Research on Multi-Factor Authenticated Key Agreement Protocol for Smart Home Networks

doi:10.3969/j.issn.1671-1122.2024.01.013

Abstract

Abstract:

Smart home networks connect smart devices at home through IoT technology, allowing users to remotely view and control their devices. However, information transmission on insecure public networks will face various network threats. Therefore, it is necessary to research and design secure, efficient, and compliant authentication key negotiation protocols for smart home networks. In 2020, WAZID et al. proposed a lightweight authentication key agreement protocol for smart home networks. After security analysis and verification, this paper found that the protocol has the following problems: the scheme overly relies on the gateway node(GWN) of the smart home gateway node, resulting in low system robustness; this scheme stores user and device keys in GWN, but GWN faces privilege attacks and various external network attacks, making it not absolutely secure; this scheme did not consider user access control. This article proposed a new multi-factor authentication key agreement scheme based on Chebyshev chaotic map and Secure Sketch for smart home networks. From the security proof and simulation experiments, although the computational cost of the proposed scheme has increased, the security has been improved and the communication cost has been reduced.

Key words: smart home, secure sketch, multi-factor authentication, Chebyshev chaotic map, key agreement

CLC Number:

TP309

ZHANG Min, FENG Yongqiang, XU Chunxiang, ZHANG Jianhua. Research on Multi-Factor Authenticated Key Agreement Protocol for Smart Home Networks[J]. Netinfo Security, 2024, 24(1): 133-142.

Figures/Tables 11

References 17

[1]	JEONG J, CHUNG M Y, CHOO H. Integrated OTP-Based User Authentication Scheme Using Smart Cards in Home Networks[C]// IEEE. The 41st Annual Hawaii International Conference on System Sciences(HICSS 2008). New York: IEEE, 2008: 123-133.
[2]	VAIDYA B, PARK J H, YEO S, et al. Robust One-Time Password Authentication Scheme Using Smart Card for Home Network Environment[J]. Computer Communications, 2011, 34(3): 326-336. doi: 10.1016/j.comcom.2010.03.013 URL
[3]	KIM H J, KIM H S. AUTHHOTP-HOTP Based Authentication Scheme over Home Network Environment[C]// Springer. International Conference on Computational Science and Its Applications. Heidelberg: Springer, 2011: 622-637.
[4]	HANUMANTHAPPA P, SINGH S. Privacy Preserving and Ownership Authentication in Ubiquitous Computing Devices Using Secure Three Way Authentication[C]// IEEE. 2012 International Conference on Innovations in Information Technology(IIT). New York: IEEE, 2012: 107-112.
[5]	KUMAR P, GURTOV A, IINATTI J, et al. Lightweight and Secure Session-Key Establishment Scheme in Smart Home Environments[J]. IEEE Sensors Journal, 2016, 16(1): 254-264. doi: 10.1109/JSEN.2015.2475298 URL
[6]	VISHWAKARMA S K, UPADHYAYA P, KUMARI B, et al. Smart Energy Efficient Home Automation System Using IoT[C]// IEEE. 4th International Conference on Internet of Things:Smart Innovation and Usages(IoT-SIU). New York: IEEE, 2019: 1-4.
[7]	WAZID M, DAS A K, ODELU V, et al. Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment[J]. IEEE Transactions on Dependable and Secure Computing, 2020, 17(2): 391-406. doi: 10.1109/TDSC.8858 URL
[8]	SAHOO S S, MOHANTY S, SAHOO K S, et al. A Three-Factor-Based Authentication Scheme of 5G Wireless Sensor Networks for IoT System[J]. IEEE Internet of Things Journal, 2023, 10(17): 15087-15099. doi: 10.1109/JIOT.2023.3264565 URL
[9]	ZHANG Min, XU Chunxiang, ZHANG Jianhua. Research on Authentication Key Agreement Protocol Based on Multi-Factor in Internet of Drones[J]. Netinfo Security, 2022, 22(9): 21-30.
	张敏, 许春香, 张建华. 无人机网络中基于多因子的认证密钥协商协议研究[J]. 信息网络安全, 2022, 22(9):21-30.
[10]	DODIS Y, REYZIN L, SMITH A. Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data[C]// Springer. EUROCRYPT 2004. Heidelberg: Springer, 2004: 524-540.
[11]	RIVLIN T J. Chebyshev Polynomials[M]. New York: Courier Dover Publications, 2020.
[12]	ZHANG Linhua. Cryptanalysis of the Public Key Encryption Based on Multiple Chaotic Systems[J]. Chaos Solitons & Fractals, 2008, 37(3): 669-674. doi: 10.1016/j.chaos.2006.09.047 URL
[13]	ZHU Yixin, MIAO Zhangwang, GAN Jinghong, et al. Design of Ransomware Defense System Based on Fine-Grained Access Control Scheme[J]. Netinfo Security, 2023, 23(10): 31-38.
	朱怡昕, 苗张旺, 甘静鸿, 等. 基于细粒度访问控制的勒索软件防御系统设计[J]. 信息网络安全, 2023, 23(10):31-38.
[14]	GAO Bo, CHEN Lin, YAN Yingjian. Research on Side Channel Attack Based on CNN-MGU[J]. Netinfo Security, 2022, 22(8): 55-63.
	高博, 陈琳, 严迎建. 基于CNN-MGU的侧信道攻击研究[J]. 信息网络安全, 2022, 22(8):55-63.
[15]	FAR H, BAYAT M, DAS A K, et al. Pournaghi, and M. Doostari, LAPTAS: Lightweight Anonymous Privacy-Preserving Three-Factor Authentication Scheme for WSN-Based IIoT[J]. Wireless Network, 2021, 27(2): 1389-1412. doi: 10.1007/s11276-020-02523-9
[16]	LI Xiong, PENG Jieyao, OBAIDAT M S, et al. A Secure Three-Factor User Authentication Protocol With Forward Secrecy for Wireless Medical Sensor Network Systems[J]. IEEE Systems Journal, 2020, 14(1): 39-50. doi: 10.1109/JSYST.4267003 URL
[17]	ZOU Shihong, CAO Qiang, WANG Chenxu. A Robust Two-Factor User Authentication Scheme-Based ECC for Smart Home in IoT[J]. IEEE Systems Journal, 2022, 16(3): 4938-4949. doi: 10.1109/JSYST.2021.3127438 URL

