Papers
Topics
Authors
Recent
Search
2000 character limit reached

A Security Enhanced Authentication Protocol

Published 23 Dec 2023 in cs.CR | (2312.15250v1)

Abstract: Internet of Things (IoT) have gained popularity in recent times. With an increase in the number of IoT devices, security and privacy vulnerabilities are also increasing. For sensitive domains like healthcare and industrial sectors, such vulnerabilities can cause havoc. Thus, authentication is an important aspect for establishing a secure communication between various participants. In this paper, we study the two recent authentication and key exchange protocols. We prove that these protocols are vulnerable to replay attack and modification attack, and also suffer from technical correctness. We then present the possible improvements to overcome the discussed vulnerabilities. The enhancement preserves performance of the original protocols.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (7)
  1. M. Hatton, “The iot in 2030-24 billion connected things generating $1.5 trillion,” 2020. [Online accessed 23.12.2023].
  2. “Tesla Data Breach.” https://techcrunch.com/2023/08/21/tesla-breach-employee-insider/, 2023. [Online accessed 23.12.2023].
  3. S. Challa, A. K. Das, V. Odelu, N. Kumar, S. Kumari, M. K. Khan, and A. V. Vasilakos, “An efficient ecc-based provably secure three-factor user authentication and key agreement protocol for wireless healthcare sensor networks,” Computers & Electrical Engineering, vol. 69, pp. 534–554, 2018.
  4. M. Masud, M. Alazab, K. Choudhary, and G. S. Gaba, “3p-sake: privacy-preserving and physically secured authenticated key establishment protocol for wireless industrial networks,” Computer Communications, vol. 175, pp. 82–90, 2021.
  5. M. Masud, G. S. Gaba, P. Kumar, and A. Gurtov, “A user-centric privacy-preserving authentication protocol for iot-ami environments,” Computer Communications, vol. 196, pp. 45–54, 2022.
  6. Y. Dodis, L. Reyzin, and A. Smith, “Fuzzy extractors: How to generate strong keys from biometrics and other noisy data,” in Advances in Cryptology-EUROCRYPT 2004: International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004. Proceedings 23, pp. 523–540, Springer, 2004.
  7. A. K. Das, M. Wazid, N. Kumar, A. V. Vasilakos, and J. J. Rodrigues, “Biometrics-based privacy-preserving user authentication scheme for cloud-based industrial internet of things deployment,” IEEE Internet of Things Journal, vol. 5, no. 6, pp. 4900–4913, 2018.
Citations (3)
View on Semantic Scholar

Summary

No one has generated a summary of this paper yet.

Sign Up to Summarize

Paper to Video (Beta)

No one has generated a video about this paper yet.

Sign Up to Generate All Videos Subscribe on YouTube

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Generate Now

Collections

Sign up for free to add this paper to one or more collections.

Sign Up