Fig 1 - uploaded by Pardeep Kumar
Content may be subject to copyright.
Source publication
The proliferation of current wireless communications and information technologies have been altering humans lifestyle and social interactions-the next frontier is the smart home environments or spaces. A smart home consists of low capacity devices (e.g., sensors) and wireless networks, and therefore, all working together as a secure system that nee...
Contexts in source publication
Context 1
... cost: The communication cost means the energy spent by a SD (device A) having a packet of a given size to be transmitted/received. To evaluate the communi- cation cost for the proposed scheme, we have adopted the energy model from Meulenaer et al. [48]. On the TelosB platform, transmitting and receiving a single bit of data re- quired 0.72 µJ and 0.81 µJ, respectively [48]. Table IV shows the communication energy costs for transmitting (response {K idA , N A , tag, T 2}) and receiving (request {Gid, C, T 1, r}, and notify {N HG , T 3}) messages at the SD. It can be seen from Table IV that the proposed scheme consumes only 430.22 µJ communication energy to execute the whole scheme, and therefore achieved communication cost efficiency. In ad- dition, we have omitted the energy costs at the HG, since it has enough resources (i.e., computational power and memory) to compute the complex cryptographic operations. Furthermore, in Fig. 11, we are summarizing the com- munication costs comparisons (in terms of the number of message exchanges) of the proposed scheme and [14], [15], [16]. To execute the whole protocol, Li's scheme [14] takes four rounds of message exchanges, Vaidya et al.'s scheme needs two message exchanges [15], and Han et al.'s scheme [16] needs six rounds for a successful authentication and key establishment, as shown in Fig. 11. Whereas, our scheme requires three rounds of message exchanges (request, response, and notify, refer Fig. 4), which are quite practical in such smart home applications. Thus, considering the security overhead (i.e., computational and communication costs), it is easy to say the proposed scheme can be a good alternative for securing the smart home ...
Context 2
... cost: The communication cost means the energy spent by a SD (device A) having a packet of a given size to be transmitted/received. To evaluate the communi- cation cost for the proposed scheme, we have adopted the energy model from Meulenaer et al. [48]. On the TelosB platform, transmitting and receiving a single bit of data re- quired 0.72 µJ and 0.81 µJ, respectively [48]. Table IV shows the communication energy costs for transmitting (response {K idA , N A , tag, T 2}) and receiving (request {Gid, C, T 1, r}, and notify {N HG , T 3}) messages at the SD. It can be seen from Table IV that the proposed scheme consumes only 430.22 µJ communication energy to execute the whole scheme, and therefore achieved communication cost efficiency. In ad- dition, we have omitted the energy costs at the HG, since it has enough resources (i.e., computational power and memory) to compute the complex cryptographic operations. Furthermore, in Fig. 11, we are summarizing the com- munication costs comparisons (in terms of the number of message exchanges) of the proposed scheme and [14], [15], [16]. To execute the whole protocol, Li's scheme [14] takes four rounds of message exchanges, Vaidya et al.'s scheme needs two message exchanges [15], and Han et al.'s scheme [16] needs six rounds for a successful authentication and key establishment, as shown in Fig. 11. Whereas, our scheme requires three rounds of message exchanges (request, response, and notify, refer Fig. 4), which are quite practical in such smart home applications. Thus, considering the security overhead (i.e., computational and communication costs), it is easy to say the proposed scheme can be a good alternative for securing the smart home ...
Context 3
... cost: In this paper, we have implemented the authentication and key establishment phase considering the following message sizes, i.e., IDs as 1 byte, MAC size as 4 bytes, random number as 4 bytes, time stamp as 4 bytes, key size as 16 bytes, and HMAC size as 16 bytes. Due to the sensor node's scarcity nature, this paper shows the price of security overhead (i.e., memory consumption and execution time) for the SD. As shown in Fig. 10, security overhead for a SD is signifi- cantly low --AES, CBC-MAC, and HMAC needs reasonable RAM and ROM size. Hence, the proposed scheme leaves an ample storage space on a smart device to execute the other (smart home) services. In addition, AES, CBC-MAC, and HMAC operations take 3.6 ms (millisecond), 8.4 ms and 39 ms, respectively, computation time at the device A. The time complexity of our scheme is much more efficient than those of the public key based schemes (e.g., [14] and [15]) which need high time complexity for point multiplication ...
