Abstract
Recently, application scenario of crowdsourcing IoT has covered to e-healthcare service, smart home, smart city, internet of vehicles due to the proliferation of smart devices such as smart mobile devices, smart wearable device, smart medical devices and smart furniture, etc. Patient's data collected by the smart devices send to the various remote medical servers. A group of medical professionals remote access patient data stored at the medical server database. Smart home users want to remote real-time access information of smart devices at home. All these operations need via wireless remote communication, which is suffering from various kinds of threat and attacks. Hence, there are a large number of multi-factor remote authentication and key agreement schemes designed for the application of crowdsourcing IoT. However, in most existing related multi-factor schemes, all factors for identity authentication only act as a parameter for encrypting the local secret key. In this paper, we propose a new secure remote multi-factor authentication scheme that includes three factors: 1) user identity; 2) password; and 3) user biometrics, which are authenticated by the remote server, act as a part of the secret key and participate in the key agreement process. We choose the chaotic map since it has a smaller key size and lower computational overhead, and then achieve remote multi-factor authentication and key agreement by artfully employ it to zero-knowledge technology and the fuzzy extractor technology. Our scheme is more secure and robust since the user revealing nothing sensitive information, and the adversary cannot impersonate any user even if he gets the server's master key. We have done security proof for our proposed scheme using the Random-Or-Real(ROR) model, Burrows-Abadi-Needham (BAN) logic, and ProVerif 2.00 to show that the presented scheme is secure. Also, we give an additional security analysis for other various attacks. Finally, according to the test and simulation result, the proposed scheme is very suitable for the power-constrained smart devices, and in the next generation 5G communication environment, its applicability and usability will be greatly enhanced.
Highlights
The Internet of Things is rapidly becoming one of the fastestgrowing areas due to the extensive range of equipment in both the research community and domestic markets
OUR CONTRIBUTION In this paper, we proposed a secure remote biometric-based authentication scheme based on chaotic map zero-knowledge for application of crowdsourcing Internet of Things
We describe the fundamental concepts on zero-knowledge [37], fuzzy extractor on biometrics input [23], and Chebyshev polynomial chaotic maps [8], [9]
Summary
The Internet of Things is rapidly becoming one of the fastestgrowing areas due to the extensive range of equipment in both the research community and domestic markets. In order to protect critical and private medical information, researchers need to pay more attention to designing appropriate security protocols for crowdsourcing in e-health services This requires remote user authentication and key agreement schemes to provide access to the service to authorize only users. Lu et al pointed out that Chun’s improved scheme still has some weaknesses, such as a vulnerability to the user impersonation attack, a lack of local verification, and a violation of the session key security They subsequently proposed a robust and efficient three-factor authentication scheme [33]. C. OUR CONTRIBUTION In this paper, we proposed a secure remote biometric-based authentication scheme based on chaotic map zero-knowledge for application of crowdsourcing Internet of Things. Smart devices can be physically captured by A, and all the credentials stored in those smart devices can be extracted by A using the power analysis attacks
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
