Professional Documents
Culture Documents
Waseem Iqbal, Haider Abbas, Pan Deng, Jiafu Wan, Bilal Rauf,
Yawar Abbas, Imran Rashid
PII: S1084-8045(23)00091-7
DOI: https://doi.org/10.1016/j.jnca.2023.103672
Reference: YJNCA 103672
Please cite this article as: W. Iqbal, H. Abbas, P. Deng et al., ALAM: Anonymous lightweight
authentication mechanism for SDN enabled smart homes. Journal of Network and Computer
Applications (2023), doi: https://doi.org/10.1016/j.jnca.2023.103672.
This is a PDF file of an article that has undergone enhancements after acceptance, such as the
addition of a cover page and metadata, and formatting for readability, but it is not yet the definitive
version of record. This version will undergo additional copyediting, typesetting and review before it
is published in its final form, but we are providing this version to give early visibility of the article.
Please note that, during the production process, errors may be discovered which could affect the
content, and all legal disclaimers that apply to the journal pertain.
of
Abstract—The smart connected devices are the first choice of 60,000 vulnerabilities were found by two Russian security
the cyber criminals for spreading spy wares and different security researchers that can gain complete control of compromised
pro
attacks. The current security standards and protocols for IoT systems [8].
have failed in providing security to these devices. In addition,
IoT market giants are producing non-secure smart products in Smart home or home automation system, is the combination
order to grab the open market. Furthermore, low resources of IoT of connected devices and software that can control and
devices, limits the traditional host-based protection solutions like automate the devices. Apart from smart phones and
anti-virus, IDS, IPS, etc. To overcome the resource constraintness computers; doorbells, clocks, lights, pacemakers, speakers,
and security barriers of smart devices, a network level security windows, cameras, heaters, cooking kits, and many other
architecture based on lightweight cryptographic parameters is
required. Software Defined Networking (SDN) is a new network- home appliances can be hooked up with internet [9].
ing paradigm to overcome the control, management and security These gadgets can communicate with each other, transmit
issues in traditional networking. The SDN controller handles all information to user, and even process user instructions [10].
re-
the computation and complexities at the network level, rather
than smart devices. In this research, we first present a new
privacy-preserving security architecture for SDN based smart
homes. Subsequently, an anonymous lightweight authentication
mechanism (ALAM) is designed based on the proposed security
The ”smartness”’ of the device can be ascertain by the
magnitude of its capability to observe, learn, and change
its behavior instinctively or with little effort of smart home
residents.
architecture core foundations. Furthermore, the security char-
acteristics of the proposed protocol are formally analyzed using Smart home IoT, has turned into multi-billion-dollar in-
Burrows Abadi-Needham (BAN) Logic and ProVerif, followed by dustry and has created contemporary gold hassle among the
lP
informal security analysis. Lastly, performance evaluation and
comparative analysis of the scheme is carried out. established and new companies. To grasp the newly residen-
tial IoT market, companies are producing devices in a dart,
Index terms— Authentication, Smart home, IoT, SDN-IoT, without incorporating security practices. Hence the number of
Lightweight Cryptography vulnerable IoT devices are exponentially numbing [11]. Main
functionalities of the smart home devices are roughly same
I. I NTRODUCTION but based on specific devices, the explicit feature can differ
According to Gartner by 2020, 25 billion devices will be e.g smart window blinds and home assistant may be Linux
rna
connected to the internet and will have the ability to analyze based nodes but the services each offer, are quiet different.
user data, and make smart decisions in an autonomous way Furthermore, these devices encounter challenges due to the
[1]. Smarter systems are the products envisioned due to the limited resources i.e. storage, computation power, etc. Such
rapid progress of IoT like smart home, e-healthcare, wearable heterogeneity and low constraints of the devices, makes the
and much more [2]–[4]. More than 85% of the organizations analysis much harder and further escalate the insecurities
will be leveraging IoT devices in different ways according to of the smart home. This situation gets creepy when few
[5] and about 90% of these enterprises are not certain about vendors, explicitly place service backdoors in their devices,
smart devices security. As, authors in [6] state that many which are manipulated by botnets [12]. Furthermore, these
Jou
smart home devices can spy inhabitants in their own homes. wild vulnerabilities are targeted by naive criminal groups for
It is also discovered in a study carried out by HP [7] that launching distributed denial-of-service (DDoS) attacks [13].
70% of the IoT devices are susceptible to various attacks Moreover, routine schedules or habits of the smart home
when connected to the internet. Attacks on industrial systems resident can be deduced by passively snooping over the raw
are a reality and is just not a threat anymore as more than data whilst transmission between smart nodes and routers e.g.,
switching off the light may imply that a user have left home
Waseem Iqbal and Haider Abbas are with Department of Information [6]. Furthermore, active attacker can get private information
Security, National University of Sciences and Technology (NUST), Islamabad
44000, Pakistan (e-mail: waseem.iqbal, haider@mcs.edu.pk) from smart nodes by pretending as legal user [14]. In addition,
Pan Deng is with the Research Institute for Frontier Science, Beihang the operations of IoT smart applications are severely impacted
University, Beijing, China (e-mail:pan deng168@163.com) by certain security problems that includes eminent attacks [13],
Jiafu Wan is with the School of Mechanical & Automotive Engi-
neering, South China University of Technology, Guangzhou, China (e- manipulation of devices on large scale, and attention-grabbing
mail:jiafuwan 76@163.com) news about device hacking [15].
