Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers

  • 1375 Accesses

  • 17 Citations


The Internet of Things (IoT) is now a buzzword for Internet connectivity which extends to embedded devices, sensors and other objects connected to the Internet. Rapid development of this technology has led to the usage of various embedded devices in our daily life. However, for resource sharing and communication among these devices, there is a requirement for connecting these embedded devices to a large pool of resources like a cloud. The promising applications of IoT in Government and commercial sectors are possible by integrating cloud servers with these embedded devices. But such an integration of technologies involves security issues like data privacy and authentication of devices whenever information is exchanged between them. Recently, Kalra and Sood proposed an authentication scheme based on elliptic curve cryptography (ECC) for IoT and cloud servers and claimed that their scheme satisfies all security requirements and is immune to various types of attacks. However, in this paper, we show that Kalra and Sood scheme is susceptible to offline password guessing and insider attacks and it does not achieve device anonymity, session key agreement, and mutual authentication. Keeping in view of the shortcomings of Kalra and Sood’s scheme, we have proposed an authentication scheme based on ECC for IoT and cloud servers. In the proposed scheme in this paper, we have formally analyzed the security properties of the designed scheme by the most widely accepted and used Automated Validation of Internet Security Protocols and Applications tool. Security and performance analysis show that when compared with other related schemes, the proposed scheme is more powerful, efficient, and secure with respect to various known attacks.

This is a preview of subscription content, log in to check access.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9


  1. 1.

    Zhou J, Leppanen T, Harjula E, Ylianttila M, Ojala T, Yu C, Jin H, Yang LT (2013) Cloudthings: a common architecture for integrating the internet of things with cloud computing. In: 2013 IEEE 17th International Conference on Computer Supported Cooperative Work in Design (CSCWD). IEEE, pp 651–657

  2. 2.

    Chang KD, Chen CY, Chen JL, Chao HC (2011) Internet of things and cloud computing for future internet. In: Security-enriched urban computing and smart grid. Springer, pp 1–10

  3. 3.

    Botta A, de Donato W, Persico V, Pescapé A (2016) Integration of cloud computing and internet of things: a survey. Future Gener Comput Syst 56:684–700

  4. 4.

    Fox GC, Kamburugamuve S, Hartman RD (2012) Architecture and measured characteristics of a cloud based internet of things. In: 2012 International Conference on Collaboration Technologies and Systems (CTS). IEEE, pp 6–12

  5. 5.

    Dash SK, Mohapatra S, Pattnaik PK (2010) A survey on applications of wireless sensor network using cloud computing. Int J Comput Sci Eng Technol 1(4):50–55

  6. 6.

    Suciu G, Vulpe A, Halunga S, Fratu O, Todoran G, Suciu V (2013) Smart cities built on resilient cloud computing and secure internet of things. In: 2013 19th International Conference on Control Systems and Computer Science (CSCS). IEEE, pp 513–518

  7. 7.

    Mühlbach S, Wallner S (2008) Secure communication in microcomputer bus systems for embedded devices. J Syst Archit 54(11):1065–1076

  8. 8.

    He D, Zeadally S (2015) An analysis of rfid authentication schemes for internet of things in healthcare environment using elliptic curve cryptography. IEEE Internet Things J 2(1):72–83

  9. 9.

    Afreen R, Mehrotra SC (2011) A review on elliptic curve cryptography for embedded systems. J Comput Sci Inf Technol 3(3):84–103

  10. 10.

    Salas M (2013) A secure framework for OTA smart device ecosystems using ECC encryption and biometrics. In: Advances in Security of Information and Communication Networks. Springer, pp 204–218

  11. 11.

    Wu ST, Chiu JH, Chieu BC (2005) ID-based remote authentication with smart cards on open distributed system from elliptic curve cryptography. In: IEEE International Conference on Electro Information Technology. IEEE, pp 5

  12. 12.

    Tian X, Wong DS, Zhu RW (2005) Analysis and improvement of an authenticated key exchange protocol for sensor networks. IEEE Commun Lett 9(11):970–972

  13. 13.

    Abi-Char PE, Mhamed A, El-Hassan B (2007) A fast and secure elliptic curve based authenticated key agreement protocol for low power mobile communications. In: The 2007 International Conference on Next Generation Mobile Applications, Services and Technologies (NGMAST’07). IEEE, pp 235–240

  14. 14.

    Yang JH, Chang CC (2009) An id-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Comput Secur 28(3):138–143

  15. 15.

    Islam SH, Biswas GP (2011) A more efficient and secure id-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. J Syst Softw 84(11):1892–1898

  16. 16.

    He D, Chen J, Hu J (2012) An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security. Inf Fusion 13(3):223–230

  17. 17.

    Ray S, Biswas GP (2012) Establishment of ECC-based initial secrecy usable for IKE implementation. In: Proceedings of the World Congress on Engineering, vol 1

  18. 18.

    Granjal J, Monteiro E, Silva JS (2013) End-to-end transport-layer security for internet-integrated sensing applications with mutual and delegated ECC public-key authentication. In: IFIP Networking Conference, 2013. Brooklyn, NY, pp 1–9

  19. 19.

