Abstract
With the rapid development of auto industry and the Internet, smart remote vehicle control (SRVC) system is now showing in more and more automobile brands which allows people to remotely control vehicles through the Internet. However, SVRC’s convenience brings security challenges that the related SRVC’s protocol needs to be enhanced with identity authentication mechanism for both users and their vehicles, in case of illegal intrusion without identity authentication. In this paper, we first analyze Chatterjee et al.’s scheme and find that their scheme is not immune from some common attacks. Then, we design a privacy-preserving elliptic curve cryptosystem (ECC)-based three-factor authentication scheme based on the SRVC’s features, which can authenticate the identities of users and vehicle, and generate a session secret key to protect the users’ privacy. Security analysis shows that our protocol has many security attributes that it not only can protect users’ anonymity and untraceability, but also resist many known attacks. And performance analysis shows that our protocol can run efficiently in SRVC system. Lastly, we conclude our work and give the future research direction in SVRC.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bono, S., Green, M., Stubblefield, A., Juels, A., Rubin, A.D., Szydlo, M.: Security analysis of a cryptographically-enabled RFID device. In: USENIX Security Symposium, vol. 31, pp. 1–16 (2005)
Francillon, A., Danev, B., Capkun, S.: Relay attacks on passive keyless entry and start systems in modern cars. In: Proceedings of the Network and Distributed System Security Symposium, Eidgenössische Technische Hochschule Zürich, Department of Computer Science (2011)
Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)
Kumari, S., Li, X., Wu, F., Das, A.K., Odelu, V., Khan, M.K.: A User anonymous mutual authentication protocol. KSII Trans. Internet Inf. Syst. 10(9), 4508–4528 (2016)
Chen, T.H., Yeh, H.L., Shih, W.K.: An advanced ECC dynamic id-based remote mutual authentication scheme for cloud computing. In: 2011 Fifth FTRA International Conference on Multimedia and Ubiquitous Engineering, pp. 155–159. IEEE (2011)
Alotaibi, M.: An enhanced symmetric cryptosystem and biometric-based anonymous user authentication and session key establishment scheme for WSN. IEEE Access 6, 70072–70087 (2018)
Porambage, P., Schmitt, C., Kumar, P., Gurtov, A., Ylianttila, M.: Two-phase authentication protocol for wireless sensor networks in distributed IoT applications. In: 2014 IEEE Wireless Communications and Networking Conference, pp. 2728–2733. IEEE (2014)
Chu, F., Zhang, R., Ni, R., Dai, W.: An improved identity authentication scheme for internet of things in heterogeneous networking environments. In: 2013 16th International Conference on Network-Based Information Systems, pp. 589–593. IEEE (2013)
Lai, C., Li, H., Lu, R., Shen, X.S.: SE-AKA: a secure and efficient group authentication and key agreement protocol for LTE networks. Comput. Netw. 57(17), 3492–3510 (2013)
Lai, C., Li, H., Lu, R., Jiang, R., Shen, X.: SEGR: a secure and efficient group roaming scheme for machine to machine communications between 3GPP and WiMAX networks. In: 2014 IEEE International Conference on Communications, pp. 1011–1016. IEEE (2014)
Chatterjee, S., Samaddar, S.G.: A robust lightweight ECC-based three-way authentication scheme for IoT in cloud. In: Elçi, A., Sa, P.K., Modi, C.N., Olague, G., Sahoo, M.N., Bakshi, S. (eds.) Smart Computing Paradigms: New Progresses and Challenges. AISC, vol. 767, pp. 101–111. Springer, Singapore (2020). https://doi.org/10.1007/978-981-13-9680-9_7
Mo, J., Hu, Z., Chen, H., Shen, W.: An efficient and provably secure anonymous user authentication and key agreement for mobile cloud computing. Wirel. Commun. Mob. Comput. (2019)
Panda, P.K., Chattopadhyay, S.: A secure mutual authentication protocol for IoT environment. J. Reliable Intell. Environ. 6(2), 79–94 (2020). https://doi.org/10.1007/s40860-020-00098-y
Zhou, L., Li, X., Yeh, K.H., Su, C., Chiu, W.: Lightweight IoT-based authentication scheme in cloud computing circumstance. Future Gener. Comput. Syst. 91, 244–251 (2019)
Truong, T.T., Tran, M.T., Duong, A.D.: Modified dynamic ID-based user authentication scheme resisting smart-card-theft attack. Appl. Math. Inf. Sci. 8(3), 967 (2014)
Lee, Y.C.: A new dynamic id-based user authentication scheme to resist smart card theft attack. Appl. Math. Inf. Sci. 6, 355–361 (2012)
Feng, Q., He, D., Zeadally, S., Wang, H.: Anonymous biometrics-based authentication scheme with key distribution for mobile multi-server environment. Future Gener. Comput. Syst. 84, 239–251 (2018)
Aghili, S.F., Mala, H., Shojafar, M., Peris-Lopez, P.: LACO: lightweight three-factor authentication, access control and ownership transfer scheme for e-health systems in IoT. Future Gener. Comput. Syst. 96, 410–424 (2019)
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)
Acknowledgments
This research was funded by the National Key Research and Development Program of China (No. 2018YFB0803600).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Luo, H., Zhang, Q., Xu, G. (2021). Privacy-Preserving ECC-Based Three-Factor Authentication Protocol for Smart Remote Vehicle Control System. In: Chen, B., Huang, X. (eds) Applied Cryptography in Computer and Communications. AC3 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 386. Springer, Cham. https://doi.org/10.1007/978-3-030-80851-8_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-80851-8_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-80850-1
Online ISBN: 978-3-030-80851-8
eBook Packages: Computer ScienceComputer Science (R0)