Journal of Reliable Intelligent Environments

, Volume 3, Issue 3, pp 177–188 | Cite as

A secure remote user authentication scheme for smart cities e-governance applications

  • Geeta SharmaEmail author
  • Sheetal Kalra
Original Article


Smart cities are rapidly gaining momentum and aims at improving the quality of life of citizens by adopting Information and Communication Technology. E-governance have become the smarter way of deployment of administration by the authority under its jurisdiction. The citizens can access the services of government anywhere at any time. Since this technique requires the transmission of sensitive information between the government and the citizen through the Internet, information security is of utmost importance. This paper proposes a lightweight, robust remote user authentication and key agreement protocol for e-governance applications in the smart cities. The proposed protocol is based on XOR and hash operations, and includes (1) a password and smart card, (2) user anonymity, (3) mutual authentication, (4) shared session key, and (5) key freshness. It satisfies desirable security attributes and is resistant against all well-known security attacks. Further, the formal security verification using AVISPA and informal security proves the security strength of the proposed protocol and its robustness against all possible security threats.


Authentication AVISPA E-governance ICT Session key Smart city 


  1. 1.
    Hu Y, Tilke D, Adams T, Crandall AS, Cook DJ, Schmitter-Edgecombe M (2016) Smart home in a box: usability study for a large scale self-installation of smart home technologies. J Reliab Intell Environ 2(2):93–106. doi: 10.1007/s40860-016-0021-y CrossRefGoogle Scholar
  2. 2.
    Dahmen J, Cook DJ, Wang X, Honglei W (2017) Smart secure homes: a survey of smart home technologies that sense, assess, and respond to security threats. J Reliab Intell Environ. doi: 10.1007/s40860-017-0035-0 Google Scholar
  3. 3.
    Chen S, Song S, Li L, Shen J (2009) Survey on smart grid technology [J]. Power Syst Technol 8:1–7Google Scholar
  4. 4.
    Adeli H, Jiang X (2009) Intelligent infrastructure: neural networks, wavelets, and chaos theory for intelligent transportation systems and smart structures. Crc Press, Boca RatonGoogle Scholar
  5. 5.
    Vithanwattana N, Mapp G, George C (2017) Developing a comprehensive information security framework for mHealth: a detailed analysis. J Reliab Intell Environ. doi: 10.1007/s40860-017-0038-x Google Scholar
  6. 6.
    Kummitha RKR, Crutzen N (2017) How do we understand smart cities? An evolutionary perspective. Cities 67:43–52. doi: 10.1016/j.cities.2017.04.010 CrossRefGoogle Scholar
  7. 7.
    Corno F, Guercio E, De Russis L, Gargiulo E (2015) Designing for user confidence in intelligent environments. J Reliab Intell Environ 1(1):11–21. doi: 10.1007/s40860-015-0001-7 CrossRefGoogle Scholar
  8. 8.
    Datta A (2015) A 100 smart cities, a 100 utopias. Dialogues Hum Geogr 5(1):49–53. doi: 10.1177/2043820614565750 CrossRefGoogle Scholar
  9. 9.
    Hollands RG (2008) Will the real smart city please stand up? Intelligent, progressive or entrepreneurial? City 12(3):303–320. doi: 10.1080/13604810802479126 MathSciNetCrossRefGoogle Scholar
  10. 10.
    Graham S, Marvin S (2001) Splintering urbanism: networked infrastructures, technological mobilities and the urban condition. Psychology Press, RoutledgeCrossRefGoogle Scholar
  11. 11.
    Haider SF et al (2016) Taxonomy and issues for antifragile-based multimedia cloud computing. J Reliab Intell Environ 2(1):37–49. doi: 10.1007/s40860-016-0017-7 CrossRefGoogle Scholar
  12. 12.
    Banda G, Bommakanti CK, Mohan H (2016) One IoT: an IoT protocol and framework for OEMs to make IoT-enabled devices forward compatible. J Reliab Intell Environ 2(3):131–144. doi: 10.1007/s40860-016-0027-5 CrossRefGoogle Scholar
  13. 13.
    Kim S, Kim HJ, Lee H (2009) An institutional analysis of an e-government system for anti-corruption: the case of OPEN. Gov Inf Q 26(1):42–50. doi: 10.1016/j.giq.2008.09.002 MathSciNetCrossRefGoogle Scholar
  14. 14.
    Awoleye OM, Ojuloge B, Ilori MO (2014) Web application vulnerability assessment and policy direction towards a secure smart government. Gov Inf Q 31:S118–S125. doi: 10.1016/j.giq.2014.01.012 CrossRefGoogle Scholar
  15. 15.
    Roy A, Banik S, Karforma S (2011) Object oriented modelling of RSA digital signature in e-governance security. Int J Comput Eng Inf Technol 26:24–33Google Scholar
  16. 16.
