A Secure, Lightweight, and Anonymous User Authentication Protocol for IoT Environments

A Secure, Lightweight, and Anonymous User Authentication Protocol for IoT Environments

The Internet of Things (IoT) is being applied to various environments such as telecare systems, smart homes, and intelligent transportation systems. The information generated from IoT devices is stored at remote servers, and external users authenticate to the server for requesting access to the stor...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Sustainability 2021-08, Vol.13 (16), p.9241
Hauptverfasser: Son, Seunghwan, Park, Yohan, Park, Youngho
Format: Artikel
Sprache:eng
Schlagworte:
Authentication
Communication
Efficiency
Intelligent transportation systems
Internet of Things
Medical equipment
Methods
Privacy
Registration
Security
Smart buildings
Smart cards
Sustainability
Telecare
Wireless networks
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue 16
container_start_page 9241
container_title Sustainability
container_volume 13
creator Son, Seunghwan
Park, Yohan
Park, Youngho
description The Internet of Things (IoT) is being applied to various environments such as telecare systems, smart homes, and intelligent transportation systems. The information generated from IoT devices is stored at remote servers, and external users authenticate to the server for requesting access to the stored data. In IoT environments, the authentication process is required to be conducted efficiently, and should be secure against various attacks and ensure user anonymity and untraceability to ensure sustainability of the network. However, many existing protocols proposed in IoT environments do not meet these requirements. Recently, Rajaram et al. proposed a paring-based user authentication scheme. We found that the Rajaram et al. scheme is vulnerable to various attacks such as offline password guessing, impersonation, privileged insider, and known session-specific temporary information attacks. Additionally, as their scheme uses bilinear pairing, it requires high computation and communication costs. In this study, we propose a novel authentication scheme that resolves these security problems. The proposed scheme uses only hash and exclusive-or operations to be applicable in IoT environments. We analyze the proposed protocol using informal analysis and formal analysis methods such as the BAN logic, real-or-random (ROR) model, and the AVISPA simulation, and we show that the proposed protocol has better security and performance compared with existing authentication protocols. Consequently, the proposed protocol is sustainable and suitable for real IoT environments.
doi_str_mv 10.3390/su13169241
format Article
fullrecord <record><control><sourceid>gale_proqu</sourceid><recordid>TN_cdi_proquest_journals_2582938686</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><galeid>A811450620</galeid><sourcerecordid>A811450620</sourcerecordid><originalsourceid>FETCH-LOGICAL-c368t-40434a9c237c7e5059941590585d981269e649253c9912ae06fd272b3eded1b73</originalsourceid><addsrcrecordid>eNpVkd9LwzAQx4soOOZe_AsCPinrzI8mbR7LmDoYKG7ztWTpdetYk5mk6v57Oyaod3B3HJ_v3cM3iq4JHjEm8b1vCSNC0oScRT2KUxITzPH5n_kyGni_xV0wRiQRvegtR3PQrYMhmtXrTfiEYx0iZUqUG2sOjW09WnpwKG_DBkyotQq1NejF2WC13aHKOjS1CzQxH7WzpukYfxVdVGrnYfDT-9HyYbIYP8Wz58fpOJ_FmoksxAlOWKKkpizVKXDMpUwIl5hnvJQZoUKCSCTlTEtJqAIsqpKmdMWghJKsUtaPbk53986-t-BDsbWtM93LgvKMSpaJTHTU6ESt1Q6K2lQ2OKW7LKGptTVQ1d0-zwhJOBYUd4Lbf4KOCfAV1qr1vpjOX_-zdydWO-u9g6rYu7pR7lAQXBx9KX59Yd991Xx-</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2582938686</pqid></control><display><type>article</type><title>A Secure, Lightweight, and Anonymous User Authentication Protocol for IoT Environments</title><source>MDPI - Multidisciplinary Digital Publishing Institute</source><source>EZB-FREE-00999 freely available EZB journals</source><creator>Son, Seunghwan ; Park, Yohan ; Park, Youngho</creator><creatorcontrib>Son, Seunghwan ; Park, Yohan ; Park, Youngho</creatorcontrib><description>The Internet of Things (IoT) is being applied to various environments such as telecare systems, smart homes, and intelligent transportation systems. The information generated from IoT devices is stored at remote servers, and external users authenticate to the server for requesting access to the stored data. In IoT environments, the authentication process is required to be conducted efficiently, and should be secure against various attacks and ensure user anonymity and untraceability to ensure sustainability of the network. However, many existing protocols proposed in IoT environments do not meet these requirements. Recently, Rajaram et al. proposed a paring-based user authentication scheme. We found that the Rajaram et al. scheme is vulnerable to various attacks such as offline password guessing, impersonation, privileged