The 5th IEEE National Symposium on Information Technology: Towards Smart World
One Time Password Authentication Scheme based
on Elliptic Curves for Internet of Things (IoT)
Shivraj V L, Rajan M A, Meena Singh, Balamuralidhar P
TCS Innovation Labs, Bangalore 560 066, India,
Email:{shivraj.vl, rajan.ma, meena.s1, balamurali.p}@tcs.com
Abstract—Establishing end-to-end authentication between de-
vices and applications in Internet of Things (IoT) is a challeng-
ing task. Due to heterogeneity in terms of devices, topology,
communication and different security protocols used in IoT,
existing authentication mechanisms are vulnerable to security
threats and can disrupt the progress of IoT in realizing Smart
City, Smart Home and Smart Infrastructure, etc. To achieve
end-to-end authentication between IoT devices/applications, the
existing authentication schemes and security protocols require
a two-factor authentication mechanism. Therefore, as part of
this paper we review the suitability of an authentication scheme
based on One Time Password (OTP) for IoT and proposed
a scalable, efficient and robust OTP scheme. Our proposed
scheme uses the principles of lightweight Identity Based Elliptic
Curve Cryptography scheme and Lamport’s OTP algorithm. We
evaluate analytically and experimentally the performance of our
scheme and observe that our scheme with a smaller key size
and lesser infrastructure performs on par with the existing OTP
schemes without compromising the security level. Our proposed
scheme can be implemented in real-time IoT networks and is
the right candidate for two-factor authentication among devices,
applications and their communications in IoT.
I. I NTRODUCTION
Revolution in the field of Internet of Things (IoT) is driving
numerous applications in the area of Smart City, Smart Home,
Smart Health and etc., to enhance the living standards of the
people globally. To realize this, a plethora of digital devices
are deployed which communicate with each other directly
or through gateway or applications. From IoT application
perspective (Fig. 1), we envisage IoT as interconnected Appli-
cations, Devices, Gateways and Cloud platforms. Devices are
grouped into different clusters wherein cluster head is denoted
as gateway. Gateway manages the devices which belong to
its cluster. Devices within the cluster communicate with each
other directly or through the gateway. Further, these gateways
are managed by IoT cloud platforms. These platforms are
distributed geographically and communicate with each other.
Thus to enable secured and integrated communications across
IoT, the application and devices need to authenticate each other
through a cloud platform. Moreover, communication protocols
differ from one application to other and are vulnerable to
different security threats. Apart from this, some of the widely
used IoT communication protocols such as MQTT (Message
Queue Telemetry Transport), Constrained Application Protocol
(CoAP) have no inbuilt security mechanisms [1]. Though
CoAP and other protocols for IoT have augmented security
solutions such as Datagram Transport Layer Security (DTLS),
Secure Sockets Layer (SSL) and Transport Layer Security
(TLS), they are vulnerable to known threats [1], [2].
978-1-4799-7626-3/15/$31.00 ©2015 IEEE
Thus in IoT, existing communications have limited inbuilt
single-factor authentication security mechanism, thus not suffi-
cient to mitigate the threats and requires augmented authentica-
tion scheme. Hence IoT architecture needs to envisage a two-
factor authentication scheme to meet basic security require-
ments such as confidentiality, integrity and availability of the
devices and their communications to envisage aforementioned
smart applications. The first and foremost requirement of the
communication protocols is to establish authenticity between
the digital entities. In the literature, several authentication
schemes such as Message Authentication Code (MAC), sig-
nature, One Time Password (OTP), secure token and etc., are
discussed in the area of banking transactions, ad hoc networks,
digital communication networks [3]–[8]. Due to heterogeneity
in terms of computing power, storage, battery power, mobility,
