Journal Pre-proof

ALAM: Anonymous lightweight authentication mechanism for SDN

enabled smart homes

Waseem Iqbal, Haider Abbas, Pan Deng, Jiafu Wan, Bilal Rauf,
Yawar Abbas, Imran Rashid

PII: S1084-8045(23)00091-7
DOI: https://doi.org/10.1016/j.jnca.2023.103672
Reference: YJNCA 103672

To appear in: Journal of Network and Computer Applications

Received date : 25 February 2023

Revised date : 30 April 2023
Accepted date : 19 May 2023

Please cite this article as: W. Iqbal, H. Abbas, P. Deng et al., ALAM: Anonymous lightweight
authentication mechanism for SDN enabled smart homes. Journal of Network and Computer
Applications (2023), doi: https://doi.org/10.1016/j.jnca.2023.103672.

This is a PDF file of an article that has undergone enhancements after acceptance, such as the
addition of a cover page and metadata, and formatting for readability, but it is not yet the definitive
version of record. This version will undergo additional copyediting, typesetting and review before it
is published in its final form, but we are providing this version to give early visibility of the article.
Please note that, during the production process, errors may be discovered which could affect the
content, and all legal disclaimers that apply to the journal pertain.

© 2023 Elsevier Ltd. All rights reserved.

