SKIA-SH: A Symmetric Key-Based Improved Lightweight Authentication Scheme for Smart Homes

Alzahrani, Bander A.; Barnawi, Ahmed; Albarakati, Abdullah; Irshad, Azeem; Khan, Muhammad Asghar; Chaudhry, Shehzad Ashraf

doi:https://doi.org/10.1155/2022/8669941

Wireless Communications and Mobile Computing

On this page

Abstract Introduction Conclusion Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Special Issue

Security and Intelligence of the Internet of Things for 5G and B5G Networks

View this Special Issue

Research Article | Open Access

Volume 2022 | Article ID 8669941 | https://doi.org/10.1155/2022/8669941

SKIA-SH: A Symmetric Key-Based Improved Lightweight Authentication Scheme for Smart Homes

Bander A. Alzahrani,¹Ahmed Barnawi,¹Abdullah Albarakati,¹Azeem Irshad,²Muhammad Asghar Khan,³and Shehzad Ashraf Chaudhry⁴

Academic Editor: Hasan Ali Khattak

Received23 Nov 2021

Accepted13 Jan 2022

Published12 Feb 2022

Abstract

Being one of the finest applications of the IoT, smart homes (SHs) with an aim to improve quality of life are taking over the traditional lifestyles. The entities within a SH communicate with each other and with the environment including the users to transform daily life seamlessly enjoyable and easy. However, owing to the public communication infrastructure, the advantages of SH are subject to security and privacy issues. Recently, Yu et al. presented a privacy and security solution for SH environment. The scheme of Yu et al. is based on lightweight symmetric key functions. Although the scheme of Yu et al. exhibits the lightweight property, it is proven in this paper that their scheme cannot provide mutual authentication due to a crucial design fault. An improved scheme using symmetric key functions for SH (SKIA-SH) is proposed in this paper. The security of the proposed scheme is furnished through formal BAN logic followed by brief discussion on security attribute provision of the proposed SKIA-SH. The comparisons show that the proposed SKIA-SH provides the required security on the cost of slight increase in computation and communication costs. The simulation results show that the SKIA-SH completes an authentication round by exchanging 216 bytes in just 5.34 ms.

1. Introduction

The smart home (SH) is an emerging concept, and with the aid of 6G/IoT smart infrastructure, the SH concept is gradually overtaking traditional living styles. SH is a communication setup among the daily useable devices like lightbulbs, televisions, door lock, monitoring cameras, washing machines, and so on. The smart devices (SDs) within a SH interact with each other and with the users to provide seamless services and for transforming daily life more and more easy and enjoyable. The services include automatic door lock and unlock, switching on and off the lights and air conditioners, suspicious activity alarming, etc. In addition, the SH concept can be very useful for patients and elderly people through activity and health-related monitoring and support. The SDs in a SH communicate over the wireless insecure channel and the public Internet. Due to communication over insecure channels, the advantages of the SH are subject to several privacy and security issues [1, 2]. Such security and privacy issues can enable an entity with malicious intentions also called as an attacker to expose user-related sensitive data including the daily routines, habits, and so on, and this information can be used with wicked intentions. In addition, the SDs are lightweight devices, and deploying public key-based infrastructure (PKI) is not a viable solution for the SH environments as PKI can pose high computation and communication costs on the low powered SDs [3–5]. Therefore, symmetric key-based authentication schemes suit the SH environments [6–8].

