A Robust Lightweight ECC-Based Three-Way Authentication Scheme for IoT in Cloud

Internet of things is an evolving technology which connects multiple embedded devices with a remote server over Internet. Due to limited capacity of embedded devices, it is important to delegate resources from third-party platform. Lots of research is going on to connect IoT devices to a wide resource pool such as cloud. This integration of IoT with cloud services has enormous possibility for future as resource-intensive processes can be delegated to cloud platform instead of executing in IoT node. This paper proposes a lightweight three-way authentication scheme for IoT in cloud where mutual authentication between IoT node and user’s smart device is performed by remote IoT gateway in cloud. The proposed scheme uses a three-factor user authentication to prevent device theft attack and ECC-based communication protocols to ensure less computation and communication overhead. Moreover, the proposed scheme is analysed to show that it is secure against existing relevant cryptographic attacks.

[1]  Chris J. Mitchell,et al.  Comments on the S/KEY user authentication scheme , 1996, OPSR.

[2]  Antonio Pescapè,et al.  Integration of Cloud computing and Internet of Things: A survey , 2016, Future Gener. Comput. Syst..

[3]  Djamel Tandjaoui,et al.  An Ultra-Lightweight Authentication Scheme for Heterogeneous Wireless Sensor Networks in the Context of Internet of Things , 2017, MSPN.

[4]  Manik Lal Das,et al.  Two-factor user authentication in wireless sensor networks , 2009, IEEE Transactions on Wireless Communications.

[5]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[6]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[7]  Rituparna Chaki,et al.  Secure and trusted cloud of things , 2013, 2013 Annual IEEE India Conference (INDICON).

[8]  Timo Ojala,et al.  CloudThings: A common architecture for integrating the Internet of Things with Cloud Computing , 2013, Proceedings of the 2013 IEEE 17th International Conference on Computer Supported Cooperative Work in Design (CSCWD).

[9]  Chun Chen,et al.  An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks , 2010, Ad Hoc Sens. Wirel. Networks.

[10]  Alireza Esfahani,et al.  A Lightweight Authentication Mechanism for M2M Communications in Industrial IoT Environment , 2019, IEEE Internet of Things Journal.

[11]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[12]  Christof Paar,et al.  Understanding Cryptography: A Textbook for Students and Practitioners , 2009 .

[13]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[14]  Sheetal Kalra,et al.  A lightweight biometrics based remote user authentication scheme for IoT services , 2017, J. Inf. Secur. Appl..

[15]  H. T. Mouftah,et al.  Trustworthy Sensing for Public Safety in Cloud-Centric Internet of Things , 2014, IEEE Internet of Things Journal.

[16]  Morris J. Dworkin,et al.  SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions , 2015 .