Abstract
The edge-based Internet of Things (IoT) computing provides a new value for the consumer where the smart devices, objects, and appliances connected over the internet. The data generated from the smart IoT devices need to be securely processed. With the increasing rate of smart IoT devices, the existing addressing schemes and security protocols do not guaranty to perform well in all situations. This paper proposed a smart card based secure addressing and authentication (SCSAA) scheme by modifying the standard IPv6 protocol to mitigate the security threats in the IoT network. The proposed scheme has two folds; firstly, this scheme provides a unique way of addressing by assigning unique 64-bit interface identifier (IID) to smart devices/appliances and uniquely authenticates them in IoT network. Secondly, this scheme uses the secret session key to prevent the network from unauthorized access. Additionally, this work also evaluates the informal security analysis, formal security analysis using ROR model and AVISPA tool. The overall security analysis proves that proposed scheme protect the smart home IoT network from various vulnerabilities and attacks.
Similar content being viewed by others
References
Azmoodeh A, Dehghantanha A, Choo K-KR (2019) Big data and internet of things security and forensics: challenges and opportunities, pp 1–4
Hussain MM, Beg MS (2019) Using vehicles as fog infrastructures for transportation cyber-physical systems (t-cps): fog computing for vehicular networks. Int J Softw Sci Comput Intell 11:47–69
Cisco (2013) How many things are currently connected to the internet of things. Forbes
Gupta R (2019) Resource provisioning and scheduling techniques of iot based applications in fog computing. Int J Fog Comput (IJFC) 2:57–0
Shen J, Yang H, Wang A, Zhou T, Wang C (2019) Lightweight authentication and matrix-based key agreement scheme for healthcare in fog computing. Peer-to-Peer Netw Appl 12(4):924–933
Ahuja SP, Wheeler N (2020) Architecture of fog-enabled and cloud-enhanced internet of things applications. Int J Cloud Appl Comput (IJCAC) 10(1):1–10
Kalra S, Sood SK (2015) Advanced password based authentication scheme for wireless sensor networks. J Inf Secur Appl 20:37–46
Kumari S, Karuppiah M, Das AK, Li X, Wu F, Kumar N (2018) A secure authentication scheme based on elliptic curve cryptography for iot and cloud servers. J Supercomput 74(12):6428–6453
Sharma G, Kalra S (2018) A lightweight multi-factor secure smart card based remote user authentication scheme for cloud-iot applications. J Inf Secur Appl 42:95–106
He D, Zeadally S, Kumar N, Lee J-H (2016) Anonymous authentication for wireless body area networks with provable security. IEEE Syst J 11(4):2590–2601
Gope P, Hwang T (2016) A realistic lightweight anonymous authentication protocol for securing real-time application data access in wireless sensor networks. IEEE Trans Ind Electron 63(11):7124–7132
Tewari A, Gupta B (2020) Security, privacy and trust of different layers in internet-of-things (iots) framework. Future Gener Comput Syst 108:909–920
Psannis KE, Stergiou C, Gupta BB (2019) Advanced media-based smart big data on intelligent cloud systems. IEEE Trans Sustain Comput 4(1):77–87
Tsai J-L, Lo N-W (2015) A privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Syst J 9(3):805–815
Jiang Q, Ma J, Wei F (2016) On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Syst J 12(2):2039–2042
Stergiou C, Psannis KE, Gupta BB, Ishibashi Y (2018) Security, privacy & efficiency of sustainable cloud computing for big data & iot. Sustain Comput: Inf Syst 19:174–184
Bai TDP, Rabara SA (2015) Design and development of integrated, secured and intelligent architecture for internet of things and cloud computing. In: 2015 3rd International conference on future internet of things and cloud. IEEE, pp 817–822
Agrawal M, Zhou J, Chang D (2019) A survey on lightweight authenticated encryption and challenges for securing industrial iot. In: Security and privacy trends in the industrial internet of things. Springer, pp 71–94
Carpenter B, Jiang S (2014) Significance of ipv6 interface identifiers. IETF RFC
Rasti MR (2012) Doing business without ssn, ein, and charge card numbers. US Patent 8,281,145
Siddiqui AU, Singh MHK (2015) Aadhar management system. IITM J Manag IT 6(1):40–43