符号	描述
RC	注册中心/可信第三方
$t_{reg}^{u},{{t}_{j}}$	用户和智能家居设备注册时间
$B_{i}^{reg}$/$B_{i}^{log}$	注册/登录阶段用户生物特征
$SI{{D}_{j}},I{{D}_{i}}$	智能家居设备标识和用户身份标识
$k,s,u$	RC、智能家居设备和用户的私钥
$x,p$	产生切比雪夫映射种子和大素数
$h(\cdot )$	单向哈希函数
$A=B\oplus \|\|$	A与B是否相等、异或、连接
$\Delta t$	允许的时间间隔
${{t}_{current}},{{t}_{log}}$	当前时间和登录阶段时间

设备ID	设备对应公钥	授权用户
$SI{{D}_{1}}$	${{T}_{{{K}_{SI{{D}_{\text{1}}}}}}}(K)$	${{U}_{1}}\sim{{U}_{i}}$
$SI{{D}_{j}}$	${{T}_{{{K}_{SI{{D}_{j}}}}}}(K)$	${{U}_{1}}\sim{{U}_{i}}$

	Wazid-Das方案	FAR^[15] 等人方案	LI^[16] 等人方案	ZOU^[17] 等人方案	本文方案
抗特权攻击	否	否	否	是	是
提高系统健壮性	否	否	否	否	是
实现访问控制	否	否	否	否	是
密钥前向安全	否	否	是	是	是
用户或设备身份标识随意选择	否	是	是	是	是
身份匿名	否	否	否	是	是
抗拒绝服务攻击	否	否	否	是	是
抗智能卡丢失攻击	否	是	是	是	是
口令认证列表	否	否	否	是	是
抗重放攻击	是	是	是	是	是

符号	描述
$P\|\equiv X$	P相信X
$P\triangleleft X$	P收到X
$P\|\text{ }\!\!\sim\!\!\text{ }X$	P曾发送过X
$P\|\Rightarrow X$	P对X有仲裁权
$\#(X)$	X是新鲜的，意味X是新生成的随机数
$P\overset{K}{\longleftrightarrow}Q$	K是P和Q之间共享的密钥
${{\{X\}}_{K}}$	X被密钥K加密
U/AS	U表示用户，AS表示服务器

	用户端/ms	智能家居设备/ms	GWN/ms	合计/ms
Wazid-Das 方案	$9{{T}_{h}}+{{T}_{enc}}\approx 0.06830$	$5{{T}_{h}}+{{T}_{dec}}\approx 0.04750$	$10{{T}_{h}}+2{{T}_{enc}}\approx 0.09500$	$0.21080$
FAR^[15] 等人方案	$9{{T}_{h}}+2{{T}_{exp}}\approx 0.89160$	$5{{T}_{h}}+{{T}_{exp}}\approx 0.45360$	$6{{T}_{h}}\approx 0.03120$	$1.37640$
LI^[16] 等人方案	$10{{T}_{h}}+3{{T}_{exp}}\approx 1.33480$	$4{{T}_{h}}+2{{T}_{exp}}\approx 0.87600$	$8{{T}_{h}}+{{T}_{exp}}\approx 0.46920$	$2.68000$
ZOU^[17] 等人方案	$6{{T}_{h}}+3{{T}_{exp}}\approx 1.31400$	$5{{T}_{h}}+2{{T}_{exp}}\approx 0.88120$	$6{{T}_{h}}+{{T}_{exp}}\approx 0.45880$	$2.65400$
本文方案	$\begin{align} & 3{{T}_{x}}+8{{T}_{h}}+{{T}_{Rec}}+ \\ & 4{{T}_{M}}=0.90060 \\ \end{align}$	$\begin{align} & 2{{T}_{x}}+7{{T}_{h}}+5{{T}_{M}}+ \\ & {{T}_{E}}=0.90665 \\ \end{align}$	$\begin{align} & {{T}_{h}}+{{T}_{M}}+{{T}_{D}}= \\ & 0.19645 \\ \end{align}$	$2.00370$