ILAS-IoT: An improved and lightweight authentication scheme for IoT deployment
- PDF / 1,997,410 Bytes
- 13 Pages / 595.276 x 790.866 pts Page_size
- 84 Downloads / 208 Views
ORIGINAL RESEARCH
ILAS‑IoT: An improved and lightweight authentication scheme for IoT deployment Bander A. Alzahrani1 · Shehzad Ashraf Chaudhry2 · Ahmed Barnawi1 · Wenjing Xiao3 · Min Chen3 · Abdullah Al‑Barakati1 Received: 12 April 2020 / Accepted: 13 July 2020 © Springer-Verlag GmbH Germany, part of Springer Nature 2020
Abstract In 2019, Banerjee et al. (IEEE Int Things J 6(5):8739–8752, 2019; https://doi.org/10.1109/JIOT.2019.2931372) proposed an authenticated key agreement scheme to facilitate the session establishment resulting into a session key between a user and a smart device for IoT based networks. As per their claim, the scheme of Banerjee et al. provides known security features and resist all known attacks using only lightweight symmetric key primitives. The analysis in this paper; however, shows that the scheme of Banerjee et al. cannot complete normally. The user in their scheme, after sending a request message may never receive the response from smart device. This incorrectness results into total in applicability of Banerjee et al.’s scheme. Moreover, it is also shown that their scheme has weaknesses against stolen verifier attack. Then an improved lightweight authentication scheme for IoT deployments (ILAS-IoT) is proposed in this article. ILAS-IoT performs the process correctly by increasing very little computation and communication overheads. The proposed ILAS-IoT also resists stolen verifier and all known attacks, which is evident from the formal and informal security analysis. Keywords IoT · Key establishment · Device access control · Lightweight cryptography
1 Introduction
* Wenjing Xiao [email protected] Bander A. Alzahrani [email protected] Shehzad Ashraf Chaudhry [email protected] Ahmed Barnawi [email protected] Min Chen [email protected] Abdullah Al‑Barakati [email protected] 1
Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah, Saudi Arabia
2
Department of Computer Engineering, Faculty of Engineering and Architecture, Istanbul Gelisim University, Istanbul, Turkey
3
School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China
Internet of Things (IoT) (Shakshuki et al. 2020) has become a trend from previous few years, also through studies (Gubbi et al. 2013; Lu et al. 2020; Thyagarajan and Kulanthaivelu 2020) it is probable to remain in trend in probable future. In IoT system, the data and the information are sensed through IoT devices [ e.g., wearable devices, embedded systems, RFID (Radio Frequency Identification) devices] before they are send to some other IoT device, intermediary node/device (e.g., fog or edge computing node) or cloud, thorough Internet. These data are widely used in health care, pattern recognition and other fields (Chen et al. 2019b; Zhang et al. 2020). The applications of IoT comprise the Industry 4.0 also those which are at high risk situations like battlefields and disaster relief. In any prevalent deployment of the consumer technology (Atzori
Data Loading...