insider, and known session-specific temporary information attacks. Additionally, as their scheme uses bilinear pairing, it requires high computation and communication costs. In this study, we propose a novel authentication scheme that resolves these security problems. The proposed scheme uses only hash and exclusive-or operations to be applicable in IoT environments. We analyze the proposed protocol using informal analysis and formal analysis methods such as the BAN logic, real-or-random (ROR) model, and the AVISPA simulation, and we show that the proposed protocol has better security and performance compared with existing authentication protocols. Consequently, the proposed protocol is sustainable and suitable for real IoT environments.</description><identifier>ISSN: 2071-1050</identifier><identifier>EISSN: 2071-1050</identifier><identifier>DOI: 10.3390/su13169241</identifier><language>eng</language><publisher>Basel: MDPI AG</publisher><subject>Authentication ; Communication ; Efficiency ; Intelligent transportation systems ; Internet of Things ; Medical equipment ; Methods ; Privacy ; Registration ; Security ; Smart buildings ; Smart cards ; Sustainability ; Telecare ; Wireless networks</subject><ispartof>Sustainability, 2021-08, Vol.13 (16), p.9241</ispartof><rights>COPYRIGHT 2021 MDPI AG</rights><rights>2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c368t-40434a9c237c7e5059941590585d981269e649253c9912ae06fd272b3eded1b73</citedby><cites>FETCH-LOGICAL-c368t-40434a9c237c7e5059941590585d981269e649253c9912ae06fd272b3eded1b73</cites><orcidid>0000-0002-0406-6547 ; 0000-0002-3198-8467</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Son, Seunghwan</creatorcontrib><creatorcontrib>Park, Yohan</creatorcontrib><creatorcontrib>Park, Youngho</creatorcontrib><title>A Secure, Lightweight, and Anonymous User Authentication Protocol for IoT Environments</title><title>Sustainability</title><description>The Internet of Things (IoT) is being applied to various environments such as telecare systems, smart homes, and intelligent transportation systems. The information generated from IoT devices is stored at remote servers, and external users authenticate to the server for requesting access to the stored data. In IoT environments, the authentication process is required to be conducted efficiently, and should be secure against various attacks and ensure user anonymity and untraceability to ensure sustainability of the network. However, many existing protocols proposed in IoT environments do not meet these requirements. Recently, Rajaram et al. proposed a paring-based user authentication scheme. We found that the Rajaram et al. scheme is vulnerable to various attacks such as offline password guessing, impersonation, privileged insider, and known session-specific temporary information attacks. Additionally, as their scheme uses bilinear pairing, it requires high computation and communication costs. In this study, we propose a novel authentication scheme that resolves these security problems. The proposed scheme uses only hash and exclusive-or operations to be applicable in IoT environments. We analyze the proposed protocol using informal analysis and formal analysis methods such as the BAN logic, real-or-random (ROR) model, and the AVISPA simulation, and we show that the proposed protocol has better security and performance compared with existing authentication protocols. Consequently, the proposed protocol is sustainable and suitable for real IoT environments.</description><subject>Authentication</subject><subject>Communication</subject><subject>Efficiency</subject><subject>Intelligent transportation systems</subject><subject>Internet of Things</subject><subject>Medical equipment</subject><subject>Methods</subject><subject>Privacy</subject><subject>Registration</subject><subject>Security</subject><subject>Smart buildings</subject><subject>Smart cards</subject><subject>Sustainability</subject><subject>Telecare</subject><subject>Wireless networks</subject><issn>2071-1050</issn><issn>2071-1050</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><recordid>eNpVkd9LwzAQx4soOOZe_AsCPinrzI8mbR7LmDoYKG7ztWTpdetYk5mk6v57Oyaod3B3HJ_v3cM3iq4JHjEm8b1vCSNC0oScRT2KUxITzPH5n_kyGni_xV0wRiQRvegtR3PQrYMhmtXrTfiEYx0iZUqUG2sOjW09WnpwKG_DBkyotQq1NejF2WC13aHKOjS1CzQxH7WzpukYfxVdVGrnYfDT-9HyYbIYP8Wz58fpOJ_FmoksxAlOWKKkpizVKXDMpUwIl5hnvJQZoUKCSCTlTEtJqAIsqpKmdMWghJKsUtaPbk53986-t-BDsbWtM93LgvKMSpaJTHTU6ESt1Q6K2lQ2OKW7LKGptTVQ1d0-zwhJOBYUd4Lbf4KOCfAV1qr1vpjOX_-zdydWO-u9g6rYu7pR7lAQXBx9KX59Yd991Xx-</recordid><startdate>20210801</startdate><enddate>20210801</enddate><creator>Son, Seunghwan</creator><creator>Park, Yohan</creator><creator>Park, Youngho</creator><general>MDPI