Secure mutual authentication and automated access control for IoT smart home using cumulative Keyed-hash chain

Alshahrani, Mohammed Mujib; Traoré, Issa

doi:10.1016/j.jisa.2019.02.003

Cited by 68 publications

(36 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The total energy required for communication by RLMA is 0.562 mJ as shown in Table 5 and it can also be noticed that the proposed scheme incurred less communication energy than the other schemes. Finally, from Fig.11, it is easy to visualize that a practical authentication and key establishment in the proposed scheme requires 2 message exchanges, whereas the schemes proposed in [14], [16] require 4 message exchanges and the scheme proposed in [13], [15], [17] needs 6, 3, and 7 message exchanges respectively. It should be noted that in real-world applications the actual number of message exchanges may vary if the packet transmission required multi-hop communications.…”

Section: ) Communication Costmentioning

confidence: 99%

“…In [16], the authors proposed an authentication model for IoT enabled smart home. The authors claimed that their scheme is lightweight and secured against vulnerabilities.…”

Section: ) Asymmetric Key Based Schemesmentioning

confidence: 99%

“…Nevertheless, the scheme may fail to provide complete confidentiality and protection against DoS, known key attacks etc. Moreover, the communication and computation cost in [16] is a hindrance to its acceptance as an authentication model for resource limited devices of smart homes.…”

Section: ) Asymmetric Key Based Schemesmentioning

confidence: 99%

See 2 more Smart Citations

Robust and Lightweight Mutual Authentication Scheme in Distributed Smart Environments

Gaba

Kumar

Monga³

et al. 2020

IEEE Access

View full text Add to dashboard Cite

In the smart environments several smart devices are continuously working together to make individuals' lives more comfortable. Few of the examples are smart homes, smart buildings, smart airports, etc. These environments consist of many resource constrained heterogeneous entities which are interconnected, controlled, monitored and analyzed through the Internet. One of the most challenging tasks in a distributed smart environment is how to provide robust security to the resource constraint Internet-enabled devices. However, an authentication can play a major role ensuring that only authorized devices are being connected to the distributed smart environment applications. In this paper, we present a robust and lightweight mutual-authentication scheme (RLMA) for protecting distributed smart environments from unauthorized abuses. The proposed scheme uses implicit certificates and enables mutual authentication and key agreement between the smart devices in a smart environment. The RLMA not only resists to various attacks but it also achieves efficiency by reducing the computation and communication complexities. Moreover, both security analysis and performance evaluation prove the effectiveness of RLMA as compared to the state of the art schemes. INDEX TERMS Authentication, elliptic curve Qu-Vanstone (ECQV), Internet of Things (IoT), implicit certificate, security.

show abstract

Section: ) Communication Costmentioning

confidence: 99%

“…In [16], the authors proposed an authentication model for IoT enabled smart home. The authors claimed that their scheme is lightweight and secured against vulnerabilities.…”

Section: ) Asymmetric Key Based Schemesmentioning

confidence: 99%

See 1 more Smart Citation

Robust and Lightweight Mutual Authentication Scheme in Distributed Smart Environments

Gaba

Kumar

Monga³

et al. 2020

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Automated validation of internet security protocol and applications (AVISPA) is a formal tool for checking the security claims of cryptographic algorithms [18]. It contains a graphical user interface (GUI) of the security protocol animator (SPAN) [19].…”

Section: Basics Of Avispamentioning

confidence: 99%

A Lightweight and Secured Certificate-Based Proxy Signcryption (CB-PS) Scheme for E-Prescription Systems

et al. 2020

View full text Add to dashboard Cite

Electronic prescription (E-prescription) is an emerging technology that allows health practitioners (doctors, physicians, pharmacists, or nurses) to electronically transmit prescriptions to pharmacies. E-prescription systems allow doctors to avoid traditional medical practices in which prescriptions are sent manually in handwritten form. Additionally, in cases in which a patient may not be able to collect the medication in person due to physical disabilities, the medications can be delivered to the patient's home directly. Furthermore, payments can also be made online (e.g., using credit cards or bank transfers). However, these distinctive features require a series of guidelines for the successful deployment of the E-prescription system due to stringent legal requirements and privacy regulations. Two major security requirements i.e. confidentiality and authentication need to be addressed. In general, the solution to ensuring confidentiality and authentication lies in the combination of both the encryption and digital signature functions in a single logic step called signcryption. Therefore, in this paper, we present a lightweight and provable secured certificate-based proxy signcryption (CB-PS) scheme for e-prescription systems. The formal security verification uses the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool along with informal security analysis, which authenticates that the proposed CB-PS scheme can potentially be implemented in resource-constrained low-computing electronic devices in E-prescription systems.

show abstract

“…It protects frequent transmissions between IoT devices in short session time intervals in which the secret is agreed upon between the devices during the initial authentication phase and secret actions are utilized as authentication tokens. On the other hand, a secure lightweight authentication and key exchange protocol for IoT devices in a smart home scenario was outlined in [23]. The proposed protocol provides mutual authentication between the IoT devices using a cumulative keyed-hash chain scheme, where security features are demonstrated in a smart home environment with different types of IoT sensors (mainly coffeemaker, bed, air conditioner, camera, and door sensors).…”

Section: Related Workmentioning

confidence: 99%

PALOT: Profiling and Authenticating Users Leveraging Internet of Things

Nespoli

Zago

Celdrán

et al. 2019

Sensors

View full text Add to dashboard Cite

Continuous authentication was introduced to propose novel mechanisms to validate users’ identity and address the problems and limitations exposed by traditional techniques. However, this methodology poses several challenges that remain unsolved. In this paper, we present a novel framework, PALOT, that leverages IoT to provide context-aware, continuous and non-intrusive authentication and authorization services. To this end, we propose a formal information system model based on ontologies, representing the main source of knowledge of our framework. Furthermore, to recognize users’ behavioral patterns within the IoT ecosystem, we introduced a new module called “confidence manager”. The module is then integrated into an extended version of our early framework architecture, IoTCAF, which is consequently adapted to include the above-mentioned component. Exhaustive experiments demonstrated the efficacy, feasibility and scalability of the proposed solution.

show abstract

Secure mutual authentication and automated access control for IoT smart home using cumulative Keyed-hash chain

Cited by 68 publications

References 15 publications

Robust and Lightweight Mutual Authentication Scheme in Distributed Smart Environments

Robust and Lightweight Mutual Authentication Scheme in Distributed Smart Environments

A Lightweight and Secured Certificate-Based Proxy Signcryption (CB-PS) Scheme for E-Prescription Systems

PALOT: Profiling and Authenticating Users Leveraging Internet of Things

Contact Info

Product

Resources

About