Secure Remote Multi-Factor Authentication Scheme Based on Chaotic Map Zero-Knowledge Proof for Crowdsourcing Internet of Things
Recently, application scenario of crowdsourcing IoT has covered to e-healthcare service, smart home, smart city, internet of vehicles due to the proliferation of smart devices such as smart mobile devices, smart wearable device, smart medical devices and smart furniture, etc. Patient's data col...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2020-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/8945237/ |
| id |
doaj-27af3a4c122940f7b56d9665d18006f5 |
|---|---|
| record_format |
Article |
| spelling |
doaj-27af3a4c122940f7b56d9665d18006f52021-03-30T01:18:28ZengIEEEIEEE Access2169-35362020-01-0188754876710.1109/ACCESS.2019.29629128945237Secure Remote Multi-Factor Authentication Scheme Based on Chaotic Map Zero-Knowledge Proof for Crowdsourcing Internet of ThingsWenzheng Liu0https://orcid.org/0000-0002-2115-1540Xiaofeng Wang1https://orcid.org/0000-0002-3583-369XWei Peng2https://orcid.org/0000-0002-5456-9126College of Computer, National University of Defense Technology, Changsha, ChinaCollege of Computer, National University of Defense Technology, Changsha, ChinaCollege of Computer, National University of Defense Technology, Changsha, ChinaRecently, application scenario of crowdsourcing IoT has covered to e-healthcare service, smart home, smart city, internet of vehicles due to the proliferation of smart devices such as smart mobile devices, smart wearable device, smart medical devices and smart furniture, etc. Patient's data collected by the smart devices send to the various remote medical servers. A group of medical professionals remote access patient data stored at the medical server database. Smart home users want to remote real-time access information of smart devices at home. All these operations need via wireless remote communication, which is suffering from various kinds of threat and attacks. Hence, there are a large number of multi-factor remote authentication and key agreement schemes designed for the application of crowdsourcing IoT. However, in most existing related multi-factor schemes, all factors for identity authentication only act as a parameter for encrypting the local secret key. In this paper, we propose a new secure remote multi-factor authentication scheme that includes three factors: 1) user identity; 2) password; and 3) user biometrics, which are authenticated by the remote server, act as a part of the secret key and participate in the key agreement process. We choose the chaotic map since it has a smaller key size and lower computational overhead, and then achieve remote multi-factor authentication and key agreement by artfully employ it to zero-knowledge technology and the fuzzy extractor technology. Our scheme is more secure and robust since the user revealing nothing sensitive information, and the adversary cannot impersonate any user even if he gets the server's master key. We have done security proof for our proposed scheme using the Random-Or-Real(ROR) model, Burrows-Abadi-Needham (BAN) logic, and ProVerif 2.00 to show that the presented scheme is secure. Also, we give an additional security analysis for other various attacks. Finally, according to the test and simulation result, the proposed scheme is very suitable for the power-constrained smart devices, and in the next generation 5G communication environment, its applicability and usability will be greatly enhanced.https://ieeexplore.ieee.org/document/8945237/Chaotic mapzero-knowledge proofremote multi-factor authenticationInternet of Thing (IoT)crowdsourcingrandom-or-real (ROR) model |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Wenzheng Liu Xiaofeng Wang Wei Peng |
| spellingShingle |
Wenzheng Liu Xiaofeng Wang Wei Peng Secure Remote Multi-Factor Authentication Scheme Based on Chaotic Map Zero-Knowledge Proof for Crowdsourcing Internet of Things IEEE Access Chaotic map zero-knowledge proof remote multi-factor authentication Internet of Thing (IoT) crowdsourcing random-or-real (ROR) model |
| author_facet |
Wenzheng Liu Xiaofeng Wang Wei Peng |
| author_sort |
Wenzheng Liu |
| title |
Secure Remote Multi-Factor Authentication Scheme Based on Chaotic Map Zero-Knowledge Proof for Crowdsourcing Internet of Things |
| title_short |
Secure Remote Multi-Factor Authentication Scheme Based on Chaotic Map Zero-Knowledge Proof for Crowdsourcing Internet of Things |
| title_full |
Secure Remote Multi-Factor Authentication Scheme Based on Chaotic Map Zero-Knowledge Proof for Crowdsourcing Internet of Things |
| title_fullStr |
Secure Remote Multi-Factor Authentication Scheme Based on Chaotic Map Zero-Knowledge Proof for Crowdsourcing Internet of Things |
| title_full_unstemmed |
Secure Remote Multi-Factor Authentication Scheme Based on Chaotic Map Zero-Knowledge Proof for Crowdsourcing Internet of Things |
| title_sort |
secure remote multi-factor authentication scheme based on chaotic map zero-knowledge proof for crowdsourcing internet of things |
| publisher |
IEEE |
| series |
IEEE Access |
| issn |
2169-3536 |
| publishDate |
2020-01-01 |
| description |
Recently, application scenario of crowdsourcing IoT has covered to e-healthcare service, smart home, smart city, internet of vehicles due to the proliferation of smart devices such as smart mobile devices, smart wearable device, smart medical devices and smart furniture, etc. Patient's data collected by the smart devices send to the various remote medical servers. A group of medical professionals remote access patient data stored at the medical server database. Smart home users want to remote real-time access information of smart devices at home. All these operations need via wireless remote communication, which is suffering from various kinds of threat and attacks. Hence, there are a large number of multi-factor remote authentication and key agreement schemes designed for the application of crowdsourcing IoT. However, in most existing related multi-factor schemes, all factors for identity authentication only act as a parameter for encrypting the local secret key. In this paper, we propose a new secure remote multi-factor authentication scheme that includes three factors: 1) user identity; 2) password; and 3) user biometrics, which are authenticated by the remote server, act as a part of the secret key and participate in the key agreement process. We choose the chaotic map since it has a smaller key size and lower computational overhead, and then achieve remote multi-factor authentication and key agreement by artfully employ it to zero-knowledge technology and the fuzzy extractor technology. Our scheme is more secure and robust since the user revealing nothing sensitive information, and the adversary cannot impersonate any user even if he gets the server's master key. We have done security proof for our proposed scheme using the Random-Or-Real(ROR) model, Burrows-Abadi-Needham (BAN) logic, and ProVerif 2.00 to show that the presented scheme is secure. Also, we give an additional security analysis for other various attacks. Finally, according to the test and simulation result, the proposed scheme is very suitable for the power-constrained smart devices, and in the next generation 5G communication environment, its applicability and usability will be greatly enhanced. |
| topic |
Chaotic map zero-knowledge proof remote multi-factor authentication Internet of Thing (IoT) crowdsourcing random-or-real (ROR) model |
| url |
https://ieeexplore.ieee.org/document/8945237/ |
| work_keys_str_mv |
AT wenzhengliu secureremotemultifactorauthenticationschemebasedonchaoticmapzeroknowledgeproofforcrowdsourcinginternetofthings AT xiaofengwang secureremotemultifactorauthenticationschemebasedonchaoticmapzeroknowledgeproofforcrowdsourcinginternetofthings AT weipeng secureremotemultifactorauthenticationschemebasedonchaoticmapzeroknowledgeproofforcrowdsourcinginternetofthings |
| _version_ |
1724187222172762112 |