Three party secure data transmission in IoT networks through design of a lightweight authenticated key agreement scheme

Wireless sensor networks (WSNs) can be deployed in any unattended environment. With new enhancements in internet of things (IoT) technology, authorized users are able to access reliable sensor nodes. By accessing the sensor nodes, they can obtain data and send commands to the nodes. Designing an efficient secure authentication and key agreement scheme is vital because of the resource constrained nature of nodes. During the last decade, several lightweight two-factor or three-factor authentication and key agreement protocols have been proposed to provide secure communication links between users and sensor nodes. However, after careful assessment of these works, we found that two of recently proposed ones, which have tried to improve their previous works, are still susceptible to strong replay attacks or do not provide perfect forward secrecy. Therefore, to address this concern, in this paper, we propose a secure and lightweight authentication and key agreement protocol for IoT based WSNs that is free from the security challenges of previous protocols. Formal security verification of the proposed protocol is presented using the well-known and widely-accepted Automated Validation of Internet Security Protocols and Applications tool. Comparative security and performance evaluations with other related works indicate the superiority of the proposed protocol. (C) 2019 Elsevier B.V. All rights reserved.