Paper 2022/1080

A Lightweight, Secure Big data-based Authentication and Key-agreement Scheme for IoT with Revocability

Behnam Zahednejad, Guangzhou University
Abstract

With the rapid development of Internet of Things (IoT), designing a secure two-factor authentication scheme for these network is increasingly demanding. Recently, historical bigdata has gained interest as a novel authentication factor in this area. In this paper, we focus on a recent authentication scheme using bigdata (Liu et al.’s scheme) which claims to provide additional security properties such as Perfect Forward Secrecy (PFS), Key Compromise Impersonation (KCI) resilience and Server Compromise Impersonation (SCI) resilience. However, assuming a real strong attacker, rather than a weak one. we show that their scheme not only fails to provide KCI and SCI, but also doesn’t provide real two-factor security, revocability and suffers inside attack. Then we propose our novel scheme which can indeed provide two-factor security, PFS , KCI and inside attack resilience and revocability of the client. Further, our performance analysis shows that our scheme has reduced modular exponentiation operation and multiplication for both client and server compared to Liu et al.’s scheme which reduces the execution time by one third i.e. 6 ms and 30 ms (0.3 ms and 4 ms) for IoT device (server) for security levels of λ = 128, λ = 256 respectively

Metadata
Available format(s)
-- withdrawn --
Category
Cryptographic protocols
Publication info
Preprint.
Contact author(s)
bzahednezhad @ gmail com
History
2023-01-25: withdrawn
2022-08-19: received
See all versions
Short URL
https://ia.cr/2022/1080
License
No rights reserved
CC0
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.