Lightweight and Secure Password Based Smart Home Authentication Protocol: LSP-SHAP

Abstract

Remote control his smart home from his mobile device is highly desirable for a mobile user. But, the sensor devices and the user mobile device communicate over an insecure communication channel. Therefore, various attacks are possible, such as impersonation attack, privileged-insider attack, mobile device stolen attack, and the denial of service attack. In this case, an illegal user may gain access to the data sent by the smart devices. In the literature, most of the existing schemes for the remote user authentication are not secure enough with respect to the aforementioned attacks. In addition, they are not enough lightweight at the sensor device side. Therefore, there is a need to design a new secure and lightweight remote user authentication scheme, where only the authorized users may have access to the home sensor devices. So, in this paper, we propose a new secure and lightweight remote user authentication scheme for a smart home environment. For the derivation of a robust session key, we propose to use Elliptic Curve Cryptography. The solution is lightweight for resource-constrained devices with limited resources as the gateway node will assist in deriving the session key to the sensor device. The security of the proposed solution is proved using a formal security evaluation via the Scyther tool. Also, a performance evaluation is performed to show the effectiveness of our solution.