ECC-Based Anonymous and Multi-factor Authentication Scheme for IoT Environment
DOI:
https://doi.org/10.3991/ijoe.v21i01.51633Keywords:
Authentication, Intern of Things (IOT), Elliptic Curve Cryptography, Three-factor security, BiometricAbstract
Owing to its capability to offer remote services, the Internet of Things (IoT) has immersed itself in all areas of our daily lives. However, this big use of IoT networks makes the user’s data change insecurely in open channels vulnerable to malicious use. As a result, the security of the user’s data in an IoT environment becomes a critical issue. Given that authentication is a mechanism that may prevent hackers from retrieving and exploiting data communicated between IoT devices, researchers have proposed many lightweight IoT authentication schemes in the last decades. However, most of these schemes are based on two authentication factors and are unable to ensure unlink ability, key secrecy, perfect forward secrecy, and resistance to node capture, denial of service (DoS) attacks, stolen verifiers, denning-SSACO attacks, and GWN bypassing. In this paper, we present an anonymous three-factor authentication scheme based on elliptic curve cryptography (ECC), which can provide all security services and resist well-known attacks. Then, based on informal security analysis and the formal security proof using ProVerif we show that our provided scheme is secure and can resist known attacks. Finally, we show the comparison result among our protocol and other protocols in terms of computation overheads, communication overheads, and security features.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Souhayla Dargaoui, Mourade Azrour, Ahmad El Allaoui, Azidine Guezzaz, Abdulatif Alabdulatif, Sultan Ahmad
This work is licensed under a Creative Commons Attribution 4.0 International License.