Bilal Rauf, Yawar Abbas and Imran Rashid are with Department of Infor-
mation Security, National University of Sciences and Technology (NUST),
Islamabad 44000, Pakistan (e-mail: bilalrauf, yawar, irashid@mcs.edu.pk) The connected devices are increasing immensely in this
*Corresponding author: Jaifu Wan (jiafuwan 76@163.com) technological era. Due to the weak embedded security and
Journal Pre-proof
2
Applications
Application Layer
Controllers
of
SDN Paradigm
Control Layer
OpenFLow Protocol
pro
Infrastructure/Data
Layer
Communication Mediums
IoT Application
re-
Fig. 1: SDN-IoT Network Architecture.
lP
lack of standard architecture, it will always be the first choice flow entries, reactively (response) and proactively (predefined
of the cyber criminals. These smart gadgets are used to spread rules). Furthermore, SDN facilitates quick reaction to threats,
spy wares and to launch DDoS attacks. It is evident from the filtering traffic with granularity, and dynamic deployment of
attacks carried out on these devices that the current security security policies. One of the core feature of SDN is to set up
standards and protocols for IoT have failed in providing security policy rules to network device through the OpenFlow
security to IoT devices [129]. In addition, IoT market giants, protocol. The controller foster a global network view by
rna
in order to grab the open market are producing the smart maintaining connection with the OpenFlow switches [19]–
products without paying due attention to the security. Due [21].
to this quandary and the resource constraining IoT devices,
the traditional host-based protection solutions like anti-virus, A. Problem Area and Research Motivation
IDS, IPS etc, cannot be used for low power smart devices.
Therefore, a novel, adaptive, and worthy security systems Smart home users face serious privacy concerns due to
is required to tackle the current situation which should the custom unauthenticated smart devices and plain text au-
be proactive in nature providing baseline security to end thentication. Furthermore, in traditional smart homes excess
users, network, applications, data and devices. Apropos, to of confidential information is collected and processed by
Jou
overcome the limiting resources of smart devices, SDN based gateways, causing privacy issues, hence security and privacy is
network level security architecture is proposed by authors in anticipated for such information. In addition, the user of smart
[16]. homes may use diverse end devices for accessing the services,
this may also cause privacy issues. Therefore, a lightweight
secure authentication protocol is required for resource con-
Software Defined Network (SDN) is considered a rev- straint devices which will authenticate every smart home user
olutionary network technology that supports heterogeneous and device per session. This will in turn increase the secure
networking with swift evolution and dynamism using pro- authentication request operations. In conventional smart home
grammable planes. It hides the complexities of traditional devices/hubs, the computational power to entertain alleviated
networking from the end users i.e., separating the data plane authentication requests and processing cryptographic functions
from control plane [17]. The SDN and IoT integration meet are not well addressed, due to limited resources. Therefore, to
the expectation of control and management in varied scenarios overcome this issue, the centralized controller may help in
[18] as shown in Fig. 1.The control and data planes are decou- computing and scrutinizing each secure authentication request
pled and intelligence of the network is logically centralized in at the network level rather than device level by hosting a
SDN paradigm. The controller can add, delete, and modify the secure lightweight authentication module at controller. Even
Journal Pre-proof
3
though the authentication working out will shift to SDN higher latency, degrading the performance of the system.
controller, it will not cause performance bottleneck, owing Likewise, low latency is required in many application, such
to the escalating number of requests. Thus, for the said as e-healthcare, etc. Furthermore, the rapid growth of the
reasons, a consolidated security architecture is necessitated to smart devices and applications, an IoT Gateway/Hub can
satisfy. Therefore, benefiting features of SDN must preserve be overloaded drastically. To overcome this issue, a local
the personal and confidential information of smart home users centralized server is required to ofoad the computation
to augment privacy. overhead of the cloud computing/gateways in smart home
of
systems. On the other hand, if a legitimate user, changes
B. Research Contributions: the already registered mobile and then communicate in the
smart home environment, a central server needs to validate
The main contributions of our work are presented threefold. the legitimacy of this user identity, now binded with the new
Foremost, a new smart home security architecture (privacy mobile, through a prompt authentication process. All these
pro
preserving) is introduced, that offer users verification at a imperative features can be provisioned by the SDN enabled
centralized controller (SDN). Subsequently, an anonymous smart home IoT system, which permits user to interact
lightweight authentication mechanism (ALAM) is designed, securely with smart devices without involving a centralized
built on the underlying proposed security architecture, to cloud server.
