Journal
SYMMETRY-BASEL
Volume 13, Issue 7, Pages -Publisher
MDPI
DOI: 10.3390/sym13071121
Keywords
Internet of Things (IoT); authentication; replay attack; denial-of-service attack; user untraceability; elliptic curve cryptography (ECC)
Categories
Funding
- Ministry of Science and Technology [MOST 109-2410-H-025-013-and MOST 108-2221-E-034-006-MY2]
Ask authors/readers for more resources
Internet of Things (IoT) allows devices to exchange information, but security issues exist. Researchers proposed a three-factor authentication scheme, which has five flaws. The study suggests using ECC technology to improve the scheme.
Internet of Things (IoT) is composed of various kinds of devices such as cars, electrical appliances, machines and sensors. With IoT technologies, devices can exchange information through the network, people are allowed to get information collected by devices without interacting with them, and automatic operations for devices are realized. Because of the variety of IoT devices, some of them possess limited computational capability. On the other hand, data transmission in IoT networks is usually through a public channel. To ensure efficiency and security for IoT environments, Lee et al. proposed a three-factor authentication scheme with hash function and XOR operation. They claimed their scheme possessed superior properties and could resist common attacks. After analyzing their scheme, we find that their scheme is vulnerable to five flaws. In this paper, how these found flaws threaten Lee et al.'s scheme is shown in detail. Then, we propose an improvement to overcome the found flaws and preserve the advantages by employing ECC.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available
Share Paper
