Computer Science

Computer Science ›› 2025, Vol. 52 ›› Issue (7): 342-352.doi: 10.11896/jsjkx.250100098

• Information Security • Previous Articles     Next Articles

Lightweight Authentication and Key Agreement Protocol for Cloud-assisted Smart Home Communication

LI Jiangxu, CHEN Zemao, ZHANG Liqiang   

  1. School of Cyber Science and Engineering, Wuhan University, Wuhan 430072, China
    Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education, Wuhan 430072, China
  • Received:2025-01-15 Revised:2025-05-02 Published:2025-07-17
  • About author:LI Jiangxu,born in 1999,postgraduate.His main research interests include network security communication protocol and IoT security.
    CHEN Zemao,born in 1975,Ph.D,professor.His main research interests include information system security,trusted computing and equipment information security.
  • Supported by:
    National Key Research and Development Program of China(2022YFC3102805) and Industrial Internet Data Security Detection, Response, and Traceability System(TC220H055).

PDF (PC)

26

Abstract: With the widespread adoption of smart home devices,the resource-constrained nature of these devices and the diverse array of potential attack threats present significant challenges to traditional security protocols.In particular,the popular cloud-based smart home Internet of Things(IoT) technologies,while enhancing the intelligence and management efficiency of household devices,have also introduced more complex control models compared to previous systems.Specifically,users can set control rules on the cloud platform for automated device management or remotely control household devices via Apps provided by smart home manufacturers.However,in both control modes,if the identity of the remote controller is not authenticated and a secure session key is not established,attackers may send malicious commands to household devices,thus endangering home security.However,existing security solutions do not address these two mainstream control models and struggle to balance computational overhead,communication efficiency,and security.This highlights the need for a lightweight and efficient authentication and key negotiation protocol.Therefore,to address the security risks in these two control scenarios,this paper proposes a lightweight bidirectional authentication and key negotiation scheme based on elliptic curve cryptography for cloud platforms and smart devices,as well as a bidirectional authentication and key negotiation scheme between users and smart devices,enabling efficient and secure authentication between remote controllers and household devices.The security of the proposed schemes is analyzed using the formal verification tool ProVerif and heuristic methods.A comparison with similar solutions in terms of both security and performance de- monstrates that the proposed scheme can offer more security features while maintaining lightweight performance requirements.

Key words: Cloud-assisted smart home, Mutual authentication, Key agreement, Lightweight authentication protocol, Formal verification

CLC Number: 