support different scenarios. In order to accomplish this,
cryptographic lightweight primitives like exclusive-or, Fig. 2 depicts a new security architecture for SDN based
symmetric key, and one way hashes are utilized [22], [23], smart home system where SD represents the smart devices
to offer security for resource constrained IoT devices [24]. and SD G/W depicts smart devices gateway. Controller
Finally, the formal and informal proof of our proposed hosts two modules i.e., Registration Manager Reg M gr and
re-
protocol is presented and performance evaluation is exhibited
in lieu computation cost and privacy. Furthermore, the
viability of the protocol is verified for ascertaining the vital
features of security like mutual authentication, and anonymity,
Authentication Manager Auth M gr, where the former is
responsible for registration of smart devices and users whereas
the later deals with the key generation and handling secure
authentication requests. In this architecture, we present an
etc. Evaluation shows that our proposed scheme is secure authentication mechanism addressing the following scenarios:
and feasible for resource-limited devices in IoT, thus it can (i) firstly, for secure interaction, a legitimate user identity
be utilized in various other smart IoT systems. Furthermore, is cohere with a user smart mobile, which is authenticated
lP
this research can pave way for academicians/researchers, by the controller. (ii) When an authenticated user, changes
and vendors to design more lightweight authentication the smart mobile and then wants to interact with the smart
mechanisms for smart IoT devices. devices, then the controller needs to re-authenticate the user
identity binded with the new smart mobile. Furthermore, the
Rest of the paper is distributed as: A novel security ar- proposed architecture can work, in case the controller needs
chitecture (Fig. 2) for SDN based smart homes is presented updation or any other new application is being installed.
in Section 2, hereinafter, the system model and security re- Various smart applications can benefit from this characteristic
rna
quirements in devising authentication protocol for SDN based of the proposed scheme.
smart home are elaborated. Afterward, Section 3 presents
the authentication protocol highlighting two distinct scenarios.
Section 4 covers the formal analysis of the proposed security
protocol whereas informal security analysis of the protocol is B. Security Requirements and Attacker Model
carried out in Section 5. In Section 6, performance evaluation The vast deployment of Internet, specifically the Internet
of the proposed protocol is carried out, in terms of computation of Things (IoTs), compels the provision of scalability besides
cost and privacy. Finally, Section 7 covers the concluding low latency. Therefore, the concept of SDN is proposed in
remark of the research.
Jou
Reg_Mgr Auth_Mgr
Controller
Reg.DB Auth.DB
1. Registration
of
2
2
2. Authentication
1
1
2. Authentication & Key Distribution
Service Request
Service Granted
pro
User Device
User User G/W SD's G/W
1
1
2
2
re-
SD-1 SD-2 SD-3 SD-4
lP
Fig. 2: Security Architecture for SDN Enabled Smart Home.
Un User Nonce
Auth Authenticator
Resistance to Common Attacks: Replay and de- ∆T Threshold Difference In Time
synchronization attacks should be evaded. H() Hash Function
⊕ Exclusive-OR
Adversarial Model: We take into consideration the adver-
sarial model as stated in [23], where following assumptions
are made in accordance to the competence of the adversary
A: • A can be any malign user of the system or any outsider.
• Identity of the controller is public and known to benign
• The public communication link is in full control of
users.
A, which implies that A can capture, replay, amend,
• The SDN controller and database modules in controller
eliminate and can even direct a newly devised fabricated
are considered to be secure and cannot be compromised
message.
by A i.e., private key of the controller is not accessible
• Shared secret key of the user and controller is completely
to adversary.
secure and cannot be accessed by any adversary.
Journal Pre-proof
5
of
pro
re-
Fig. 3: User to Controller Proposed Registration Scheme.
III. P ROPOSED A NONYMOUS L IGHTWEIGHT the controller and registers the Users and IoT Smart Devices
AUTHENTICATION M ECHANISM (ALAM) FOR SDN of smart home as presented in the following steps:
BASED S MART H OMES
lP
When an authentic user via its registered mobile wants to 1) The user identity UID , is cohere with a mobile phone
use the services of the smart home, it communicates with the identity MID . The ith User UID i along with mobile
SDN controller. To preserve the privacy concern, it is vital MID i identity, request the controller for registration
that the communication must be anonymous. Additionally, through a secure channel.
to achieve stronger security, the smart entities should be
capable to authenticate each other along with inspecting the U ser → Controller:M1 = {UID i , MID i }
rna
User Controller
_
Reg Mgr Keg .DB Auth.DB
of
Select :
Smart Device Identity: SDioi
M iSDio }
4
Controller Identity: CID
Generate : Cm
pro
Compute:
CSPSDlDi = h[ SDlDi \\Cm )
SIDSDIDi = EttASDlDiiCSPsDiDtyCm )
Send : { SlDSDIDi CSPsDIDi }
M 2 { SlD3 DIDrClD }
4 - Store: { SlDSDIDiiCSPsDIDi }
Push :{5/ DsJD7 r, < , CSPsDlDi }
,CSPsDIDi }
re-
Fig. 4: Smart Device to Controller Proposed Registration Scheme.