 Journal Pre-proof
ALAM: Anonymous Lightweight Authentication
Mechanism for SDN Enabled Smart Homes
Waseem Iqbal, Haider Abbas, Pan Deng, Jiafu Wan* , Bilal Rauf, Yawar Abbas, Imran Rashid
of
Abstract—The smart connected devices are the first choice of
the cyber criminals for spreading spy wares and different security
pro
attacks. The current security standards and protocols for IoT
have failed in providing security to these devices. In addition,
IoT market giants are producing non-secure smart products in
order to grab the open market. Furthermore, low resources of IoT
devices, limits the traditional host-based protection solutions like
anti-virus, IDS, IPS, etc. To overcome the resource constraintness
and security barriers of smart devices, a network level security
architecture based on lightweight cryptographic parameters is
required. Software Defined Networking (SDN) is a new network-
ing paradigm to overcome the control, management and security
issues in traditional networking. The SDN controller handles all
re-
the computation and complexities at the network level, rather
than smart devices. In this research, we first present a new
privacy-preserving security architecture for SDN based smart
homes. Subsequently, an anonymous lightweight authentication
mechanism (ALAM) is designed based on the proposed security
architecture core foundations. Furthermore, the security char-
acteristics of the proposed protocol are formally analyzed using
Burrows Abadi-Needham (BAN) Logic and ProVerif, followed by
lP
informal security analysis. Lastly, performance evaluation and
comparative analysis of the scheme is carried out.
Index terms— Authentication, Smart home, IoT, SDN-IoT,
Lightweight Cryptography
I. I NTRODUCTION
According to Gartner by 2020, 25 billion devices will be
rna
connected to the internet and will have the ability to analyze
user data, and make smart decisions in an autonomous way
[1]. Smarter systems are the products envisioned due to the
rapid progress of IoT like smart home, e-healthcare, wearable
and much more [2]–[4]. More than 85% of the organizations
will be leveraging IoT devices in different ways according to
[5] and about 90% of these enterprises are not certain about
smart devices security. As, authors in [6] state that many
Jou
smart home devices can spy inhabitants in their own homes.
It is also discovered in a study carried out by HP [7] that
70% of the IoT devices are susceptible to various attacks
when connected to the internet. Attacks on industrial systems
are a reality and is just not a threat anymore as more than
Waseem Iqbal and Haider Abbas are with Department of Information
Security, National University of Sciences and Technology (NUST), Islamabad
44000, Pakistan (e-mail: waseem.iqbal, haider@mcs.edu.pk)
Pan Deng is with the Research Institute for Frontier Science, Beihang
University, Beijing, China (e-mail:pan deng168@163.com)
Jiafu Wan is with the School of Mechanical & Automotive Engi-
neering, South China University of Technology, Guangzhou, China (e-
mail:jiafuwan 76@163.com)
Bilal Rauf, Yawar Abbas and Imran Rashid are with Department of Infor-
mation Security, National University of Sciences and Technology (NUST),
Islamabad 44000, Pakistan (e-mail: bilalrauf, yawar, irashid@mcs.edu.pk)
*Corresponding author: Jaifu Wan (jiafuwan 76@163.com)
1
60,000 vulnerabilities were found by two Russian security
researchers that can gain complete control of compromised
systems [8].
Smart home or home automation system, is the combination
of connected devices and software that can control and
automate the devices. Apart from smart phones and
computers; doorbells, clocks, lights, pacemakers, speakers,
windows, cameras, heaters, cooking kits, and many other
home appliances can be hooked up with internet [9].
These gadgets can communicate with each other, transmit
information to user, and even process user instructions [10].
The ”smartness”’ of the device can be ascertain by the
magnitude of its capability to observe, learn, and change
its behavior instinctively or with little effort of smart home
residents.
Smart home IoT, has turned into multi-billion-dollar in-
dustry and has created contemporary gold hassle among the
established and new companies. To grasp the newly residen-
tial IoT market, companies are producing devices in a dart,
without incorporating security practices. Hence the number of
vulnerable IoT devices are exponentially numbing [11]. Main
functionalities of the smart home devices are roughly same
but based on specific devices, the explicit feature can differ
e.g smart window blinds and home assistant may be Linux
based nodes but the services each offer, are quiet different.
Furthermore, these devices encounter challenges due to the
limited resources i.e. storage, computation power, etc. Such
heterogeneity and low constraints of the devices, makes the
analysis much harder and further escalate the insecurities
of the smart home. This situation gets creepy when few
vendors, explicitly place service backdoors in their devices,
which are manipulated by botnets [12]. Furthermore, these
wild vulnerabilities are targeted by naive criminal groups for
launching distributed denial-of-service (DDoS) attacks [13].
Moreover, routine schedules or habits of the smart home
resident can be deduced by passively snooping over the raw
data whilst transmission between smart nodes and routers e.g.,
switching off the light may imply that a user have left home
[6]. Furthermore, active attacker can get private information
from smart nodes by pretending as legal user [14]. In addition,
the operations of IoT smart applications are severely impacted
by certain security problems that includes eminent attacks [13],
manipulation of devices on large scale, and attention-grabbing
news about device hacking [15].
The connected devices are increasing immensely in this
technological era. Due to the weak embedded security and
 Journal Pre-proof
Application Layer
of
Control Layer
OpenFLow Protocol
pro
Infrastructure/Data
Layer
Communication Mediums
IoT Application
re-
Fig. 1: SDN-IoT Network Architecture.
lP
lack of standard architecture, it will always be the first choice
of the cyber criminals. These smart gadgets are used to spread
spy wares and to launch DDoS attacks. It is evident from the
attacks carried out on these devices that the current security
standards and protocols for IoT have failed in providing
security to IoT devices [129]. In addition, IoT market giants,
rna
in order to grab the open market are producing the smart
products without paying due attention to the security. Due
to this quandary and the resource constraining IoT devices,
the traditional host-based protection solutions like anti-virus,
IDS, IPS etc, cannot be used for low power smart devices.
Therefore, a novel, adaptive, and worthy security systems
is required to tackle the current situation which should
be proactive in nature providing baseline security to end
users, network, applications, data and devices. Apropos, to
Jou
overcome the limiting resources of smart devices, SDN based
network level security architecture is proposed by authors in
[16].
Software Defined Network (SDN) is considered a rev-
olutionary network technology that supports heterogeneous
networking with swift evolution and dynamism using pro-
grammable planes. It hides the complexities of traditional
networking from the end users i.e., separating the data plane
from control plane [17]. The SDN and IoT integration meet
the expectation of control and management in varied scenarios
[18] as shown in Fig. 1.The control and data planes are decou-
pled and intelligence of the network is logically centralized in
SDN paradigm. The controller can add, delete, and modify the
2
Applications
Controllers
SDN Paradigm
flow entries, reactively (response) and proactively (predefined
rules). Furthermore, SDN facilitates quick reaction to threats,
filtering traffic with granularity, and dynamic deployment of
security policies. One of the core feature of SDN is to set up
security policy rules to network device through the OpenFlow
protocol. The controller foster a global network view by
maintaining connection with the OpenFlow switches [19]–
[21].
A. Problem Area and Research Motivation
Smart home users face serious privacy concerns due to
the custom unauthenticated smart devices and plain text au-
thentication. Furthermore, in traditional smart homes excess
of confidential information is collected and processed by
gateways, causing privacy issues, hence security and privacy is
anticipated for such information. In addition, the user of smart
homes may use diverse end devices for accessing the services,
this may also cause privacy issues. Therefore, a lightweight
secure authentication protocol is required for resource con-
straint devices which will authenticate every smart home user
and device per session. This will in turn increase the secure
authentication request operations. In conventional smart home
devices/hubs, the computational power to entertain alleviated
authentication requests and processing cryptographic functions
are not well addressed, due to limited resources. Therefore, to
overcome this issue, the centralized controller may help in
computing and scrutinizing each secure authentication request
at the network level rather than device level by hosting a
secure lightweight authentication module at controller. Even
 Journal Pre-proof
though the authentication working out will shift to SDN
controller, it will not cause performance bottleneck, owing
to the escalating number of requests. Thus, for the said
reasons, a consolidated security architecture is necessitated to
satisfy. Therefore, benefiting features of SDN must preserve
the personal and confidential information of smart home users
to augment privacy.
of
B. Research Contributions:
The main contributions of our work are presented threefold.
Foremost, a new smart home security architecture (privacy
pro
preserving) is introduced, that offer users verification at a
centralized controller (SDN). Subsequently, an anonymous
lightweight authentication mechanism (ALAM) is designed,
built on the underlying proposed security architecture, to
support different scenarios. In order to accomplish this,
cryptographic lightweight primitives like exclusive-or,
symmetric key, and one way hashes are utilized [22], [23],
to offer security for resource constrained IoT devices [24].
Finally, the formal and informal proof of our proposed
re-
protocol is presented and performance evaluation is exhibited
in lieu computation cost and privacy. Furthermore, the
viability of the protocol is verified for ascertaining the vital
features of security like mutual authentication, and anonymity,
etc. Evaluation shows that our proposed scheme is secure
and feasible for resource-limited devices in IoT, thus it can
be utilized in various other smart IoT systems. Furthermore,
lP
this research can pave way for academicians/researchers,
and vendors to design more lightweight authentication
mechanisms for smart IoT devices.
Rest of the paper is distributed as: A novel security ar-
chitecture (Fig. 2) for SDN based smart homes is presented
in Section 2, hereinafter, the system model and security re-
rna
quirements in devising authentication protocol for SDN based
smart home are elaborated. Afterward, Section 3 presents
the authentication protocol highlighting two distinct scenarios.
Section 4 covers the formal analysis of the proposed security
protocol whereas informal security analysis of the protocol is
carried out in Section 5. In Section 6, performance evaluation
of the proposed protocol is carried out, in terms of computation
cost and privacy. Finally, Section 7 covers the concluding
remark of the research.
Jou
II. S YSTEM M ODEL AND S ECURITY R EQUIREMENTS
We present a new security architecture for SDN based
smart home systems in this section, as shown in Fig. 2.
Consequently, for designing smart home authentication
protocol, we outline some security requirements.
A. System Model
In conventional smart home IoT system, when a legitimate
user through his mobile (user device) and IoT Gateway/Hub
need to interact securely, they need a cloud computing
server for authenticating each other that in turn results in
3
higher latency, degrading the performance of the system.
Likewise, low latency is required in many application, such
as e-healthcare, etc. Furthermore, the rapid growth of the
smart devices and applications, an IoT Gateway/Hub can
be overloaded drastically. To overcome this issue, a local
centralized server is required to ofoad the computation
overhead of the cloud computing/gateways in smart home
systems. On the other hand, if a legitimate user, changes
the already registered mobile and then communicate in the
smart home environment, a central server needs to validate
the legitimacy of this user identity, now binded with the new
mobile, through a prompt authentication process. All these
imperative features can be provisioned by the SDN enabled
smart home IoT system, which permits user to interact
securely with smart devices without involving a centralized
cloud server.
Fig. 2 depicts a new security architecture for SDN based
smart home system where SD represents the smart devices
and SD G/W depicts smart devices gateway. Controller
hosts two modules i.e., Registration Manager Reg M gr and
Authentication Manager Auth M gr, where the former is
responsible for registration of smart devices and users whereas
the later deals with the key generation and handling secure
authentication requests. In this architecture, we present an
authentication mechanism addressing the following scenarios:
(i) firstly, for secure interaction, a legitimate user identity
is cohere with a user smart mobile, which is authenticated
by the controller. (ii) When an authenticated user, changes
the smart mobile and then wants to interact with the smart
devices, then the controller needs to re-authenticate the user
identity binded with the new smart mobile. Furthermore, the
proposed architecture can work, in case the controller needs
updation or any other new application is being installed.
Various smart applications can benefit from this characteristic
of the proposed scheme.
B. Security Requirements and Attacker Model
The vast deployment of Internet, specifically the Internet
of Things (IoTs), compels the provision of scalability besides
low latency. Therefore, the concept of SDN is proposed in
IoT context, which can be considered as a valuable paradigm
to achieve these requirements. However, to achieve privacy
and security in various grave IoT services and applications
like VANET’s, e-healthcare, etc., and specifically in smart
homes, there is a need of secure SDN model that must
preserve privacy [24]. Apropos, addressing the following
security problems is a must:
Scalability: The controller searches in its database, the
user identity (binded with smart mobile), for authentication.
However, if the number of users increases, the searching
computation must vary slightly i.e., the identity of the user
should be determined immediately by direct search without
any further checking.
 Journal Pre-proof
4

Reg_Mgr Auth_Mgr
Controller
Reg.DB Auth.DB

1. Registration

of
2
2
2. Authentication

1
1
2. Authentication & Key Distribution

Service Request
Service Granted

pro
User Device
User User G/W SD's G/W

1
1
2
2

re-
SD-1 SD-2 SD-3 SD-4
lP
Fig. 2: Security Architecture for SDN Enabled Smart Home.