Recently, many authentication schemes were proposed using symmetric and PKI-based cryptographic primitives. Some of the recently proposed schemes were proposed to secure smart home (SH) environments [9, 10]. In 2021, Ali et al. explained the pitfalls of clogging attack and designed an elliptic curve-based authentication scheme to resist clogging attack. Physical capturing is also among the crucial class of attacks [11], and physical capturing of a smart device can lead to exposure of private information of the device and it can also lead to exposure of related and communicative devices present in the smart IoT environments. Irshad et al. [12] also proved that the authentication scheme of Tsai and Lo [13] lacks required security against server forgery and impersonation attack. Moreover, Maitra et al. [14] also proposed an improvement over Lee et al.’s ElGamal-based authentication method [15]. In 2020, Ali Khan et al. [16] and Wei et al. [17] proposed two separate methods to secure smart grid and USB mass storage communication, respectively. However, these schemes were proved insecure and impractical in [18, 19]. Using elliptic curve cryptography (ECC), Vaidya et al. [9] presented their designed authentication scheme for SH. Despite their claim of security and lightweight property, the scheme presented in [9] is prone to several attacks including user forgery, privileged insider (PI), and password guessing (PG) attacks. Santoso and Vun [10] also proposed an authentication scheme for smart devices in the SH environments. Yu et al. [20] in their recent study claimed that the scheme presented in [10] has weaknesses against PI and stolen verifier (SV) attacks. Wazid et al. [21] also proposed an authentication scheme, and in 2019, Lyu et al. [22] claimed that Wazid et al.’s scheme is prone to de-synchronization and related attacks. Another authentication scheme was also proposed by Lyu et al. [22]. After that, in the same year, Shuai et al. [23] presented another authentication scheme. The scheme of Shuai et al. was also structured upon ECC, and despite the claims presented in [23], in 2021, Kaur and Kumar [24] simulated the insecurity of the scheme of Shuai et al. against PI, replay, session key exposure, and related attacks. Kaur and Kumar [24] also presented an improved authentication scheme using ECC and claimed that their ECC-based scheme not only extends security but is also lightweight. However, in 2021, Yu et al. [20] proved that the scheme presented by Kaur and Kumar is prone to several weaknesses including exposure of session key and insecurity against impersonation attack. Moreover, Yu et al. also claimed that the scheme of Kaur and Kumar cannot provide mutual authentication.

1.1. Motivations and Contributions

Very recently in 2020, Yu et al. [20] presented their designed authentication scheme for smart home. The scheme of Yu et al. was built on lightweight symmetric key operations (SKOs). They claimed that due to avoidance of PKI and usage of only SKO, their scheme not only is lightweight but also provides privacy and security to the SH devices. In this study, we analyze that in contrast to the claims of Yu et al., the scheme of Yu et al. cannot extend authentication among SH devices due to a crucial design flaw of their scheme. Hence, their scheme is not practical, and to fill the gap, we proposed a symmetric key-based improved lightweight authentication scheme for smart homes (SKIA-SH).

1.2. System Architecture

A standard smart home (SH) as adopted from Yu et al.’s scheme [20] is depicted in Figure 1. The authentication entities in a SH network consist of user/s with mobile device/s, the gateway, and the smart devices (SDs). The users can control the SDs remotely, and before deployment, the registration authority registers users and SDs and deploys secret and public parameters on the memory of users and SDs. The user monitors the working of SDs, and SDs communicate with user/s through the facilitation of gateways. The entities (smart devices) of a SH network are equipped with Wi-Fi and connect with each other and with gateway through public wireless channel. Moreover, the user connects with smart devices through gateway, and the channel used between a user and a gateway is the public Internet, which allows the communication administered remotely and globally. The communication of the entities of a SH through public wireless and Internet channels calls for a secure channel through authentication and key establishment between user/s and the gateway. The authentication and key exchange protect the information exchange through public wireless channel.

1.3. Adversarial Model

In a smart home (SH) communication architecture, one or more users communicate with smart devices (SDs) through facilitation of the gateway and on the public wireless channel. Therefore, SH is an attractive environment for malicious adversaries to launch several attacks including impersonation and forgery. As per the common adversary model DY [25], an adversary has the capabilities to listen to the channel and can read, modify, and jam a message exchanged between the entities of the SH [26, 27]. Moreover, the adversary can generate and send a fake message to any entity, whereas the current de facto adversary model CY [28] is adopted in this paper and in several other proposals [29, 30]. The CK adversary model considers a more strong attacker, where in addition to adversarial capabilities of DY model, the attacker can either compromise the long-term or short-term secrets both but not at the same time [31, 3232]. The CY model suggests to construct the session keys using both the long and short-term secrets and the session keys should be independent to each other.

2. Revisiting Yu et al.’s Scheme

In the following subsections, we revisit the scheme of Yu et al. [20], which provides the authentication among the IoT-based smart devices and the user with the help of gateway. The scheme is based on lightweight symmetric key operations. Before moving to the description of the Yu et al.’ scheme, Table 1 is provided to explain the notations used throughout the whole paper.

