An Improved User Authentication Protocol for IoT

Rapid development in the field of internet of things (IoT) has increased numbers of applications. Meanwhile, security and privacy threats are also introduced. Various authentication protocols are devised to resist the malicious attacks. Li et al. proposed a remote user authentication protocol using smart cards and they claimed their protocol was secure. However, we find that it cannot resist DoS attack, stolen-verifier attack and replay attack. Then we propose a three-factor remote authentication protocol using smart card based on biometric. The proposed protocol can resist DoS attack effectively by increasing local verification of user identity and password.

[1]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[2]  Ashok Kumar Das,et al.  Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards , 2011, IET Inf. Secur..

[3]  Min-Shiang Hwang,et al.  A new remote user authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[4]  Chun-I Fan,et al.  Provably Secure Remote Truly Three-Factor Authentication Scheme With Privacy Protection on Biometrics , 2009, IEEE Transactions on Information Forensics and Security.

[5]  Muhammad Khurram Khan,et al.  Improving the security of 'a flexible biometrics remote user authentication scheme' , 2007, Comput. Stand. Interfaces.

[6]  Parmeshwary Dayal Srivastava,et al.  Cryptanalysis and Improvement of a Remote User Authentication Scheme using Smart Cards , 2008, 2008 International Symposium on Electronic Commerce and Security.

[7]  Chu-Hsing Lin,et al.  A flexible biometrics remote user authentication scheme , 2004, Comput. Stand. Interfaces.

[8]  Kee-Young Yoo,et al.  ID-based password authentication scheme using smart cards and fingerprints , 2003, OPSR.

[9]  Michael Scott,et al.  Cryptanalysis of an ID-based password authentication scheme using smart cards and fingerprints , 2004, OPSR.

[10]  J. K. Lee,et al.  Fingerprint-based remote user authentication scheme using smart cards , 2002 .

[11]  Chun-Ta Li,et al.  An efficient biometrics-based remote user authentication scheme using smart cards , 2010, J. Netw. Comput. Appl..

[12]  Wei-Chi Ku,et al.  Further cryptanalysis of fingerprint-based remote user authentication scheme using smartcards , 2005 .

[13]  Hung-Min Sun,et al.  An efficient remote use authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..