Context 4
... smart homes have great possibilities to enable a variety of use cases, e.g., light control system, appliance control system, climate control, multimedia system, smart energy system, and security and safety system [1] [2] [3]. Moreover, there is a tremendous business/research potential for the smart appliances in home environments that can give an independent life to the elderly and disabled people [4]. A smart home can also provide a remote care to a resident suffering from a cognitive deficit to complete his activities of daily living activities (ADL) [1] [5]. Recently, several research projects have been initiated to develop the smart homes, e.g., HOPE (smart home for elderly people) [6], SM4ALL (smart home for all) [7] and GENIO (next generation home) [8], etc. Typically, a smart home network consists of a number of heterogeneous smart devices, such as, low-cost sensor, actuator, smart light, smart window shutter, smart thermostat and surveillance camera or other type of smart devices that are integrated with intelligence, as shown in Fig. 1. Note that home environments and networks are used interchangeably. Most of the devices are having resource-limitations (e.g., computational power, bandwidth, and battery power) [9]. How- ever, in such home networks, the SDs communicate over the wireless channels through the local home gateway. The home gateway acts as a bridge between the SDs and the users, and provides interoperability and control for the SDs, connect to the outer world via the Internet [10] [11]. Thus the novelties of SDs are enabling users to operate homes (or to monitor elderly and disabled people) remotely/directly using the smart phones, tablets, or through designated web apps, anywhere and ...
Similar publications
Based on the background of the Internet of Things, this paper proposes a communication node information transmission protocol for wireless network sensors. This method adopts the strategy of alternating listening and sleeping. It can also reflect the overall characteristics of the monitoring range while meeting the real-time requirements. The proto...
Citations
... The design system is compared to the existing architecture as depicted in Figure 1 and also considers a standard HAN (Home area network) that consists of various connected devices [30,31]. The elements of the architecture are presented below: ...
... The smart device typically connects to the gateway using the HAN. The gateway primarily uses long-range interface wireless fidelity for preserving connections with the outside environment using the Internet [30]. ...
The popularity of the IoT has recently increased due to the proliferation of IoT applications in various industries. Users can remotely access and control IoT appliances and devices from anywhere. Distributed IoT devices and smart environments have limited computing power. The attacker communicates through an open channel with the smart home environment. However, the secure access and privacy of smart devices are also a big challenge in smart home IoT (SH-IoT) networks. Robust and lightweight authentication protocols are required in SH-IoT environments to ensure security. In this paper, we propose a Secure Authenticated Scheme for Smart Home (SASSH) for smart home networks to provide secure communication. Moreover, this paper also provides an informal and formal analysis of the proposed scheme. The simulation analysis of the proposed scheme is done for validation usingthe AVISPA tool to determine whether it is secure. Our proposed scheme, which utilizes the AVISPAtool and RoR model, demonstrates high functionality, computational efficiency, and cost-effectiveness.
... Users needed to provide passwords and personal biological templates at the same time to complete identity authentication, and regarded the gateway node as a secure device that could not be stolen, which was somewhat different from the actual application. Kumar et al. [33] designed a secure key protocol suitable for smart home. This protocol can provide mutual authentication between two communication parties and establish temporary communication keys. ...
... Similarly, Kumar et al. [15] also proposed a lightweight authentication and session key establishment protocol for IoT-based smart home systems. Their scheme claims resistance against notable attacks like key-stolen attacks. ...
... Both general and specific functional and security requirements have been utilized to achieve the intended security properties of the schemes. Our proposed approach achieves all the security requirements, especially resistance to known attacks and node capture attacks, by comparing with the existing approaches [15,16,[22][23][24], as shown in Table 5. Therefore, the rest of the discussion primarily focuses on how the proposed scheme withstands node capture attacks. ...
... This section compares the proposed protocol with previously proposed security protocols [15,16,[22][23][24] in terms of communication and computation costs [26]. ...
Citation: Asghar, I.; Khan, M.A.; Ahmad, T.; Ullah, S.; Mansoor ul Hassan, K.; Buriro, A. Fortifying Smart Home Security: A Robust and Efficient User-Authentication Scheme to Counter Node Capture Attacks. Sensors 2023, 23, 7268. https:// Abstract: In smart home environments, the interaction between a remote user and devices commonly occurs through a gateway, necessitating the need for robust user authentication. Despite numerous state-of-the-art user-authentication schemes proposed over the years, these schemes still suffer from security vulnerabilities exploited by the attackers. One severe physical attack is the node capture attack, which allows adversaries to compromise the security of the entire scheme. This research paper advances the state of the art by conducting a security analysis of user-authentication approaches regarding their vulnerability to node capture attacks resulting in revelations of several security weaknesses. To this end, we propose a secure user-authentication scheme to counter node capture attacks in smart home environments. To validate the effectiveness of our proposed scheme, we employ the BAN logic and ProVerif tool for verification. Lastly, we conduct performance analysis to validate the lightweight nature of our user-authentication scheme, making it suitable for IoT-based smart home environments.
