Lightweight and Privacy-Preserving Two-Factor Authentication Scheme for IoT Devices

Gope, Prosanta; Sikdar, Biplab

doi:10.1109/jiot.2018.2846299

Cited by 296 publications

(192 citation statements)

References 21 publications

Supporting

Mentioning

171

Contrasting

Unclassified

Order By: Relevance

“…IoT devices are responsible for acquiring, storing, and transferring data. Currently, many IoT devices are located on the edge of a network and lack of protection measures to resist various attacks [38][39][40][41][42][43]. Therefore, these devices are more vulnerable to some attacks, such as device theft, device manipulation, identity theft, data eavesdropping and so on.…”

Section: Discussionmentioning

confidence: 99%

Reusable Mesh Signature Scheme for Protecting Identity Privacy of IoT Devices

Zhang

Lim

et al. 2020

Sensors

View full text Add to dashboard Cite

The development of the Internet of Things (IoT) plays a very important role for processing data at the edge of a network. Therefore, it is very important to protect the privacy of IoT devices when these devices process and transfer data. A mesh signature (MS) is a useful cryptographic tool, which makes a signer sign any message anonymously. As a result, the signer can hide his specific identity information to the mesh signature, namely his identifying information (such as personal public key) may be hidden to a list of tuples that consist of public key and message. Therefore, we propose an improved mesh signature scheme for IoT devices in this paper. The IoT devices seen as the signers may sign their publishing data through our proposed mesh signature scheme, and their specific identities can be hidden to a list of possible signers. Additionally, mesh signature consists of some atomic signatures, where the atomic signatures can be reusable. Therefore, for a large amount of data published by the IoT devices, the atomic signatures on the same data can be reusable so as to decrease the number of signatures generated by the IoT devices in our proposed scheme. Compared with the original mesh signature scheme, the proposed scheme has less computational costs on generating final mesh signature and signature verification. Since atomic signatures are reusable, the proposed scheme has more advantages on generating final mesh signature by reconstructing atomic signatures. Furthermore, according to our experiment, when the proposed scheme generates a mesh signature on 10 MB message, the memory consumption is only about 200 KB. Therefore, it is feasible that the proposed scheme is used to protect the identity privacy of IoT devices.

show abstract

Section: Discussionmentioning

confidence: 99%

Reusable Mesh Signature Scheme for Protecting Identity Privacy of IoT Devices

Zhang

Lim

et al. 2020

Sensors

View full text Add to dashboard Cite

show abstract

“…Gope and Sikdar [21] have not only emphasized on vulnerability of IoT devices at public places but also realized a need of robust IoT device authentication strategy. The authors proposed an authentication model using PUF to make IoT devices invulnerable to physical and cloning attacks.…”

Section: ) Asymmetric Key Based Schemesmentioning

confidence: 99%

Robust and Lightweight Mutual Authentication Scheme in Distributed Smart Environments

Gaba

Kumar

Monga³

et al. 2020

IEEE Access

View full text Add to dashboard Cite

In the smart environments several smart devices are continuously working together to make individuals' lives more comfortable. Few of the examples are smart homes, smart buildings, smart airports, etc. These environments consist of many resource constrained heterogeneous entities which are interconnected, controlled, monitored and analyzed through the Internet. One of the most challenging tasks in a distributed smart environment is how to provide robust security to the resource constraint Internet-enabled devices. However, an authentication can play a major role ensuring that only authorized devices are being connected to the distributed smart environment applications. In this paper, we present a robust and lightweight mutual-authentication scheme (RLMA) for protecting distributed smart environments from unauthorized abuses. The proposed scheme uses implicit certificates and enables mutual authentication and key agreement between the smart devices in a smart environment. The RLMA not only resists to various attacks but it also achieves efficiency by reducing the computation and communication complexities. Moreover, both security analysis and performance evaluation prove the effectiveness of RLMA as compared to the state of the art schemes. INDEX TERMS Authentication, elliptic curve Qu-Vanstone (ECQV), Internet of Things (IoT), implicit certificate, security.

show abstract

“…Both the input parameters and the return result are a string of bits and constitute a challenge-response pair (CRP). Some protocols [7]- [9] with PUF need to store a set of CRPs for each sensor node, which increases the storage space complexity of GateWay [10]. CRPs stored in GateWay for authentication are finite and consumed in every authentication phase, and thus CRPs will eventually get exhausted.…”

Section: A Motivationsmentioning

confidence: 99%

A Physically Secure, Lightweight Three-Factor and Anonymous User Authentication Protocol for IoT

2020

View full text Add to dashboard Cite

Internet of Things has remarkable effects in human's daily life. It is important for users and sensors to securely access data collected by low-cost sensors via Internet in real-time IoT applications. There exist many authentication protocols for guaranteeing secure communication between users and sensors. However, in some protocols, the privacy of unattended sensors subjected to capture node attacks cannot be guaranteed. Moreover, the sensors subjected to physical tampering attacks can still execute normally the authentication process. Besides, an authentication protocol should be lightweight due to the restricted computing power and storage of the sensors. The idea of designing a more secure and lightweight authentication protocol engender this article. The proposed protocol can provide the physical security through physically unclonable function (PUF), require no additional phase to update challenge-response pairs (CRPs), and store a single CRP for each sensor. At the same time, the proposed protocol utilizes three factors, such as personal biometrics, smartcard and password, to strengthen the security contrasting with two factors, and manipulates some basic cryptographic operations, including bitwise-exclusive-OR (XOR) and hash function, to achieve the lightweight performance. Moreover, both formal security analysis based on Real-Or-Random (ROR) and informal security analysis demonstrate the security of the proposed protocol. Compared with the existing related protocols, the proposed protocol has the advantage in terms of security, functionality and computation costs. Finally, a NS3 simulation on measuring various network performance parameters indicates that the proposed protocol is practical in IoT environment. INDEX TERMS Internet of Things, key agreement, physical unclonable function, mutual authentication, NS3 simulation.

show abstract

Lightweight and Privacy-Preserving Two-Factor Authentication Scheme for IoT Devices

Abstract: This is a repository copy of Lightweight and privacy-preserving two-factor authentication scheme for IoT devices.

Cited by 296 publications

References 21 publications

Reusable Mesh Signature Scheme for Protecting Identity Privacy of IoT Devices

Reusable Mesh Signature Scheme for Protecting Identity Privacy of IoT Devices

Robust and Lightweight Mutual Authentication Scheme in Distributed Smart Environments

A Physically Secure, Lightweight Three-Factor and Anonymous User Authentication Protocol for IoT

Contact Info

Product

Resources

About