  • TP309
[1]DEEBAK B D,MEMON F H,KHOWAJA S A,et al.In the digital age of 5G networks:Seamless privacy-preserving authentication for cognitive-inspired internet of medical things[J].IEEE Transactions on Industrial Informatics,2022,18(12):8916-8923.
[2]REN Y,LENG Y,QI J,et al.Multiple cloud storage mechanism based onblockchain in smart homes[J].Future Generation Computer Systems,2021,115:304-313.
[3]WANG Z,LIU D,SUN Y,et al.A survey on IoT-enabled home automation systems:Attacks and defenses[J].IEEE Communications Surveys & Tutorials,2022,24(4):2292-2328.
[4]TAIWOO,EZUGWU A E.Internet of Things-Based Intelligent Smart Home Control System[J].Security and Communication Networks,2021,2021(1):9928254.
[5]AMRAOUI N,ZOUARI B.Securing the operation of SmartHome Systems:A literature review[J].Journal of Reliable Intelligent Environments,2022,8(1):67-74.
[6]POH G S,GOPE P,NING J.PrivHome:Privacy-Preserving Authenticated Communication in Smart Home Environment[J].IEEE Transactions on Dependable and Secure Computing,2021,18(3):1095-1107.
[7]MA Q,TAN H,ZHOU T.Mutual authentication scheme for smart devices in IoT-enabled smart home systems[J].Computer Standards & Interfaces,2023,86:103743.
[8]SRINIVAS J,DAS A K,WAZID M,et al.Designing secure user authentication protocol for 17big data collection in IoT-based intelligent transportation system[J].IEEE Internet of Things Journal,2021,8(9):7727-7744.
[9]JIANG Q,ZHANG N,NI J,et al.Unified biometric privacy preserving three-factor authentication and key agreement for cloud-assisted autonomous vehicles[J].IEEE Transactions on Vehicular Technology,2020,69(9):9390-9401.
[10]STOJKOSKA B L R,TRIVODALIEV K V.A review of Internet of Things for smart home:Challenges and solutions[J].Journal of Cleaner Production,2017,140:1454-1464.
[11]FARASH M S,TURKANOVI Ć M,KUMARI S,et al.An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment[J].Ad Hoc Networks,2016,36:152-176.
[12]VAIDYA B,PARK J H,YEO S,et al.Robust one-time password authentication scheme using smart card for home network environment[J].Computer Communications,2011,34(3):326-336.
[13]KUMAR P,GURTOV A,LINATTI J,et al.Lightweight and secure session-key establishment scheme in smart home environments[J].IEEE Sensors Journal 2016,16(1):254-264.
[14]WAZID M,DAS A K,ODELU V,et al.Design of Secure User Authenticated Key Management Protocol for Generic IoT Networks[J].IEEE Internet of Things Journal,2018,5(1):269-282.
[15]SHUAI M X,YU N H,WANG H X,et al.Anonymous authentication scheme for smart home environment with provable security[J].Computers & Security,2019,86:132-146.
[16]WAZID M,DAS A K,ODELU V,et al.Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment[J].IEEE Transactions on Dependable and Secure Computing,2017(2):391-406.
[17]CHAUDHRY S A,IRSHAD A,YAHYA K,et al.Rotating behind privacy:An improved lightweight authentication scheme for cloud-based IoT environment[J].ACM Transactions on Internet Technology,2021,21(3):1-19.
[18]GUO Y,ZHANG Z,GUO Y.SecFHome:Secure remote authentication in fog-enabled smart home environment[J].Computer Networks,2022,207:108818.
[19]WANG C,WANG D,DUAN Y,et al.Secure and lightweightuser authentication scheme for cloud-assisted internet of things[J].IEEE Transactions on Information Forensics and Security,2023,18:2961-2976.
[20]TOUQEER H,ZAMAN S,AMIN R,et al.Smart home security:challenges,issues and solutions at different IoT layers[J].The Journal of Supercomputing,2021,77(12):14053-14089.
[21]DOLEV D,YAO A.On the security of public key protocols[J].IEEE Transactions on information theory,1983,29(2):198-208.
[22]HE D,KUMAR N,KHAN M K,et al.Efficient Privacy-Aware Authentication Scheme for Mobile Cloud Computing Services[J].IEEE Systems Journal,2018,12(2):1621-1631.
[1] ZHANG Jing, WANG Yuping. Dual-platform Key Agreement Protocol Based on Semidirect Product [J]. Computer Science, 2025, 52(6A): 240600036-6.
[2] LI Weixian, ZHANG Jianhui, ZENG Junjie, JIA Hongyong, MEN Ruirui. Zero Trust Anonymous Access Scheme Based on Software-defined Perimeters [J]. Computer Science, 2024, 51(12): 293-302.
[3] SHEN Nan, CHEN Gang. Formalization of Inverse Matrix Operation Based on Coq [J]. Computer Science, 2023, 50(6A): 220400108-7.
[4] WANG Zichen, YUAN Chengsheng, WANG Yili, GUO Ping, FU Zhangjie. Lightweight Group Key Agreement for Industrial Internet of Things [J]. Computer Science, 2023, 50(11A): 230700075-10.
[5] JIAN Qi-rui, CHEN Ze-mao, WU Xiao-kang. Authentication and Key Agreement Protocol for UAV Communication [J]. Computer Science, 2022, 49(8): 306-313.
[6] LIANG Zhen-zhen, XU Ming. Key Agreement Scheme Based on Ocean Acoustic Channel [J]. Computer Science, 2022, 49(6): 356-362.
[7] CHEN Li-ping, XU Peng, WANG Dan-chen, XU Yang. Study on Formal Verification of EAP-TLS Protocol [J]. Computer Science, 2022, 49(11A): 211100111-5.
[8] WANG Ran-ran, WANG Yong, CAI Yu-tong, JIANG Zheng-tao, DAI Gui-ping. Formal Verification of Yahalom Protocol Based on Process Algebra [J]. Computer Science, 2021, 48(6A): 481-484.
[9] NI Liang, WANG Nian-ping, GU Wei-li, ZHANG Qian, LIU Ji-zhao, SHAN Fang-fang. Research on Lattice-based Quantum-resistant Authenticated Key Agreement Protocols:A Survey [J]. Computer Science, 2020, 47(9): 293-303.
[10] MO Tian-qing and HE Yong-mei. SIP Authentication Key Agreement of Protocol Based on Certificateless [J]. Computer Science, 2020, 47(6A): 413-419.
[11] LI Ling, LI Huang-hua, WANG Sheng-yuan. Experiment on Formal Verification Process of Parser of CompCert Compiler in Trusted Compiler Design [J]. Computer Science, 2020, 47(6): 8-15.
[12] FAN Yong-qian, CHEN Gang, CUI Min. Formalization of Finite Field GF(2n) Based on COQ [J]. Computer Science, 2020, 47(12): 311-318.
[13] QIN Yan-lin, WU Xiao-ping, HU Wei. Efficient Identity-based Authenticated Key Agreement Protocol with Multiple Private Key Generators [J]. Computer Science, 2020, 47(11): 68-72.
[14] CHENG Qing-feng, LI Yu-ting, LI Xing-hua, JIANG Qi. Research on Application of Cryptography Technology for Edge Computing Environment [J]. Computer Science, 2020, 47(11): 10-18.
[15] MA Zhen-wei,CHEN Gang. Matrix Formalization Based on Coq Record [J]. Computer Science, 2019, 46(7): 139-145.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.