Store:{ SIDsDIDl
1) Likewise, the ith smart device SDID i request the U ser → Controller: M1 = {Authu , SIDui , Up , T1 }
controller for registration through a secure channel.
lP
A random number Un is generated by the user and computes
SmartDevice → Controller: M1 = {SDID i } Up = Un ⊕ MID i , the user authentication parameter for
controller i.e., Authu = h(SIDui ||Up ||kuc ||T1 ||Un ||T Fseq ),
2) SDN controller generates the controller identifier and then send the saved SIDui along the Authu , Up and
CID, upon receiving the request from SDID i , time stamp T1 to the controller, where SIDui , kuc , Un ,
along with a nonce Cm , and computes the controller h( ) represent the user session identity with the registered
session parameter CSPSDID i = h(SDID i ||Cm ), mobile, session key, user generated random number, and a
rna
for smart devices. Subsequently, the session hash function to validate user, respectively.
identity of smart device SDID i is generated as
SIDSDID i = Ekc (SDID i , CSPSDID i , Cm ), where Controller → SmartDevice: M2 = {Authd , T2 }
SIDSDID i is encrypted with the shared secret Ekc key
stored at controller level. SIDSDID i along with CID
After receiving the message M1 , SDN controller at first
is send to smart device, where it is stored, through
finds the time difference i.e., ∆T . Hereafter computes
the secure channel. All parameters along with Ekc are
Un = Up ⊕ MID i to get MID i . The controller then decrypts
stored in Reg.DB and Auth.DB databases as shown in
SIDui = DK uc (UID i , MID i , CSPMID i , T Fseq ) and match
Fig. 4.
the user identity UID i , mobile identity MID i , controller
Jou
of
(T, U )
Upon receiving the response message M2 , the smart device
< T >U T is combine with Y
checks the ∆T . Next to verify the received Authd , it computes
(T )K Hash of message T using a key K
Authd =? h(SIDSDID i ||T2 ||CID). If the verification is K
successful, subsequently it computes the smart device S ←→ V S and V are using shared key K for
authenticator parameter Authdc = h(SIDSDID i ||T3 ||CID) communication process
pro
and send M3 back to controller. AIDTi Session key SIDi is used one time
in a current section
K
After receiving M3 from smart device, the controller S|≡S ←→V.SC<T >K
Message-Meaning rule
S|≡V |∼T
validates the authenticator parameter and computes S|≡#(T )
Freshness-conjuncatenation rule
Authrecv
dc =? h(SIDSDID i ||T3 ||CID). If the computed S|≡#(T,U )
S|≡#(T ),S|≡V |∼T
value matches the received Authdc , smart device is mutually S|≡V |≡T Nonce-verification rule
S|≡V ⇒T,S|≡V |≡T
authenticated. S|≡T Jurisdiction rule
Case 2: The controller performs the following computation
in two conditions; either the received Authdc from smart
controller session parameter generated against registered A. Formal Security Analysis using BAN Logic
mobile CSPMID i , and the transaction flow sequence number
To evaluate information exchange of protocol, BAN logic
T Fseq , against the saved values in its database. If the
utilizes set of rules to establish, if the exchanged information
user sends authentication request from a new mobile, the
of the protocol is resilient against snooping, is trustful and
verification MID recv =? MID save is unsuccessful and the
i i secure. Through BAN logic, proposed mutual authentication
user is redirected to register the new mobile against its identity.
protocol is checked and verified [28]. Table-II highlights
various rules of BAN logic which includes proofs, idealized
Controller ← U ser: M4 = {Z, Authc , T4 }
form, and assumptions.
In order to examine the proposed protocol security though
After receiving message M4 from controller, the user first
BAN logic, it needs to verify different goals as discussed in
validates ∆T , and then decodes SIDu∗ i = Z ⊕ MID i
[28]. Apropos, following eight diverse goals have been deter-
to get SIDu∗ i for future correspondence. Finally to mutu-
mined based on BAN logic to access the proposed protocol:
ally authenticate the controller, user computes Authc =? SID
h(SIDui ∗ ||MID i ||Un ||T4 ||Kuc ) and if the received Authc • G1: C| ≡ Ui ←→U C
SID
matches the generated Authc , controller is also verified. • G2: C| ≡ Ui | ≡ Ui ←→U C
Journal Pre-proof
8
Generate: Un
Compute :
of
Up = Un ® Mini
Authv. = ft( S/Du ||I7p||fc1M. ||ri | |t?'n ||rF«g )
.
