Skip to main content
Springer Nature Link
Log in

A secure biometric-based authentication protocol for global mobility networks in smart cities

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Smart city is an important concept in urban development. The use of information and communication technology to promote quality of life and the management of natural resources is one of the main goals in smart cities. On the other hand, at any time, thousands of mobile users send a variety of information on the network, and this is the main challenge in smart cities. To overcome this challenge and collect data from roaming users, the global mobility network (GLOMONET) is a good approach for information transfer. Consequently, designing a secure protocol for GLOMONET is essential. The main intention of this paper is to provide a secure protocol for GLOMONET in smart cities. To do this, we design a protocol that is based on Li et al.’s protocol, which is not safe against our proposed attacks. Our protocol inherits all the benefits of the previous one; it is entirely secure and does not impose any more communication overhead. We formally analyze the protocol using BAN logic and compare it to similar ones in terms of performance and security, which shows the efficiency of our protocol. Our proposed protocol enables mobile users and foreign agents to share a secret key in 6.1 ms with 428 bytes communication overhead, which improves the time complexity of the previous protocol to 53%.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Aghili SF, Mala H, Shojafar M, Peris-Lopez P (2019) Laco: lightweight three-factor authentication, access control and ownership transfer scheme for e-health systems in IoT. Future Gener Comput Syst 96:410–424

    Article  Google Scholar 

  2. Amin R, Islam SH, Biswas G, Khan MK, Leng L, Kumar N (2016) Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks. Comput Netw 101:42–62

    Article  Google Scholar 

  3. Chatterjee S, Roy S, Das AK, Chattopadhyay S, Kumar N, Vasilakos AV (2016) Secure biometric-based authentication scheme using chebyshev chaotic map for multi-server environment. IEEE Trans Dependable Secure Comput 15(5):824–839

    Article  Google Scholar 

  4. Chen Y, Martínez JF, Castillejo P, López L (2018) A lightweight anonymous client-server authentication scheme for the internet of things scenario: Lauth. Sensors 18(11):3695

    Article  Google Scholar 

  5. Cynthia J, Parveen Sultana H, Saroja MN, Senthil J (2019) Security protocols for IoT. In: Jeyanthi N, Abraham A, Mcheick H (eds) Ubiquitous computing and computing security of IoT. Studies in big data. vol 47. Springer, Cham. https://doi.org/10.1007/978-3-030-01566-4_1

    Chapter  Google Scholar 

  6. Dameri RP (2013) Searching for smart city definition: a comprehensive proposal. Int J Comput Technol 11(5):2544–2551

    Article  Google Scholar 

  7. Dameri RP (2017) Smart city definition, goals and performance. In: Smart city implementation. Progress in IS. Springer, Cham. https://doi.org/10.1007/978-3-319-45766-6_1

  8. Das AK, Wazid M, Kumar N, Vasilakos AV, Rodrigues JJ (2018) Biometrics-based privacy-preserving user authentication scheme for cloud-based industrial internet of things deployment. IEEE Internet Things J 5(6):4900–4913

    Article  Google Scholar 

  9. Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: International Conference on the Theory and Applications of Cryptographic Techniques. Springer, pp 523–540

  10. Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208

    Article  MathSciNet  Google Scholar 

  11. Dua A, Kumar N, Das AK, Susilo W (2017) Secure message communication protocol among vehicles in smart city. IEEE Trans Veh Technol 67(5):4359–4373

    Article  Google Scholar 

  12. Farash MS, Turkanović M, Kumari S, Hölbl M (2016) An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the internet of things environment. Ad Hoc Netw 36:152–176

    Article  Google Scholar 

  13. Gope P, Das AK (2017) Robust anonymous mutual authentication scheme for n-times ubiquitous mobile cloud computing services. IEEE Internet Things J 4(5):1764–1772

    Article  Google Scholar 

  14. Gope P, Hwang T (2016) An efficient mutual authentication and key agreement scheme preserving strong anonymity of the mobile user in global mobility networks. J Netw Comput Appl 62:1–8

    Article  Google Scholar 

  15. Gunasinghe H, Bertino E (2017) Privbiomtauth: privacy preserving biometrics-based and user centric protocol for user authentication from mobile phones. IEEE Trans Inf Forensics Secur 13(4):1042–1057

    Article  Google Scholar 

  16. He D, Kumar N, Chilamkurti N (2015) A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf Sci 321:263–277

    Article  Google Scholar 

  17. He D, Ma M, Zhang Y, Chen C, Bu J (2011) A strong user authentication scheme with smart cards for wireless communications. Comput Commun 34(3):367–374

    Article  Google Scholar 

  18. Jannati H, Bahrak B (2017) An improved authentication protocol for distributed mobile cloud computing services. Int J Crit Infrastruct Prot 19:59–67

    Article  Google Scholar 

  19. Jiang Q, Ma J, Wei F, Tian Y, Shen J, Yang Y (2016) An untraceable temporal-credential-based two-factor authentication scheme using ecc for wireless sensor networks. J Netw Comput Appl 76:37–48

    Article  Google Scholar 

  20. Jung J, Kim J, Choi Y, Won D (2016) An anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in wireless sensor networks. Sensors 16(8):1299