TABLE 1: Notations Guide for The Proposed Scheme

Mutual Authentication: This is the most vital security issue
Notations Definitions
for SDN based smart home system as services are extended
UID i User Identity
to large scale authentic users by controller. Conventional
MID i User Mobile Identity
rna

public key infrastructure based authentication schemes are

Cc Controller Counter
not effective for the resource constraint smart devices.
ku c Shared Symmetric Key Between User
and Controller
Anonymity: The adversary in smart home environment
Cn Controller Nonce
cannot trace the user and smart phone via the interactions
CSP Controller Session Parameter
with controller and smart devices. Such property satisfy the
SID Session Identifier
strong anonymity. The adversary can constantly trace the user
SDID i IoT Smart Device Identity
activity, if the communicated information does not satisfy
CID Controller Identifier
this property.
Jou

Un User Nonce
Auth Authenticator
Resistance to Common Attacks: Replay and de- ∆T Threshold Difference In Time
synchronization attacks should be evaded. H() Hash Function
⊕ Exclusive-OR
Adversarial Model: We take into consideration the adver-
sarial model as stated in [23], where following assumptions
are made in accordance to the competence of the adversary
A: • A can be any malign user of the system or any outsider.
• Identity of the controller is public and known to benign
• The public communication link is in full control of
users.
A, which implies that A can capture, replay, amend,
• The SDN controller and database modules in controller
eliminate and can even direct a newly devised fabricated
are considered to be secure and cannot be compromised
message.
by A i.e., private key of the controller is not accessible
• Shared secret key of the user and controller is completely
to adversary.
secure and cannot be accessed by any adversary.
 Journal Pre-proof
of
pro
re-
Fig. 3: User to Controller Proposed Registration Scheme.
III. P ROPOSED A NONYMOUS L IGHTWEIGHT
AUTHENTICATION M ECHANISM (ALAM) FOR SDN
BASED S MART H OMES
lP
When an authentic user via its registered mobile wants to
use the services of the smart home, it communicates with the
SDN controller. To preserve the privacy concern, it is vital
that the communication must be anonymous. Additionally,
to achieve stronger security, the smart entities should be
capable to authenticate each other along with inspecting the
rna
freshness of the communicated messages, during anonymous
collaboration. Furthermore, majority of IoT smart objects are
low powered thus, a lightweight anonymous security solution
is required. Apropos, this section presents an anonymous
lightweight authentication protocol dealing with two different
conditions in SDN enabled smart home. The authentication
protocol deliberates the initial authentication in presence of
SDN controller, followed by the subsequent authentications
for service request. The cope with the low power constrain
Jou
of the IoT devices, hash functions and exclusive-or operations
are used in the design of the proposed protocol. These cryp-
tographic elements are lightweight causes minimal computa-
tional overhead, in comparison with conventional and public
key crypto systems [25]. Table-I, shows the notations that are
used in the proposed scheme.
A. Proposed Registration Scheme
Consider, there are identified group of smart home users
who will access the services of smart home through the smart
mobiles, where they need to register into the SDN controller.
The proposed registration process consists of two stages i.e.
User registration and IoT smart devices registration. The
administrator of the smart home (owner), controls/configure
5
the controller and registers the Users and IoT Smart Devices
of smart home as presented in the following steps:
1) The user identity UID , is cohere with a mobile phone
identity MID . The ith User UID i along with mobile
MID i identity, request the controller for registration
through a secure channel.
U ser → Controller:M1 = {UID i , MID i }
2) SDN controller maintains a counter Cc of 64-bit.
Whenever, controller receives a request, the counter
value is incremented. Upon receiving the request
from UID i , the controller increase the value of Cc
and successively, produce a transaction flow sequence
number Cc = T Fseq , along side a shared secret key
between user and controller kuc . The controller also
generates a nonce Cn , and computes the controller
session parameter CSPMID i = h(UID i ||MID i ||Cn ),
where the User identity UID i is binded with a specific
mobile phone MID i for this session. Finally the
session identity of UID i is generated, which is the
encryption of all parameters associated with the User
i.e., SIDui = Ekuc (UID i , MID i , CSPMID i , T Fseq ).
kuc along with SIDui parameters is send to User
registered mobile, through the secure channel. The
User save the session credential in registered mobile.
All controller generated and computed parameters are
stored in Reg.DB and Auth.DB databases, for future
verification as shown in Fig. 3.
Controller → U ser: M2 = {SIDui , kuc }
 Journal Pre-proof
6

User Controller
_
Reg Mgr Keg .DB Auth.DB

of
Select :
Smart Device Identity: SDioi
M iSDio }
4
Controller Identity: CID
Generate : Cm

pro
Compute:
CSPSDlDi = h[ SDlDi \\Cm )
SIDSDIDi = EttASDlDiiCSPsDiDtyCm )
Send : { SlDSDIDi CSPsDIDi }
M 2 { SlD3 DIDrClD }
4 - Store: { SlDSDIDiiCSPsDIDi }
Push :{5/ DsJD7 r, < , CSPsDlDi }

,CSPsDIDi }
re-
Fig. 4: Smart Device to Controller Proposed Registration Scheme.
Store:{ SIDsDIDl

1) Likewise, the ith smart device SDID i request the
controller for registration through a secure channel.
lP
SmartDevice → Controller: M1 = {SDID i }
2) SDN controller generates the controller identifier
CID, upon receiving the request from SDID i ,
along with a nonce Cm , and computes the controller
session parameter CSPSDID i = h(SDID i ||Cm ),
rna
U ser → Controller: M1 = {Authu , SIDui , Up , T1 }
A random number Un is generated by the user and computes
Up = Un ⊕ MID i , the user authentication parameter for
controller i.e., Authu = h(SIDui ||Up ||kuc ||T1 ||Un ||T Fseq ),
and then send the saved SIDui along the Authu , Up and
time stamp T1 to the controller, where SIDui , kuc , Un ,
h( ) represent the user session identity with the registered
mobile, session key, user generated random number, and a

for smart devices. Subsequently, the session hash function to validate user, respectively.
identity of smart device SDID i is generated as
SIDSDID i = Ekc (SDID i , CSPSDID i , Cm ), where Controller → SmartDevice: M2 = {Authd , T2 }
SIDSDID i is encrypted with the shared secret Ekc key
stored at controller level. SIDSDID i along with CID
After receiving the message M1 , SDN controller at first
is send to smart device, where it is stored, through
finds the time difference i.e., ∆T . Hereafter computes
the secure channel. All parameters along with Ekc are
Un = Up ⊕ MID i to get MID i . The controller then decrypts
stored in Reg.DB and Auth.DB databases as shown in
SIDui = DK uc (UID i , MID i , CSPMID i , T Fseq ) and match
Fig. 4.
the user identity UID i , mobile identity MID i , controller
Jou

