Rotating behind Privacy: An Improved Lightweight Authentication Scheme for Cloud-based IoT Environment

Küçük Resim Yok

Tarih

2021

Dergi Başlığı

Dergi ISSN

Cilt Başlığı

Yayıncı

Assoc Computing Machinery

Erişim Hakkı

info:eu-repo/semantics/closedAccess

Özet

The advancements in the internet of things (IoT) require specialized security protocols to provide unbreakable security along with computation and communication efficiencies. Moreover, user privacy and anonymity has emerged as an integral part, along with other security requirements. Unfortunately, many recent authentication schemes to secure IoT-based systems were either proved as vulnerable to different attacks or prey of inefficiencies. Some of these schemes suffer from a faulty design that happened mainly owing to undue emphasis on privacy and anonymity alongside performance efficiency. This article aims to show the design faults by analyzing a very recent hash functions-based authentication scheme for cloud-based IoT systems with misunderstood privacy cum efficiency tradeoff owing to an unadorned design flaw, which is also present in many other such schemes. Precisely, it is proved in this article that the scheme of Wazid et al. cannot provide mutual authentication and key agreement between a user and a sensor node when there exists more than one registered user. We then proposed an improved scheme and proved its security through formal and informal methods. The proposed scheme completes the authentication cycle with a minor increase in computation cost but provides all security goals along with privacy.

Açıklama

Anahtar Kelimeler

Security, key-agreement, cloud security, IoT, incorrectness, traceability, anonymity

Kaynak

Acm Transactions on Internet Technology

WoS Q Değeri

Q1

Scopus Q Değeri

Cilt

21

Sayı

3

Künye