Secure Three-Factor Authentication Protocol for Multi-Gateway IoT Environments
1
School of Electronics Engineering, Kyungpook National University, Daegu 41566, Korea
2
IT Conversions, Korea Nazarene University, Cheonan, Chungcheongnam-do 31172, Korea
*
Authors to whom correspondence should be addressed.
Sensors 2019, 19(10), 2358; https://doi.org/10.3390/s19102358
Received: 28 March 2019
/
Revised: 18 May 2019
/
Accepted: 20 May 2019
/
Published: 22 May 2019
(This article belongs to the Special Issue Emerging IoT Technologies for Smart Environments)
Internet of Things (IoT) environments such as smart homes, smart factories, and smart buildings have become a part of our lives. The services of IoT environments are provided through wireless networks to legal users. However, the wireless network is an open channel, which is insecure to attacks from adversaries such as replay attacks, impersonation attacks, and invasions of privacy. To provide secure IoT services to users, mutual authentication protocols have attracted much attention as consequential security issues, and numerous protocols have been studied. In 2017, Bae et al. presented a smartcard-based two-factor authentication protocol for multi-gateway IoT environments. However, we point out that Bae et al.’s protocol is vulnerable to user impersonation attacks, gateway spoofing attacks, and session key disclosure, and cannot provide a mutual authentication. In addition, we propose a three-factor mutual authentication protocol for multi-gateway IoT environments to resolve these security weaknesses. Then, we use Burrows–Abadi–Needham (BAN) logic to prove that the proposed protocol achieves secure mutual authentication, and we use the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool to analyze a formal security verification. In conclusion, our proposed protocol is secure and applicable in multi-gateway IoT environments.
View Full-Text
Keywords:
internet of things; multi-gateway; mutual authentication; cryptanalysis, BAN logic; AVISPA
▼
Show Figures
Figure 1
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited
MDPI and ACS Style
Lee, J.; Yu, S.; Park, K.; Park, Y.; Park, Y. Secure Three-Factor Authentication Protocol for Multi-Gateway IoT Environments. Sensors 2019, 19, 2358. https://doi.org/10.3390/s19102358
AMA Style
Lee J, Yu S, Park K, Park Y, Park Y. Secure Three-Factor Authentication Protocol for Multi-Gateway IoT Environments. Sensors. 2019; 19(10):2358. https://doi.org/10.3390/s19102358
Chicago/Turabian StyleLee, JoonYoung, SungJin Yu, KiSung Park, YoHan Park, and YoungHo Park. 2019. "Secure Three-Factor Authentication Protocol for Multi-Gateway IoT Environments" Sensors 19, no. 10: 2358. https://doi.org/10.3390/s19102358
Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.
