Anonymous authentication scheme for smart home environment with provable security

Smart home is an emerging paradigm of the Internet of Things (IoT), which facilitates an individual to operate the smart home appliances remotely through the internet. Since the user and the smart devices communicate over insecure communication channels, the transmitted sensitive data collected by the smart devices may be intercepted and altered easily by a malicious adversary. Therefore, there is a great need to design an effective and anonymous authentication scheme to guarantee secure communications in smart home environment. In the past decade, extensive research has been carried out on this security issue, but most of them are not secure. As a step towards this direction, in this paper, we propose an efficient and anonymous authentication scheme for smart home environment using Elliptic Curve Cryptography (ECC). The proposed scheme avoids keeping the verification table for authentication purposes. In addition, random number method is adopted to resist replay attack, and it can avoid the clock synchronization problem. The rigorous formal proof and heuristic analysis show that the proposed scheme provides the desired security features and resists against all the possible attacks. Compared with the most representative related schemes, the proposed scheme achieves a delicate balance between security and efficiency, and it is more suitable for realistic environments.