Rao M, Newe T, Grout I (2014) Secure hash algorithm-3 (sha-3) implementation on xilinx fpgas, suitable for iot applications. In: 8th International conference on sensing technology (ICST 2014), Liverpool John Moores University, Liverpool, United Kingdom, 2nd–4th September
Stallings W (2006) Cryptography and network security, 4/E. Pearson Education India
Johnson D, Perkins C, Arkko J et al (2004) Mobility support in ipv6
Han Y-H, Hwang S-H (2006) Care-of address provisioning for efficient ipv6 mobility support. Comput Commun 29(9):1422–1432
Quittek J, Zseby T, Claise B, Zander S (2004) Requirements for ip flow information export (ipfix). Technical report, RFC 3917 (informational)
Shah JL, Parvez J (2015) Optimizing security and address configuration in ipv6 slaac. Procedia Comput Sci 54:177–185
Hinden R, Deering S (2006) Ip version 6 addressing architecture. IETF RFC
Hinden R, Haberman B (2005) Unique local IPv6 unicast addresses. IETF RFC 4193
Gont F, et al. (2014) A method for generating semantically opaque interface identifiers with ipv6 stateless address autoconfiguration (slaac). IETF RFC 7217
Narten T, Draves R, Krishnan S (2001) Privacy extensions for stateless address autoconfiguration in ipv6. Technical report
Wang X, Qian H (2015) Dynamic and hierarchical ipv6 address configuration for a mobile ad hoc network. Int J Commun Syst 28(1):127–146
Narten T, Draves R, Krishnan S (2007) Privacy extensions for stateless address autoconfiguration in ipv6. IETF RFC 4941
Dunlop M, Groat S, Urbanski W, Marchany R, Tront J (2012) The blind man’s bluff approach to security using ipv6. IEEE Secur Priv 10(4):35–43
Judmayer A, Ullrich J, Merzdovnik G, Voyiatzis AG, Weippl E (2017) Lightweight address hopping for defending the ipv6 iot. In: Proceedings of the 12th international conference on availability, reliability and security, pp 1–10
Parne BL, Gupta S, Chaudhari NS (2019) Pse-aka: performance and security enhanced authentication key agreement protocol for iot enabled lte/lte-a networks. Peer-to-Peer Netw Appl 12(5):1156–1177
Li X, Ibrahim MH, Kumari S, Sangaiah AK, Gupta V, Choo K-KR (2017) Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Comput Netw 129:429–443
Li M, Yu S, Lou W, Ren K (2010) Group device pairing based secure sensor association and key management for body area networks. In: 2010 Proceedings IEEE INFOCOM. IEEE, pp 1–9
Liu J, Zhang Z, Chen X, Kwak KS (2013) Certificateless remote anonymous authentication schemes for wirelessbody area networks. IEEE Trans Parallel Distrib Syst 25(2):332–342
Yoon E-J, Yoo K-Y (2013) Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. J Supercomput 63(1):235–255
Benssalah M, Djeddou M, Drouiche K (2017) A provably secure rfid authentication protocol based on elliptic curve signature with message recovery suitable for m-health environments. Trans Emerg Telecommun Technol 28(11):e3166
Chou J-S (2014) An efficient mutual authentication rfid scheme based on elliptic curve cryptography. J Supercomput 70(1):75–94
Chang C-C, Le H-D (2015) A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Trans Wirel Commun 15(1):357–366
Jo HJ, Paik JH, Lee DH (2013) Efficient privacy-preserving authentication in wireless mobile networks. IEEE Trans Mob Comput 13(7):1469–1481
Tseng Y-M, Huang S-S, Tsai T-T, Ke J-H (2015) List-free id-based mutual authentication and key agreement protocol for multiserver architectures. IEEE Trans Emerg Top Comput 4(1):102–112
Wu F, Li X, Xu L, Kumari S, Karuppiah M, Shen J (2017) A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server. Comput Electr Eng 63:168–181
Das AK, Wazid M, Kumar N, Khan MK, Choo K-KR, Park Y (2017) Design of secure and lightweight authentication protocol for wearable devices environment. IEEE J Biomed Health Inform 22(4):1310–1322
Adavoudi-Jolfaei A, Ashouri-Talouki M, Aghili SF (2019) Lightweight and anonymous three-factor authentication and access control scheme for real-time applications in wireless sensor networks. Peer-to-Peer Netw Appl 12(1):43–59
Das AK (2017) A secure and effective biometric-based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor. Int J Commun Syst 30(1):29–33
Wu F, Xu L, Kumari S, Li X (2017) A privacy-preserving and provable user authentication scheme for wireless sensor networks based on internet of things security. J Ambient Intell Humaniz Comput 8 (1):101–116