session parameter generated against registered mobile

Controller → S.Device: M2 = {SIDSDID i , CID}
B. Proposed Authentication Scheme
When a registered user wants to consume the services of
the smart home, initially this part of the proposed scheme is
performed first. Further, we indorse this phase to be executed
again when an authentic home user, utilizes new mobile for
interaction with the controller, as the user session identity
SIDui is based on controller session parameter CSPMID i ,
which in turn is computed with mobile identity, registered
at the time of initial registration phase. Following steps are
involved in the authentication scheme:
CSPMID i , and the transaction flow sequence number T Fseq ,
against the saved values in its database. If it is verified that
the MID recv
i =? MID save
i , then the controller can come
across two situations; 1) T Fseq numbers saved and received
are same T Fseq recv =? T Fseq save 2) the user forwards
previous T Fseq number i.e., T Fseq old =? T Fseq new . Both
scenarios are discussed below in detail:
Case 1: If T Fseq recv =? T Fseq save , which will always be
true in first authentication request after initial registration,
controller retrieves Un by computing Un = Up ⊕ MID i .
Now to validate the user authenticator parameter Authu ,
it computes and check Authu recv =? Authu save . If the
 Journal Pre-proof
7

TABLE 2: BAN Logic Notations Guide

verification is successful, then the controller computes
Notations Description
Authd = h(SIDSDID i ||T2 ||CID), authenticator for smart
S| ≡ T S Believes that T
device and send Authd and T2 in M2 to smart device for
SCT S Sees that T
authentication.
S| ∼ T S once said T
S⇒T S have total jurisdiction on T
SmartDevice ← Controller: M3 = {Authdc , T3 }
#(T ) T is updated and fresh
T, U is component of formula(T,U)

of
(T, U )
Upon receiving the response message M2 , the smart device
< T >U T is combine with Y
checks the ∆T . Next to verify the received Authd , it computes
(T )K Hash of message T using a key K
Authd =? h(SIDSDID i ||T2 ||CID). If the verification is K
successful, subsequently it computes the smart device S ←→ V S and V are using shared key K for
authenticator parameter Authdc = h(SIDSDID i ||T3 ||CID) communication process

pro
and send M3 back to controller. AIDTi Session key SIDi is used one time
in a current section
K
After receiving M3 from smart device, the controller S|≡S ←→V.SC<T >K
Message-Meaning rule
S|≡V |∼T
validates the authenticator parameter and computes S|≡#(T )
Freshness-conjuncatenation rule
Authrecv
dc =? h(SIDSDID i ||T3 ||CID). If the computed S|≡#(T,U )
S|≡#(T ),S|≡V |∼T
value matches the received Authdc , smart device is mutually S|≡V |≡T Nonce-verification rule
S|≡V ⇒T,S|≡V |≡T
authenticated. S|≡T Jurisdiction rule
Case 2: The controller performs the following computation
in two conditions; either the received Authdc from smart

T Fseq old =? T Fseq new .

re-
device in M3 is verified or if the received T Fseq value from
user is old, whereas controller is waiting for new T Fseq value
IV. F ORMAL S ECURITY A NALYSIS OF THE P ROPOSED
M ECHANISM
This section covers the security analysis of the proposed
protocol with respect to the adversarial model highlighted
The controller updates T Fseq = T Fseq ∗
, and store both
in section II-B. Usually, every security protocol is analyzed
values in database. Hereafter, controller generates a new
formally or informally to validate the result conclusions. In
nonce Cn∗ and subsequently computes new controller
lP
formal analysis we have the protocol/data which is validated
session parameter CSPM ∗
= h(UID i ||MID i ||Cn∗ ).
ID i
conclusion based on various tests and formal methods. Such
Further, the controller generates the new session identity for
test and formal methods are standardized measures. Burrows
user SIDu∗ i = Ekuc (UID i , MID i , CSPM ∗ ∗
, T Fseq ) and
ID i
Abadi-Needham (BAN) logic is a formal method widely
encodes new SIDui as Z = SIDui ⊕ MID i . Finally for
∗ ∗
used for formal verification of cryptographic protocols [26].
mutual authentication, controller computes the controller
Moreover, ProVerif is a testing/simulation platform for formal
authenticator Authc = h(SIDui ∗ ||MID i ||Un ||T4 ||Kuc ) and
verification of authentication schemes [27]. On the other hand,
sends a response M4 to the user as shown in Fig. 5.The
rna

informal assessments are referenced measures to ascertain

controller updates it database with new values CSPM ∗
,
ID i
various security requirements of a security protocol. Therefore,
SIDu∗ i , Cn∗ , and T Fseq
∗
. It also maintains the old T Fseq value
in this research we have carried out formal analysis using
in order to check the freshness of session.
BAN logic [28]. Furthermore, ProVerif is used to verify the
robustness of the proposed authentication mechanism [29]–
As depicted in Fig. 5, after receiving the message M1 , the
[31]. In addition, informal analysis is carried out to further
controller computes Un = Up ⊕ MID i to get MID i . Then
verify the security of proposed authentication mechanism.
decrypts SIDui = DK uc (UID i , MID i , CSPMID i , T Fseq )
and match the user identity UID i , mobile identity MID i ,
Jou

controller session parameter generated against registered
mobile CSPMID i , and the transaction flow sequence number
T Fseq , against the saved values in its database. If the
user sends authentication request from a new mobile, the
verification MID recv =? MID save is unsuccessful and the
i i
user is redirected to register the new mobile against its identity.
Controller ← U ser: M4 = {Z, Authc , T4 }
After receiving message M4 from controller, the user first
validates ∆T , and then decodes SIDu∗ i = Z ⊕ MID i
to get SIDu∗ i for future correspondence. Finally to mutu-
ally authenticate the controller, user computes Authc =?
h(SIDui ∗ ||MID i ||Un ||T4 ||Kuc ) and if the received Authc
matches the generated Authc , controller is also verified.
A. Formal Security Analysis using BAN Logic
To evaluate information exchange of protocol, BAN logic
utilizes set of rules to establish, if the exchanged information
of the protocol is resilient against snooping, is trustful and
secure. Through BAN logic, proposed mutual authentication
protocol is checked and verified [28]. Table-II highlights
various rules of BAN logic which includes proofs, idealized
form, and assumptions.
In order to examine the proposed protocol security though
BAN logic, it needs to verify different goals as discussed in
[28]. Apropos, following eight diverse goals have been deter-
mined based on BAN logic to access the proposed protocol:
SID
• G1: C| ≡ Ui ←→U C
SID
• G2: C| ≡ Ui | ≡ Ui ←→U C
 Journal Pre-proof
8

U ser Controller SmartDevice

_
Auth Mgr

Generate: Un
Compute :

of
Up = Un ® Mini
Authv. = ft( S/Du ||I7p||fc1M. ||ri | |t?'n ||rF«g )
.

