An efficient biometric based remote user authentication scheme for secure internet of things environment

Abstract

A well connected of network of smart devices that can be accessed through internet is broadly known as Internet of Things (IoT). IoT has diversified application exploiting various technologies that requires integration of computing devices with end users. The use of IoT provides efficient management large and heterogeneous assets, establishes a real time network for strong connectivity and set up useful coordination among various resources. For example, in defense system, IoT can be applicable in monitoring war fighter’s health, border area surveillance, proactive equipment maintenance etc. However, maintaining privacy and security through secure remote authentication is an essential prerequisite for hazard-free use of IoT based services. In this paper, we provide an efficient and secured authentication protocol for remote IoT based services. Our proposed scheme does not exploit computation costly operation and avoids heavy storage in medical application server, thus making it suitable for battery limited devices. Finally, we perform the formal security verification using the widely accepted verification tool, called the ProVerif 1.93, to show that presented scheme is secure.

Keywords

Remote user authentication internet of things biometrics security ProVerif 1.93

Get full access to this article

View all access options for this article.

References

Challa

, Wazid

, Das

A.K.

, Kumar

, Reddy

A.G.

, Yoon

E.Y.

and Yoo

K.Y.

, Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications, IEEE Access, 2017. DOI: 10.1109/ACCESS.2017.2676119

Atzori

, Iera

and orabito

, The internet of things: A survey, Computer Networks54(15) (2010), 2787–2805.

Gubbi

, Buyya

, Marusic

and Palaniswami

, Internet of Things (IoT): A vision, architectural elements, and future directions, Future Generation Computer Systems29(7) (2013), 1645–1660.

, Zhu

, Wen

, Jin

, Zhang

and He

, A secure and efficient authentication and key agreement scheme based on ECC for telecare medicine information systems, Journal of Medical Systems38 (2014), 9994.

Arshad

and Nikooghadam

, Three-factor anonymous authentication and key agreement scheme for telecare medicine information systems, Journal of Medical Systems38(12) (2014), 136.

C.T.

, Lee

C.C.

and Weng

C.Y.

, A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems, Journal of Medical Systems38 (2014), 77.

Xie

, Liu

, Wang

, Han

, Hu

and Wu

, Improvement of a uniqueness-and-anonymity-preserving user authentication scheme for connected health care, Journal of Medical Systems38(9) (2014), 91.

and Wu

, Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care, Journal of Medical Systems39 (2015), 10.

Dolev

and Yao

, On the security of public key protocols, IEEE Transactions on Information Theory29(2) (1983), 198–208.

10.

Kocher

, Jaffe

and Jun

, Differential power analysis, Proceedings of Advances in Cryptology: Santa Barbara, CA, USA., 388–397, 1999.

11.

Abadi

, Blanchet

and Lundh.

H.C.

, Models and Proofs of Protocol Security: A Progress Report, Grenoble, France, pp. 35–49, 2009.

12.

Abadi

and Fournet

, Mobile Values, New Names and Secure Communication, Proceedings of the 28th ACM SIGPLANSIGACT Symposium on Principles of Programming Languages, pp. 104–115, 2001.

13.

Nanni

and Lumini

, Random subspace for an improved biohashing for face authentication, Pattern Recogn Lett29(3) (2008), 295–300.

14.

Dodis

, Reyzin

and Smith

, Fuzzy extractors: How to generate strong keys from biometrics and other noisy data, Advances in cryptology-Eurocrypt 2004, Interlaken, Switzerland: Springer, pp. 523–540, 2004.

15.

Chatterjee

, Roy

and Chattopadhyay

, An efficient finegrained access control scheme for hierarchical wireless sensor networks, International Journal of Ad Hoc and Ubiquitous Computing (InderScience), 2016, In Press.

16.

Chatterjee

and Roy

, An efficient dynamic access control scheme for distributed wireless sensor networks, International Journal of Ad Hoc and Ubiquitous Computing(InderScience), 2015, In Press. (2013 SCI Impact Factor: 0.900).

17.

Roy

, Chatterjee

, Chattopadhyay

and Gupta

A.K.

, A Biometrics-based Robust and Secure User Authentication Protocol for e-Healthcare Service, Fourth International Symposium on Intelligent Informatics (ISI’16), Jaipur, India.

18.

Roy

and Chatterjee

, Cryptanalysis of a Chaotic Map-Based Authentication and Key Agreement Scheme for Telecare Medicine Information Systems, 4th International Conference on Frontiers in Intelligent Computing: Theory and Applications (FICTA 2015): 527–537, Durgapur, India.

19.

Chatterjee

, Gupta

A.K.

and Sudhakar

G.V.

, An efficient dynamic fine grained access control scheme for secure data access in cloud networks, Electrical, Computer and Communication Technologies (ICECCT-2015), Coimbatore, India.

20.

Chatterjee

and Roy

, Cryptanalysis and Enhancement of A Distributed Fine-grained Access Control inWireless Sensor Networks, IEEE International Conference on Advances in Computing, Communications and Informatics (ICACCI-2014), Noida, India.

21.

Chatterjee

, Gupta

A.K.

, Mahor

V.K.

and Sarmh

, An Efficient Fine Grained Access Control Scheme Based On Attributes For Enterprise Class applications, IEEE International Conference on Signal Propagation and Computer Technology (ICSPCT 2014), Ajmer India.

22.

Chatterjee

, Mahor

V.K.

and Angadi

, WSN Based First Level Ground Defence for Antitank Missile, Third International Conference on Electronic Warfare, EWCI-2014, Bangalore India.

23.

Roy

, Chatterjee

, Das

, Chattopadhyay

, Kumari

and Jo

, Chaotic Map-based Anonymous User Authentication Scheme with User Biometrics and Fuzzy Extractor for Crowdsourcing Internet of Things, IEEE Internet of Things Journal (2017). DOI: 10.1109/JIOT.2017.2714179