A Study of User Authentication Protocol Based on the ECC and OpenID Techniques in the Internet of Things

Authentication is a communication protocol processing procedure. In the Internet of Things, secure communication should be constructed between one "thing" and another by such a procedure. The identity that the second "thing" or object claims should be consistent with what the first one claims. Claimed identity information becomes a single message. Based on this message, we verify the identity of the "things". The purpose for both communication partners to implement authentication protocol is to have solid communication in the high layer (e.g., application layer). In order to do that, usually the authentication protocol has several sub-tasks such as identification key establishment, or key switching and consultation. In an authentication process, identity of the claimer can be acquired through message identification. In authenticated key establishment protocol, key establishment materials are also important protocol messages, which is part of entity authentication. In this paper, we focus on simple and efficient secure key establishment based on ECC (Elliptic Curve Cryptosystem). And we proposed ECC and OpenID based user authentication scheme. Our analysis shows that our approach can prevent attacks like eavesdropping, the man-in-the middle, key control attack, and replay attacks.