peer to peer communication and functionality (sense and ac-
tuate), feasibility to adapt the existing authentication schemes
need to be addressed. Going forward, most of the data from IoT
devices are archived at IoT cloud platform (public, private) for
various data analytics and also users/applications are enabled
to command the IoT devices through a platform [4]. Thus,
only authenticated and authorized users/applications are able to
access the data and request/command IoT devices. To facilitate
this, authentication and authorization schemes for IoT needs
to be addressed.
Smart Office
Smart Home
Cloud
Smart City
Camera
Washing
Gateway
Machine
Television
Music Player
Mobile
Microwave
Fig. 1: IoT Architecture
We classify the authentication schemes for IoT as follows:
(a). Two party authentication through a trusted party with
key exchange [5], (b). Mutual authentication schemes [9].
(c). Directed path based authentication scheme (DPAS) [6],
(d). Session key based authentication [10], (e). Two way
authentication [7], (f). Group authentication [11] and (g). One
time password (OTP) and SecureID Authentication Schemes
1
 The 5th IEEE National Symposium on Information Technology: Towards Smart World
[8], [12], [13]. From these schemes (a-g), we infer that most
of the schemes are dependent on the particular type of IoT
architecture and used at different layers of IoT protocol stack.
With regards to security, they are prone to attacks, most
of these schemes need local key management and require
infrastructure for storing the keys, hence vulnerable to key
thefts [4], [5].
CLOUD_A CENTRAL CLOUD_B
Gateway-i CLOUD Gateway-k
DEVICE-A1 DEVICE-B1
request OTP(CLOUD_B
Gateway-k DEVICE-B1)
send generated OTP
request information (OTP)
validate OTP and send information
Fig. 2: Inter Cloud OTP scheme in IoT
Thus we strongly argue that due to the larger deployment
of the IoT devices and are connected to the Internet, relying
upon a single authentication scheme is a security risk, hence a
two-factor authentication scheme is a requirement for enabling
security of IoT devices and applications. Here an application
or device requires an information from a remote device or need
to control a device, which is located elsewhere and does not
belong to same gateway/cloud and also uses different security
protocol or scheme. In such scenarios, enabling authentication
is cumbersome. In such circumstances, an application/ device
can request the central cloud (cf. Fig. 2) to generate OTP
and central cloud generates and distributes the OTP to both
the application/device and remote device. In order to get
authenticated, application/device submits its authentication in-
formation along with the OTP to the remote device. The remote
device validates the application/device request authenticity by
OTP validation along with the authentication information and
process the requested information Thus use of OTP along
with the existing authentication scheme for enabling a two-
factor authentication is sufficient and necessary requirement
to mitigate the aforementioned security risks/threats and also
handles weakness of OTP scheme such as replay and man
in the middle attacks [3], [14], [15]. Hence, we discuss the
adaptability of a particular class of authentication schemes
such as OTP and SecureID token schemes for IoT devices
in Cloud.
Based on the literature survey, most of the existing OTP
schemes such as Hash based OTP (HOTP), Time Synchronized
OTP (TOTP), HMAC-MD5, HMAC-SHA1, HMAC-SHA256,
HMAC-SHA512 and Lamports OTP are described in general
and not specific to IoT. Hence as part of our work, we evaluate
the suitability of these schemes for IoT through analytical
analysis and propose efficient lightweight OTP scheme based
on Identity Based Elliptic Curve Cryptography (IBE-ECC) and
evaluate the performance of OTP scheme over some of the
existing OTP schemes and extend the Lamports OTP scheme
by using IBE-ECC technique.
The paper is organized as follows. Section II describes a
related work on existing OTP techniques and their limitations
978-1-4799-7626-3/15/$31.00 ©2015 IEEE
from the IoT perspective. Our proposed OTP scheme, based
