Provable Secure Authentication Protocol in Fog-Enabled Smart Home Environment

Abstract

People can access and obtain services from smart home devices conveniently through fog-enabled smart home environments. The security and privacy-preserving authentication protocol play an important role. However, many proposed protocols have one or more security flaws. In particular, almost all the existing protocols for the smart home cannot resist gateway compromised attacks. The adversary can not only know the user’s identity but also launch impersonation attacks. Designing a provable secure authentication protocol that avoids all known attacks on smart homes is challenging. Recently Guo et al. proposed an authentication scheme based on symmetric polynomials in the fog-enabled smart home environment. However, we found that their scheme suffers from gateway compromised attack, desynchronization attack, mobile device loss/stolen and attack, and has no untraceability and perfect forward secrecy. Therefore, we adopt a Physical Unclonable Function (PUF) to resist gateway compromised attack, adopt Elliptic Curve Diffie–Hellman (ECDH) key exchange protocol to achieve perfect forward secrecy, and propose a secure and privacy-preserving authentication protocol, which is provably secure under the random oracle model. According to the comparisons with some related protocols, the proposed protocol has better security and transmission efficiency with the same computation cost level.