LOW-OVERHEAD AND SECURE AUTHENTİCATİON PROTOCOL FOR IOT BASED ON A FUZZY EXTRACTOR İN CLOUD COMPUTİNG ENVİRONMENT

Abstract:

With the fast deployment of the Internet of Things and cloud computing, it is necessary to enhance authentication protocols to reduce attacks and security vulnerabilities which affect the correct performance of applications. This paper proposes a secure and efficient biometrics-based three-factor authentication that satisfies constraints of cloud-IoT applications. To attempt the best efficiency, lightweight crypto-modules, such as one-way hash function and exclusive-or (XOR) operations, are used in our authentication scheme. The new scheme accomplishes the security requirements and resists very well-known attacks by biometric and secret parameters. Besides, the performance evaluation shows that our protocol requires less communication (0.144 ms) and computation (2304 bit) cost compared with the related authentication protocols. Moreover, the simulation results using AVISPA prove that our protocol is secure against active and passive attacks.

Keywords:

authentication; three-factor authentication; cloud computing; internet of things; formal security analysis; biometric, AVISPA