on IBE curve and Lamport’s OTP algorithm is described in
Section III. Security analysis of proposed OTP protocol is de-
scribed in Section IV. In Section V, Results and comparison of
our proposed OTP schemes against the existing OTP schemes
are analysed. Finally the paper is concluded in Section VI.
II. R ELATED W ORK
As discussed earlier, the strengths and weaknesses of sev-
eral authentication schemes and their mitigations are proposed
in [3]–[8]. OTP based on One Way Function (RSA) is proposed
by Bicakci et al. [16]. RSA based OTP and SecureID token
algorithms were broken and attacks are reported worldwide
[17]. It is shown that using number theoretic concepts such
as Chinese Remainder Theorem (CRT), Multiple Polynomial
Quadratic Sieve (MPQS), attacks such as Integer Factorization,
Discrete Logarithmic, Quantum Factoring, Forward, Fixed
Point, Partial Key Exposure, Square Root, etc., are possible
against RSA scheme. Yeh et al. proposed OTP based authen-
tication scheme based on challenge response model [16]. This
scheme suffers from pre-play and impersonate attacks [16].
Further, Linear Secret Sharing (LSS) based OTP generation is
described in [18]. In [8], the author introduced the concept
of OTP to envisage password authentication over insecure
channel. S/Key OTP system is designed based on Lamport’s
OTP algorithm. Goyal et al. proposed an efficient OTP algo-
rithm [19] to authenticate device for (t + 1)th time, it needs
to submit the (t)th received OTP. But this scheme requires
reinitialization.
Based on Lamport’s OTP algorithm, other OTP mecha-
nisms based on HMAC (HOTP, TOTP) are discovered [12],
[13]. Further, TOTP uses HMAC based OTP schemes with
MD5, SHA1, SHA256 AND SHA512 are depicted in [13].
Though HMAC based authentication schemes are standardized
by NIST, ANSI, IETF and are used in Secure Socket Layer
(SSL), TLS, IPSec, etc., protocols, are prone to attacks such
as birthday, forgery, full key recovery and collision [20]–[22].
To overcome this, OTP based on bilinear paring is dis-
cussed in [23]. However, bilinear pairing based scheme is
computationally complex and practically deploying for authen-
ticating transactions may be infeasible. Hence we argue that
our proposed OTP generation technique which is based on the
principles of IBE-ECC which does not require storage of the
private information of the users/devices for generating OTP is
a feasible solution for authenticating IoT devices/applications
and communications between them.
III. P ROPOSED OTP S CHEME BASED ON I DENTITY
BASED E LLIPTIC C URVE
Identity based cryptography is a public key cryptosystem
introduced by Shamir [24]. Further, elliptic curve based pair-
ing was developed by Boneh and Franklin [25]. We adapt
lightweight IBE-ECC to design a novel OTP scheme, which is
a suitable candidate for authenticating IoT devices and appli-
cations. To envisage this, PKG performs the job of the OTP
generator and validator at IoT cloud platform (cf. Fig.1). In
the following subsections, we propose a novel OTP generation
scheme using IBE-ECC.
2
 The 5th IEEE National Symposium on Information Technology: Towards Smart World
A. Proposed OTP Generation
Analogous to IBE-ECC scheme, we model OTP generation
scheme in the following four phases
• Setup: In setup phase, PKG generates a pair of prime
numbers p and q (with p = (2)n ± c, where c ≤ log2 n
and p ≡ 3(mod 4) and q | p + 1), super singular
elliptic curve, torsion point P and a master secret key
msk. As discussed in [26], we use these cryptographic
parameters to optimize the computations over elliptic
curve and thus our proposed scheme is lightweight.
• Extract: In extract phase, the IoT Applications and
Devices register to PKG with their identity and obtain
both public and private keys. Note that, both keys are
torsion points on elliptic curve. For instance, a device
with device id Dev id obtains a public key which is
a torsion point on elliptic curve PDev id and a private
key skeyDev id which is also a torsion point obtained
by using
skeyDev id = [msk]PDev id . (1)
• Generate: In generate phase, application
requests/sends data/command from/to IoT device
(with id Dev id) at an instance of time treq , through
