ECC-reliant secure authentication protocol for cloud server and smart devices in IoT

The Internet of Things (IoT) designates a network that helps to relate a diversity of heterogeneous devices, various technologies, and other items to the Internet for flexible access and data exchange. Recent smart real-time application design requires the integration of ‘things’ in IoT with cloud infrastructure to offer valuable services to end-users. However, such a combination could raise various security concerns which become the most critical problem nowadays. For protected communication between smart devices interconnected through IoT and cloud servers, authentication becomes one of the crucial security requirements. There exist many strategies specifically for authentic key exchange between smart devices in the IoT environment and the cloud server. But according to the improved Canetti–Krawczyk (xck) rival model which is considered a more appropriate model for evaluating authentication-based security systems, none of the systems is safe and is vulnerable to a variety of assaults. Thus, we explored xck rival model to prove the limitations of the existing approach and presented an Elliptic Curve Cryptographic reliant strategy to overcome such limitations. The soundness and correctness of our approach were evaluated using scyther verification method. The evaluation results confirm that our method is robust and secure under xck model and incurs minimal overhead.