>
Cheek Ti T\ AT
Decode: Un Up © Mr m
pro
Decrypt :
SID = DjCuAUlOi , MlDi ,CSP/JIDt > TFaeq )
Compute and Verify :
Check IF: MJD =7 Mutf
Ca &c 2: Case I : {Au ( /id , r2 }
IF ( TF * =1 TFwnt» ) IF ( TF =1 -
Decode: Un = 17,, © Mj
Validate: Atif /t ,/ 6 =? AntA 0 '® Check T3 - T2 = AT
Compute: Attfft = h{ SlDSDJBl \\T a \\ClD ) Validate:
* Authd - h( SIDsDICim\\CID )
=
1 - Gene rate:
Avthie = h( SIPaDlDi \\T3\\CIP )
re-
Generate : TF* {
Computes:
rj
{ Z , AtitherTi }
Z = SID* . © MIDi
Compute Authr. = h { SIDVi * || A/fpi ||i/T ||T, ||
1 „: )
1
lP
Store : SID CSP TF
Else Register Mobile Device
Check : T5 - T4 = AT
Decode: SID* ( - Z © AJ/ £>,
Verily:
SIDSD
• G3: SDi | ≡ C ←→ i SDi • M4 : C → Ui : Z :< SIDu∗ >MIDi , Authc , T4
SIDSDi
• G4: SDi | ≡ C| ≡ C ←→ SDi Part second: Following assumptions are made for the analysis
SIDSDi
• G5: C| ≡ SDi ←→ C of proposed protocol using BAN logic:
SIDSD
• G6: C| ≡ SDi | ≡ SDi ←→ i C
SID
• G7: Ui | ≡ C ←→U Ui • Asmpt1: Ui | ≡ #(Un )
•
SID
G8: Ui | ≡ C| ≡ C ←→U Ui • Asmpt2: C| ≡ #(SIDu )
Asmpt3:
Jou
• SDi | ≡ #(Authdc )
To attain the security analysis of the proposed protocol • Asmpt4: C| ≡ SDi ⇒ (Authd )
with respect to the highlighted goals, BAN logic splits the • Asmpt5: C| ≡ Ui ⇒ SIDu
security analysis into three parts. The first part shows the • Asmpt6: SDi | ≡ C ⇒ Authdc
protocol idealized form, which is proved in the third part, • Asmpt7: Ui | ≡ C ⇒ SIDu
whereas the second part make use of the assumptions used to
analyze the proposed protocol. Part third: Idealized form analysis of the protocol, based
on BAN logic assumptions alongwith rules are described as
Part first: The idealized form for the proposed protocol has under:
been discussed as follows: M1 : Ui → C: Authu , SIDu :< U IDi , MIDi , Cn >Kuc
, Up < Un >MIDi , T1 is timestamp of Ui
Following can be achieved by utilizing the seeing rule:
• M1 : Ui → C: Authu , SIDu :< U IDi , MIDi , Cn >Kuc
, Up < Un >MIDi , T1
• M2 : C → SDi : Authd , T2 • X1: C C Authu , SIDu :< U IDi , MIDi , Cn >Kuc , Up <
• M3 : SDi → C: Authdc , T3 Un >MIDi , T1
Journal Pre-proof
9
Based on X1 and the message-meaning rule, following is Jurisdiction rule used with X21, results in
obtained: • X22: Ui | ≡ SIDu
• X2: C| ≡ Ui | ∼ Un Session key (Sk) rule, results in following
Using X2 and Freshness-conjuncatenation rule, we get •
SID
X23: Ui | ≡ C ←→u Ui (Goal 7)
• X3: C| ≡ Ui | ≡ Un
Finally the nonce-verification rule results in the following to
Consuming jurisdiction rule of Ban logic and X3, we acquire achieve goal 8
of
• X4:C| ≡ Un SID
• X24: Ui | ≡ C| ≡ C ←→u Ui (Goal 8)
Session key (Sk) rule of Ban logic and X4, yields Subsequently, through BAN logic we have verified that Ui ,
SID
• X5: C| ≡ Ui ←→u C (Goal 1) C and SDi mutually authenticates each other successfully and
The goal 2 defined above is achieved by utilizing BAN logic’s firmly concludes the session key agreement.
nonce-verification rule
pro
SIDu
• X6: C| ≡ Ui | ≡ Ui ←→ C (Goal 2) B. Formal Security Analysis using ProVerif
M2 : C → SDi : Authd , T2 . Where T2 is the stimestamp of C Founded on the applied calculus, to assess the
Now after using seeing rule, we get authentication protocols security, ProVerif make use of
• X7: SDi C Authd , T2 the automated reasoning. ProVerif generally is used to
By utilizing X7 and message-meaning rule, we perceive prove the security, observational equivalence reachability,
• X8: SDi | ≡ C| ∼ SIDu and correspondence. Cryptographic primitive operations like
Freshness-conjuncatenation rule and X8 are used to attain digital signatures, MAC, elliptic curve operations, hash, and
encryption/decryption are provisioned by ProVerif [32], [33].
• X9: SDi | ≡ C| ≡ SIDu
• X10:SDi | ≡ SIDu
re-
BAN logic’s Jurisdiction rule alongside X9 results in
of
pro
(A) Declarations
re-
lP
rna
(B) Main
(C) Processes
Jou
(D) Results
of
0.022 + 0.0736 + 0.03 = 0.1256 ms
SIDu∗ i = ∗
Ekuc (UID i , MID i , CSPM ID i
∗
, T Fseq ) and message and replay it, the controller can comprehend that
∗
Authc = h(SIDui ||MID i ||Un ||T4 ||Kuc ) where kuc is the h(SIDui ||Up ||kuc ||T1 ||Un ||T Fseq ) and session identity of
shared secret (long term) only known by Controller and User, the user will not match Authu and SIDui respectively.
pro
CSPMID i = h(UID i ||MID i ||Cn ), and Up = Un ⊕ MID i are These nonces proves to thwart from the replay attacks.
computed with nonce Cn and Un respectively. Furthermore, Furthermore, the pseudo-random function h() are considered,
the parameter T Fseq is known by user and controller and is which produces identical output like random functions.
being changed in every session therefore, can be considered Apropos, the probability of yielding same outputs with the
as a challenge parameter for mutual authentication. known parameters like Up , T ∗ , and encrypted SIDui , without
pseudo-random function is trivial.