a cloud platform. Then PKG at IoT cloud generates
the private key of the device skeyDev id which is a
torsion point on the elliptic curve and computes the
new torsion point for the given instance of time using
the equation
OT Ptreq = [treq ]skeyDev id . (2)
and extracts the required information to form OT Ptreq
from this new point and sends it to both the device
and application.
• Validate: In validate phase, the application commu-
nicates with the device by submitting OT Ptr eq and
device verifies the OTP with that of received one
(from IoT cloud) and on successful verification it
accomplishes required task.
To ensure more security, we adapt Lamport’s OTP algorithm
based on IBE-ECC.
B. Proposed OTP Generation Scheme using Lamport’s OTP
algorithm
Lamport’s OTP generation algorithm is based on successive
computation of hash function over some random n number of
times with initial random seed. Formally, let H(x) be the hash
function which takes x as its random seed. Then the Lamport’s
technique computes OTP which is H n (x)
H n (x) = H n (H n−1 (H n−2 (...........H 2 (H(x))).....)). (3)
The sequence of passwords generated by the above equation
is H n (x), H n−1 (x),.......H 2 (x),H(x), x. Some of the variants
of Hash function based Lamport’s OTP algorithm are S/Key,
Goyal et al. scheme, HOTP and TOTP. Bicakci et al., scheme
is based on RSA public key system. Hash based Lamport’s
OTP scheme and its variants are prone to attacks and other
schemes are computationally intensive [16], [17].
978-1-4799-7626-3/15/$31.00 ©2015 IEEE
To overcome these limitations, we propose an IBE curve
OTP scheme and replace the hash function in Lamport’s
OTP algorithm (cf. Algorithm-1) with our proposed function
based on IBE scheme. Here initial input to the algorithm
is device/application identity, time, counter and public pa-
rameters. Initially algorithm computes the secret key of the
device/application which is a torsion group point and a new
torsion point is computed by using the x component of the
current torsion point and time (see step 9 of Algorithm-1).
Thus algorithm repeatedly computes the new torsion point
from the previous torsion point and time till the desired number
of times the operation needs to be performed (see steps 1 to 15
of Algorithm-1). The output of the algorithm is an OTP which
can be a truncated value of x component of the resultant torsion
point (see step 16 of Algorithm-1).
Algorithm 1 : Identity based elliptic curve OTP scheme
1: BEGIN
2: Input: Device/Application identity Dev App ID, current
time t, counter, public torsion point P , Equation of
Elliptic Curve y 2 = Ax3 + Bx2 + C, PKG Master Key
msk, field prime number p, prime torsion group order q
3: Compute Device/Application public key which is a torsion
point on elliptic curve P ublicDev App
4: Compute Device/Application private key which is also a
torsion point P rivateDev App = [msk]P ublicDev App
5: xcomponent = P rivateDev App .x
6: newT P = P rivateDev App
7: loop = 0
8: while TRUE do
9: newT P = [(t + xcomponent)mod(q)]newT P
10: loop = loop + 1
11: if loop ≥ counter then
12: BREAK
13: end if
14: xcomponent = newT P.x
15: end while
16: return (newT P.x)
17: END
As part of OTP protocol system, application/device in IoT
submits its identity to the cloud platform to get access to the
device and PKG in the cloud generates the OTP using the
Algorithm-1 and shares the OTP to both the Application and
Device and authentication/validation of the device/application
is done through received OTP from the cloud and the applica-
tion/device.
IV. S ECURITY A NALYSIS
We state and prove that the hardness of our proposed
OTP generation algorithm based on Lamport’s OTP technique
is equivalent to solving Computational DiffieHellman (CDH)
(see the following lemmas). Formally CDH is defined as
“Computing a new torsion group point [ab]P for a given
< P, [a]P, [b]P > is hard” [25], [27]. We analyse the hardness
of our OTP generation algorithm with respect to (w.r.t) the
following situations. Let Dev1 and Dev2 are any two random
devices of IoT and t1 and t2 are any two random time
instances.
3
 The 5th IEEE National Symposium on Information Technology: Towards Smart World

