Authentication Protocols for Internet of Things: A Comprehensive Survey

Ferrag, Mohamed Amine; Μαγλαράς, Λέανδρος; Janicke, Helge; Jiang, Jianmin; Shu, Lei

doi:10.1155/2017/6562953

Cited by 229 publications

(150 citation statements)

References 275 publications

(839 reference statements)

Supporting

Mentioning

131

Contrasting

Unclassified

Order By: Relevance

“…Low-level approaches are those that describe threats in detail. Such approaches may be based on the use of the list of attacks [15][16][17][18][19] or the list of attack scenarios [20]. Some approaches come down to analyzing the exploitation of vulnerabilities in the system [21][22][23].…”

Section: Related Workmentioning

confidence: 99%

Model of Threats to Computer Network Software

2019

View full text Add to dashboard Cite

This article highlights the issue of identifying information security threats to computer networks. The aim of the study is to increase the number of identified threats. Firstly, it was carried out the analysis of computer network models used to identify threats, as well as in approaches to building computer network threat models. The shortcomings that need to be corrected are highlighted. On the basis of the mathematical apparatus of attributive metagraphs, a computer network model is developed that allows to describe the software components of computer networks and all possible connections between them. On the basis of elementary operations on metagraphs, a model of threats to the security of computer network software is developed, which allows compiling lists of threats to the integrity and confidentiality of computer network software. These lists include more threats in comparison with the considered analogues.

show abstract

Section: Related Workmentioning

confidence: 99%

Model of Threats to Computer Network Software

2019

View full text Add to dashboard Cite

show abstract

“…In this section, we construct a biometric authentication system by using the BB-KDF. A secure and efficient authentication is required to support a trusted communication in various environments such as mobile cloud computing [52], IoT [53], and wireless sensor networks [54]. The proposed authentication system is highly feasible in these environments since it is not only comparatively efficient, but also applicable to low-performance devices which do not provide secure storage (such as TPM) for cryptographic keys.…”

Section: Authentication Systemmentioning

confidence: 99%

Construction of a New Biometric-Based Key Derivation Function and Its Application

Seo

Park

Kim

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

Biometric data is user-identifiable and therefore methods to use biometrics for authentication have been widely researched. Biometric cryptosystems allow for a user to derive a cryptographic key from noisy biometric data and perform a cryptographic task for authentication or encryption. The fuzzy extractor is known as a prominent biometric cryptosystem. However, the fuzzy extractor has a drawback in that a user is required to store user-specific helper data or receive it online from the server with additional trusted channel, to derive a correct key. In this paper, we present a new biometric-based key derivation function (BB-KDF) to address the issues. In our BB-KDF, users are able to derive cryptographic keys solely from their own biometric data: users do not need any other user-specific helper information. We introduce a security model for the BB-KDF. We then construct the BB-KDF and prove its security in our security model. We then propose an authentication protocol based on the BB-KDF. Finally, we give experimental results to analyze the performance of the BB-KDF. We show that our proposed BB-KDF is computationally efficient and can be deployed on many different kinds of devices.

show abstract

“…Mobile devices are going to take a central role in the Internet of Things era [1]. Smart phones, assisted from the 5G technology that provides continuous and reliable connectivity [2], will soon be able to support applications across a wide variety of domains like homecare, healthcare, social networks, safety, environmental monitoring, e-commerce and transportation [3]. Storage capabilities of mobile phones increase rapidly, and phones can today generate and store large amounts of different types of data.…”

Section: Introductionmentioning

confidence: 99%

Authentication schemes for smart mobile devices: threat models, countermeasures, and open research issues

et al. 2019

Self Cite

View full text Add to dashboard Cite

This paper presents a comprehensive investigation of authentication schemes for smart mobile devices. We start by providing an overview of existing survey articles published in the recent years that deal with security for mobile devices. Then, we give a classification of threat models in smart mobile devices in five categories, including, identity-based attacks, eavesdropping-based attacks, combined eavesdropping and identity-based attacks, manipulation-based attacks, and service-based attacks. This is followed by a description of multiple existing threat models. We also provide a classification of countermeasures into four types of categories, including, cryptographic functions, personal identification, classification algorithms, and channel characteristics. Therefore, according to the countermeasure characteristic used and the authentication model, we categorize the authentication schemes for smart mobile devices in four categories, namely, 1) biometric-based authentication schemes, 2) channelbased authentication schemes, 3) factors-based authentication schemes, and 4) ID-based authentication schemes. In addition, we provide a taxonomy and comparison of authentication schemes for smart mobile devices in form of tables. Finally, we identify open challenges and future research directions.To conduct the literature review, we followed the same process used in our previous work [14].Specifically, the identification of literature for analysis in this paper was based on a keyword search, namely, "authentication scheme", "authentication protocol", "authentication system", and "authentication framework". By searching these keywords in academic databases such as SCO-PUS, Web of Science, IEEE Xplore Digital Library, and ACM Digital Library, an initial set of relevant sources were located. Firstly, only proposed authentication schemes for smart mobile devices were collected. Secondly, each collected source was evaluated against the following criteria: 1) reputation, 2) relevance, 3) originality, 4) date of publication (between 2007 and 2018), and 5) most influential papers in the field. The final pool of papers consists of the most important papers in the field of mobile devices that focus on the authentication as their objective.Our search started on 01/11/2017 and continued until the submission date of this paper. The main contributions of this paper are:• We discuss the existing surveys on security for smart mobile devices.• We classify the threat models, which are considered by the authentication schemes in smart mobile devices, into five main categories, namely, identity-based attacks, eavesdropping-based attacks, combined eavesdropping and identity-based attacks, manipulationbased attacks, and service-based attacks.• We review existing research on countermeasures and security analysis techniques in smart mobile devices.• We provide a taxonomy and a side-by-side comparison, in a tabular form, of the stateof-the-art on the recent advancements towards secure and authentication schemes in smart mobile devices with respec...

show abstract

Authentication Protocols for Internet of Things: A Comprehensive Survey

Cited by 229 publications

References 275 publications

Model of Threats to Computer Network Software

Model of Threats to Computer Network Software

Construction of a New Biometric-Based Key Derivation Function and Its Application

Authentication schemes for smart mobile devices: threat models, countermeasures, and open research issues

Contact Info

Product

Resources

About