Abstract
Various IoT-based applications such as smart home, intelligent medical and VANETs, have been put into practical utilization. Smart home is one of the most concerned environments, which allows users to remotely access and control smart devices via a public network. With development of the mobile network and smart devices, more services can be provided to users by smart devices. To securely access devices and obtain collected data over the public network, multi-factor authentication schemes for smart home have obtained wide attention. However, most of these schemes cannot withstand impersonation attack, physical device lost attack, privileged-insider attack, smart card lost attack and so on. Besides, high communication and computational costs weaken the system performance, which causes that most authentication schemes are not suitable for resource-constrained smart devices. To mitigate the aforementioned drawbacks, we proposed a two-factor anonymous group authentication scheme to implement secure access to multiple devices simultaneously using chinese remainder theorem and secret sharing technology. Our scheme also utilizes fuzzy extractor to extract personal biometric information, which helps uniquely validate authorized users in smart home. Our scheme can support various security features and withstand the most well-known attacks in smart home. Performance analysis indicates that the proposed scheme can efficiently reduce communication/computational costs when the user accesses multiple devices simultaneously.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Banerjee, S., Odelu, V., Das, A.K., Chattopadhyay, S., Rodrigues, J.J.P.C., Park, Y.: Physically secure lightweight anonymous user authentication protocol for Internet of Things using physically unclonable functions. IEEE Access 7, 85627–85644 (2019)
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_28. http://dl.acm.org/citation.cfm?id=647086.715688
Canetti, R., Krawczyk, H.: Universally composable notions of key exchange and secure channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-46035-7_22
Challa, S., et al.: Secure signature-based authenticated key establishment scheme for future IoT applications. IEEE Access 5, 3028–3043 (2017)
Chiang, M., Zhang, T.: Fog and IoT: an overview of research opportunities. IEEE Internet of Things J. 3(6), 854–864 (2016)
He, D., Kumar, N., Chilamkurti, N.: A secure temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. In: International Symposium on Wireless and pervasive Computing (ISWPC), pp. 1–6, November 2013
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)
Kalra, S., Sood, S.K.: Advanced password based authentication scheme for wireless sensor networks. J. Inf. Secur. Appl. 20, 37–46 (2015). Security, Privacy and Trust in Future Networks and Mobile Computing
Kumar, P., Braeken, A., Gurtov, A., Iinatti, J., Ha, P.H.: Anonymous secure framework in connected smart home environments. IEEE Trans. Inf. Forensics Secur. 12(4), 968–979 (2017)
Li, X., Niu, J., Bhuiyan, M.Z.A., Wu, F., Karuppiah, M., Kumari, S.: A robust ECC-based provable secure authentication protocol with privacy preserving for industrial Internet of Things. IEEE Trans. Ind. Inf. 14(8), 3599–3609 (2018)
Li, X., Peng, J., Niu, J., Wu, F., Liao, J., Choo, K.R.: A robust and energy efficient authentication protocol for industrial Internet of Things. IEEE Internet of Things J. 5(3), 1606–1615 (2018)
Jiang, L., Liu, D.-Y., Yang, B.: Smart home research. In: Proceedings of 2004 International Conference on Machine Learning and Cybernetics (IEEE Cat. No. 04EX826), vol. 2, pp. 659–663, August 2004
Odelu, V., Das, A.K., Goswami, A.: A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Trans. Inf. Forensics Secur. 10(9), 1953–1966 (2015)
Ricquebourg, V., Menga, D., Durand, D., Marhic, B., Delahoche, L., Loge, C.: The smart home concept: our immediate future. In: 2006 1ST IEEE International Conference on E-Learning in Industrial Electronics, pp. 23–28, December 2006
Shen, J., Gui, Z., Ji, S., Shen, J., Tan, H., Tang, Y.: Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks. J. Netw. Comput. Appl. 106, 117–123 (2018)
Srinivas, J., Das, A.K., Wazid, M., Kumar, N.: Anonymous lightweight chaotic map-based authenticated key agreement protocol for industrial Internet of Things. IEEE Trans. Dependable Secure Comput. 1 (2018)
Turkanović, M., Brumen, B., Hölbl, M.: A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Netw. 20, 96–112 (2014)
Wallrabenstein, J.R.: Practical and secure IoT device authentication using physical unclonable functions. In: 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), pp. 99–106, August 2016
Wazid, M., Das, A.K., Odelu, V., Kumar, N., Jo, M.: Design of secure user authenticated key management protocol for generic IoT networks. IEEE Internet of Things J. PP(99), 1 (2017)
Ye, X., Huang, J.: A framework for cloud-based smart home. In: Proceedings of 2011 International Conference on Computer Science and Network Technology, vol. 2, pp. 894–897, December 2011
Xue, K., Ma, C., Hong, P., Ding, R.: A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. J. Netw. Comput. Appl. 36(1), 316–323 (2013). http://www.sciencedirect.com/science/ARTICLE/pii/S1084804512001403
Zhang, J., Cui, J., Zhong, H., Chen, Z., Liu, L.: PA-CRT: Chinese remainder theorem based conditional privacy-preserving authentication scheme in vehicular ad-hoc networks. IEEE Trans. Dependable Secure Comput. 1 (2019). https://doi.org/10.1109/TDSC.2019.2904274
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Ji, S., Qi, R., Shen, J. (2021). PUF-Based Two-Factor Group Authentication in Smart Home. In: Wang, D., Meng, W., Han, J. (eds) Security and Privacy in New Computing Environments. SPNCE 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 344. Springer, Cham. https://doi.org/10.1007/978-3-030-66922-5_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-66922-5_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-66921-8
Online ISBN: 978-3-030-66922-5
eBook Packages: Computer ScienceComputer Science (R0)