4000
Android Mobile Device
V. R ESULTS AND D ISCUSSION
Server
3000 The primary goal of this paper is to analyse both math-
Time (ms)

ematically and experimentally, the suitability of existing au-

2000 thentication system based on OTP for IoT and also devise an
efficient OTP scheme for IoT. As part of this, we implemented
1000
OTP schemes based on Lamport, HOTP, TOTP, Goyal et al.,
Bicakci et al., Chefranov and Yeh et al. and also our proposed
0
64 128 160 256 512 OTP scheme based on lightweight ECC [26] and Lamport’s
Size of Prime Number (bits)
OTP schemes in JAVA 6.
Fig. 3: Performance of IBE-ECC based OTP Algorithm on
android smart phone and Server A. System Setup
For experimentation purpose, we deployed OTP schemes
Lemma 1: Computing new OTP from the known OTP of on a desktop and a mobile phone (cf. Table-I). The OTP
a device is CDH. generation is deployed at a server whose configuration is
mentioned in (cf. Table-I). We conducted load testing at the
Proof: Let OT Pt1 and OT Pt2 are the OTPs generated at server with varying number of OTP generation requests. To
two different instances of time t1 and t2 respectively for Dev1 enable this, we envisaged multi-thread programming in Java.
and are given by
OT Pt1 = [t1 ]skeyDev 1 (4) TABLE I: Experimental Setup
OT Pt2 = [t2 ]skeyDev 1 (5) Computing Environment Desktop, Server, Android Phone
Server Hardware Intel Core i5-2400 CPU@3.10 Ghz
From the known OTPs OT Pt1 and OT Pt2 , computing the OTP Server Primary Memory 4 GB
Server Operating System Windows 7, 32 bit
OT Pt3 for the device Dev1 at t3 with t3 > t2 > t1 is CDH. Web server Apache Tomcat-6.0.33
Android Phone OS Kitkat (4.4.2)

Lemma 2: Computing OTP for a device/application from

the known OTP of another device at same instance of time is TABLE II: Parameters for OTP Evaluation
CDH. OTP Size (bits) 64, 128, 160, 256, 512
Proof: Let OT PtDev1 and OT PtDev2 are the OTPs gener- HMAC Technique
ECC Curve Details
MD5, SHA-[1, 256, 512]
y 2 = x3 + x
ated for the two devices Dev1 and Dev2 at time t respectively
and are given by B. Performance Analysis
OT PtDev1 = [t]skeyDev 1 (6) We conducted performance analysis in two phases. In the
first phase, we experimented to evaluate the performance of the
OT PtDev2 = [t]skeyDev 2 (7) aforementioned OTP schemes and our proposed OTP scheme
By CDH definition computing OT PtDev2 from the given w.r.t. computation time against parameters (cf. Table-II). We
OT PtDev1 without knowing skeyDev 2 is CDH and in general randomly generated OTPs for random number of devices for
this is applicable for more than two devices and OTPs (known). a given instance of time and tabulated the mean computation
time to generate the OTPs. In the second phase, we computed
the expectation of time taken to generate simultaneous OTPs
Lemma 3: Computing OTP for a device/application from (in 10, 100, 200, 500 and 1000 numbers) by the aforemen-
the known OTP of another device at different instance of time tioned OTP algorithms at server (cf. Table-I). Note that, though
is CDH. in all the plots we consider OTP sizes much greater than six
Proof: Let OT PtDev 1
and OT PtDev2
are the OTPs gen- digits, to the end user only truncated six digits of OTP is
1 2
erated for the two devices Dev1 and Dev2 at time t1 and t2 transmitted and verified. The truncation can be adaptable to any
respectively and are given by number of required OTP digits and computation time remains
same.
OT PtDev1
= [t1 ]skeyDev 1 (8)
1 Fig. 3 describes the OTP generation based on our proposed
OT PtDev2
= [t2 ]skeyDev 2 (9) IBE-ECC algorithm deployed on android mobile phone and
2
Server. The time taken to compute the OTP is plotted for
By CDH definition computing OT PtDev2
2
from the given various OTP sizes mentioned in Table-II. The computation
Dev1 times are averaged with various time instants and device
OT Pt1 without knowing skeyDev 2 is hard.
ids. From the figure as expected computational complexity
Lemma 4: Computing OTP for a device/application from increases with the OTP size. The OTP computation time on
the known OTP of same/another device at same/different server is much less when compared with that of mobile. Thus it
instance of time based on Lamport’s OTP algorithm is CDH. is evident from our arguments that OTP generation algorithm
Proof: By Lemmas 1-4, this lemma is proved. Thus OTP needs to be deployed at IoT cloud server rather than at the
generation based on Lamport’s OTP algorithm is stronger devices.
CDH.