B. SA-I 2: Anonymity
Anonymity is strongly achieved in the proposed protocol.
re-
In the registration phase, the user registers with controller
and send its identity binded with mobile through a secure
channel, UID i , MID i . In the next phase, i.e., login and
authentication, message M1 = {Authu , SIDui , Up , T1 } is
VI. P ERFORMANCE E VALUATION AND C OMPARATIVE
A NALYSIS
This section highlights the proposed scheme computation
performance and expresses that our privacy preserving
sent to the controller. If an adversary intercept the message protocol is proficient for SDN enabled smart homes,
M1 and gets Up , still it is unable to identify the user, as consequently it can prove useful for various IoT services and
the parameter Authu is the output of a h() which include applications. We show that our proposed privacy preservation
lP
random parameters like T Fseq , Un , Up . Furthermore, SIDui mechanism is much viable for the SDN enabled smart
is encrypted using the pre shared secret key Kuc . home. Apropos, to comprehend anonymity in proposed
Thus, an adversary cannot reveal the RFID tags actual scheme, a number of cryptographic primitives, as used in
identity, hence achieving anonymity for the proposed protocol. [24], [34] are simulated using JCE and Java Pairing-Based
Cryptography Library (JPBC) to assess the cryptographic
operations execution time of the proposed scheme.
C. SA-I 3: Key Exchange
rna
In our proposed mutual authentication scheme (ALAM), The simulation is conducted on HTC One X with 1.5
controller generates the long term secret key kuc and then GHz Max Turbo Frequency (users mobile device), an ASUS
through a secure channel distribute it to user. The key kuc , is GR8-R047R with Intel Core i7-4510U and 3.1 GHz Max
further used as a parameter in h(), both by user and controller Turbo Frequency (controller and gateway) and a sensor
to ensure integrity, and privacy of data. board MSB-430 with the micro-controller (T1 MSP430) and
TMP36 the temperature sensor (IoT smart device) as a test
D. SA-I 4: Privacy Protection against Eavesdropping bed. Contrary to other cryptographic operations, one-way
The proposed scheme, ALAM preserve the SIDui , which hash-functions cause less execution time and symmetric key
Jou
is encrypted with the shared secret kuc and is used in combi- encryption is equal to two time hash function as cited in [28],
nation with the Authu for authentication requests. Moreover, hence prompt validation is done in our privacy preserving
the parameters transmitted between the user and controller SDN enabled smart home.
are used only once. Therefore, privacy protection against
eavesdropping [22] is achieved through the proposed scheme. Now, grounding on the simulation outcomes, we noted that
the average transmission time between user mobile device and
controller is 18.96 ms whereas it is 10.62 ms between smart
E. SA-I 5: Replay Attacks devices and controller. Furthermore, it is also observed that the
As user and controller only have the knowledge of one-way hash operations consumed 0.015, 0.011, and 0.0092
T Fseq , and gets modify in every session, therefore it can ms on smart device, user mobile and controller respectively.
be considered as challenge for mutual authentication and During authentication phase of the proposed scheme, the
replay attack. Moreover, the parameters Up and CSPMID i are computation cost is noted to be 0.1256ms as shown in Table
computed with nonce Un and Cn respectively and the 3.
request message M1 is not allowed to sent more then We have done the comparative analysis of the proposed
once. Therefore, if the adversary intercept the request authentication mechanism with several other schemes, and
Journal Pre-proof
12
Proposed Protocol 8TH+ 2TSE 0.1256ms [1] G. Inc. (2018) worlds well known trusted advisor in it. [Online].
Available: https://www.gartner.com/en/newsroom/press-releases/2018-
PrivHome [24] 10TH + 2TSE 0.1468ms 11-07-gartner-identifies-top-10-strategic-iot-technologies-and-trends
LAAP Gope [35] 16TH 0.1932ms [2] H. Lu, D. Wang, Y. Li, J. Li, X. Li, H. Kim, S. Serikawa, and I. Humar,
“Conet: A cognitive ocean network,” IEEE Wireless Communications,
LAM-CIoT [36] 34TH + 1TFE 0.3911ms vol. 26, no. 3, pp. 90–96, 2019.
of
[3] Y. Zhang, Y. Li, R. Wang, M. S. Hossain, and H. Lu, “Multi-aspect aware
Note: 1TH=0.011ms, 1TSE=0.184ms, 1TFE(fuzzy extractor function) = session-based recommendation for intelligent transportation services,”
0.0171ms IEEE Transactions on Intelligent Transportation Systems, 2020.
[4] H. Lu, Y. Zhang, Y. Li, C. Jiang, and H. Abbas, “User-oriented virtual
mobile network resource management for vehicle communications,”
IEEE Transactions on Intelligent Transportation Systems, pp. 1–12,
found our mechanism have less computation complexity and 2020.
pro
time. As stated above in the analysis of proposed mechanism, [5] A. Meola. (2016) How the internet of things
the user mobile device consumed 2Th, the controller rendered will affect security & privacy. [Online]. Avail-
able: https://www.businessinsider.com/iot-ecosystem-internet-of-things-
4Th + 2TSE, and the smart device requires 2Th, thus the total forecasts-and-business-opportunities-2016-4-28
computation cost of the proposed mechanism comes out to [6] J. Steinberg, “These devices may be spying on you (even in your own
be 8TH + 2TSE. Table 4, shows the computation complexity home),” Forbes. Retrieved 27 May 2014, 2014.