AG</general><scope>AAYXX</scope><scope>CITATION</scope><scope>ISR</scope><scope>4U-</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><orcidid>https://orcid.org/0000-0002-0406-6547</orcidid><orcidid>https://orcid.org/0000-0002-3198-8467</orcidid></search><sort><creationdate>20210801</creationdate><title>A Secure, Lightweight, and Anonymous User Authentication Protocol for IoT Environments</title><author>Son, Seunghwan ; Park, Yohan ; Park, Youngho</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c368t-40434a9c237c7e5059941590585d981269e649253c9912ae06fd272b3eded1b73</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Authentication</topic><topic>Communication</topic><topic>Efficiency</topic><topic>Intelligent transportation systems</topic><topic>Internet of Things</topic><topic>Medical equipment</topic><topic>Methods</topic><topic>Privacy</topic><topic>Registration</topic><topic>Security</topic><topic>Smart buildings</topic><topic>Smart cards</topic><topic>Sustainability</topic><topic>Telecare</topic><topic>Wireless networks</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Son, Seunghwan</creatorcontrib><creatorcontrib>Park, Yohan</creatorcontrib><creatorcontrib>Park, Youngho</creatorcontrib><collection>CrossRef</collection><collection>Gale In Context: Science</collection><collection>University Readers</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><jtitle>Sustainability</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Son, Seunghwan</au><au>Park, Yohan</au><au>Park, Youngho</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A Secure, Lightweight, and Anonymous User Authentication Protocol for IoT Environments</atitle><jtitle>Sustainability</jtitle><date>2021-08-01</date><risdate>2021</risdate><volume>13</volume><issue>16</issue><spage>9241</spage><pages>9241-</pages><issn>2071-1050</issn><eissn>2071-1050</eissn><abstract>The Internet of Things (IoT) is being applied to various environments such as telecare systems, smart homes, and intelligent transportation systems. The information generated from IoT devices is stored at remote servers, and external users authenticate to the server for requesting access to the stored data. In IoT environments, the authentication process is required to be conducted efficiently, and should be secure against various attacks and ensure user anonymity and untraceability to ensure sustainability of the network. However, many existing protocols proposed in IoT environments do not meet these requirements. Recently, Rajaram et al. proposed a paring-based user authentication scheme. We found that the Rajaram et al. scheme is vulnerable to various attacks such as offline password guessing, impersonation, privileged insider, and known session-specific temporary information attacks. Additionally, as their scheme uses bilinear pairing, it requires high computation and communication costs. In this study, we propose a novel authentication scheme that resolves these security problems. The proposed scheme uses only hash and exclusive-or operations to be applicable in IoT environments. We analyze the proposed protocol using informal analysis and formal analysis methods such as the BAN logic, real-or-random (ROR) model, and the AVISPA simulation, and we show that the proposed protocol has better security and performance compared with existing authentication protocols. Consequently, the proposed protocol is sustainable and suitable for real IoT environments.</abstract><cop>Basel</cop><pub>MDPI AG</pub><doi>10.3390/su13169241</doi><orcidid>https://orcid.org/0000-0002-0406-6547</orcidid><orcidid>https://orcid.org/0000-0002-3198-8467</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 2071-1050
ispartof Sustainability, 2021-08, Vol.13 (16), p.9241
issn 2071-1050
2071-1050
language eng
recordid cdi_proquest_journals_2582938686
source MDPI - Multidisciplinary Digital Publishing Institute; EZB-FREE-00999 freely available EZB journals
subjects Authentication
Communication
Efficiency
Intelligent transportation systems
Internet of Things
Medical equipment
Methods
Privacy
Registration
Security
Smart buildings
Smart cards
Sustainability
Telecare
Wireless networks
title A Secure, Lightweight, and Anonymous User Authentication Protocol for IoT Environments
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-29T12%3A24%3A19IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-gale_proqu&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20Secure,%20Lightweight,%20and%20Anonymous%20User%20Authentication%20Protocol%20for%20IoT%20Environments&rft.jtitle=Sustainability&rft.au=Son,%20Seunghwan&rft.date=2021-08-01&rft.volume=13&rft.issue=16&rft.spage=9241&rft.pages=9241-&rft.issn=2071-1050&rft.eissn=2071-1050&rft_id=info:doi/10.3390/su13169241&rft_dat=%3Cgale_proqu%3EA811450620%3C/gale_proqu%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2582938686&rft_id=info:pmid/&rft_galeid=A811450620&rfr_iscdi=true