E-AUA: An Efficient Anonymous User Authentication Protocol for Mobile IoT

The emergence of the mobile Internet of Things (IoT) has made our lives smarter, relying on its various mobile IoT devices and services provided. However, with the explosively emerging mobile IoT services, malicious attackers can access them in an unauthorized way. In this paper, we designed an Efficient Anonymous User Authentication (E-AUA) protocol between the users and servers based on multiserver architectures, which contain multiple servers to address the problem of network congestion in mobile IoT. Furthermore, the E-AUA protocol was designed with a dual messages mechanism with strong anti-attack ability, lower communication and computation costs. Comparing with the state of the art protocols, our E-AUA protocol reduced both communication and computation costs. We also provided a security analysis to demonstrate that our E-AUA protocol is secure and meets a variety of security requirements in a motivated mobile IoT scenario.

[1]  Wei-Bin Lee,et al.  An efficient and secure multi-server authentication scheme with key agreement , 2012, J. Syst. Softw..

[2]  Wanlei Zhou,et al.  Identifying Propagation Sources in Networks: State-of-the-Art and Comparative Studies , 2017, IEEE Communications Surveys & Tutorials.

[3]  Joel J. P. C. Rodrigues,et al.  Secure Three-Factor User Authentication Scheme for Renewable-Energy-Based Smart Grid Environment , 2017, IEEE Transactions on Industrial Informatics.

[4]  Qi Xiong,et al.  Secure Transmission Against Pilot Spoofing Attack: A Two-Way Training-Based Scheme , 2016, IEEE Transactions on Information Forensics and Security.

[5]  Shusen Yang,et al.  BRPL: Backpressure RPL for High-Throughput and Mobile IoTs , 2017, IEEE Transactions on Mobile Computing.

[6]  Eun-Jun Yoon,et al.  Design of Mutually Authenticated Key Agreement Protocol Resistant to Impersonation Attacks for Multi-Server Environment , 2017, IEEE Access.

[7]  Sherali Zeadally,et al.  Efficient and Anonymous Mobile User Authentication Protocol Using Self-Certified Public Key Cryptography for Multi-Server Architectures , 2016, IEEE Transactions on Information Forensics and Security.

[8]  Shibin Wang,et al.  LIAP: A local identity-based anonymous message authentication protocol in VANETs , 2017, Comput. Commun..

[9]  Chih-Ming Hsiao,et al.  A novel multi-server remote user authentication scheme using self-certified public keys for mobile clients , 2013, Future Gener. Comput. Syst..

[10]  Qi Xie,et al.  Provably Secure Dynamic ID-Based Anonymous Two-Factor Authenticated Key Exchange Protocol With Extended Security Model , 2017, IEEE Transactions on Information Forensics and Security.

[11]  Josep Domingo-Ferrer,et al.  Round-Efficient and Sender-Unrestricted Dynamic Group Key Agreement Protocol for Secure Group Communications , 2015, IEEE Transactions on Information Forensics and Security.

[12]  Maurizio Longo,et al.  DDoS Attacks With Randomized Traffic Innovation: Botnet Identification Challenges and Strategies , 2016, IEEE Transactions on Information Forensics and Security.

[13]  Jun Ho Huh,et al.  Surpass: System-initiated User-replaceable Passwords , 2015, CCS.

[14]  Mohammad Tariqul Islam,et al.  Extending Birthday Paradox Theory to Estimate the Number of Tags in RFID Systems , 2014, PloS one.

[15]  Javier Herranz,et al.  On the Efficiency of Revocation in RSA-Based Anonymous Systems , 2016, IEEE Transactions on Information Forensics and Security.

[16]  Neetesh Saxena,et al.  EasySMS: A Protocol for End-to-End Secure Transmission of SMS , 2014, IEEE Transactions on Information Forensics and Security.

[17]  Kun-Lin Tsai,et al.  TTP Based High-Efficient Multi-Key Exchange Protocol , 2016, IEEE Access.

[18]  Xiaoyan Zhu,et al.  An Efficient Anonymous Batch Authentication Scheme Based on HMAC for VANETs , 2016, IEEE Transactions on Intelligent Transportation Systems.

[19]  Jun Zhang,et al.  Detecting and Preventing Cyber Insider Threats: A Survey , 2018, IEEE Communications Surveys & Tutorials.

[20]  Mingchu Li,et al.  SRTS : A Self-Recoverable Time Synchronization for sensor networks of healthcare IoT , 2017, Comput. Networks.

[21]  Zhiguang Qin,et al.  Revocable and Scalable Certificateless Remote Authentication Protocol With Anonymity for Wireless Body Area Networks , 2015, IEEE Transactions on Information Forensics and Security.

[22]  Jian Shen,et al.  Anonymous and Traceable Group Data Sharing in Cloud Computing , 2018, IEEE Transactions on Information Forensics and Security.

[23]  Vanga Odelu,et al.  A Secure Biometrics-Based Multi-Server Authentication Protocol Using Smart Cards , 2015, IEEE Transactions on Information Forensics and Security.

[24]  Wazir Zada Khan,et al.  Mobile Phone Sensing Systems: A Survey , 2013, IEEE Communications Surveys & Tutorials.

[25]  Jenq-Shiou Leu,et al.  An anonymous mobile user authentication protocol using self-certified public keys based on multi-server architectures , 2014, The Journal of Supercomputing.

[26]  Yao Zhang,et al.  A novel efficient MAKA protocol with desynchronization for anonymous roaming service in Global Mobility Networks , 2018, J. Netw. Comput. Appl..

[27]  Moe Z. Win,et al.  Network Localization and Synchronization Using Full-Duplex Radios , 2018, IEEE Transactions on Signal Processing.

[28]  Moe Z. Win,et al.  Cooperative Network Synchronization: Asymptotic Analysis , 2017, IEEE Transactions on Signal Processing.

[29]  Fagen Li,et al.  Identity-based online/offline signcryption for low power devices , 2012, J. Netw. Comput. Appl..

[30]  Benhui Chen,et al.  Comments on "Provably Secure Dynamic Id-Based Anonymous Two-Factor Authenticated Key Exchange Protocol With Extended Security Model" , 2019, IEEE Trans. Inf. Forensics Secur..

[31]  Jian Shen,et al.  A Novel Security Scheme Based on Instant Encrypted Transmission for Internet of Things , 2018, Secur. Commun. Networks.

[32]  Debiao He,et al.  Robust Biometrics-Based Authentication Scheme for Multiserver Environment , 2015, IEEE Systems Journal.