This page has only limited features, please log in for full access.
The Internet of Things (IoT) is being applied to various environments such as telecare systems, smart homes, and intelligent transportation systems. The information generated from IoT devices is stored at remote servers, and external users authenticate to the server for requesting access to the stored data. In IoT environments, the authentication process is required to be conducted efficiently, and should be secure against various attacks and ensure user anonymity and untraceability to ensure sustainability of the network. However, many existing protocols proposed in IoT environments do not meet these requirements. Recently, Rajaram et al. proposed a paring-based user authentication scheme. We found that the Rajaram et al. scheme is vulnerable to various attacks such as offline password guessing, impersonation, privileged insider, and known session-specific temporary information attacks. Additionally, as their scheme uses bilinear pairing, it requires high computation and communication costs. In this study, we propose a novel authentication scheme that resolves these security problems. The proposed scheme uses only hash and exclusive-or operations to be applicable in IoT environments. We analyze the proposed protocol using informal analysis and formal analysis methods such as the BAN logic, real-or-random (ROR) model, and the AVISPA simulation, and we show that the proposed protocol has better security and performance compared with existing authentication protocols. Consequently, the proposed protocol is sustainable and suitable for real IoT environments.
Seunghwan Son; Yohan Park; Youngho Park. A Secure, Lightweight, and Anonymous User Authentication Protocol for IoT Environments. Sustainability 2021, 13, 9241 .
AMA StyleSeunghwan Son, Yohan Park, Youngho Park. A Secure, Lightweight, and Anonymous User Authentication Protocol for IoT Environments. Sustainability. 2021; 13 (16):9241.
Chicago/Turabian StyleSeunghwan Son; Yohan Park; Youngho Park. 2021. "A Secure, Lightweight, and Anonymous User Authentication Protocol for IoT Environments." Sustainability 13, no. 16: 9241.
With the information and communication technologies (ICT) and Internet of Things (IoT) gradually advancing, smart homes have been able to provide home services to users. The user can enjoy a high level of comfort and improve his quality of life by using home services provided by smart devices. However, the smart home has security and privacy problems, since the user and smart devices communicate through an insecure channel. Therefore, a secure authentication protocol should be established between the user and smart devices. In 2020, Xiang and Zheng presented a situation-aware protocol for device authentication in smart grid-enabled smart home environments. However, we demonstrate that their protocol can suffer from stolen smart device, impersonation, and session key disclosure attacks and fails to provide secure mutual authentication. Therefore, we propose a secure and lightweight authentication protocol for IoT-based smart homes to resolve the security flaws of Xiang and Zheng’s protocol. We proved the security of the proposed protocol by performing informal and formal security analyses, using the real or random (ROR) model, Burrows–Abadi–Needham (BAN) logic, and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. Moreover, we provide a comparison of performance and security properties between the proposed protocol and related existing protocols. We demonstrate that the proposed protocol ensures better security and lower computational costs than related protocols, and is suitable for practical IoT-based smart home environments.
Jihyeon Oh; Sungjin Yu; Joonyoung Lee; Seunghwan Son; Myeonghyun Kim; Youngho Park. A Secure and Lightweight Authentication Protocol for IoT-Based Smart Homes. Sensors 2021, 21, 1488 .
AMA StyleJihyeon Oh, Sungjin Yu, Joonyoung Lee, Seunghwan Son, Myeonghyun Kim, Youngho Park. A Secure and Lightweight Authentication Protocol for IoT-Based Smart Homes. Sensors. 2021; 21 (4):1488.
Chicago/Turabian StyleJihyeon Oh; Sungjin Yu; Joonyoung Lee; Seunghwan Son; Myeonghyun Kim; Youngho Park. 2021. "A Secure and Lightweight Authentication Protocol for IoT-Based Smart Homes." Sensors 21, no. 4: 1488.
