One time password authentication scheme based on elliptic curves for Internet of Things (IoT)
- 1 February 2015
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
Establishing end-to-end authentication between devices and applications in Internet of Things (IoT) is a challenging task. Due to heterogeneity in terms of devices, topology, communication and different security protocols used in IoT, existing authentication mechanisms are vulnerable to security threats and can disrupt the progress of IoT in realizing Smart City, Smart Home and Smart Infrastructure, etc. To achieve end-to-end authentication between IoT devices/applications, the existing authentication schemes and security protocols require a two-factor authentication mechanism. Therefore, as part of this paper we review the suitability of an authentication scheme based on One Time Password (OTP) for IoT and proposed a scalable, efficient and robust OTP scheme. Our proposed scheme uses the principles of lightweight Identity Based Elliptic Curve Cryptography scheme and Lamport's OTP algorithm. We evaluate analytically and experimentally the performance of our scheme and observe that our scheme with a smaller key size and lesser infrastructure performs on par with the existing OTP schemes without compromising the security level. Our proposed scheme can be implemented in real-time IoT networks and is the right candidate for two-factor authentication among devices, applications and their communications in IoT.Keywords
This publication has 9 references indexed in Scilit:
- Lightweight IBE scheme for Wireless Sensor nodesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2013
- A new One-time Password MethodIERI Procedia, 2013
- A novel mutual authentication scheme for Internet of ThingsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2011
- Cryptanalysis on HMAC/NMAC-MD5 and MD5-MACPublished by Springer Science and Business Media LLC ,2009
- Secure Internet banking authenticationIEEE Security & Privacy, 2006
- The N/R one time password systemPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Identity-Based Encryption from the Weil PairingLecture Notes in Computer Science, 2001
- Identity-Based Cryptosystems and Signature SchemesPublished by Springer Science and Business Media LLC ,2000
- The Decision Diffie-Hellman problemPublished by Springer Science and Business Media LLC ,1998