Title: Cryptanalysis and improvement of an authentication scheme for IoT

Authors: Rahul Kumar; Mridul Kumar Gupta; Saru Kumari

Addresses: Department of Mathematics, Chaudhary Charan Singh University, Meerut, India ' Department of Mathematics, Chaudhary Charan Singh University, Meerut, India ' Department of Mathematics, Chaudhary Charan Singh University, Meerut, India

Abstract: With the interference of various types of embedded devices, sensors and gadgets in day-to-day life, the buzzword internet of things (IoT) has become very popular. In the context of IoT environment, proper device authentication is important. Recently, Wang et al. (2017) introduced an authentication protocol for secure communication between the embedded device and the cloud server over IoT networks. They insisted that their protocol is secure from various attacks in the open network. However, we show that Wang et al.'s (2017) protocol is not secure against impersonation attack, replay attack and it does not provide device's anonymity. To conquer these problems, we design an improvement of Wang et al.'s (2017) protocol. We show that our protocol is secure against various attacks; specifically, it is free from the attacks pointed out in Wang et al.'s (2017) protocol. Through performance evaluation of our proposed protocol with the existing related protocols, we show that the proposed protocol is suitable for IoT environment.

Keywords: internet of things; IoT; impersonation attack; device's anonymity; ECC; embedded device.

DOI: 10.1504/IJICS.2022.126754

International Journal of Information and Computer Security, 2022 Vol.19 No.1/2, pp.73 - 87

Received: 22 Jun 2020
Accepted: 28 Nov 2020
Published online: 04 Nov 2022 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article