Wireless sensor networks (WSN) are widely used to provide users with convenient services such as health-care, and smart home. To provide convenient services, sensor nodes in WSN environments collect and send the sensing data to the gateway. However, it can suffer from serious security issues because susceptible messages are exchanged through an insecure channel. Therefore, secure authentication protocols are necessary to prevent security flaws in WSN. In 2020, Moghadam et al. suggested an efficient authentication and key agreement scheme in WSN. Unfortunately, we discover that Moghadam et al.’s scheme cannot prevent insider and session-specific random number leakage attacks. We also prove that Moghadam et al.’s scheme does not ensure perfect forward secrecy. To prevent security vulnerabilities of Moghadam et al.’s scheme, we propose a secure and lightweight mutual authentication protocol for WSNs (WSN-SLAP). WSN-SLAP has the resistance from various security drawbacks, and provides perfect forward secrecy and mutual authentication. We prove the security of WSN-SLAP by using Burrows-Abadi-Needham (BAN) logic, Real-or-Random (ROR) model, and Automated Verification of Internet Security Protocols and Applications (AVISPA) simulation. In addition, we evaluate the performance of WSN-SLAP compared with existing related protocols. We demonstrate that WSN-SLAP is more secure and suitable than previous protocols for WSN environments.
Deokkyu Kwon; Sungjin Yu; Joonyoung Lee; Seunghwan Son; Youngho Park. WSN-SLAP: Secure and Lightweight Mutual Authentication Protocol for Wireless Sensor Networks. Sensors 2021, 21, 936 .
AMA StyleDeokkyu Kwon, Sungjin Yu, Joonyoung Lee, Seunghwan Son, Youngho Park. WSN-SLAP: Secure and Lightweight Mutual Authentication Protocol for Wireless Sensor Networks. Sensors. 2021; 21 (3):936.
Chicago/Turabian StyleDeokkyu Kwon; Sungjin Yu; Joonyoung Lee; Seunghwan Son; Youngho Park. 2021. "WSN-SLAP: Secure and Lightweight Mutual Authentication Protocol for Wireless Sensor Networks." Sensors 21, no. 3: 936.
Telecare medical information system (TMIS) implemented in wireless body area network (WBAN) is convenient and time-saving for patients and doctors. TMIS is realized using wearable devices worn by a patient, and wearable devices generate patient health data and transmit them to a server through a public channel. Unfortunately, a malicious attacker can attempt performing various attacks through such a channel. Therefore, establishing a secure authentication process between a patient and a server is essential. Moreover, wearable devices have limited storage power. Cloud computing can be considered to resolve this problem by providing a storage service in the TMIS environment. In this environment, access control of the patient health data is essential for the quality of healthcare. Furthermore, the database of the cloud server is a major target for an attacker. The attacker can try to modify, forge, or delete the stored data. To resolve these problems, we propose a secure authentication protocol for a cloud-assisted TMIS with access control using blockchain. We employ ciphertext-policy attribute-based encryption (CP-ABE) to establish access control for health data stored in the cloud server, and apply blockchain to guarantee data integrity. To prove robustness of the proposed protocol, we conduct informal analysis and Burrows-Adabi-Needham (BAN) logic analysis, and we formally validate the proposed protocol using automated validation of internet security protocols and applications (AVISPA). Consequently, we show that the proposed protocol provides more security and has better efficiency compared to related protocols. Therefore, the proposed protocol is proper for a practical TMIS environment.
Seunghwan Son; Joonyoung Lee; Myeonghyun Kim; Sungjin Yu; Ashok Kumar Das; Youngho Park. Design of Secure Authentication Protocol for Cloud-Assisted Telecare Medical Information System Using Blockchain. IEEE Access 2020, 8, 1 -1.
AMA StyleSeunghwan Son, Joonyoung Lee, Myeonghyun Kim, Sungjin Yu, Ashok Kumar Das, Youngho Park. Design of Secure Authentication Protocol for Cloud-Assisted Telecare Medical Information System Using Blockchain. IEEE Access. 2020; 8 ():1-1.
Chicago/Turabian StyleSeunghwan Son; Joonyoung Lee; Myeonghyun Kim; Sungjin Yu; Ashok Kumar Das; Youngho Park. 2020. "Design of Secure Authentication Protocol for Cloud-Assisted Telecare Medical Information System Using Blockchain." IEEE Access 8, no. : 1-1.