Secure Fuzzy Extractor based remote user validation scheme for Wearable devices

With the rapid development of the Internet of Things (IoT), wearable technology is gaining a significant importance in the recent era. Major applications of wearable technology are fitness trackers, healthcare, smart shoes, sleeping cycles, wearable computers, smart watches etc. These intelligent devices function in conjunction with mobile terminals to provide ease of access and data analysis of sensitive information, generated from the wearable devices. The data from these devices are private data of users and authentication plays a major role in securing these data against the illegal access. This paper presents a Fuzzy extractor adopted authentication scheme for legitimate access of information from the wearable devices. This scheme promotes session key generation and mutual authentication. Further, the security can be enhanced with the use of Fuzzy Extractor for session key agreement. The mechanism proposed is validated with the use of most used AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and the result obtained assures that it is strong against various security attacks. Also, the functionality feature analysis confesses the efficiency of the proposed scheme. Thus the remote user authentication method proposed can be concluded as more suitable for resourceconstrained wearable devices. Keywords— Internet of Things, AVISPA, Wearable devices, Fuzzy Extractor, Chebyshev chaotic map

[1]  Hamed Arshad,et al.  A secure authentication and key agreement scheme for roaming service with user anonymity , 2017, Int. J. Commun. Syst..

[2]  Jian Shen,et al.  A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server , 2017, Comput. Electr. Eng..

[3]  Ashok Kumar Das,et al.  A robust anonymous biometric-based remote user authentication scheme using smart cards , 2015, J. King Saud Univ. Comput. Inf. Sci..

[4]  Jian Weng,et al.  A novel asymmetric three-party based authentication scheme in wearable devices environment , 2016, J. Netw. Comput. Appl..

[5]  Douglas R. Stinson,et al.  Some Observations on the Theory of Cryptographic Hash Functions , 2006, Des. Codes Cryptogr..

[6]  Mauro Conti,et al.  Provably Secure Authenticated Key Agreement Scheme for Smart Grid , 2018, IEEE Transactions on Smart Grid.

[7]  Ashok Kumar Das,et al.  A secure and effective biometric‐based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor , 2017, Int. J. Commun. Syst..

[8]  Muhammad Khurram Khan,et al.  A robust and anonymous patient monitoring system using wireless medical sensor networks , 2018, Future Gener. Comput. Syst..

[9]  David von Oheimb The High-Level Protocol Specification Language HLPSL developed in the EU project AVISPA , 2005 .

[10]  Ragib Hasan,et al.  SEPIA: Secure-PIN-Authentication-as-a-Service for ATM Using Mobile and Wearable Devices , 2015, 2015 3rd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering.

[11]  Vanga Odelu,et al.  A secure and efficient ECC-based user anonymity preserving single sign-on scheme for distributed computer networks , 2015, Secur. Commun. Networks.

[12]  Ashok Kumar Das,et al.  An effective ECC-based user access control scheme with attribute-based encryption for wireless sensor networks , 2015, Secur. Commun. Networks.

[13]  Sherali Zeadally,et al.  Authentication protocol for an ambient assisted living system , 2015, IEEE Communications Magazine.

[14]  Sherali Zeadally,et al.  Toward self-authenticable wearable devices , 2015, IEEE Wireless Communications.

[15]  Carmen Sánchez Ávila,et al.  Biometric Fuzzy Extractor Scheme for Iris Templates , 2009, Security and Management.

[16]  Palash Sarkar,et al.  A Simple and Generic Construction of Authenticated Encryption with Associated Data , 2010, TSEC.

[17]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[18]  Muhammad Khurram Khan,et al.  Authentication Protocols for Implantable Medical Devices: Taxonomy, Analysis and Future Directions , 2018, IEEE Consumer Electronics Magazine.

[19]  Adam Duffy,et al.  A Biometric Identity Based Signature Scheme , 2007, Int. J. Netw. Secur..

[20]  Hugo Krawczyk,et al.  Universally Composable Notions of Key Exchange and Secure Channels , 2002, EUROCRYPT.

[21]  Jianfeng Ma,et al.  An novel three-party authenticated key exchange protocol using one-time key , 2013, J. Netw. Comput. Appl..

[22]  Jizhou Sun,et al.  A new design of wearable token system for mobile device security , 2008, IEEE Transactions on Consumer Electronics.

[23]  Jian Shen,et al.  An efficient authentication and key agreement scheme with user anonymity for roaming service in smart city , 2017, Personal and Ubiquitous Computing.

[24]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[25]  R. Saravanan,et al.  A Secure Authentication Scheme with User Anonymity for Roaming Service in Global Mobility Networks , 2015, Wirel. Pers. Commun..

[26]  Wei Lin,et al.  An authentication protocol for wearable medical devices , 2017, 2017 13th International Conference and Expo on Emerging Technologies for a Smarter World (CEWIT).

[27]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[28]  Huansheng Ning,et al.  The yoking-proof-based authentication protocol for cloud-assisted wearable devices , 2016, Personal and Ubiquitous Computing.

[29]  Vanga Odelu,et al.  A secure effective key management scheme for dynamic access control in a large leaf class hierarchy , 2014, Inf. Sci..

[30]  Hung-Yu Chien,et al.  Tree-Based RFID Yoking Proof , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[31]  Chao Yang,et al.  Efficient end-to-end authentication protocol for wearable health monitoring systems , 2017, Comput. Electr. Eng..

[32]  Vanga Odelu,et al.  A Secure Smartcard-Based Anonymous User Authentication Scheme for Healthcare Applications Using Wireless Medical Sensor Networks , 2017, Wirel. Pers. Commun..

[33]  Ashok Kumar Das,et al.  A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks , 2016, Peer-to-Peer Netw. Appl..

[34]  Ashok Kumar Das,et al.  A Secure and Efficient Uniqueness-and-Anonymity-Preserving Remote User Authentication Scheme for Connected Health Care , 2013, Journal of Medical Systems.