978-1-4799-7626-3/15/$31.00 ©2015 IEEE 4

 The 5th IEEE National Symposium on Information Technology: Towards Smart World

9
x 10
8 cations. To authenticate and perform communication between
Bicakci et al.
ECC−Lamport them, a robust, scalable and efficient authentication scheme is
Time (ns) 6
required. Thus proposed OTP schemes are scalable and with
a smaller key size, greater security can be achieved along
4
with two-factor authentication. Further due to heterogeneity of
2
devices and applications, IoT requires heterogeneous authenti-
cation schemes. By tuning the key sizes in our proposed OTP
0
64 128 160 256 512
schemes, this is achievable. Hence we argued and shown that,
Size of Prime Number (bits) OTP based on IBE-ECC is the right candidate for enabling
authentication in IoT.
Fig. 4: Performance of Bicakci et al.’s and Lamport’s OTP
based on IBE-ECC 1000
HMAC−MD5
6
x 10 HMAC−SHA1
12 800
HMAC−SHA256
HOTP

Time (ms)
TOTP HMAC−SHA512
10 600
Chefranov’s
Yeh et al.
Time (ns)

8
Lamport 400
Goyal et al.
6
200
4

0
2 100 200 300 400 500 600 700 800 900 1000
Number of Requests Served
0
HMAC_MD5 HMAC_SHA1 HMAC_SHA256 HMAC_SHA512
Hash Algorithms Fig. 6: Load testing: HMAC-OTP on Server
Fig. 5: Performance of hash-OTP generation algorithms
5
x 10
3
64 bit Prime Number
Fig. 4 describes the OTP generation time based on Bicakci 2.5 128 bit Prime Number
160 bit Prime Number
et al. and our proposed IBE-ECC Lamport algorithm (100 Time (ms) 2 256 bit Prime Number
successive OTPs are generated and the time taken to compute 512 bit Prime Number

the 100th OTP is plotted) for various OTP sizes (cf. Table-II).
1.5

1
The computation times are averaged with various time instance
and device/application ids. From the figure it is expected 0.5

that as the OTP size increase, computational complexity also 0

100 200 300 400 500 600 700 800 900 1000
increases and also our proposed algorithm takes more time Number of Requests Served
when compared to Bickci et al. algorithm. Note that 160 bit
OTP based on IBE-ECC Lamport is equivalent to 1024 bit Fig. 7: Load testing: Proposed scheme based on IBE-ECC-OTP
OTP based on RSA technique. on server
Fig. 5 describes the performance analysis of variants of
6
HOTP, TOTP, Chefranov, Yeh et al., Lamport and Goyal et 8
x 10

al. algorithms. Further computation time of TOTP algorithm 64 bit Prime Number
128 bit Prime Number
is more in comparison with HOTP algorithm and less in 6 160 bit Prime Number
Time (ms)

comparison with ECC based OTP algorithm. Figures. 6-10 256 bit Prime Number
512 bit Prime Number
4
describe the load test analysis of various OTP generation
algorithms at server. Results are tabulated based on time taken 2
to compute number of simultaneous OTPs generated.
0
From these experimental results, though our proposed OTP 100 200 300 400 500 600 700 800 900 1000
generation based on IBE-ECC and IBE-ECC Lamport takes Number of Requests Served
more time when compared to other schemes, security with
a 160 bit OTP size, our proposed scheme offers equivalent Fig. 8: Load testing: Proposed scheme based on IBE-ECC-
(almost) security of 1024 bit RSA. Note that from the experi- Lamport-OTP on server
mental results, time complexity of our proposed scheme (with
a 160 bit OTP size) is approximately similar to that of other 5000
OTP schemes (cf. Figures 3, 4 Vs 5 and Figures 7-8 Vs 6, 10). HMAC−MD5
HMAC−SHA1
In addition to this, our proposed OTP generation algorithms 4000
HMAC−SHA256
Time (ms)

based on IBE-ECC, PKG doesn’t require any infrastructure 3000

HMAC−SHA512

(and hence less vulnerable to attacks) for user management

2000
w.r.t private information, as it can be generated using PKG’s
master secret key and also we have used lightweight IBE- 1000
ECC algorithms. On the other hand, existing OTP schemes
0
do require infrastructure (and hence vulnerable to attacks) and 100 200 300 400 500 600 700 800 900 1000
Number of Requests Served
reinitialization.
As discussed in IoT, there are plethora of devices and appli- Fig. 9: Load testing: HMAC-Lamport-OTP on server

