TY - JOUR
T1 - Enhanced authentication and key management scheme for securing data transmission in the internet of things
AU - Harbi, Yasmine
AU - Aliouat, Zibouda
AU - Refoufi, Allaoua
AU - Harous, Saad
AU - Bentaleb, Abdelhak
N1 - Publisher Copyright:
© 2019 Elsevier B.V.
PY - 2019/11
Y1 - 2019/11
N2 - The Internet of Things (IoT), with its smartness and intelligence, is gradually changing human life by allowing everyday objects to be connected to the Internet. With the prevalence of the IoT, wireless sensor networks (WSNs) are attracting worldwide attention, because they cover a wide range of IoT applications. The sensors collect data from the physical world and communicate with each other through wireless links. Ensuring the security and privacy of WSNs’ communication is challenging. Recently, a secure authentication and key management scheme was proposed to secure data transmission in WSNs. In this paper, we show that this scheme has various security flaws, such as replay attack, denial of service attack, impersonation attack, and lack of mutual authentication and session key agreement. Then, we propose an enhanced scheme to overcome the identified security weaknesses. The security of the enhanced scheme is formally verified using the Burrows–Abadi–Needham logic and the Automated Validation of Internet Security Protocols and Applications tool. Our proposed scheme is more secure, efficient, and suitable for WSN-based IoT applications than recent related methods.
AB - The Internet of Things (IoT), with its smartness and intelligence, is gradually changing human life by allowing everyday objects to be connected to the Internet. With the prevalence of the IoT, wireless sensor networks (WSNs) are attracting worldwide attention, because they cover a wide range of IoT applications. The sensors collect data from the physical world and communicate with each other through wireless links. Ensuring the security and privacy of WSNs’ communication is challenging. Recently, a secure authentication and key management scheme was proposed to secure data transmission in WSNs. In this paper, we show that this scheme has various security flaws, such as replay attack, denial of service attack, impersonation attack, and lack of mutual authentication and session key agreement. Then, we propose an enhanced scheme to overcome the identified security weaknesses. The security of the enhanced scheme is formally verified using the Burrows–Abadi–Needham logic and the Automated Validation of Internet Security Protocols and Applications tool. Our proposed scheme is more secure, efficient, and suitable for WSN-based IoT applications than recent related methods.
KW - AVISPA
KW - BAN logic
KW - Elliptic curve cryptography
KW - Key agreement
KW - Mutual authentication
KW - Privacy
UR - http://www.scopus.com/inward/record.url?scp=85069655528&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85069655528&partnerID=8YFLogxK
U2 - 10.1016/j.adhoc.2019.101948
DO - 10.1016/j.adhoc.2019.101948
M3 - Article
AN - SCOPUS:85069655528
SN - 1570-8705
VL - 94
JO - Ad Hoc Networks
JF - Ad Hoc Networks
M1 - 101948
ER -