[7] H. Fortify, “Internet of things security study: Smartwatches,” 2015.
and cost analysis of different authentication protocols. The [8] D. Storm, “Hackers exploit scada holes to take full control of critical
protocol presented in [24] incurs 10Th+2TSE making total infrastructure,” Computerworld, vol. 15, 2014.
computation cost 0.1468ms. Similarly, the protocol presented [9] C. Wilson, T. Hargreaves, and R. Hauxwell-Baldwin, “Benefits and risks
in [35] have complexity of 16Th with total computation cost of smart home technologies,” Energy Policy, vol. 103, pp. 72–83, 2017.
re-
of 0.1932ms. Furthermore, the protocol presented in [36] have
a total of 34Th+1TFE complexity and computation cost of
0.391ms. However, our proposed protocol has computation
complexity of 8th+2TSE with total computation cost of only
[10] A. Brush, M. Hazas, and J. Albrecht, “Smart homes: Undeniable reality
or always just around the corner?” IEEE Pervasive Computing, vol. 17,
no. 1, pp. 82–86, 2018.
[11] J. Manyika, M. Chui, P. Bisson, J. Woetzel, R. Dobbs, J. Bughin, and
D. Aharon, “Unlocking the potential of the internet of things,” McKinsey
Global Institute, 2015.
0.1236ms, thus making it less computation greedy then the [12] x0rz. (2016) Luabot: Malware targeting cable modems.
others [24], [35], [36]. Moreover, the proposed protocol is [Online]. Available: https://medium.com/@x0rz/interview-with-the-
luabot-malware-author-731b0646fc8f
also resistance against the attacks mentioned in section II-B. [13] M. Antonakakis, T. April, M. Bailey, M. Bernhard, E. Bursztein,
lP
J. Cochran, Z. Durumeric, J. A. Halderman, L. Invernizzi, M. Kallitsis
et al., “Understanding the mirai botnet,” in 26th {USENIX} Security
VII. C ONCLUSION Symposium ({USENIX} Security 17), 2017, pp. 1093–1110.
[14] N. Apthorpe, D. Reisman, S. Sundaresan, A. Narayanan, and N. Feam-
In this article, we highlighted an important aspect of smart ster, “Spying on the smart home: Privacy attacks and defenses on
ecosystem i.e. security, which was neglected by market giants encrypted iot traffic,” arXiv preprint arXiv:1708.05044, 2017.
[15] O. Williams-Grut. (2018) Hackers once stole a casinos high-
and researchers. Most of the attacks in the smart ecosystem roller database through a thermometer in the lobby fish tank.
are carried out owing to no or weak authentication. Due to the
rna
Further to show that our proposed scheme is secure, we did ing, vol. 5, no. 4, pp. 586–602, 2016.
the informal and formal analysis of the proposed scheme [19] P. Sanchez, R. Lopez, and A. Skarmeta, “Panatiki: A network access
through BAN logic and ProVerif tool. Evaluation show that our control implementation based on pana for iot devices,” Sensors, vol. 13,
no. 11, pp. 14 888–14 917, 2013.
proposed scheme is secure and feasible for resource-limited [20] S. Sezer, S. Scott-Hayward, P. K. Chouhan, B. Fraser, D. Lake,
devices in IoT. This scheme can therefore be used in many J. Finnegan, N. Viljoen, M. Miller, and N. Rao, “Are we ready for
smart system applications. During this research we found two sdn? implementation challenges for software-defined networks,” IEEE
Communications Magazine, vol. 51, no. 7, pp. 36–43, 2013.
important areas which we intend to work upon in the future [21] B. A. Nunes, M. A. S. Santos, B. T. De Oliveira, C. B. Margi,
i.e. incorporate single sign-on (SSO) feature in the centralized K. Obraczka, and T. Turletti, “Software-defined networking enabled
SDN controller and evaluate its proficiency in smart homes capacity sharing in user centric networks,” 2014.
for heterogeneous networks. Furthermore, privacy is another [22] P. Gope, “Enhanced secure mutual authentication and key agreement
scheme with user anonymity in ubiquitous global mobility networks,”
burning issue that needs to be fused in any security solution Journal of Information Security and Applications, vol. 35, pp. 160–167,
for smart ecosystem. We, therefore intend to work on the 2017.
searchable encrypted queries based solution for smart homes [23] K. Mansoor, A. Ghani, S. A. Chaudhry, S. Shamshirband, S. A. K.
Ghayyur, and A. Mosavi, “Securing iot-based rfid systems: A robust
using SDN, in order to cater for the privacy attacks and user authentication protocol using symmetric cryptography,” Sensors, vol. 19,
profiling. no. 21, p. 4752, 2019.
Journal Pre-proof
13
of
[27] B. Blanchet, “Automatic verification of security protocols in the sym-
bolic model: The verifier proverif,” in Foundations of Security Analysis
and Design VII. Springer, 2013, pp. 54–87.
[28] T. Kyntaja, “A logic of authentication by burrows, abadi and needham,”
Science Helsinki University of Technology, Tehran. http://www. tml. tkk.
fi/Opinnot/Tik-110.501/1995/ban. html, 1995.