    Roy A, Karforma S (2012) Object oriented approach of digital certificate based e-governance mechanism. ACEEE Conf Proc Ser 3:3–4Google Scholar
  17. 17.
    Roy A, Karforma S (2013) UML based modeling of ECDSA for secured and smart E-Governance system. In Computer Science and Information Technology (CS and IT-CSCP 2013), Proceedings of National Conference on Advancement of Computing in Engineering Research (ACER13) organized by Global Institute of Management and Technology, pp 207–222. doi: 10.5121/csit.2013.3219
  18. 18.
    Zhu J, Ma J (2004) A new authentication scheme with anonymity for wireless environments. IEEE Trans Consum Electron 50(1):231–235. doi: 10.1109/TCE.2004.1277867 CrossRefGoogle Scholar
  19. 19.
    Lee C-C, Hwang M-S, Liao I-E (2006) Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Trans Ind Electron 53(5):1683–1687. doi: 10.1109/TIE.2006.881998 CrossRefGoogle Scholar
  20. 20.
    Liao I-E, Lee C-C, Hwang M-S (2006) A password authentication scheme over insecure networks. J Comput Syst Sci 72(4):727–740. doi: 10.1016/j.jcss.2005.10.001 MathSciNetCrossRefzbMATHGoogle Scholar
  21. 21.
    Yoon E-J, Yoo K-Y (2006) Drawbacks of Liao et al.’s password authentication scheme. In: Next generation web services practices, 2006. NWeSP 2006. International conference on, pp 101–108. doi: 10.1109/NWESP.2006.15
  22. 22.
    Juang W-S, Chen S-T, Liaw H-T (2008) Robust and efficient password-authenticated key agreement using smart cards. IEEE Trans Ind Electron 55(6):2551–2556. doi: 10.1109/TIE.2008.921677 CrossRefGoogle Scholar
  23. 23.
    Xu J, Zhu W-T, Feng D-G (2009) An improved smart card based password authentication scheme with provable security. Comput Stand Interfaces 31(4):723–728. doi: 10.1016/j.csi.2008.09.006 CrossRefGoogle Scholar
  24. 24.
    Lee S-W, Kim H-S, Yoo K-Y (2005) Improvement of Chien et al’.s remote user authentication scheme using smart cards. Comput Stand Interfaces 27(2):181–183. doi: 10.1016/j.csi.2004.02.002 CrossRefGoogle Scholar
  25. 25.
    Sood SK, Sarje AK, Singh K (2010) An improvement of Xu et al.’s authentication scheme using smart cards. In: Third annual ACM Bangalore conference on—COMPUTE ’10, pp 1–5. doi: 10.1145/1754288.1754303
  26. 26.
    Chen T-H, Hsiang H-C, Shih W-K (2011) Security enhancement on an improvement on two remote user authentication schemes using smart cards. Futur Gener Comput Syst 27(4):377–380. doi: 10.1016/j.future.2010.08.007 CrossRefGoogle Scholar
  27. 27.
    Li X, Niu J, Khan MK, Liao J (2013) An enhanced smart card based remote user password authentication scheme. J Netw Comput Appl 36(5):1365–1371. doi: 10.1016/j.jnca.2013.02.034 CrossRefGoogle Scholar
  28. 28.
    Mishra D, Das AK, Chaturvedi A, Mukhopadhyay S (2015) A secure password-based authentication and key agreement scheme using smart cards. J Inf Secur Appl 23:28–43. doi: 10.1016/j.jisa.2015.06.001 Google Scholar
  29. 29.
    Kalra S, Sood SK (2015) Secure authentication scheme for IoT and cloud servers. Pervasive Mob Comput 24:210–223. doi: 10.1016/j.pmcj.2015.08.001 CrossRefGoogle Scholar
  30. 30.
    Sharma G, Kalra S (2016) A novel scheme for data security in cloud computing using quantum cryptography. In: ACM international conference proceeding series, vol 12–13-Augu. doi: 10.1145/2979779.2979816
  31. 31.
    Sharma G, Kalra S (2016) Identity based secure authentication scheme based on quantum key distribution for cloud computing. Peer Peer Netw Appl. doi: 10.1007/s12083-016-0528-2 Google Scholar
  32. 32.
    Dhillon PK, Kalra S (2017) A lightweight biometrics based remote user authentication scheme for IoT services. J Inf Secur Appl. doi: 10.1016/j.jisa.2017.01.003 Google Scholar
  33. 33.
    Dhillon PK, Kalra S (2017) Secure multi-factor remote user authentication scheme for Internet of Things environments. Int J Commun Syst. doi: 10.1002/dac.3323 Google Scholar
  34. 34.
    Liu Y-J, Chang C-C, Chang S-C (2017) An efficient and secure smart card based password authentication scheme. Int J Netw Secur. doi: 10.6633/IJNS.201701.19(1).01 Google Scholar
  35. 35.
    AVISPA (2017) AVISPA Web Tool. Accessed Jan 2017
  36. 36.
    Chevalier Y, Compagna L, Cuellar J, Drielsma PH, Mantovani J, Mödersheim S, Vigneron L (2004) A high level protocol specification language for industrial security-sensitive protocols. In: Workshop on Specification and Automated Processing of Security Requirements-SAPS’2004. Austrian Computer Society, 13pGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringGuru Nanak Dev University, Regional CampusJalandharIndia

Personalised recommendations