2.1. Initialization

During manufacturing, the generates a private key and stores it in the memory of . Moreover, all the IoT-based smart devices are assigned unique identities . The also generates and stores the secret keys and stores it in the memory of each if .

2.2. User Registration

To initiate a registration request, the user generates , selects and , computes , , and , and sends to through a private channel. The TP computes , and sends to . The now computes . The stores into its own memory and the TP sends to . now computes , , , and and deletes and stores in the memory of .

2.3. Smart Device Registration

A generates , computes , and sends the duo to TP. The TP now computes and stores in ’s database and sends to . The now computes and and stores in its own memory.

2.4. Authentication

As summarized in Figure 2, the user initiates authentication phase by entering the pair of his own identity and password . The user terminal device computes , , , and . Now extracts , using decrypts , and gets . further computes and . Now, checks the equality , and if it holds, selects/generates and proceeds with the authentication phase through execution of the following steps: AY 1: . computes , , and and sends request message to . AY 2: . on receiving checks , where is current timestamp recorded at and is the allowable time delay. On the successful validation of timestamp, extracts and computes , , and . Now, checks validity of , and if it holds, selects/generates . Now, computes , , and . completes this step by sending to . AY 3: . on receiving checks , and on successful validation of timestamp, extracts from its memory and computes , , and . Now, checks validity of , and if it holds, selects/generates , , and . now sends to . AY 4: . on receiving checks , and on successful validation of timestamp, computes and . Now, checks validity of . On successful validation, generates and computes and . Now, sends to . AY 5: on receiving checks , and on successful validation of timestamp, computes and session key . checks the validity of . On successful validation, considers and authenticates and keeps as the session key for future secure communication.

3. Weaknesses of Yu et al.’s Scheme

In this section, it is shown that the scheme of Yu et al. [20] cannot provide mutual authentication among the smart devices (SDs) of a smart home (SH). Specifically, in Yu et al.’s scheme, once receives the authentication request, it cannot recognize the user requesting the authentication. Therefore, the process may stop here and the scheme of Yu et al. cannot complete a round of authentication process. The following explanation of an authentication round of the scheme of Yu et al. can clarify the scheme’s incorrectness:(1) first completes a login by entering his password, identity, and biometrics, and the user device computes and sends request message to . Now, sends to .(2) on receiving , checks . On successful validation of , extracts from its database and computes(3) computes the shared key through equation (2), and for this, needs to extract , from the database stored on the memory of . The database has the entries of the form , if there are users. To extract from the database, first needs to recognize the specific user with identity . However, does not recognize because it does not receive identity or any other user-related information in the request message R₁. Therefore, GK_r cannot extract L_up and equations (2), (3), and (4) cannot be resolved. Due to this incorrectness, the scheme of Yu et al. cannot complete even a round of authentication process.

4. SKIA-SH: Proposed Scheme

In this section, we present the improved scheme over Yu et al.’s scheme. For designing improved scheme, we take the initialization phase of Yu et al. as it was designed by Yu et al. Furthermore, the smart device registration phase is also taken as it is. The proposed scheme amends some steps in user registration and authentication phases to provide a scalable and correct mechanism for the provision of secure channel among a user and a smart device. The proposed symmetric key-based improved authentication scheme for smart homes (SKIA-SH) is described below.

4.1. SKIA-SH: User Registration

To initiate a registration request, the user generates , selects and , computes , , and and sends to TP through a private channel. TP computes and and sends to . now computes and . stores and into its own memory, and TP sends to . now computes , , , and , deletes , and stores in the memory of .

