computing and storage resources | Difficulties in measuring Channel State Information (CSI) for heterogeneous IoT devices |
Gope and Hwang [26] | Hash function, XOR | Yes | No | The protocol provides more security features under the premise of ensuring less computational overhead, with anonymity and nontraceability | Security analysis is just a proof by means of theoretical analysis |
Ying and Nayak [27] | Hash function, XOR | No | No | An efficient password modification phase that does not rely on TA (trusted authority) and third-party servers is proposed, which can resist offline password guessing attacks. | There is no reasonable extension of the protocol, and the protocol is insecure against offline identity guessing attacks, session link attacks, and replay attacks |
Chen et al. [28] | Hash function, XOR | No | No | Fixed the security vulnerability found in [27] | The protocol only uses the iPhone as a test platform. |
|