Research Area:  Internet of Things
The Internet of Things (IoT) is a huge network formed by connecting various information sensing devices through the Internet. Although IoT has been popularized in many fields, connected devices can be used only when network security is guaranteed. Recently, Rana et al. proposed a secure and lightweight authentication protocol for the next-generation IoT infrastructure. They claim that their protocol can resist major security attacks. However, in this study, we prove that their protocol is still vulnerable to offline password guessing attacks and privilege internal attacks. In order to solve these shortcomings, we propose an improved protocol, which is proved to be secure by formal and informal analysis. In addition, after comparing the time and memory consumption with other protocols, we find that our protocol has more advantages.
Author(s) Name:  Chien-Ming Chen and Shuangshuang Liu
Journal name:  Security and Communication Networks
Publisher name:  Hindawi
Volume Information:  Volume 2021
Paper Link:   https://www.hindawi.com/journals/scn/2021/6537678/