Secure and Efficient Three-Factor Protocol for Wireless Sensor Networks

Ryu, Jihyeon; Lee, Hakjun; Kim, Hyoungshick; Won, Dongho

doi:10.3390/s18124481

Cited by 28 publications

(26 citation statements)

References 26 publications

(43 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…According to Table 7, the computation time for the IoT node/sensor node in the proposed protocol is 0.003 ms, which is 95.42%, 97.68%, 98.82%, 97.03%, 91.84%, 85.64%, 88.92, 91.95%, and 97.66% lower than the computation times in the protocols of Challa et al [19], He et al [27], Challa et al [26], Renuka et al [35], Ma et al [33], Lyu et al [32], Martínez-Peláez et al [34], Wazid et al [29], and Ryu et al [28], respectively. Therefore, our proposed protocol is more efficient and more suitable for constrained sensor devices in the IoT environment.…”

Section: B Computational Overhead Comparisonsmentioning

confidence: 86%

“…However, these schemes are not lightweight due to their huge overheads. In 2018, many multifactor user authentication schemes were presented (Challa et al [26], He et al [27], Ryu et al [28], Wazid et al [29], Li et al [30]) for the IoT environment. Unfortunately, Wazid's scheme is suffering from security weakness [31]; while, Challa's, He's, Ryu's, and X. Li's scheme have high computation and communication overheads.…”

Section: Related Workmentioning

confidence: 99%

“…Here, we compare the proposed protocol with those of Challa et al [19], He et al [27], Challa et al [26], Renuka et al [35], Ma et al [33], Lyu et al [32], Martínez-Peláez et al [34], Wazid et al [29], and Ryu et al [28] during the login and authentication phases. The approximate execution times that are required for the operations are based on the experimental results of [29], as presented in Table 5.…”

Section: B Computational Overhead Comparisonsmentioning

confidence: 99%

See 2 more Smart Citations

Low-Overhead Remote User Authentication Protocol for IoT Based on a Fuzzy Extractor and Feature Extraction

et al. 2019

View full text Add to dashboard Cite

The Internet of things (IoT) is a system of smart technologies and services that mutually communicate data between users and devices or between devices via the Internet. Since data are shared between a remote user and various sensing devices over a network, it is essential to design a secure, lightweight and efficient remote user authentication protocol for the IoT environment. In the context of security and network privacy, mutual authentication is necessary for securely accessing the services of the IoT environment. However, the IoT faces substantial new challenges realizing mutual authentication due to IoT devices constraints. In this paper, we present a lightweight, robust and secure authentication protocol that satisfies constraints on IoT devices. The proposed protocol is based on level 3 feature extraction, fuzzy extraction of the user's biometrics, one-way hash functions and XOR operations and includes (1) three-factor authentication (user password, biometrics and smart devices), (2) mutual authentication, (3) a session key, and (4) key freshness. Furthermore, we have used the Burrows-Abadi-Needham logic to prove the authentication of our proposed protocol. In addition, our proposed protocol does not require additional hardware or a resource-constrained cryptosystem, and for that reason; hence, it has the lowest computational cost on the IoT nodes (0.003_ms), the lowest total computational cost (0.071_ms), and the lowest communication cost (2784 bits) compared with other relevant works. Moreover, we have conducted an informal security analysis to prove its ability to withstand well-known malicious attacks, such as replay attacks, impersonation attacks, password change attacks, man-in-the-middle (MITM) attacks, and denial of service (DOS) attacks.

show abstract

Section: B Computational Overhead Comparisonsmentioning

confidence: 86%

Section: Related Workmentioning

confidence: 99%

Section: B Computational Overhead Comparisonsmentioning

confidence: 99%

See 1 more Smart Citation

Low-Overhead Remote User Authentication Protocol for IoT Based on a Fuzzy Extractor and Feature Extraction

et al. 2019

View full text Add to dashboard Cite

show abstract

“…are suitable for analyzing an authentication protocol. Recently, many researchers [60][61][62] have verified the authentication in the user authentication protocol using ProVerif. The formal security analysis shows the results of verifying and analyzing the security of D-FAP protocol using ProVerif.…”

Section: Formal Verification By Proverifmentioning

confidence: 99%

D-FAP: Dual-Factor Authentication Protocol for Mobile Cloud Connected Devices

Abuarqoub

2019

JSAN

View full text Add to dashboard Cite

Emerging Mobile Cloud Computing (MCC) technologies offer a new world of promise by leveraging the quality of mobile services. With MCC, resource-constrained mobile devices could capitalize on the computation/storage resources of cloud servers via communication networks. While MCC adoption is growing significantly, several challenges need to be addressed to make MCC-based solutions scale and meet the ever-growing demand for more resource intensive applications. Security is a critical problem hindering the adoption of MCC. One of the most important aspects of MCC security is to establish authenticated communication sessions between mobile devices and cloud servers. The huge amount of data stored on mobile devices poses information security risks and privacy concerns for individuals, enterprises, and governments. The ability to establish authenticated communication sessions between mobile devices and cloud servers can resolve many security concerns. Limited computing and energy resources on mobile devices makes authentication and encryption a challenging task. In this paper, an overview of MCC authentication protocols is presented. Then, a Dual-Factor Authentication Protocol for MCC devices (D-FAP) is proposed. D-FAP aims at increasing authentication security by using multi-factors while offloading computation to the cloud to reduce battery consumption. The security of the protocol is formally verified and informal analysis is performed for various attacks. The results prove that the D-FAP is successful in mitigating various outsider and insider attacks.

show abstract

“…Many security protocols (e.g., [ 6 , 7 , 8 , 9 ]) have been developed to satisfy these security and performance requirements. Among those protocols, Sharma and Kalra’s scheme [ 6 ] is specifically designed to improve the protocol’s efficiency.…”

Section: Introductionmentioning

confidence: 99%

A Secure and Lightweight Three-Factor-Based Authentication Scheme for Smart Healthcare Systems

Ryu

Kang

Lee

et al. 2020

Sensors

Self Cite

View full text Add to dashboard Cite

Internet of Things (IoT) technology has recently been integrated with various healthcare devices to monitor patients’ health status and share it with their healthcare practitioners. Since healthcare data often contain personal and sensitive information, healthcare systems must provide a secure user authentication scheme. Recently, Adavoudi-Jolfaei et al. and Sharma and Kalra proposed a lightweight protocol using hash function encryption only for user authentication on wireless sensor systems. In this paper, we found some weaknesses in target schemes. We propose a novel three-factor lightweight user authentication scheme that addresses these weaknesses and verifies the security of the proposed scheme using a formal verification tool called ProVerif. In addition, our proposed scheme outperforms other proposed symmetric encryption-based schemes or elliptic curve-based schemes.

show abstract

Secure and Efficient Three-Factor Protocol for Wireless Sensor Networks

Cited by 28 publications

References 26 publications

Low-Overhead Remote User Authentication Protocol for IoT Based on a Fuzzy Extractor and Feature Extraction

Low-Overhead Remote User Authentication Protocol for IoT Based on a Fuzzy Extractor and Feature Extraction

D-FAP: Dual-Factor Authentication Protocol for Mobile Cloud Connected Devices

A Secure and Lightweight Three-Factor-Based Authentication Scheme for Smart Healthcare Systems

Contact Info

Product

Resources

About