>
Cheek Ti T\ AT
Decode: Un Up © Mr m

pro
Decrypt :
SID = DjCuAUlOi , MlDi ,CSP/JIDt > TFaeq )
Compute and Verify :
Check IF: MJD =7 Mutf
Ca &c 2: Case I : {Au ( /id , r2 }
IF ( TF * =1 TFwnt» ) IF ( TF =1 -
Decode: Un = 17,, © Mj
Validate: Atif /t ,/ 6 =? AntA 0 '® Check T3 - T2 = AT
Compute: Attfft = h{ SlDSDJBl \\T a \\ClD ) Validate:
* Authd - h( SIDsDICim\\CID )
=
1 - Gene rate:
Avthie = h( SIPaDlDi \\T3\\CIP )

re-
Generate : TF* {
Computes:
rj

CSP'MtD = h{V! Di \\ MiDi\\CX )

Validate:
Author =

SIDZt = Ek ( UIDl , Mim, CSFljtDi , TF*eq )

7 h( SIDSnIDl \\ \\OlD )

{ Z , AtitherTi }
Z = SID* . © MIDi
Compute Authr. = h { SIDVi * || A/fpi ||i/T ||T, ||
1 „: )
1
lP
Store : SID CSP TF
Else Register Mobile Device

Check : T5 - T4 = AT
Decode: SID* ( - Z © AJ/ £>,
Verily:

Fig. 5: Proposed Authentication Scheme.

rna

SIDSD
• G3: SDi | ≡ C ←→ i SDi • M4 : C → Ui : Z :< SIDu∗ >MIDi , Authc , T4
SIDSDi
• G4: SDi | ≡ C| ≡ C ←→ SDi Part second: Following assumptions are made for the analysis
SIDSDi
• G5: C| ≡ SDi ←→ C of proposed protocol using BAN logic:
SIDSD
• G6: C| ≡ SDi | ≡ SDi ←→ i C
SID
• G7: Ui | ≡ C ←→U Ui • Asmpt1: Ui | ≡ #(Un )
•
SID
G8: Ui | ≡ C| ≡ C ←→U Ui • Asmpt2: C| ≡ #(SIDu )
Asmpt3:
Jou

• SDi | ≡ #(Authdc )
To attain the security analysis of the proposed protocol • Asmpt4: C| ≡ SDi ⇒ (Authd )
with respect to the highlighted goals, BAN logic splits the • Asmpt5: C| ≡ Ui ⇒ SIDu
security analysis into three parts. The first part shows the • Asmpt6: SDi | ≡ C ⇒ Authdc
protocol idealized form, which is proved in the third part, • Asmpt7: Ui | ≡ C ⇒ SIDu
whereas the second part make use of the assumptions used to
analyze the proposed protocol. Part third: Idealized form analysis of the protocol, based
on BAN logic assumptions alongwith rules are described as
Part first: The idealized form for the proposed protocol has under:
been discussed as follows: M1 : Ui → C: Authu , SIDu :< U IDi , MIDi , Cn >Kuc
, Up < Un >MIDi , T1 is timestamp of Ui
Following can be achieved by utilizing the seeing rule:
• M1 : Ui → C: Authu , SIDu :< U IDi , MIDi , Cn >Kuc
, Up < Un >MIDi , T1
• M2 : C → SDi : Authd , T2 • X1: C C Authu , SIDu :< U IDi , MIDi , Cn >Kuc , Up <
• M3 : SDi → C: Authdc , T3 Un >MIDi , T1
 Journal Pre-proof
9

Based on X1 and the message-meaning rule, following is Jurisdiction rule used with X21, results in
obtained: • X22: Ui | ≡ SIDu
• X2: C| ≡ Ui | ∼ Un Session key (Sk) rule, results in following
Using X2 and Freshness-conjuncatenation rule, we get •
SID
X23: Ui | ≡ C ←→u Ui (Goal 7)
• X3: C| ≡ Ui | ≡ Un
Finally the nonce-verification rule results in the following to
Consuming jurisdiction rule of Ban logic and X3, we acquire achieve goal 8

of
• X4:C| ≡ Un SID
• X24: Ui | ≡ C| ≡ C ←→u Ui (Goal 8)
Session key (Sk) rule of Ban logic and X4, yields Subsequently, through BAN logic we have verified that Ui ,
SID
• X5: C| ≡ Ui ←→u C (Goal 1) C and SDi mutually authenticates each other successfully and
The goal 2 defined above is achieved by utilizing BAN logic’s firmly concludes the session key agreement.
nonce-verification rule

pro
SIDu
• X6: C| ≡ Ui | ≡ Ui ←→ C (Goal 2) B. Formal Security Analysis using ProVerif
M2 : C → SDi : Authd , T2 . Where T2 is the stimestamp of C Founded on the applied calculus, to assess the
Now after using seeing rule, we get authentication protocols security, ProVerif make use of
• X7: SDi C Authd , T2 the automated reasoning. ProVerif generally is used to
By utilizing X7 and message-meaning rule, we perceive prove the security, observational equivalence reachability,
• X8: SDi | ≡ C| ∼ SIDu and correspondence. Cryptographic primitive operations like
Freshness-conjuncatenation rule and X8 are used to attain digital signatures, MAC, elliptic curve operations, hash, and
encryption/decryption are provisioned by ProVerif [32], [33].
• X9: SDi | ≡ C| ≡ SIDu

• X10:SDi | ≡ SIDu
re-
BAN logic’s Jurisdiction rule alongside X9 results in

Furthermore, using session key (Sk) rule and X10, following

The proposed protocol as highlighted in Section III and
presented in Figures 3, 4, and 5 are simulated in ProVerif as
shown in Fig.6. It is composed of three stages for the formal
security validation: 1) Declaration (Fig. 6A), which asserts
is obtained the names, constants, cryptographic functions, and variables
SIDSD
• X11: SDi | ≡ C ←→ i SDi (Goal 3) 2) Process (Fig. 6B), that defines the processes for user,
controller and smart devices and 3) Main (Fig. 6A), which
Moreover, nonce-verification rule and X11 yields
lP
SIDSD mimics the actual protocol.
• X12: SDi | ≡ C| ≡ C ←→ i SDi . (Goal 4)
M3 : SDi → C: Authdc , where T3 is timestamp of SDi Three processes are simulated parallel, together with five
Following is attained by using the seeing-rule events to validate the three processes reachability properties.
• X13: C C Authdc , T3 Lastly, implementation of four queries are completed, whose
Utilizing X13 and BAN logic’s message-meaning, we get results are depicted in Fig. 6D. It can be seen from the above
results 1, 2, 3 and 4 that proposed protocols processes (four)
rna