    Article  Google Scholar 

  21. Kim Th, Ramos C, Mohammed S (2017) Smart city and IoT. Future Gener Comput Syst 76:159–162

    Article  Google Scholar 

  22. Li X, Niu J, Kumari S, Wu F, Choo KKR (2018) A robust biometrics based three-factor authentication scheme for global mobility networks in smart city. Future Gener Comput Syst 83:607–618

    Article  Google Scholar 

  23. Li X, Niu J, Kumari S, Wu F, Sangaiah AK, Choo KKR (2018) A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments. J Netw Comput Appl 103:194–204

    Article  Google Scholar 

  24. Li X, Peng J, Niu J, Wu F, Liao J, Choo KKR (2017) A robust and energy efficient authentication protocol for industrial internet of things. IEEE Internet Things J 5(3):1606–1615

    Article  Google Scholar 

  25. Li X, Wu F, Kumari S, Xu L, Sangaiah AK, Choo KKR (2019) A provably secure and anonymous message authentication scheme for smart grids. J Parallel Distrib Comput 132:242–249. https://doi.org/10.1016/j.jpdc.2017.11.008

    Article  Google Scholar 

  26. Menezes A (2009) An introduction to pairing-based cryptography. Recent Trends Cryptogr 477:47–65

    Article  MathSciNet  Google Scholar 

  27. Neshenko N, Bou-Harb E, Crichigno J, Kaddoum G, Ghani N (2019) Demystifying IoT security: an exhaustive survey on IoT vulnerabilities and a first empirical look on internet-scale IoT exploitations. IEEE Commun Surve Tutor 21(3):2702–2733. https://doi.org/10.1109/COMST.2019.2910750

    Article  Google Scholar 

  28. Park K, Park Y, Park Y, Das AK (2018) 2pakep: Provably secure and efficient two-party authenticated key exchange protocol for mobile environment. IEEE Access 6:30225–30241

    Article  Google Scholar 

  29. Roy S, Chatterjee S, Das AK, Chattopadhyay S, Kumari S, Jo M (2017) Chaotic map-based anonymous user authentication scheme with user biometrics and fuzzy extractor for crowdsourcing internet of things. IEEE Internet Things J 5(4):2884–2895

    Article  Google Scholar 

  30. Saeed MES, Liu QY, Tian G, Gao B, Li F (2018) Remote authentication schemes for wireless body area networks based on the internet of things. IEEE Internet Things J 5(6):4926–4944

    Article  Google Scholar 

  31. Shen J, Zhou T, Wei F, Sun X, Xiang Y (2017) Privacy-preserving and lightweight key agreement protocol for v2g in the social internet of things. IEEE Internet Things J 5(4):2526–2536

    Article  Google Scholar 

  32. Song T, Li R, Mei B, Yu J, Xing X, Cheng X (2017) A privacy preserving communication protocol for iot applications in smart homes. IEEE Internet Things J 4(6):1844–1852

    Article  Google Scholar 

  33. Tsai JL, Lo NW (2015) A privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Syst J 9(3):805–815

    Article  Google Scholar 

  34. Washington LC (2008) Elliptic curves: number theory and cryptography. Chapman and Hall/CRC, New York

    Book  Google Scholar 

  35. Wazid M, Das AK, Odelu V, Kumar N, Conti M, Jo M (2017) Design of secure user authenticated key management protocol for generic IoT networks. IEEE Internet Things J 5(1):269–282

    Article  Google Scholar 

  36. Wu CC, Lee WB, Tsaur WJ (2008) A secure authentication scheme with anonymity for wireless communications. IEEE Commun Lett 12(10):722–723

    Article  Google Scholar 

  37. Wu F, Xu L, Kumari S, Li X, Das AK, Khan MK, Karuppiah M, Baliyan R (2016) A novel and provably secure authentication and key agreement scheme with user anonymity for global mobility networks. Secur Commun Netw 9(16):3527–3542

    Article  Google Scholar 

  38. Xie Q, Wong DS, Wang G, Tan X, Chen K, Fang L (2017) Provably secure dynamic ID-based anonymous two-factor authenticated key exchange protocol with extended security model. IEEE Trans Inf Forensics Secur 12(6):1382–1392

    Article  Google Scholar 

  39. Xu G, Liu J, Lu Y, Zeng X, Zhang Y, Li X (2018) A novel efficient MAKA protocol with desynchronization for anonymous roaming service in global mobility networks. J Netw Comput Appl 107:83–92

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Engineering and IT Department, Shiraz University of Technology, Shiraz, Iran

    Meysam Ghahramani & Reza Javidan

  2. ICS/5GIC, University of Surrey, Guildford, GU2 7XH, UK

    Mohammad Shojafar

Authors
  1. Meysam Ghahramani
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Reza Javidan
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Mohammad Shojafar
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Mohammad Shojafar.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ghahramani, M., Javidan, R. & Shojafar, M. A secure biometric-based authentication protocol for global mobility networks in smart cities. J Supercomput 76, 8729–8755 (2020). https://doi.org/10.1007/s11227-020-03160-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-020-03160-x

Keywords