4.2. SKIA-SH: Authentication

The user initiates authentication phase as shown in Figure 3, by entering the pair of his own identity and password . The user terminal device computes , , , and . Now extracts , using decrypts , and gets . further computes and . Now, checks the equality , and if it holds, selects/generates and proceeds with the authentication phase through execution of the following steps: AP 1: . computes , , and and sends request message to . AP 2: . on receiving checks , where is current timestamp recorded at and is the allowable time delay. On successful validation of timestamp, , extracts as per the from its database where the entries are of the form and computes , , and . Now, checks validity of , and if it holds, selects/generates . Now, computes , , and . completes this step by sending to . AP 3: . on receiving checks , and on successful validation of timestamp, extracts from its memory and computes , , and . Now, checks validity of , and if it holds, selects/generates , , and . now sends to . AP 4: . on receiving checks , and on successful validation of timestamp, computes and . Now, checks validity of . On successful validation, generates and computes , and . stores in its database in some temporary variable alongside , where is the old identity. keeps identity pair until it receives next authentication to avoid any identity de-synchronization, and on next successful login, both identities are updated. Finally, sends to . AP 5: on receiving checks , and on successful validation of timestamp, computes and session key . checks the validity of . On successful validation, computes and updates with and considers and authenticates and keeps as the session key for future secure communication.

5. Formal Security Analysis through BAN

We present the formal security analysis of the proposed scheme through employing the Burrows–Abadi–Needham logic (BAN) logic [33]. In this BAN logic analysis, we discuss the security evaluation with an emphasis on mutual authenticity among legal participants, protection of session key, and the key distribution among the participants.(i)the principle S believes .(ii) sees .(iii) once said and believes that is true. (iv) has jurisdiction over .(v): is not replayed and is fresh.(vi): and are parts of a hash digest message.(vii): and are exchanged using mutually agreed key .(viii): the communication among and is secured using as the key. Some rules that are used in the analysis are given below: R₁: message meaning rule: R₂: nonce verification rule: Rule 3: jurisdiction rule: Rule 4: freshness conjunction rule: Rule 5: belief rule: Rule 6: session key rule:(i)G-1: .(ii)G-2: .(iii)G-3: .(iv)G-4: .(v)G-5: .(vi)G-6: . The idealized form of the communication messages is given below:(vii): .(viii): .(ix): .(x): . To prove the model, we construct the following premises.(xi).(xii).(xiii).(xiv).(xv).(xvi).(xvii).(xviii).(xix).(xx).(xxi).(xxii).(xxiii).(xxiv).(xxv). Next we use the designed idealizations in the following formulations. Considering and of the idealized formalization:(i)R₁: .(ii)R₂: . Employing seeing rule for and , we get(i).(ii). According to , and message meaning rule, we have(iii).(iv).(v)Employing , freshness conjucatenation, and nonce verification rules, we have(vi). On applying , freshness conjucatenation, and nonce verification rules, we get(i). After applying , and jurisdiction rule,(ii). Using , and jurisdiction rule,(i). After applying , and session key rule, we get(i) (G-1). Using , and nonce verification rule, we get(i) (G-5). Using of the idealized form:(i): . By applying seeing rule for , we get(i). Employing , and message meaning rule, we get(i). On applying , freshness conjucatenation, and nonce verification rules, we have(i).(ii) (G-3).(iii) (G-4). Next, using idealized form:(i): . By using seeing rule for , we get(i). By using , and message meaning rule, we have(i). By applying , freshness conjucatenation, and nonce verification rules, we have(i). By applying , and jurisdiction rule, we get(i). Through , we apply the session key rule as(i) (G-2). By applying , we use the session key rule as(i) (G-6).

This BAN logic analysis proves sufficiently that our contributed model achieves the targeted goals by attaining mutual authenticity among the legal entities of the system.

5.1. Informal Security Analysis

An informal security discussion on the security features of the proposed scheme is provided in the following.

5.1.1. Mutual Authentication

In the proposed scheme, all participating entities such as , , and mutually authenticate one another. authenticates after extracting , computing , and verifying factor with a fresh timestamp . Similarly, authenticates after computing and evaluating the correctness of parameter. No malicious entity may compute factor without applying the shared secret . Likewise, authenticates and on account of verification of factor. knows that no adversary may calculate the constituent factors including , , , and in further computing without using the shared secret . Finally, endorses both and entities after verification of parameter. verifies the validity of , , , and factors due to the shared secret .

5.1.2. Anonymity and Untraceability

The proposed scheme remains anonymous due to the fact that does not send its real identity in plaintext on insecure channel. To achieve this property, it computes by taking hash of real identity along with high entropy random integer . Moreover, this hidden identity is submitted to under the cover of shared secret . An adversary may eavesdrop message from open channel; however, it may not extract either or the hidden identity from . Similarly, our scheme is untraceable since no adversary can distinguish or trace the similarity among messages of various sessions of the same user. Thus, our scheme supports anonymity and untraceability for the user .