... In 1981, Lamport et al. [6] proposed a remote user authentication scheme using a password table. In recent years, with the popularity of IoT applications, scholars have proposed many authentication schemes for smart home environment [7][8][9][10]. In 2021, Zou et al. proposed an authentication scheme based on elliptic curve cryptography (ECC) in smart home environment, and in 2022, CHO et al. [11] claimed that Zou et al.'s [12] authentication scheme is vulnerable to forgery and session key compromise attacks and proved that the scheme of Zou et al. does not guarantee mutual authentication between home users and home devices. ...
With the rapid development of IoT technology, smart home is attracting much attention due to its convenience and comfort. In 2022, CHO et al. proposed an anonymous user authentication scheme using PUFs in smart home environment. However, this paper conducts a security analysis and finds that CHO et al.'s scheme cannot resist tracking attacks, replay attacks and cannot reach session keys. In order to overcome the shortcomings of CHO et al.'s scheme, this paper proposes an improved PUF-based secure anonymous user authentication scheme. After security analysis and comparison with related authentication schemes in terms of security and computational cost, it is demonstrated that the improved scheme is resistant to a variety of attacks and can achieve secure and efficient authentication.
... Santoso and Vun [32] devised a secure two-factor AKA scheme, which uses elliptic curve cryptography (ECC) technology and is suitable for the smart home environment based on the IoT. Kumar et al. [33] also proposed a lightweight scheme for this environment and realized the establishment of session key between gateway and smart device. However, other scholars have proved that anonymity and untraceability cannot be provided. ...
The extensive application of the Internet of Things (IoT) and artificial intelligence technology has greatly promoted the construction and development of smart cities. Smart home as the foundation of smart cities can optimize home lifestyles. However, users access the smart home system through public channels, and the transmitted information is vulnerable to attack by attackers, and the privacy and data security of the home user will be difficult to be guaranteed. Therefore, how to protect users’ data and privacy security becomes critical. In this paper, we design a provably secure authentication scheme for the smart home environment, which ensures that only legitimate users can use smart devices. We use the informal model to verify the security of the scheme and formally analyze the security and correctness of the scheme through the Real or Random model. Finally, through the comparison of security and performance analysis, it is proven that our scheme has higher security under similar performance.
... Once credentials are obtained, A can launch replay, device impersonation and man-in-the-middle attacks. Based on the information given in [77], we also believe that the border router is completely trustworthy and cannot be compromised. Otherwise, the network as a whole would be jeopardised if the border router were compromised. ...
The vast expansion of the Internet of Things (IoT) devices and related applications has bridged the gap between the physical and digital world. Unfortunately, security remains a major challenge and the lack of secure links have fueled the increased attacks on IoT devices and networks. Due to its inherent scalability, Public Key Infrastructure (PKI) is the well-known and classic approach to bring public-key certificate based security to IoT. Even though the standard X.509 explicit certificates can be viable solution, they are inefficient and too large for resource constrained IoT networks and therefore, smaller, faster and more efficient Elliptic Curve Qu Vanstone (ECQV) implicit certificates can be employed for establishing authenticated connections in IoT. Moreover, the existing certificate-based authentication proposals in standardized IoT networks have either been deployed at the transport or physical layers. Thus, these proposals fail to provide true end-to-end security to messages at the application layer in the presence of intermediate CoAP proxies. This challenging aspect is addressed in this proposal by focusing on the certificate-based authentication at the application layer to ensure true end-to-end security of messages. Additionally, IoT application layer security protocols like EDHOC lacks mechanism for authenticated distribution of public keys and thus, there is a need for lightweight authentication based cryptographic primitive for establishing secure key agreement in IoT. This paper introduces a design and implementation of a lightweight ECQV implicit certificate and use them for authenticated key exchange in EDHOC at the application layer. We also design a lightweight profile with a novel encoding mechanism for ECQV implicit certificate, called L-ECQV. To prove its viability, L-ECQV has been implemented and evaluated on Contiki operating system. Our evaluation results show that the proposed L-ECQV certificate approach reduces energy consumption by 27%, message overhead of EDHOC handshake by 52%, and shows improvements in certificate validation time. The security analysis demonstrates that proposed L-ECQV certificates for EDHOC protocol is secure against a number of attack vectors present in the IoT network. This novel combination of ECQV certificates with EDHOC key exchange leads to a secure and lightweight authenticated key agreement in IoT networks.