    Jiang R, Lai C, Luo J, Wang X, Wang H (2013) EAP-based group authentication and key agreement protocol for machine-type communications. Int J Distrib Sens Netw 9(11):1–14

  20. 20.

    Yao X, Chen Z, Tian Y (2015) A lightweight attribute-based encryption scheme for the internet of things. Future Gener Comput Syst 49:104–112

  21. 21.

    Moosavi SR, Nigussie E, Virtanen S, Isoaho J (2014) An elliptic curve-based mutual authentication scheme for RFID implant systems. Procedia Comput Sci 32:198–206

  22. 22.

    Liao YP, Hsiao CM (2014) A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol. Ad Hoc Netw 18:133–146

  23. 23.

    Kalra S, Sood SK (2015) Secure authentication scheme for IoT and cloud servers. Pervasive Mob Comput 24:210–223

  24. 24.

    Koblitz N (1987) Elliptic curve cryptosystems. Math Comput 48(177):203–209

  25. 25.

    Menezes AJ, Van Oorschot PC, Vanstone SA (1996) Handbook of applied cryptography. CRC Press, Boca Raton

  26. 26.

    Miller VS (1985) Use of elliptic curves in cryptography. In: Advances in Cryptology—CRYPTO’85 Proceedings. Springer, pp 417–426

  27. 27.

    Hancock B (1999) Security views. Comput Secur 18(7):553–564

  28. 28.

    Caelli WJ, Dawson EP, Rea SA (1999) Pki, elliptic curve cryptography, and digital signatures. Comput Secur 18(1):47–66

  29. 29.

    Bertino E, Shang N, Wagstaff SS Jr (2008) An efficient time-bound hierarchical key management scheme for secure broadcasting. IEEE Trans Dependable Secure Comput 5(2):65–70

  30. 30.

    Odelu V, Das AK, Goswami A (2016) A secure and efficient time-bound hierarchical access control scheme for secure broadcasting. Int J Ad Hoc Ubiquitous Comput 22(4):236–248

  31. 31.

    Lassus M (1997) Smart-cards-a cost-effective solution against electronic fraud. In: European Conference on Security and Detection (ECOS 1997), pp 81–85

  32. 32.

    Macq BM, Quisquater JJ (1995) Cryptology for digital TV broadcasting. Proc IEEE 83(6):944–957

  33. 33.

    Wan Z, Liu J, Zhang R, Deng RH (2013) A collusion-resistant conditional access system for flexible-pay-per-channel pay-TV broadcasting. IEEE Trans Multimed 15(6):1353–1364

  34. 34.

    AVISPA Automated Validation of Internet Security Protocols and Applications. http://www.avispa-project.org/. Accessed on February (2016)

  35. 35.

    Odelu V, Das AK, Goswami A (2015) A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Trans Inf Forensics Secur 10(9):1953–1966

  36. 36.

    Odelu V, Das AK, Goswami A (2015) A secure and scalable group access control scheme for wireless sensor networks. Wirel Pers Commun 85(4):1765–1788

  37. 37.

    Odelu V, Das AK, Goswami A (2015) An effective and robust secure remote user authenticated key agreement scheme using smart cards in wireless communication systems. Wirel Pers Commun 84(4):2571–2598

  38. 38.

    Odelu V, Das AK, Goswami A (2015) DMAMA: dynamic migration access control mechanism for mobile agents in distributed networks. Wirel Pers Commun 84(1):207–230

  39. 39.

    Das AK (2015) A secure and efficient user anonymity-preserving three-factor authentication protocol for large-scale distributed wireless sensor networks. Wirel Pers Commun 82(3):1377–1404

  40. 40.

    Das AK (2016) A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-peer Netw Appl 9(1):223–244

  41. 41.

    Mishra D, Das AK, Mukhopadhyay S (2016) A secure and efficient ECC-based user anonymity-preserving session initiation authentication protocol using smart card. Peer-to-peer Netw Appl 9(1):171–192

  42. 42.

    Dolev D, Yao AC (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208

  43. 43.

    von Oheimb D (2005) The high-level protocol specification language HLPSL developed in the EU project AVISPA. In: Proceedings of APPSEM 2005 Workshop

  44. 44.

    Kilinc HH, Yanik T (2014) A survey of SIP authentication and key agreement schemes. IEEE Commun Surv Tutor 16(2):1005–1023

  45. 45.

    PUB FIPS (1995) 180-1. Secure hash standard. Natl Inst Stand Technol 17:45

Download references


This work was supported by the National Natural Science Foundation of China under Grant No. 61300220. Fan Wu is supported by Fujian Education and Scientific Research Program for Young and Middle-aged Teachers under Grant No. JA14369 and University Distinguished Young Research Talent Training Program of Fujian Province (Year 2016). This work was partially supported by the Information Security Education and Awareness (ISEA) Phase II Project, Department of Electronics and Information Technology (DeitY), India.

Author information

Correspondence to Ashok Kumar Das.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Kumari, S., Karuppiah, M., Das, A.K. et al. A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers. J Supercomput 74, 6428–6453 (2018). https://doi.org/10.1007/s11227-017-2048-0

Download citation


  • Authentication
  • Embedded device
  • Internet of Things
  • Cloud server
  • Cookies
  • Security