5.1.3. Impersonation Attacks

Our scheme is resistant to as well as impersonation attacks. The adversary may attempt to impersonate as and for this, it can replay or can modify and send the to , the later may come to know the possibility of the impersonation attack if the is not satisfied. Similarly, if an adversary attempts to initiate impersonation attack towards by manipulating the message, may come to know about any forgery on part of adversary by constructing session key SK and verifying the equation. Hence, the proposed scheme resists any possibility of impersonation attack.

5.1.4. Replay Attack

The attacker may eavesdrop the contents exchanged on the public channel, and it can replay the eavesdroped contents. The proposed scheme may resist replay attack successfully since it employs timestamps to ensure the freshness of each constructed and submitted message , respectively. An adversary may not compute fresh messages without accessing the shared secrets as well as which are possessed by the legitimate entities of the system.

5.1.5. Stolen Verifier Attack

The proposed scheme is immune to stolen verifier attack by a possible malicious attacker. In our scheme, even if the adversary comes to know about the users’ verifiers such as , the adversary must need private key to compute and recover further information. It is too hard to guess the private secret key of for polynomial time adversary. Thus, our scheme is resistant to stolen verifier attack.

5.1.6. Man in the Middle Attack

In our scheme, if an attacker attempts to act as a malicious intermediary among , , and entities by manipulating the messages , it will be detected in the verification procedures such as , , , and of respective entities. It is obvious from the subsection related to resistance from impersonation attacks that if an attacker attempts to replay or modify the parameters of intermediate messages, it will not succeed in these malicious attempts. Hence, our scheme can resist man in the middle attack successfully.

5.1.7. Perfect Forward Secrecy

The proposed scheme supports perfect forward secrecy because even if the private secret key of is revealed to the adversary, the latter will not be able to compute without accessing the parameter which is stored in the repository of . Thus, the adversary may not compute current, previous, or future session keys, in case the long-term private secret of is exposed to the adversary.

5.1.8. Physical Capture

In proposed scheme, if the device is physically captured by the adversary while the latter extracts and from the memory of device, it will not be able to recover the shared secret for lacking access to the private key of . Moreover, even if the adversary is able to access the ’s private key, it will only be able to compute the session key of a particular device while the rest of the smart devices in the system will remain protected and the attacker will not be able to compute their session keys.

6. Comparisons

In the following subsections, we provide the comparisons of the proposed SKIA-SH and relevant schemes of Wazid et al. [21], Shuai et al. [23], Kaur and Kumar [24], and Yu et al. [20].

6.1. Security Features

The security attribute provision of the proposed SKIA-SH and related schemes [20, 21, 23, 24] is shown in Table 2. Referring to Table 2, except the proposed SKIA-SH scheme, all the related schemes presented in [20, 21, 23, 24] entail one or more weaknesses: the scheme of Yu et al. [20] has a faulty design and it cannot provide mutual authentication between a user and smart devices (SDs), which is proved in Section 3 of this paper. The scheme of Kaur and Kumar [24] has weaknesses against session key disclosure attack and it cannot provide mutual authentication between a user and SDs. The scheme of Shuai et al. [23] cannot resist offline password guessing, insider, replay, and session disclosure attacks, whereas, the scheme of Wazid et al. cannot provide forward secrecy and it cannot resist replay and de-synchronization attacks. Only proposed SKIA-SH provides requisite security attributes and is well suited for smart home (SH) environments.