978-1-4799-7626-3/15/$31.00 ©2015 IEEE 5

 The 5th IEEE National Symposium on Information Technology: Towards Smart World
1200
HMAC−MD5
1000 HMAC−SHA1
HMAC−SHA256
Time (ms)
800 HMAC−SHA512
600
400
200
0 on, June 2011, pp. 563–566.
100 200 300 400 500 600 700 800 900 1000
Number of Requests Served
Fig. 10: Load testing: TOTP-Lamport-OTP on server
VI. C ONCLUSION AND F UTURE W ORK
In this paper we have reviewed the existing OTP schemes
used for end-to-end authentication in IoT and have proposed a
lightweight, robust and scalable OTP scheme by using the prin-
ciples of IBE-ECC. Since we do not store the keys, key size is
small and do not depend on the previous keys (memory less),
our scheme requires lesser resources for operation as compared
to the existing schemes such as HOTP, TOTP, Bicakci et al.,
Yeh et al., Lamport’s hash based algorithm and Chefranov
and Goyal et al, etc. We have implemented the proposed
scheme as well as the above existing schemes in a laboratory
environment and have analysed our scheme analytically as well
as experimentally. Through experimental, as well as analytical
results we have demonstrated that our proposed scheme with
a smaller key size and lesser infrastructure performs on par
with the existing OTP schemes, without compromising the
security level. Since our scheme requires less resources and
the key size is smaller as compared to the existing schemes, it
can be viewed as a prominent candidate for large and diverse
IoT systems such as Smart City, Smart Home and Smart
Infrastructure deployments. As part of our future work, we
are in the process of deploying our proposed scheme on a real
IoT platform such that real-time performance evaluation can
be obtained.
R EFERENCES
[1] J. Antonio J, L. Latif, and S. Antonio, “The internet of everything
through ipv6: An analysis of challenges, solutions and opportunities,”
in Journal of Wireless Mobile Networks, Ubiquitous Computing, and
Dependable Applications, ser. JoWUA ’13. Innovative Information
Science & Technology Research Group, 2013, pp. 97–118.
[2] G.-M. Oscar, K. Sandeep S, H. Sye, Loong Keoh Rene, and S. Rene,
“Security considerations in the ip-based internet of things,” in IETF
Draft-garcia-core-security-06, ser. Internet Draft ’14. IETF, 2014, pp.
1–45.
[3] A. Hiltgen, T. Kramp, and T. Weigold, “Secure internet banking
authentication,” in IEEE Security and Privacy, 2006, pp. 21–29.
[4] M. Parikshit N, A. Bayu, P. Neeli R, and P. Ramjee, “Identity authen-
tication and capability based access control (iacac) for the internet of
things,” in Journal of River Publications. River Publishers, 2013, pp.
1–40.
[5] L. Chen-Xu, L. Yun, Z. Zhen-Jiang, and C. Zi-Yao, “The novel authenti-
cation scheme based on theory of quadratic residues for wireless sensor
networks,” in International Journal of Distributed Sensor Networks.
Hindawi, 2013.
[6] N. Huansheng and L. Hong, “Directed path based authentication scheme
for the internet of things,” in Journal of Universal Computer Science,
2012, pp. 1112–11 131.
978-1-4799-7626-3/15/$31.00 ©2015 IEEE
[7] C. Schmitt and B. Stiller, “Two-way authentication for iot,” in IETF,
ser. ACE Working Group ’14. IETF, 2014, pp. 1–19.
[8] L. Leslie, “Password authentication with insecure communication,” in
Communications of the ACM, ser. J.UCS ’12. New York, NY, USA:
ACM, 2012, pp. 770–772.