[29] H. Asgari, S. Haines, and O. Rysavy, “Identification of threats and
pro
security risk assessments for recursive internet architecture,” IEEE
Systems Journal, vol. 12, no. 3, pp. 2437–2448, 2017.
[30] H. Tan, M. Ma, H. Labiod, A. Boudguiga, J. Zhang, and P. H. J.
Chong, “A secure and authenticated key management protocol (sa-kmp)
for vehicular networks,” IEEE Transactions on Vehicular Technology,
vol. 65, no. 12, pp. 9570–9584, 2016.
[31] S. A. Chaudhry, I. L. Kim, S. Rho, M. S. Farash, and T. Shon, “An
improved anonymous authentication scheme for distributed mobile cloud
computing services,” Cluster Computing, vol. 22, no. 1, pp. 1595–1609,
2019.
[32] B. Blanchet et al., “Modeling and verifying security protocols with the
re-
applied pi calculus and proverif,” Foundations and Trends® in Privacy
and Security, vol. 1, no. 1-2, pp. 1–135, 2016.
[33] A. Lumini and L. Nanni, “An improved biohashing for human authen-
tication,” Pattern recognition, vol. 40, no. 3, pp. 1057–1065, 2007.
[34] S. A. Chaudhry, H. Naqvi, M. S. Farash, T. Shon, and M. Sher, “An
improved and robust biometrics-based three factor authentication scheme
for multiserver environments,” The Journal of Supercomputing, vol. 74,
no. 8, pp. 3504–3520, 2018.
[35] P. Gope, “Laap: Lightweight anonymous authentication protocol for d2d-
aided fog computing paradigm,” computers & security, vol. 86, pp. 223–
lP
237, 2019.
[36] M. Wazid, A. K. Das, V. Bhat, and A. V. Vasilakos, “Lam-ciot:
Lightweight authentication mechanism in cloud-based iot environment,”
Journal of Network and Computer Applications, vol. 150, p. 102496,
2020.
rna
Jou
Authors Biography
Journal Pre-proof
of
Ammar did Telecommunicatonn Engineering from the Natonal Univernity of Science and
Technology, Pakintan in 2012 and Mantern in Computer Science (MCS) from Virtual Univernity of
Pakintan in 2019. He holdn multple technical certicatonn from Micronof, Cinco, and Huawei
including MOS(Accenn), CCENT, HCNP(R\&S), and HCNA(Security). Hin area of interent includen digital
pro
forennicn, pen-tentng and decentralized applicatonn. Currently, he in doing Mantern in Informaton
Security from the Natonal Univernity of Science and Technology.
re-
Imran Makhdoom (Member, IEEE) received the manter’n degree in informaton necurity from the
Natonal Univernity of Sciencen and Technology, Pakintan, in 2015, and the Ph.D. degree from the
lP
%Univernity of Technology Sydney, in 2020. He wan a Food Agility Scholar, from 2019 to 2020. He in
currently a Pontdoctoral Renearcher with the Univernity of Technology Sydney. He han publinhed
numeroun papern in nome of the prentgioun journaln and conferencen. Hin renearch interentn include
blockchain, the Internet of Thingn, dintributed connennun, networkn, and computer necurity. He han
made a valuable contributon to data necurity and privacy in the Food Tech/Agri Tech.
rna
Jou
Dr. Waneem Iqbal han received hin PhD degree from Natonal Univernity of Sciencen and Technology
(NUST) in 2021. Currently he in working an Annociate Profennor at the Department of Informaton
Secyrity, NUST. He han authored over 65 ncientic renearch artclen in prentgioun internatonal
journaln (ISI-Indexed) like IoTJ, FGCS, Syntemn Journal, MTAP, IEEE Sennorn, ACM Computng Surveyn,
and IEEE Comm Surveyn & Tutorialn, etc., %along with reputed conferencen like ICC etc. Dr. Waneem
in currently nupervining 3 x PhD, Co-Supervining 2 x PhD, 7 MS ntudentn (19 ntudentn have already
panned out), and 15 UG projectn. He han won 10 funded projectn an Principal and Co-Principal
inventgator from Induntry, NUST Def RnD, and Eranmun+,.
Journal Pre-proof
Dr. Awain did hin Pontdoc in Computer Science from Univernità degli Studi di Milano, Italy. He
completed hin PhD degree in Computer Science and Engineering from Kyungpook Natonal
of
Univernity, Daegu, Korea and Mantern in Computer Science from Bahria Univernity, Inlamabad. He in
SMIEEE and guent editor for varioun IEEE, Springer, and Elnevier journaln.
pro
re-
Mr. Asad Raza did his M.S from KTH Royal Institute of Technology in Information &
Communication Systems Security and his B.S from University of Engineering & Technology;
in Software Engineering. Currently he is senior lecturer in New Jersey Institute of
Technology and his Phd is in progress from University of Dakota-USA.
lP
rna
Jou
Journal Pre-proof
Declaratio if ioterettt
☒ The authors declare that they have no known competng fnancial interests or personal relatonships
that could have appeared to infuence the work reported in this paper.
of
☐The authors declare the following fnancial interestsppersonal relatonships which may be considered
as potental competng interests:
pro
re-
lP
rna
Jou