• X14: C| ≡ SDi | ∼ Authdc

successfully, initiated and terminated. Finally, from result 5,
Freshness-conjuncatenation rule and X14 of BAN logic results it can be concluded that the session identity SIDui is secure
in from any adversary attack. Hence, correctness is achieved by
• X15: C| ≡ SDi | ≡ Authdc proposed protocol and provides user secrecy.
Thereafter, using BAN logic assumption rule along with X15
and jurisdiction rule yields V. I NFORMAL S ECURITY A NALYSIS OF THE P ROPOSED
• X16:C| ≡ Authdc M ECHANISM
Hereinafter by applying session-key (Sk) rule and X16, we In this section, we will focus on proving that our proposed
Jou

attain scheme can guarantee several critical security requirements,

SIDSD
• X17: C| ≡ SDi ←→ i C (Goal 5) for instance mutual authentication, anonymity, secure key
Further, after using nonce-verification rule, we get exchange, privacy protection, and replay attack etc. which are
SIDSD significantly important in SDN based smart homes.
• X18: C| ≡ SDi | ≡ SDi ←→ i C (Goal 6)
M4 : C → Ui : Z :< SIDu∗ >MIDi , Authc , T4 , where T4 is
A. SA-I 1: Mutual Authentication
timestamp of C
Once again using the seeing rule, we get Controller authenticates user by means of parameters like
• X19: Ui C Z :< SIDu >MID , Authc , T4
∗ SIDui and Authu . The controller aborts the authentication
i
process, in case any parameter is invalid. Alternatively,
Thereafter, utilizing message-meaning rule and X19, we obtain
the user mutually authenticates the controller through
• X20: Ui | ≡ C| ∼ SIDu
parameters such as SIDu∗ i and Authc . The security of
BAN logic, Freshness-conjuncatenation rule along with X20 mutual authentication is based on Authu , SIDui and Authc ,
yields where Authu = h(SIDui ||Up ||kuc ||T1 ||Un ||T Fseq ),
• X21: Ui | ≡ C| ≡ SIDu SIDui = Ekuc (UID i , MID i , CSPMID i , T Fseq ),
 Journal Pre-proof
10

of
pro
(A) Declarations
re-
lP
rna

(B) Main

(C) Processes
Jou

(D) Results

Fig. 6: ProVerif Simulation Code.