6.2. Computation Cost

In this section, using a real-time experiment, we provide a comparative computation cost of our SKIA-SH and some of the recent schemes [20, 21, 23, 24]. We conducted the experiment using three devices and corresponding underneath hardware and softwares: ① A Xiaomi Redmi-Note-8 equipped with 4 GB RAM and with an Octa-core 2.01-GHz mprocessor and v-9 andriod MUI-V.11.0.7 operating system, the smart phone simulates a user/mobile-device, ② for , we adopted an Elite-Book HP 8460P equipped with 4 GB RAM and intel ③ 2.7 GHz mprocessor and th OS used is Ubuntune V.LTS-16, ④ the smart device is simulated through a Cortex:A53-ARMv8, Pi-B+, 64 bit: SoC, 1 GB: LPDDR2 SDRAM and 1.4 GHz mprocessor. Among other operations, the biohashing/fuzzy extraction is approximated with an elliptic-curve point multiplication . The notations and their corresponding running times on each device according to the conducted experiment are shown in Table 3. To furnish a round of authentication, executes operations, in addition to and executed by and . The total running time (RT) on side is ms, the RT on is ms, and the RT on through the experiment is ms. Therefore, total RT of the proposed SKIA-SH is ms. The RT to execute an authentication round of Yu et al.’s scheme is . Similarly, the RT of the schemes of Shuai et al., Kaur and Kumar, and Wazid et al. is , , and , respectively.

6.3. Communication Cost

This section shows the comparisons of our SKIA-SH and the schemes of [20, 21, 23, 24], and for computation cost (CC) comparisons, we adopted SHA-1 with 20-byte output size. The identities and time stamps are kept 8 bytes and 4 bytes, respectively. The random numbers are taken 20 bytes long, and the adopted encryption/decryption algorithm AES-128 also takes 16-byte input and 16-byte output. The size of a coordinate of elliptic curve point (ECP) is 20 bytes and the total length of an ECP is 20 + 20 = 40 bytes. The SKIA-SH (proposed scheme) completes an authentication round by exchanging four (4) messages: ① message sent by to is . costs bytes. ② Message sent by to is . costs bytes. ③ Message sent by to is , and costs bytes. ④ Likewise, the message sent by to is , and costs bytes. Therefore, total bytes exchanged during a round of authentication cycle are bytes. The communication cost of the Yu et al.’s scheme is bytes. Similarly, the communication cost of the scheme of Shuai et al., Kaur and Kumar, and Wazid et al. is 208 bytes, 224 bytes, and 376 bytes, respectively. The computation and communication cost comparisons are also depicted in Table 4.

7. Conclusion

In this article, we highlighted the need of secure and communication between the smart devices and users through the facilitation of the gateway in the smart home (SH) settings of the IoT. We then reviewed a very recent authentication scheme of Yu et al. We proved that the symmetric key-based efficient and secure authentication scheme entails a critical design flaw, and owing to the explored design flaw, the scheme of Yu et al. cannot complete a cycle of authentication process. An improved scheme free of design flaws and based on only symmetric key function for SH (SKIA-SH) is proposed to mitigate the security and efficiency issues of the SH environments. The security of the SKIA-SH is substantiated through BAN logic. Moreover, we provided a brief discussion of the security attribute provision of the proposed SKIA-SH. To measure the performance, we set up a real-time experiment, and the results show that the SKIA-SH is more secure while it has slight over computation and communication costs when compared with original scheme of Yu et al. The SKIA-SH accomplishes the authentication among a user and a smart device involving gateway in and by exchanging 216 bytes. As a future work, we intend to extend the proposed method to work in a building area network to provide central and apartment-based services.

Data Availability

The data used to support the findings of this study are available from the corresponding author upon request.

Conflicts of Interest

The authors declare that they have no conflicts of interest.

Acknowledgments

This project was funded by the Deanship of Scientific Research (DSR) at King Abdulaziz University, Jeddah, Saudi Arabia, under grant no. RG-3-611-41. The authors, therefore, acknowledge with thanks the DSR for technical and financial support.

