Abstract
Prosanta and Biplab presented a lightweight two-factor authentication scheme for the Internet of Things (IoT) devices based on the physical unclonable function (PUF). Their presented scheme was based on the fuzzy extractor and analyzed various security reasonings, such as mutual authentication, session key agreement, privacy and protection against impersonation, message tampering, and replay attacks. In this article, we present sufficient security analysis to demonstrate that the scheme has various security and privacy issues in its setup and authentication phases. We propose a highly secure and robust authentication protocol based on a public key infrastructure (PKI) digital certificate based on two certificate authorities (CAs) for cloud IoT systems. The proposed authentication method is verified and validated using the Tamarin prover and supported with a detailed security and performance analysis discussion. The scheme security and privacy attributes are compared with other IoT authentication schemes. The analysis has proved that the proposed authentication scheme is more secure and highly reliable as compared to the Prosanta and Biplab authentication scheme.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