 Journal Pre-proof
TABLE 3: Proposed Scheme Computation Cost
Participants User Controller
Computation Complexity 2TH 4TH + 2TSE
Computation Time 2*0.011 = 0.022ms 4*0.0092 = 0.0368ms
2*0.0184 = 0.0368ms
0.0368 + 0.0368 =
0.0736ms
Total Computation Time
of
0.022 + 0.0736 + 0.03 = 0.1256 ms
SIDu∗ i = ∗
Ekuc (UID i , MID i , CSPM ID i
∗
, T Fseq ) and
∗
Authc = h(SIDui ||MID i ||Un ||T4 ||Kuc ) where kuc is the
shared secret (long term) only known by Controller and User,
pro
CSPMID i = h(UID i ||MID i ||Cn ), and Up = Un ⊕ MID i are
computed with nonce Cn and Un respectively. Furthermore,
the parameter T Fseq is known by user and controller and is
being changed in every session therefore, can be considered
as a challenge parameter for mutual authentication.
B. SA-I 2: Anonymity
Anonymity is strongly achieved in the proposed protocol.
re-
In the registration phase, the user registers with controller
and send its identity binded with mobile through a secure
channel, UID i , MID i . In the next phase, i.e., login and
authentication, message M1 = {Authu , SIDui , Up , T1 } is
sent to the controller. If an adversary intercept the message
M1 and gets Up , still it is unable to identify the user, as
the parameter Authu is the output of a h() which include
lP
random parameters like T Fseq , Un , Up . Furthermore, SIDui
is encrypted using the pre shared secret key Kuc .
Thus, an adversary cannot reveal the RFID tags actual
identity, hence achieving anonymity for the proposed protocol.
C. SA-I 3: Key Exchange
rna
In our proposed mutual authentication scheme (ALAM),
controller generates the long term secret key kuc and then
through a secure channel distribute it to user. The key kuc , is
further used as a parameter in h(), both by user and controller
to ensure integrity, and privacy of data.
D. SA-I 4: Privacy Protection against Eavesdropping
The proposed scheme, ALAM preserve the SIDui , which
Jou
is encrypted with the shared secret kuc and is used in combi-
nation with the Authu for authentication requests. Moreover,
the parameters transmitted between the user and controller
are used only once. Therefore, privacy protection against
eavesdropping [22] is achieved through the proposed scheme.
E. SA-I 5: Replay Attacks
As user and controller only have the knowledge of
T Fseq , and gets modify in every session, therefore it can
be considered as challenge for mutual authentication and
replay attack. Moreover, the parameters Up and CSPMID i are
computed with nonce Un and Cn respectively and the
request message M1 is not allowed to sent more then
once. Therefore, if the adversary intercept the request
11
Smart device
2TH
2*0.015 = 0.03 ms
message and replay it, the controller can comprehend that
h(SIDui ||Up ||kuc ||T1 ||Un ||T Fseq ) and session identity of
the user will not match Authu and SIDui respectively.
These nonces proves to thwart from the replay attacks.
Furthermore, the pseudo-random function h() are considered,
which produces identical output like random functions.
Apropos, the probability of yielding same outputs with the
known parameters like Up , T ∗ , and encrypted SIDui , without
pseudo-random function is trivial.
VI. P ERFORMANCE E VALUATION AND C OMPARATIVE
A NALYSIS
This section highlights the proposed scheme computation
performance and expresses that our privacy preserving
protocol is proficient for SDN enabled smart homes,
consequently it can prove useful for various IoT services and
applications. We show that our proposed privacy preservation
mechanism is much viable for the SDN enabled smart
home. Apropos, to comprehend anonymity in proposed
scheme, a number of cryptographic primitives, as used in
[24], [34] are simulated using JCE and Java Pairing-Based
Cryptography Library (JPBC) to assess the cryptographic
operations execution time of the proposed scheme.
The simulation is conducted on HTC One X with 1.5
GHz Max Turbo Frequency (users mobile device), an ASUS
GR8-R047R with Intel Core i7-4510U and 3.1 GHz Max
Turbo Frequency (controller and gateway) and a sensor
board MSB-430 with the micro-controller (T1 MSP430) and
TMP36 the temperature sensor (IoT smart device) as a test
bed. Contrary to other cryptographic operations, one-way
hash-functions cause less execution time and symmetric key
encryption is equal to two time hash function as cited in [28],
hence prompt validation is done in our privacy preserving
SDN enabled smart home.
Now, grounding on the simulation outcomes, we noted that
the average transmission time between user mobile device and
controller is 18.96 ms whereas it is 10.62 ms between smart
devices and controller. Furthermore, it is also observed that the
one-way hash operations consumed 0.015, 0.011, and 0.0092
ms on smart device, user mobile and controller respectively.
During authentication phase of the proposed scheme, the
computation cost is noted to be 0.1256ms as shown in Table
3.
We have done the comparative analysis of the proposed
authentication mechanism with several other schemes, and
 Journal Pre-proof
TABLE 4: Comparative Analysis of Proposed Scheme w.r.t. Computation Cost
Related Work Computation Complexity Computation Time
Proposed Protocol 8TH+ 2TSE 0.1256ms
PrivHome [24] 10TH + 2TSE 0.1468ms
LAAP Gope [35] 16TH 0.1932ms
LAM-CIoT [36] 34TH + 1TFE 0.3911ms
of
Note: 1TH=0.011ms, 1TSE=0.184ms, 1TFE(fuzzy extractor function) =
0.0171ms
found our mechanism have less computation complexity and
pro
time. As stated above in the analysis of proposed mechanism,
the user mobile device consumed 2Th, the controller rendered
4Th + 2TSE, and the smart device requires 2Th, thus the total
computation cost of the proposed mechanism comes out to
be 8TH + 2TSE. Table 4, shows the computation complexity
and cost analysis of different authentication protocols. The
protocol presented in [24] incurs 10Th+2TSE making total
computation cost 0.1468ms. Similarly, the protocol presented
in [35] have complexity of 16Th with total computation cost
re-
of 0.1932ms. Furthermore, the protocol presented in [36] have
a total of 34Th+1TFE complexity and computation cost of
0.391ms. However, our proposed protocol has computation
complexity of 8th+2TSE with total computation cost of only
0.1236ms, thus making it less computation greedy then the
others [24], [35], [36]. Moreover, the proposed protocol is
also resistance against the attacks mentioned in section II-B.
lP
VII. C ONCLUSION
In this article, we highlighted an important aspect of smart
ecosystem i.e. security, which was neglected by market giants
and researchers. Most of the attacks in the smart ecosystem
are carried out owing to no or weak authentication. Due to the
rna
negligence of this important aspect, users trust in leveraging
smart systems was questioning. We, therefore introduced an
SDN based smart secure home system, where processing
complexities are shifted from resource constrained devices
to centralized controller. We, first introduced a new security
architecture for SDN enabled smart home. Subsequently, we
proposed a privacy preserving anonymous lightweight authen-
tication mechanism (ALAM) with two different scenarios.
Jou
Further to show that our proposed scheme is secure, we did
the informal and formal analysis of the proposed scheme
through BAN logic and ProVerif tool. Evaluation show that our
proposed scheme is secure and feasible for resource-limited
devices in IoT. This scheme can therefore be used in many
smart system applications. During this research we found two
important areas which we intend to work upon in the future
i.e. incorporate single sign-on (SSO) feature in the centralized
SDN controller and evaluate its proficiency in smart homes
for heterogeneous networks. Furthermore, privacy is another
burning issue that needs to be fused in any security solution
for smart ecosystem. We, therefore intend to work on the
searchable encrypted queries based solution for smart homes
using SDN, in order to cater for the privacy attacks and user
profiling.
12
R EFERENCES
[1] G. Inc. (2018) worlds well known trusted advisor in it. [Online].
Available: https://www.gartner.com/en/newsroom/press-releases/2018-
11-07-gartner-identifies-top-10-strategic-iot-technologies-and-trends
[2] H. Lu, D. Wang, Y. Li, J. Li, X. Li, H. Kim, S. Serikawa, and I. Humar,
“Conet: A cognitive ocean network,” IEEE Wireless Communications,
vol. 26, no. 3, pp. 90–96, 2019.
[3] Y. Zhang, Y. Li, R. Wang, M. S. Hossain, and H. Lu, “Multi-aspect aware
session-based recommendation for intelligent transportation services,”
IEEE Transactions on Intelligent Transportation Systems, 2020.
[4] H. Lu, Y. Zhang, Y. Li, C. Jiang, and H. Abbas, “User-oriented virtual
mobile network resource management for vehicle communications,”
IEEE Transactions on Intelligent Transportation Systems, pp. 1–12,
2020.
[5] A. Meola. (2016) How the internet of things
will affect security & privacy. [Online]. Avail-
able: https://www.businessinsider.com/iot-ecosystem-internet-of-things-
forecasts-and-business-opportunities-2016-4-28
[6] J. Steinberg, “These devices may be spying on you (even in your own
home),” Forbes. Retrieved 27 May 2014, 2014.
[7] H. Fortify, “Internet of things security study: Smartwatches,” 2015.
[8] D. Storm, “Hackers exploit scada holes to take full control of critical
infrastructure,” Computerworld, vol. 15, 2014.
[9] C. Wilson, T. Hargreaves, and R. Hauxwell-Baldwin, “Benefits and risks
of smart home technologies,” Energy Policy, vol. 103, pp. 72–83, 2017.
[10] A. Brush, M. Hazas, and J. Albrecht, “Smart homes: Undeniable reality
or always just around the corner?” IEEE Pervasive Computing, vol. 17,
no. 1, pp. 82–86, 2018.
[11] J. Manyika, M. Chui, P. Bisson, J. Woetzel, R. Dobbs, J. Bughin, and
D. Aharon, “Unlocking the potential of the internet of things,” McKinsey
Global Institute, 2015.
[12] x0rz. (2016) Luabot: Malware targeting cable modems.
[Online]. Available: https://medium.com/@x0rz/interview-with-the-
luabot-malware-author-731b0646fc8f
[13] M. Antonakakis, T. April, M. Bailey, M. Bernhard, E. Bursztein,
J. Cochran, Z. Durumeric, J. A. Halderman, L. Invernizzi, M. Kallitsis
et al., “Understanding the mirai botnet,” in 26th {USENIX} Security
Symposium ({USENIX} Security 17), 2017, pp. 1093–1110.
[14] N. Apthorpe, D. Reisman, S. Sundaresan, A. Narayanan, and N. Feam-
ster, “Spying on the smart home: Privacy attacks and defenses on
encrypted iot traffic,” arXiv preprint arXiv:1708.05044, 2017.
[15] O. Williams-Grut. (2018) Hackers once stole a casinos high-
roller database through a thermometer in the lobby fish tank.
[Online]. Available: https://www.businessinsider.com/hackers-stole-a-
casinos-database-through-a-thermometer-in-the-lobby-fish-tank-2018-4
[16] T. Yu, V. Sekar, S. Seshan, Y. Agarwal, and C. Xu, “Handling a trillion
(unfixable) flaws on a billion devices: Rethinking network security for
the internet-of-things,” in Proceedings of the 14th ACM Workshop on
Hot Topics in Networks, 2015, pp. 1–7.
[17] S. K. Tayyaba, M. A. Shah, O. A. Khan, and A. W. Ahmed, “Software
defined network sdn based internet of things iot a road ahead,” in
Proceedings of the International Conference on Future Networks and
Distributed Systems. ACM, 2017, p. 15.
[18] A. Mosenia and N. K. Jha, “A comprehensive study of security of
internet-of-things,” IEEE Transactions on Emerging Topics in Comput-
ing, vol. 5, no. 4, pp. 586–602, 2016.
[19] P. Sanchez, R. Lopez, and A. Skarmeta, “Panatiki: A network access
control implementation based on pana for iot devices,” Sensors, vol. 13,
no. 11, pp. 14 888–14 917, 2013.
[20] S. Sezer, S. Scott-Hayward, P. K. Chouhan, B. Fraser, D. Lake,
J. Finnegan, N. Viljoen, M. Miller, and N. Rao, “Are we ready for
sdn? implementation challenges for software-defined networks,” IEEE
Communications Magazine, vol. 51, no. 7, pp. 36–43, 2013.
[21] B. A. Nunes, M. A. S. Santos, B. T. De Oliveira, C. B. Margi,
K. Obraczka, and T. Turletti, “Software-defined networking enabled
capacity sharing in user centric networks,” 2014.
[22] P. Gope, “Enhanced secure mutual authentication and key agreement
scheme with user anonymity in ubiquitous global mobility networks,”
Journal of Information Security and Applications, vol. 35, pp. 160–167,
2017.
[23] K. Mansoor, A. Ghani, S. A. Chaudhry, S. Shamshirband, S. A. K.
Ghayyur, and A. Mosavi, “Securing iot-based rfid systems: A robust
authentication protocol using symmetric cryptography,” Sensors, vol. 19,
no. 21, p. 4752, 2019.
 Journal Pre-proof
13