References

V. Sivaraman, H. H. Gharakheili, C. Fernandes, N. Clark, and T. Karliychuk, “Smart IoT devices in the home: security and privacy implications,” IEEE Technology and Society Magazine, vol. 37, no. 2, pp. 71–79, 2018.
View at: Publisher Site | Google Scholar
T.-Y. Wu, Z. Lee, L. Yang, and C.-M. Chen, “A provably secure authentication and key exchange protocol in vehicular ad hoc networks,” Security and Communication Networks, vol. 2021, Article ID 9944460, 17 pages, 2021.
View at: Publisher Site | Google Scholar
P. Gope, H. Islam, M. S. Obaidat, R. Amin, and P. Vijayakumar, “Anonymous and expeditious mobile user authentication scheme for glomonet environments,” International Journal of Communication Systems, vol. 31, no. 2, pp. 1–18, 2017.
View at: Publisher Site | Google Scholar
R. Amin, S. H. Islam, G. P. Biswas, M. K. Khan, and N. Kumar, “A robust and anonymous patient monitoring system using wireless medical sensor networks,” Future Generation Computer Systems, vol. 80, pp. 483–495, 2018.
View at: Publisher Site | Google Scholar
M. Tanveer, G. Abbas, Z. H. Abbas, M. Bilal, A. Mukherjee, and K. S. Kwak, “Lake-6sh: lightweight user authenticated key exchange for 6lowpan-based smart homes,” IEEE Internet of Things Journal, vol. 1, 2021.
View at: Publisher Site | Google Scholar
S. A. Chaudhry, A. Irshad, K. Yahya, N. Kumar, M. Alazab, and Y. B. Zikria, “Rotating behind privacy: an improved lightweight authentication scheme for cloud-based IOT environment,” ACM Transactions on Internet Technology, vol. 21, no. 3, 2021.
View at: Google Scholar
M. Tanveer, A. U. Khan, N. Kumar, and M. M. Hassan, “Ramp-iod: a robust authenticated key management protocol for the internet of drones,” IEEE Internet of Things Journal, vol. 1, 2021.
View at: Google Scholar
F. Wu, L. Xiong, L. Xu, P. Vijayakumar, and N. Kumar, “A novel three-factor authentication protocol for wireless sensor networks with IOT notion,” IEEE Systems Journal, vol. 15, no. 1, pp. 1120–1129, 2021.
View at: Google Scholar
B. Vaidya, D. Makrakis, and H. T. Mouftah, “Device authentication mechanism for smart energy home area networks,” in Proceedings of the IEEE International Conference Consumer Electronics (ICCE), pp. 787-788, Las Vegas, NV, USA, January 2011.
View at: Publisher Site | Google Scholar
F. K. Santoso and N. C. H. Vun, “Securing IOT for smart home system,” in Proceedings of the International Symposium on Consumer Electronics, Madrid, Spain, June 2015.
View at: Publisher Site | Google Scholar
S. A. Chaudhry, A. Irshad, J. Nebhen, and A. K. Bashir, “An anonymous device to device access control based on secure certificate for internet of medical things systems,” Sustainable Cities and Society, vol. 75, Article ID 103322, 2021.
View at: Google Scholar
A. Irshad, M. Sher, H. F. Ahmad, and B. A. Alzharani, “An improved multi-server authentication scheme for distributed mobile cloud computing services,” KSII Transactions on Internet and Information Systems (TIIS), vol. 10, no. 12, pp. 5529–5552, 2016.
View at: Google Scholar
J.-L. Tsai and N.-W. Lo, “A privacy-aware authentication scheme for distributed mobile cloud computing services,” IEEE systems journal, vol. 9, no. 3, pp. 805–815, 2015.
View at: Publisher Site | Google Scholar
T. Maitra, M. S. Obaidat, R. Amin, S. H. Islam, S. A. Chaudhry, and D. Giri, “A robust elgamal-based password-authentication protocol using smart card for client-server communication,” International Journal of Communication Systems, vol. 30, no. 11, Article ID e3242, 2017.
View at: Publisher Site | Google Scholar
Y.-C. Lee, Y.-C. Hsieh, P.-J. Lee, and P.-S. You, “Improvement of the ElGamal based remote authentication scheme using smart cards,” Journal of Applied Research and Technology, vol. 12, no. 6, pp. 1063–1072, 2014.
View at: Publisher Site | Google Scholar
A. Ali Khan, V. Kumar, M. Ahmad, S. Rana, and D. Mishra, “Palk: password-based anonymous lightweight key agreement framework for smart grid,” International Journal of Electrical Power & Energy Systems, vol. 121, Article ID 106121, 2020, [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0142061519340621.
