Abstract
Internet of Things (IoT) is an emerging paradigm which enables physical objects to operate over the Internet, collect and share the data that describe the real physical world. One of its greatest opportunity and application still lies ahead in the form of smart home, known as push-button automated home. In this ubiquitous environment, due to the most likely heterogeneity of objects, communication, topology, security protocols, and the computationally limited nature of IoT objects, conventional authentication schemes may not comply with IoT security requirements since they are considered impractical, weak, or outdated. Focusing only on the issue of remote authentication in a smart home environment, in the presence of security threats, this paper proposes the design of a RSA-based two-factor user Authentication scheme for Smart-Home using Smart Card (denoted RSA-ASH-SC scheme). An informal security analysis of the proposed RSA-ASH-SC scheme is proposed as well as a study of its performance in terms of convergence speed, showing that the RSA-ASH-SC scheme is about 50% faster than the Om and Kumari scheme, and about 15 times faster than selected RSA variants in terms of RSA decryption speed when the RSA key length is 2048. The RSA-ASH-SC scheme is also shown to maintain the anonymity of the user using a one-time token.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Miraz, M.H., Ali, M., Excell, P.S., Picking, R.: A review on Internet of Things (IoT), Internet of Everything (IoE) and Internet of Nano Things (IoNT). In: Proceedings of IEEE Internet Technologies and Applications (ITA), 8–11 September 2015, Glyndwr University, Wrexham, North East Wales, UK, pp. 219–224 (2015)
Stobert, E., Biddle, R.: Authentication in the home. In: Workshop on Home Usable Privacy and Security (HUPS), 24 July 2013, Newcastle, UK. http://cups.cs.cmu.edu/soups/2013/HUPS/HUPS13-ElizabethStobert.pdf. Accessed 4 June 2018
Sherin, P., Raju, K.G.: Multi-level authentication system for smart home-security analysis and implementation. In: Proceedings of IEEE International Conference on Incentive Computation Technologies (ICICT), 26–27 August, Coimbatore, India. https://doi.org/10.1109/inventive.2016.7824790
Madsen, P.: Authentication in the IoT: challenges and opportunities. http://www.secureidnews.com/news-item/authentication-in-the-iot-challenges-and-opportunities. Accessed 4 June 2018
Yang, C.C., Wang, R.C., Chang, T.Y.: An improvement of the Yang-Shieh password authentication schemes. Appl. Math. Comput. 162, 1391–1396 (2005)
Gaikwad, P.P., Gabhane, J.P., Golait, S.S.: 3-level secure kerberos authentication for smart home systems using IoT. In: Proceedings of 1st IEEE International Conference on Next Generation Computing Technologies (NGCT), 4–5 September 2015, Dehradun, India, pp. 262–268 (2015)
Borgohain, T., Borgohain, A., Kumar, U., Sanyal, S.: Authentication Systems in Internet of Things. https://arxiv.org/abs/1502.00870. Accessed 4 June 2018
Om, H., Reddy, M.: RSA based remote password authentication using smart card. J. Discrete Math. Sci. Cryptography 15(2), 105–111 (2012)
Wang, X., Zhang, W.: An efficient and secure biometric remote user authentication scheme using smart cards. In: Proceedings of Pacific-Asia Workshop on Computational Intelligence and Industrial Application (PACIIA 2008), 19–20 December 2008, Wuhan, China, pp. 913–917 (2008). https://doi.org/10.1109/paciia.2008.382
Remote user authentication using NFC, US patent US20110212707. https://www.google.ch/patents/US20110212707. Accessed 4 June 2018
Om, H., Kumari, S.: Comment and modification of RSA based remote password authentication using smart card. J. Discrete Math. Sci. Cryptography 625–635 (2017)
Yang, W.H., Shieh, S.P.: Password authentication schemes with smart cards. Comput. Secur. 18(8), 727–733 (1999)
Chan, C.K., Cheng, L.M.: Cryptanalysis of a timestamp-based password authentication scheme. Comput. Secur. 21(I), 74–76 (2002)
Sun, H.M., Yeh, H.T.: Further cryptanalysis of a password authentication scheme with smart cards. IEICE Trans. Commun. E86-B(4), 1412–1415 (2003)
Fan, L., Li, J.H., Zhu, H.W.: An enhancement of timestamp based password authentication scheme. Comput. Secur. 21, 665–667 (2002)
Shen, J.J., Lin, C.W., Hwang, M.S.: Security enhancement for the timestamp-based password authentication scheme using smart cards. Comput. Secur. 22(7), 591–595 (2003)
Liu, Y., Zhou, A.M., Gao, M.X.: A new mutual authentication scheme based on nonce and smart cards. Comput. Commun. 31(10), 2205–2209 (2008)
Chien, H.Y., Jan, J.K., Tseng, Y.M.: An efficient and practical solution to remote authentication: smart card. Comput. Secur. 21(4), 372–375 (2002)
Hsu, C.L.: Security of Chien et al.’s remote user authentication scheme using smart cards. Comput. Stand. Interfaces (2003)
Bar-El, H.: Known Attacks Against Smart cards. http://www.infosecwriters.com/text_resources/pdf/Known_Attacks_Against_Smartcards.pdf. Accessed 4 June 2018
Paixao, C.A.M., Filho, D.L.G.: An efficient variant of the RSA cryptosystem. Eprint Archive (2003)
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)
Garg, D., Verma, S.: Improvement over public key cryptographic algorithm. In: IEEE International Advance Computing Conference (IACC 2009), Patiala, India, March 2009
Smart card application protocol data unit. https://en.wikipedia.org/wiki/Smart_card_application_protocol_data_unit. Accessed 4 June 2018
Crypto++ Benchmark. https://www.cryptopp.com/benchmarks.html. Accessed 28 Nov 2017
Fiat, A.: Batch RSA. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 175–185. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_17
Collins, T., Hopkins, D., Langford, S., Sabin, M.: Public Key Cryptographic Apparatus and Method. US Patent #5848159, January 1997
Takagi, T.: Fast RSA-type cryptosystem modulo pkq. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 318–326. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0055738
Wiener, M.: Cryptanalysis of short RSA secret exponents. IEEE Trans. Inf. Theory 36(3), 553–558 (1990)
Boneh, D., Shacham, H.: Fast variants of RSA. In: RSA Laboratories’ Crypto bytes. https://cseweb.ucsd.edu/~hovav/dist/survey.pdf. Accessed 4 June 2018
NIST: Recommendation for key management. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf. Accessed 28 Nov 2017
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Raniyal, M.S., Woungang, I., Dhurandher, S.K. (2018). An RSA-Based User Authentication Scheme for Smart-Homes Using Smart Card. In: Traore, I., Woungang, I., Ahmed, S., Malik, Y. (eds) Intelligent, Secure, and Dependable Systems in Distributed and Cloud Environments. ISDDC 2018. Lecture Notes in Computer Science(), vol 11317. Springer, Cham. https://doi.org/10.1007/978-3-030-03712-3_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-03712-3_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03711-6
Online ISBN: 978-3-030-03712-3
eBook Packages: Computer ScienceComputer Science (R0)