With the rapid developments of Internet of Things (IoT) technologies, the security of sensitive data has attracted more and more attention for many resource-asymmetric smart environments, such as smart home, smart agriculture and so on. The resource-asymmetry environment refers to the uneven distribution of resources on different devices side, which is specifically manifested as gateway side is resource-rich, user side and device side are resource-restricted. Hence, a secure and practical authentication key establishment scheme for such smart environments is urgently needed. Recently many researchers have designed authentication and key establishment schemes for security purpose, however most of them cannot consider the excess of gateway resources and guarantee the anonymity of user, and further, they are not suitable for resource-asymmetric smart environments because they are not lightweight enough in user side and smart device side. Due to the fact that Rabin cryptosystem has the large difference in time-consuming between encryption and decryption, it is extremely suitable for constructing authentication and key establishment scheme for resource-asymmetric smart environments. So, a new practical authentication and key establishment scheme based on the Rabin cryptosystem for resource-asymmetric smart environments is proposed, which can make better use of the advantages of abundant gateway resources and realize the lightweight operations on device side and user side, and at the same time can provide user anonymity. With Proverif and BAN logic, we can prove that our solution not only provides anonymity, but also satisfies all defined security features. Simultaneously, compared with latest similar protocols in computation cost and communication overhead, the results show that our scheme is more effective. Hence, our design has more attraction for authentication and key establishment scheme in resource-asymmetric smart environments.
Read full abstract