A Practical Lightweight Anonymous Authentication and Key Establishment Scheme for Resource-Asymmetric Smart Environments

With the rapid developments of Internet of Things (IoT) technologies, the security of sensitive data has attracted more and more attention for many resource-asymmetric smart environments, such as smart home, smart agriculture and so on. The resource-asymmetry environment refers to the uneven distribution of resources on different devices side, which is specifically manifested as gateway side is resource-rich, user side and device side are resource-restricted. Hence, a secure and practical authentication key establishment scheme for such smart environments is urgently needed. Recently many researchers have designed authentication and key establishment schemes for security purpose, however most of them cannot consider the excess of gateway resources and guarantee the anonymity of user, and further, they are not suitable for resource-asymmetric smart environments because they are not lightweight enough in user side and smart device side. Due to the fact that Rabin cryptosystem has the large difference in time-consuming between encryption and decryption, it is extremely suitable for constructing authentication and key establishment scheme for resource-asymmetric smart environments. So, a new practical authentication and key establishment scheme based on the Rabin cryptosystem for resource-asymmetric smart environments is proposed, which can make better use of the advantages of abundant gateway resources and realize the lightweight operations on device side and user side, and at the same time can provide user anonymity. With Proverif and BAN logic, we can prove that our solution not only provides anonymity, but also satisfies all defined security features. Simultaneously, compared with latest similar protocols in computation cost and communication overhead, the results show that our scheme is more effective. Hence, our design has more attraction for authentication and key establishment scheme in resource-asymmetric smart environments.

Automated summary

With the rapid development of IoT technologies, the security of sensitive data in resource-asymmetric smart environments has become a growing concern. Existing authentication and key establishment schemes fail to consider the excess of gateway resources and user anonymity, and are not suitable for lightweight operations in user and device side. Therefore, a new practical authentication and key establishment scheme based on the Rabin cryptosystem is proposed to address these challenges. The scheme makes better use of abundant gateway resources, ensures lightweight operations, and provides user anonymity. The scheme is proven to satisfy all defined security features and outperforms similar protocols in computation cost and communication overhead.