[24] G. S. Poh, P. Gope, and J. Ning, “Privhome: Privacy-preserving authen-

ticated communication in smart home environment,” IEEE Transactions
on Dependable and Secure Computing, 2019.
[25] F. Wu, L. Xu, S. Kumari, X. Li, A. K. Das, and J. Shen, “A lightweight
and anonymous rfid tag authentication protocol with cloud assistance
for e-healthcare applications,” Journal of Ambient Intelligence and
Humanized Computing, vol. 9, no. 4, pp. 919–930, 2018.
[26] J. Wessels and C. F. BV, “Application of ban-logic,” CMG FINANCE
BV, vol. 19, pp. 1–23, 2001.

of
[27] B. Blanchet, “Automatic verification of security protocols in the sym-
bolic model: The verifier proverif,” in Foundations of Security Analysis
and Design VII. Springer, 2013, pp. 54–87.
[28] T. Kyntaja, “A logic of authentication by burrows, abadi and needham,”
Science Helsinki University of Technology, Tehran. http://www. tml. tkk.
fi/Opinnot/Tik-110.501/1995/ban. html, 1995.
[29] H. Asgari, S. Haines, and O. Rysavy, “Identification of threats and

pro
security risk assessments for recursive internet architecture,” IEEE
Systems Journal, vol. 12, no. 3, pp. 2437–2448, 2017.
[30] H. Tan, M. Ma, H. Labiod, A. Boudguiga, J. Zhang, and P. H. J.
Chong, “A secure and authenticated key management protocol (sa-kmp)
for vehicular networks,” IEEE Transactions on Vehicular Technology,
vol. 65, no. 12, pp. 9570–9584, 2016.
[31] S. A. Chaudhry, I. L. Kim, S. Rho, M. S. Farash, and T. Shon, “An
improved anonymous authentication scheme for distributed mobile cloud
computing services,” Cluster Computing, vol. 22, no. 1, pp. 1595–1609,
2019.
[32] B. Blanchet et al., “Modeling and verifying security protocols with the

re-
applied pi calculus and proverif,” Foundations and Trends® in Privacy
and Security, vol. 1, no. 1-2, pp. 1–135, 2016.
[33] A. Lumini and L. Nanni, “An improved biohashing for human authen-
tication,” Pattern recognition, vol. 40, no. 3, pp. 1057–1065, 2007.
[34] S. A. Chaudhry, H. Naqvi, M. S. Farash, T. Shon, and M. Sher, “An
improved and robust biometrics-based three factor authentication scheme
for multiserver environments,” The Journal of Supercomputing, vol. 74,
no. 8, pp. 3504–3520, 2018.
[35] P. Gope, “Laap: Lightweight anonymous authentication protocol for d2d-
aided fog computing paradigm,” computers & security, vol. 86, pp. 223–
lP
237, 2019.
[36] M. Wazid, A. K. Das, V. Bhat, and A. V. Vasilakos, “Lam-ciot:
Lightweight authentication mechanism in cloud-based iot environment,”
Journal of Network and Computer Applications, vol. 150, p. 102496,
2020.
rna
Jou
 Authors Biography
Journal Pre-proof

of
Ammar did Telecommunicatonn Engineering from the Natonal Univernity of Science and
Technology, Pakintan in 2012 and Mantern in Computer Science (MCS) from Virtual Univernity of
Pakintan in 2019. He holdn multple technical certicatonn from Micronof, Cinco, and Huawei
including MOS(Accenn), CCENT, HCNP(R\&S), and HCNA(Security). Hin area of interent includen digital

pro
forennicn, pen-tentng and decentralized applicatonn. Currently, he in doing Mantern in Informaton
Security from the Natonal Univernity of Science and Technology.

re-
Imran Makhdoom (Member, IEEE) received the manter’n degree in informaton necurity from the
Natonal Univernity of Sciencen and Technology, Pakintan, in 2015, and the Ph.D. degree from the
lP
%Univernity of Technology Sydney, in 2020. He wan a Food Agility Scholar, from 2019 to 2020. He in
currently a Pontdoctoral Renearcher with the Univernity of Technology Sydney. He han publinhed
numeroun papern in nome of the prentgioun journaln and conferencen. Hin renearch interentn include
blockchain, the Internet of Thingn, dintributed connennun, networkn, and computer necurity. He han
made a valuable contributon to data necurity and privacy in the Food Tech/Agri Tech.
rna
Jou

Dr. Waneem Iqbal han received hin PhD degree from Natonal Univernity of Sciencen and Technology
(NUST) in 2021. Currently he in working an Annociate Profennor at the Department of Informaton
Secyrity, NUST. He han authored over 65 ncientic renearch artclen in prentgioun internatonal
journaln (ISI-Indexed) like IoTJ, FGCS, Syntemn Journal, MTAP, IEEE Sennorn, ACM Computng Surveyn,
and IEEE Comm Surveyn & Tutorialn, etc., %along with reputed conferencen like ICC etc. Dr. Waneem
in currently nupervining 3 x PhD, Co-Supervining 2 x PhD, 7 MS ntudentn (19 ntudentn have already
panned out), and 15 UG projectn. He han won 10 funded projectn an Principal and Co-Principal
inventgator from Induntry, NUST Def RnD, and Eranmun+,.
 Journal Pre-proof

Dr. Awain did hin Pontdoc in Computer Science from Univernità degli Studi di Milano, Italy. He
completed hin PhD degree in Computer Science and Engineering from Kyungpook Natonal

of
Univernity, Daegu, Korea and Mantern in Computer Science from Bahria Univernity, Inlamabad. He in
SMIEEE and guent editor for varioun IEEE, Springer, and Elnevier journaln.

pro
re-
Mr. Asad Raza did his M.S from KTH Royal Institute of Technology in Information &
Communication Systems Security and his B.S from University of Engineering & Technology;
in Software Engineering. Currently he is senior lecturer in New Jersey Institute of
Technology and his Phd is in progress from University of Dakota-USA.
lP
rna
Jou
 Journal Pre-proof

Declaratio if ioterettt

☒ The authors declare that they have no known competng fnancial interests or personal relatonships
that could have appeared to infuence the work reported in this paper.

of
☐The authors declare the following fnancial interestsppersonal relatonships which may be considered
as potental competng interests:

pro
re-
lP
rna
Jou