[9] G. Zhao, X. Si, J. Wang, X. Long, and T. Hu, “A novel mutual au-
thentication scheme for internet of things,” in Modelling, Identification
and Control (ICMIC), Proceedings of 2011 International Conference
[10] V. Cakulev, G. Sundaram, and I. Broustis, “Ibake: Identity-based au-
thenticated key exchange,” in RFC 6539, ser. Informational ’12. IETF,
2012, pp. 1–13.
[11] M. Parikshit N, A. Bayu, P. Neeli R, and P. Ramjee, “Novel threshold
cryptography-based group authentication (tcga) scheme for the internet
of things (iot),” in 7th IEEE ANTS. IEEE, 2013, pp. 1–6.
[12] D. M’Raihi, S. Machani, and J. Rydell, “Hotp: An hmac-based one-
time password algorithm,” in IETF RFC 4226, ser. Network Working
Group ’05. IETF, 2005, pp. 1–37.
[13] D. M’Raihi, M. Bellare, F. Hoornaert, D. Naccache, and O. Ranen,
“Totp:time-based one-time password algorithm,” in IETF RFC 6238,
ser. Informational ’11. IETF, 2011, pp. 1–16.
[14] K. Mijin, L. Byunghee, K. Seungjoo, and W. Dongho, “Weaknesses
and improvements of a one-time password,” in International Journal of
Future Generation Communication and Networking, 2009, pp. 29–38.
[15] Y. Huang, Z. Huang, H. Zhao, and X. Lai, “A new one-time password
method,” vol. 4. Elsevier, 2013, pp. 32–37.
[16] E. Mohamed Hamdy, K. Muhammad Khurram, and A. Khaled, “One-
time password system with infinite nested hash chains,” in Communica-
tions in Computer and Information Science, ser. Security Technology,
Disaster Recovery and Business Continuity Book Chapter’05. Springer,
2005, pp. 161–170.
[17] D. Boneh, “Twenty years of attacks on the rsa cryptosystem,” in Notices
of the AMS, ser. AMS’99. AMS, 1999, pp. 1–16.
[18] M. Christopher, “One-time password scheme via secret sharing tech-
niques,” in Master of Science Thesis. University of New Orleans,
2011, pp. 1–50.
[19] V. Goyal, A. Abraham, S. Sanyal, and S. Han, “The n/r one time
password system,” in Proceedings of International Conference on
Information Technology: Coding and Computing, ser. ITCC’05. IEEE,
2005, pp. 733–738.
[20] X. Wang, H. Yu, W. Wang, H. Zhang, and T. Zhan, “Cryptanaly-
sis on hmac/nmac-md5 and md5-mac,” in Advances in cryptology-
EUROCRYPT 2009. Springer, 2009, pp. 121–133.
[21] K. Jongsung, B. Alex, P. Bart, and H. Seokhie, “On the security of
hmac and nmac based on haval, md4, md5, sha-0 and sha-1,” in SCN
2006. LNCS, Springer-Verlag, 2006, pp. 1–18.
[22] F. P.A., L. G, and N. P.Q, “Full key-recovery attacks on hmac/nmac-
md4 and nmac-md5,” in CRYPTO ’07. Springer, Dec 2007, pp. 1–18.
[23] L. Yunjin and K. Howon, “Insider attack-resistant otp (one-time pass-
word) based on bilinear maps,” in International Journal of Computer
and Communication Engineering, 2013, pp. 304–308.
[24] A. Shamir, “Identity-based cryptosystems and signature schemes,” in
Proceedings of CRYPTO 84 on Advances in Cryptology. New York,
NY, USA: Springer-Verlag New York, Inc., 1985, pp. 47–53.
[25] D. Boneh and M. Franklin, “Identity-based encryption from the weil
pairing,” in CRYPTO 2001, ser. LNCS’01. Springer, 2001, pp. 213–
229.
[26] B. S. Adiga, M. A. Rajan, R. Shastry, V. L. Shivraj, and P. Balamuralid-
har, “Lightweight ibe scheme for wireless sensor nodes,” in Advanced
Networks and Telecommuncations Systems (ANTS). IEEE, Dec 2013,
pp. 1–6.
[27] D. Boneh, “The decision diffie-hellman problem,” in Third Algorithmic
Number Theory Symposium, ser. LNCS’98. Springer, 1998, pp. 48–63.
6