View at: Google Scholar
J. Wei, W. Liu, and X. Hu, “Secure control protocol for universal serial bus mass storage devices,” IET Computers & Digital Techniques, vol. 9, no. 6, pp. 321–327, 2015.
View at: Publisher Site | Google Scholar
S. A. Chaudhry, “Correcting “palk: password-based anonymous lightweight key agreement framework for smart grid”,” International Journal of Electrical Power & Energy Systems, vol. 125, Article ID 106529, 2021.
View at: Google Scholar
M. F. Ayub, S. Shamshad, K. Mahmood, S. H. Islam, R. M. Parizi, and K.-K. R. Choo, “A provably secure two-factor authentication scheme for usb storage devices,” IEEE Transactions on Consumer Electronics, vol. 66, no. 4, pp. 396–405, 2020.
View at: Publisher Site | Google Scholar
S. Yu, N. Jho, and Y. Park, “Lightweight three-factor-based privacy- preserving authentication scheme for iot-enabled smart homes,” IEEE Access, vol. 9, pp. 126186–126197, 2021.
View at: Publisher Site | Google Scholar
M. Wazid, A. K. Das, V. Odelu, N. Kumar, and W. Susilo, “Secure remote user authenticated key establishment protocol for smart home environment,” IEEE Transactions on Dependable and Secure Computing, vol. 17, no. 2, pp. 391–406, 2020.
View at: Publisher Site | Google Scholar
Q. Lyu, N. Zheng, H. Liu, C. Gao, S. Chen, and J. Liu, “Remotely access “my” smart home in private: an anti-tracking authentication and key agreement scheme,” IEEE Access, vol. 7, pp. 41835–41851, 2019.
View at: Publisher Site | Google Scholar
M. Shuai, N. Yu, H. Wang, and L. Xiong, “Anonymous authentication scheme for smart home environment with provable security,” Computers & Security, vol. 86, no. 132–146, 2019.
View at: Publisher Site | Google Scholar
D. Kaur and D. Kumar, “Cryptanalysis and improvement of a two-factor user authentication scheme for smart home,” Journal of Informatics, vol. 58, pp. 2787–10279, 2021.
View at: Publisher Site | Google Scholar
D. Dolev and A. Yao, “On the security of public key protocols,” IEEE Transactions on Information Theory, vol. 29, no. 2, pp. 198–208, 1983.
View at: Google Scholar
C.-M. Chen and S. Liu, “Improved secure and lightweight authentication scheme for next-generation IOT infrastructure,” Security and Communication Networks, vol. 2021, Article ID 6537678, 13 pages, 2021.
View at: Publisher Site | Google Scholar
L. Xiong, L. Tian, M. S. Obaidat, and F. Wu, “A lightweight privacy-preserving authentication protocol for vanets,” IEEE Systems Journal, vol. 14, no. 3, pp. 3547–3557, 2020.
View at: Google Scholar
C. Ran and H. Krawczyk, “Analysis of key-exchange protocols and their use for building secure channels,” in Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, pp. 453–474, Springer, June 2001.
View at: Google Scholar
T.-Y. Wu, L. Yang, M. Qian, X. Guo, and C.-M. Chen, “Fog-driven secure authentication and key exchange scheme for wearable health monitoring system,” Security and Communication Networks, vol. 2021, Article ID 8368646, 14 pages, 2021.
View at: Publisher Site | Google Scholar
Z. Ali, S. A. Chaudhry, and K. Mahmood, “A clogging resistant secure authentication scheme for fog computing services,” Computer Networks, vol. 185, Article ID 107731, 2021.
View at: Google Scholar
M. A. Saleem, S. H. Islam, S. Mahmood, and M. Hussain, “Provably secure biometric-based client-server secure communication over unreliable networks,” Journal of Information Security and Applications, vol. 58, Article ID 102769, 2021.
View at: Publisher Site | Google Scholar
D. He and D. Wang, “Robust biometrics-based authentication scheme for multiserver environment,” IEEE Systems Journal, vol. 9, no. 3, pp. 816–823, 2014.
View at: Google Scholar
M. Burrows, M. Abadi, and R. Michael Needham, “A logic of authentication,” Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences, vol. 426, no. 1871, pp. 233–271, 1989.
View at: Google Scholar

Copyright

Copyright © 2022 Bander A. Alzahrani et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

445

Downloads

458

Citations