Alamr AA, Kausar F, Kim J, Seo C (2018) A secure ecc-based rfid mutual authentication protocol for internet of things. J Supercomput 74(9):4281–4294
Yaseen Q, Aldwairi M, Jararweh Y, Al-Ayyoub M, Gupta B (2018) Collusion attacks mitigation in internet of things: a fog based model. Multimed Tools Appl 77(14):18249–18268
Akbarzadeh A, Bayat M, Zahednejad B, Payandeh A, Aref MR (2019) A lightweight hierarchical authentication scheme for internet of things. J Ambient Intell Humaniz Comput 10(7):2607–2619
Nikravan M, Reza A (2020) A multi-factor user authentication and key agreement protocol based on bilinear pairing for the internet of things. Wirel Pers Commun 111(1):463–494
Das ML, Kumar P, Martin A (2020) Secure and privacy-preserving rfid authentication scheme for internet of things applications. Wirel Pers Commun 110(1):339–353
Wazid M, Das AK, Bhat V, Vasilakos AV (2020) Lam-ciot: lightweight authentication mechanism in cloud-based iot environment. J Netw Comput Appl 150:102496
Yadav VK, Batham S, Jain M, Sharma S (2014) An approach to electronic voting system using UIDAI. In: 2014 International conference on electronics and communication systems (ICECS), pp 1–4
AVISPA T, 2015 Automated validation of internet security protocols and applications
Gupta R, Tanwar S, Tyagi S, Kumar N (2020) Machine learning models for secure data analytics: a taxonomy and threat model. Comput Commun 153:406–440
Abdalla M, Fouque P-A, Pointcheval D (2005) Password-based authenticated key exchange in the three-party setting. In: International workshop on public key cryptography. Springer, pp 65–84
Bellare M, Rogaway P (1993) Random oracles are practical: A paradigm for designing efficient protocols. In: Proceedings of the 1st ACM conference on computer and communications security. ACM, pp 62–73
Odelu V, Das AK, Goswami A (2015) A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Trans Inf Forensics Secur 10(9):1953–1966
Von Oheimb D (2005) The high-level protocol specification language hlpsl developed in the eu project avispa. In: Proceedings of APPSEM 2005 workshop, pp 1–17
Amin R, Islam SH, Biswas G, Khan MK, Leng L, Kumar N (2016) Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks. Comput Netw 101:42–62
Dhillon PK, Kalra S (2017) Secure multi-factor remote user authentication scheme for internet of things environments. Int J Commun Syst 30(16):33–23
Xu L, Wu F (2019) A lightweight authentication scheme for multi-gateway wireless sensor networks under iot conception. Arab J Sci Eng 44(4):3977–3993
Luo M, Luo Y, Wan Y, Wang Z (2018) Secure and efficient access control scheme for wireless sensor networks in the cross-domain context of the iot. Secur Commun Netw 2018
Li F, Han Y, Jin C (2016) Practical access control for sensor networks in the context of the internet of things. Comput Commun 89:154–164
Malani S, Srinivas J, Das AK, Srinathan K, Jo M (2019) Certificate-based anonymous device access control scheme for iot environment. IEEE Internet Things J 6(6):9762–9773
Liu S, Hu S, Weng J, Zhu S, Chen Z (2016) A novel asymmetric three-party based authentication scheme in wearable devices environment. J Netw Comput Appl 60:144–154
Liu W, Liu H, Wan Y, Kong H, Ning H (2016) The yoking-proof-based authentication protocol for cloud-assisted wearable devices. Pers Ubiquitous Comput 20(3):469–479
Wu F, Li X, Xu L, Vijayakumar P, Kumar N (2020) A novel three-factor authentication protocol for wireless sensor networks with iot notion. IEEE Syst J :1–10
Shin S, Kwon T (2020) A privacy-preserving authentication, authorization, and key agreement scheme for wireless sensor networks in 5g-integrated internet of things. IEEE Access 8:67555–67571
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article belongs to the Topical Collection: Special Issue on P2P Computing for Beyond 5G Network and Internet-of-Everything
Guest Editors: Prakasam P, Ajayan John, Shohel Sayeed
Rights and permissions
About this article
Cite this article
Kumar, P., Chouhan, L. A secure authentication scheme for IoT application in smart home. Peer-to-Peer Netw. Appl. 14, 420–438 (2021). https://doi.org/10.1007/s12083-020-00973-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-020-00973-8