Skip to main content
SpringerLink
Log in

Lightweight and Secure Password Based Smart Home Authentication Protocol: LSP-SHAP

  • Published:
Journal of Network and Systems Management Aims and scope Submit manuscript

Abstract

Remote control his smart home from his mobile device is highly desirable for a mobile user. But, the sensor devices and the user mobile device communicate over an insecure communication channel. Therefore, various attacks are possible, such as impersonation attack, privileged-insider attack, mobile device stolen attack, and the denial of service attack. In this case, an illegal user may gain access to the data sent by the smart devices. In the literature, most of the existing schemes for the remote user authentication are not secure enough with respect to the aforementioned attacks. In addition, they are not enough lightweight at the sensor device side. Therefore, there is a need to design a new secure and lightweight remote user authentication scheme, where only the authorized users may have access to the home sensor devices. So, in this paper, we propose a new secure and lightweight remote user authentication scheme for a smart home environment. For the derivation of a robust session key, we propose to use Elliptic Curve Cryptography. The solution is lightweight for resource-constrained devices with limited resources as the gateway node will assist in deriving the session key to the sensor device. The security of the proposed solution is proved using a formal security evaluation via the Scyther tool. Also, a performance evaluation is performed to show the effectiveness of our solution.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Lindsay, G., Woods, B., Corman, J.: Smart homes and the internet of things. Atlantic Council (2016)

  2. Wazid, M., Das, A.K., Odelu, V., Kumar, N., Susilo, W.: Secure remote user authenticated key establishment protocol for smart home environment. IEEE Trans. Dependable Secure Comput. (2017). https://doi.org/10.1109/TDSC.2017.2764083

    Google Scholar 

  3. Kumar, P., Gurtov, A., Iinatti, J., Ylianttila, M., Sain, M.: Lightweight and secure session-key establishment scheme in smart home environments. IEEE Sens. J. 16(1), 254–264 (2016)

    Article  Google Scholar 

  4. Naoui, S., Elhdhili, M.E., Saidane, L.A.: Lightweight enhanced collaborative key management scheme for smart home application. In: 2017 International Conference on High Performance Computing and Simulation (HPCS). IEEE (2017)

  5. You, I., Jung, E.S.: A lightweight authentication protocol for digital home networks. In: International Conference on Computational Science and Its Applications. Springer, Berlin (2006)

  6. Lee, N.Y., Chen, J.C.: Improvement of one-time password authentication scheme using smart cards. IEICE Trans. Commun. 88(9), 3765–3767 (2005)

    Article  Google Scholar 

  7. Jeong, J., Chung, M.Y., Choo, H.: Integrated OTP-based user authentication scheme using smart cards in home networks. In: Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008). IEEE (2008)

  8. Kim, S.K., Chung, M.G.: More secure remote user authentication scheme. Comput. Commun. 32(6), 1018–1021 (2009)

    Article  Google Scholar 

  9. Yoon, E.J., Yoo, K.Y.: More efficient and secure remote user authentication scheme using smart cards. In: 11th International Conference on Parallel and Distributed Systems (ICPADS’05), vol. 2. IEEE (2005)

  10. Vaidya, B., Park, J.H., Yeo, S.S., Rodrigues, J.J.P.C.: Robust one-time password authentication scheme using smart card for home network environment. Comput. Commun. 34(3), 326–336 (2011)

    Article  Google Scholar 

  11. Kim, H.J., Kim, H.S.: AUTH HOTP-HOTP based authentication scheme over home network environment. In: International Conference on Computational Science and Its Applications. Springer, Berlin (2011)

  12. Vaidya, B., Makrakis, D., Mouftah, H.T.: Device authentication mechanism for smart energy home area networks. In: 2011 IEEE International Conference on Consumer Electronics (ICCE). IEEE (2011)

  13. Santoso, F.K., Vun, N.C.H.: Securing IoT for smart home system. In: 2015 International Symposium on Consumer Electronics (ISCE). IEEE (2015)

  14. Qi, M., Chen, J.: An efficient twoparty authentication key exchange protocol for mobile environment. Int. J. Commun. Syst. 30(16), e3341 (2017)

    Article  Google Scholar 

  15. Reddy, A.G., Das, A.K., Odelu, V., Ahmad, A., Shin, J.S.: A Privacy Preserving three-factor authenticated key agreement protocol for client–server environment. J. Ambient Intell. Human. Comput. 10(2), 661–680 (2019)

    Article  Google Scholar 

  16. Pippal, R.S., Jaidhar, C.D., Shashikala, T.: Security issues in smart card authentication scheme. Int. J. Comput. Theory Eng. 4(2), 206 (2012)

    Article  Google Scholar 

  17. Cremers, C.J.F.: The scyther tool: verification, falsification, and analysis of security protocols. In: International Conference on Computer Aided Verification. Springer, Berlin (2008)

  18. Elbaz, A., Abdelaziz, M.H., Nazmy, M.T.: Analysis and verification of a key agreement protocol over cloud computing using scyther tool. Int. J. Distrib. Cloud Comput. (2015). https://doi.org/10.11591/closer.v3i6.6949

    Google Scholar 

  19. Mishra, D., Srinivas, J., Mukhopadhyay, S.: A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems. J. Med. Syst. 38(10), 120 (2014)

    Article  Google Scholar 

  20. Dai, W.: Crypto++ Library 5.2.2. http://www.cryptopp.com (2007)

  21. Yu, H., Wang, L.: A security-enhanced mutual authentication scheme with privacy protected in wireless sensor networks. Clust. Comput. (2017). https://doi.org/10.1007/s10586-017-1575-z

    Google Scholar 

  22. Nam, J., Choo, K.K.R., Han, S., Kim, M., Paik, J., Won, D.: Efficient and anonymous two-factor user authentication in wireless sensor networks: achieving user anonymity with lightweight sensor computation. PLoS ONE 10(4), e0116709 (2015)

    Article  Google Scholar 

  23. Wen, F., Li, X.: An improved dynamic ID-based remote user authentication with key agreement scheme. Comput. Electr. Eng. 38(2), 381–387 (2012)

    Article  Google Scholar 

  24. Xu, J., Zhu, W.T., Feng, D.G.: An efficient mutual authentication and key agreement protocol preserving user anonymity in mobile networks. Comput. Commun. 34(3), 319–325 (2011)

    Article  Google Scholar 

  25. Porambage, P., Braeken, A., Kumar, P., Gurtov, A., Ylianttila, M.: CHIP: collaborative host identity protocol with efficient key establishment for constrained devices in internet of things. Wirel. Pers. Commun. 96(1), 421–440 (2017)

    Article  Google Scholar 

  26. Yeh, H.L., Chen, T.H., Liu, P.C., Kim, T.H., Wei, H.W.: A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 11(5), 4767–4779 (2011)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cristal Laboratory, Ecole Nationale des Sciences de l’Informatique (ENSI), Manouba University, Manouba, Tunisia

    Sarra Naoui, Mohamed Elhoucine Elhdhili & Leila Azouz Saidane

Authors
  1. Sarra Naoui
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohamed Elhoucine Elhdhili
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Leila Azouz Saidane
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sarra Naoui.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Naoui, S., Elhdhili, M.E. & Saidane, L.A. Lightweight and Secure Password Based Smart Home Authentication Protocol: LSP-SHAP. J Netw Syst Manage 27, 1020–1042 (2019). https://doi.org/10.1007/s10922-019-09496-x

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10922-019-09496-x

Keywords

Search

Navigation