Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment

Wazid, Mohammad; Das, Ashok Kumar; Odelu, Vanga; Kumar, Neeraj; Susilo, Willy

doi:10.1109/tdsc.2017.2764083

Cited by 276 publications

(210 citation statements)

References 30 publications

Supporting

Mentioning

208

Contrasting

Order By: Relevance

“…In IoT-based critical applications, only authorised users can access the IoT sensors data or query stored data on cloud servers to realise the hidden patterns of some phenomena. Wazid et al [37] discussed the authentication schemes for cloud-driven IoT-based big data environment and provided a comparative study of numerous existing authentication schemes that are shown in Table 3.…”

Section: Rq3: What Kind Of Authentication Scheme (Techniques)mentioning

confidence: 99%

A Systematic Literature Review of Authentication in Internet of Things for Heterogeneous Devices

Kavianpour

Shanmugam

Azam

et al. 2019

Journal of Computer Networks and Communications

View full text Add to dashboard Cite

Internet of ings (IoT) has become one of the most significant technologies in recent years because of possessing the diverse application domains. e variety of applications results in a large amount of users' private information diffusion that will pose a paramount security concern. User authentication is a significant factor in the IoT environment as it allows the user to communicate with the device securely. Integration of authentication technologies with IoT ensures secure data retrieval and robust access control. is paper provides a comprehensive systematic literature review of various authentication mechanisms for IoT security proposed in the literature. With the comparison of existing authentication mechanisms that are developed for the IoT in terms of security via a multicriteria classification, the open issues that require further research are identified.

show abstract

Section: Rq3: What Kind Of Authentication Scheme (Techniques)mentioning

confidence: 99%

A Systematic Literature Review of Authentication in Internet of Things for Heterogeneous Devices

Kavianpour

Shanmugam

Azam

et al. 2019

Journal of Computer Networks and Communications

View full text Add to dashboard Cite

show abstract

“…Fuzzy extractor is one of the biometric verification methods, and it is popularly used in biometric‐based authentication schemes …”

Section: Mathematical Preliminariesmentioning

confidence: 99%

On the design of secure user authenticated key management scheme for multigateway‐based wireless sensor networks using ECC

Sutrala

Das

Kumar

et al. 2018

Int J Communication

Self Cite

View full text Add to dashboard Cite

Wireless sensor networks can be applied in various applications ranging from the battlefield monitoring, trespass alert systems at high security zones, remote medical diagnosis, fitness monitoring, home sentry systems, digital homes, to agriculture. Moreover, the evolution of Internet of things (IoT) has greatly increased the usage of sensor nodes in real-time applications. The rapid growth of IoT leads to generating large quantity of data, generally referred as big data, thereby it has growing demand to apply various analytics on the data to uncover hidden patterns, correlations, and other insights. [1][2][3][4][5] The sensor nodes, which work on battery power, are generally deployed in an unattended environment to monitor natural phenomena such as sound, pressure, light, temperature, and sensing information (eg, movement of soldiers of the opponent sides in case of battlefield scenario and monitoring of pH level, blood sugar, and blood pressure in case of healthcare application). The sensors then transmit the sensed data to the nearby base station(s) or gateway nodes (GWNs), which analyze the received data and take the appropriate actions on the target environment.Secure communication along with mutual authentication among the user, sensor nodes and the GWN becomes necessary for WSN. This raises security challenges such as eavesdropping, replay and man-in-the-middle attacks, impersonation attacks, denial-of-service (DoS) attack and physical compromise of sensor nodes. Consider critical applications such as healthcare application and battlefield scenario where the live information of patients' vital information and important information about the opponent side need to be analyzed by the hospital staffs (eg, doctors and nurses) and commanders. This could be achieved when we provide access to the real-time live information directly to the external entities those who are permitted to access the information. In this case, after mutual authentication between a user (external party) and an accessed sensor node, a session key is established for secure communications among them. This paper focuses on this important research topic in WSNs, which attracts much attention to the research community in recent years. Network modelThe network model associated to the proposed scheme presented in Figure 1 is the hierarchical wireless sensor network (HWSN) or multigateway-based WSN. This model has 3 participants: (1) sensors, (2) GWNs or base stations, and (3) users who wish to use the services of the WSN. The sensor nodes sense the real-time data and transmit to the nearest GWN or the authenticated user. The GWNs act as authentication servers and facilitate in establishing mutual authentication and shared session key between a user and a sensor node in its vicinity. Upon successful authentication and shared key establishment with the desired sensor node, users interact with the sensor node to access the necessary data. It is assumed that the sensor nodes and base stations are stationary after their deployment in the target field....