... This scheme provided mutual authentication accomplished by mediatory of a trusted third party. In Kumar et al. (2016) scheme, initially, devices establish a secure connection and key exchange with the related home gateway. Then all accessibilities and connections among two different devices were possible through the connection between their gateways. ...
In smart home technology, we are facing with increasing development in communications and capabilities which enforces to design a robust and scalable scheme for access verification. Nonetheless, without proper authentication preventing from unauthorized access is not possible. Although, some related schemes have presented to address security challenges, these are usually implemented relying on the central point considered as a trusted third party and suffered from drawbacks such as single point failure, privacy violation, monitoring user’s activities, lack of transparency, incongruous with the computing capability of devices. However, we propose a blockchain-based authentication and access verification scheme (BAAS) to mitigate security and efficiency challenge in smart home. In this model we determined blockchain nodes which are spread throughout in whole area. These nodes store all issued access policies in an efficient and tamper-proof data structure called Merkle Patricia Tree (MPT) and provide distributed access verification. BAAS advantages of: providing mutual and point to point authentication; eliminating direct mediators; exploiting attribute-based signature to achieve privacy-preserving; increasing efficiency by providing distribution; increasing trust by providing transparency on the activities of blockchain nodes and profiting of MPT that grantees the integrity and provides efficient detection. Meanwhile, implementing security analysis proves all provided security features. Besides, BAAS is simulated on OPNET software to evaluate its computational complexity and validate functionality.
... On the other hand, an efficient scheme is introduced in [35] to offer device authentication with untrusted cloud systems. Similarly, a session key agreement protocol is developed in [36] for the smart home environment. However, the scheme in [36] fails to provide mutual authentication, anonymity and perfect forward key secrecy. ...
... Similarly, a session key agreement protocol is developed in [36] for the smart home environment. However, the scheme in [36] fails to provide mutual authentication, anonymity and perfect forward key secrecy. On the other hand, a PKI-based scheme introduced in [37] incurs excessive computation overheads [38]. ...
The communication channel between the smart home devices and the remote users is susceptible to numerous privacy and security compromise attacks. To address these issues, many authentication protocols have been developed. However, majority of these security schemes have vulnerabilities that may still be exploited to wreck havoc in smart homes. For instance, protocols based on low entropy passwords can be broken by polynomial time adversaries. Apart from security and privacy challenges, efficiency of the entire authentication process is another challenge that needs to be solved. To this end, most of the conventional smart home authentication protocols incur extensive storage, computation as well as communication overheads which are unsuitable for resource limited smart home devices. In this paper, an anonymous lightweight protocol is developed, based on one-way hashing and elliptic curve point multiplication operations. Formal verification of this protocol is executed using ProVerif while its informal security analysis demonstrates its robustness against majority of the smart home privacy and security attacks. In terms of operational efficiency, comparative analysis is carried out which shows that it incurs relatively low computation, storage and communication overheads.
... Kumar [9] et al. proposed a scheme based on secure session key establishment and lightweight. In smart home network for creating mutual trust a session key with GWN established with each of the smart devices control unit by using short authentication token. ...
... Kumar et al. [30] introduced a new authentication mechanism for an SH environment. In this scheme, the SK is created by utilizing a small token to achieve authentication and theusingntity. ...
For the betterment of human life, smart Internet of Things (IoT)-based systems are needed for the new era. IoT is evolving swiftly for its applications in the smart environment, including smart airports, smart buildings, smart manufacturing, smart homes, etc. A smart home environment includes resource-constrained devices that are interlinked, monitored, controlled, and analyzed with the help of the Internet. In a distributed smart environment, devices with low and high computational power work together and require authenticity. Therefore, a computationally efficient and secure protocol is needed. The authentication protocol is employed to ensure that authorized smart devices communicate with the smart environment and are accessible by authorized personnel only. We have designed a novel, lightweight secure protocol for a smart home environment. The introduced novel protocol can withstand well-known attacks and is effective with respect to computation and communication complexities. Comparative, formal, and informal analyses were conducted to draw the comparison between the introduced protocol and previous state-of-the-art protocols
