Secure remote anonymous user authentication scheme for smart home environment

Smart home technology is an emerging application of Internet-of-Things (IoT) where the user can remotely control home devices. Since the user/home communication channel is insecure, an efficient and anonymous authentication scheme is required to provide secure communications in smart home environment. In this paper, we propose a new scheme for user authentication that combines physical context awareness and transaction history. The new scheme offers two advantages: it does not maintain a verification table and avoids clock synchronization problem. Communication overhead and computational cost of the proposed scheme are analyzed and compared with other related schemes. The security of the scheme is evaluated using three different methods: (1) formal analysis using the Burrows-Abadi-Needham logic (BAN); (2) informal analysis; (3) model check using the automated validation of internet security protocols and applications (AVISPA) tool. (C) 2020 Elsevier B.V. All rights reserved.