show abstract

“…The Internet of Things (IoT) is a network of physical objects (for example, smart devices) such as smart vehicles, smart industrial monitoring machines, smart home appliances, and many more. Such objects are connected together to gather, process, rectify, and exchange relevant data over the Internet [1][2][3][4][5][6]. Furthermore, smart devices along with application programming interfaces (APIs) are used to connect and exchange data over the Internet.…”

Section: Introductionmentioning

confidence: 99%

“…As existing authentication protocols have security flaws that make them vulnerable to some known attacks (for example, "privileged insider attack", "online and offline password guessing", etc. ), consequently, it becomes important to enhance the security of the authentication protocols, for instance in the case of "new device addition or revocation", other communicating parties of the network should also be informed by the concerned (trusted) authority so that they can become aware about this activity and can update their memories accordingly [1,4]. Hence, it is an exigent task to provide a design for such a kind of protocol that supports "dynamic installation/update" without compromising the security of the system [4].…”

mentioning

confidence: 99%

“…A can replace the physical captured device with his/her own malicious device(s) that he/she has cloned in the laboratory. We should be more careful while going for the design of authentication and key management techniques in case some IoT devices are physically compromised so that there should not be any affect on the security of communication happening in the rest of the network [1,4].…”

mentioning

confidence: 99%

See 1 more Smart Citation

LDAKM-EIoT: Lightweight Device Authentication and Key Management Mechanism for Edge-Based IoT Deployment

Wazid

Das

Shetty

et al. 2019

Sensors

Self Cite

View full text Add to dashboard Cite

In recent years, edge computing has emerged as a new concept in the computing paradigm that empowers several future technologies, such as 5G, vehicle-to-vehicle communications, and the Internet of Things (IoT), by providing cloud computing facilities, as well as services to the end users. However, open communication among the entities in an edge based IoT environment makes it vulnerable to various potential attacks that are executed by an adversary. Device authentication is one of the prominent techniques in security that permits an IoT device to authenticate mutually with a cloud server with the help of an edge node. If authentication is successful, they establish a session key between them for secure communication. To achieve this goal, a novel device authentication and key management mechanism for the edge based IoT environment, called the lightweight authentication and key management scheme for the edge based IoT environment (LDAKM-EIoT), was designed. The detailed security analysis and formal security verification conducted by the widely used “Automated Validation of Internet Security Protocols and Applications (AVISPA)” tool prove that the proposed LDAKM-EIoT is secure against several attack vectors that exist in the infrastructure of the edge based IoT environment. The elaborated comparative analysis of the proposed LDAKM-EIoT and different closely related schemes provides evidence that LDAKM-EIoT is more secure with less communication and computation costs. Finally, the network performance parameters are calculated and analyzed using the NS2 simulation to demonstrate the practical facets of the proposed LDAKM-EIoT.

show abstract

Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment

Cited by 276 publications

References 30 publications

A Systematic Literature Review of Authentication in Internet of Things for Heterogeneous Devices

A Systematic Literature Review of Authentication in Internet of Things for Heterogeneous Devices

On the design of secure user authenticated key management scheme for multigateway‐based wireless sensor networks using ECC

LDAKM-EIoT: Lightweight Device Authentication and Key Management Mechanism for Edge-Based IoT Deployment

Contact Info

Product

Resources

About