Rotating behind Privacy: An Improved Lightweight Authentication Scheme for Cloud-based IoT Environment
Küçük Resim Yok
Tarih
2021
Dergi Başlığı
Dergi ISSN
Cilt Başlığı
Yayıncı
Assoc Computing Machinery
Erişim Hakkı
info:eu-repo/semantics/closedAccess
Özet
The advancements in the internet of things (IoT) require specialized security protocols to provide unbreakable security along with computation and communication efficiencies. Moreover, user privacy and anonymity has emerged as an integral part, along with other security requirements. Unfortunately, many recent authentication schemes to secure IoT-based systems were either proved as vulnerable to different attacks or prey of inefficiencies. Some of these schemes suffer from a faulty design that happened mainly owing to undue emphasis on privacy and anonymity alongside performance efficiency. This article aims to show the design faults by analyzing a very recent hash functions-based authentication scheme for cloud-based IoT systems with misunderstood privacy cum efficiency tradeoff owing to an unadorned design flaw, which is also present in many other such schemes. Precisely, it is proved in this article that the scheme of Wazid et al. cannot provide mutual authentication and key agreement between a user and a sensor node when there exists more than one registered user. We then proposed an improved scheme and proved its security through formal and informal methods. The proposed scheme completes the authentication cycle with a minor increase in computation cost but provides all security goals along with privacy.
Açıklama
Anahtar Kelimeler
Security, key-agreement, cloud security, IoT, incorrectness, traceability, anonymity
Kaynak
Acm Transactions on Internet Technology
WoS Q Değeri
Q1
Scopus Q Değeri
Cilt
21
Sayı
3
