Abstract
With the booming integration of IoT technology in our daily life applications such as smart industrial, smart city, smart home, smart grid, and healthcare, it is essential to ensure the security and privacy challenges of these systems. Furthermore, time-critical IoT applications in healthcare require access from external parties (users) to their real-time private information via wireless communication devices. Therefore, challenges such as user authentication must be addressed in IoT wireless sensor networks (WSNs). In this paper, we propose a secure and lightweight three-factor (3FA) user authentication protocol based on feature extraction of user biometrics for future IoT WSN applications. The proposed protocol is based on the hash and XOR operations, including (i) a 3-factor authentication (i.e., smart device, biometrics, and user password); (ii) shared session key; (iii) mutual authentication; and (iv) key freshness. We demonstrate the proposed protocol’s security using the widely accepted Burrows–Abadi–Needham (BAN) logic, Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool, and the informal security analysis that demonstrates its other features. In addition, our simulations prove that the proposed protocol is superior to the existing related authentication protocols, in terms of security and functionality features, along with communication and computation overheads. Moreover, the proposed protocol can be utilized efficiently in most of IoT’s WSN applications, such as wireless healthcare sensor networks.
Highlights
The IoT has been a trend in the last few years, and it is expected to be so in the future [1]
We presented a secure and lightweight threefactor remote user authentication protocol designed for future IoT WSN application
The proposed protocol grants the legitimate remote user that mutually authenticates with the IoT sensor node through a trusted gateway node
Summary
The IoT has been a trend in the last few years, and it is expected to be so in the future [1]. The IoT WSN has opened up many opportunities in various walks of life and in healthcare, shipping, warehousing, and logistics, which have facilitated processes for consumers and businesses This wide-ranging and rapid development has led to the emergence of great challenges that require the design of high-security protocols for IoT applications in order to preserve the sensitive information of users. (1) We proposed a lightweight and secure remote user authentication protocol based on feature extraction of the user fingerprint and one-way hash function for IoT WSN applications which is suitable to use in wireless healthcare application. We used biometrics to increase the security of the protocol due to difficulty to forge or steal or forget biometrics (2) Level 3 feature extraction is done to overcome the problem of noise in fingerprint images in existing authentication schemes (3) We prove our protocol secure using informal and formal security analysis through BAN logic and random oracle model (4) We simulate the proposed protocol using the popular and widely accepted tool called AVISPA and demonstrate that the protocol is perfectly secure against active and passive attacks (5) Comparative evaluation of our protocol with related protocols in terms of communication and computational overheads was performed
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
