Authentication of IoT device with the enhancement of One-time Password (OTP)

  • Sharon Chan Suet Yan Universiti Malaysia Sarawak
  • Alice Tang Su Wei
  • Jie Hui Bong
  • Quor Ling Teh
  • Shanmugapiriya Sivalingam
  • Shi Yee Khoo
  • Tahmid Mutashim Nafy
Keywords: IoT, Multi-factor Authentication, One-Time Password (OTP), WSN, Biometric Information

Abstract

The Robust and Energy Efficient Authentication Protocol works for Industrial Internet of Things. The Internet of Things (IoT) is an arising innovation and expected to give answers for different modern fields. The IoT enable connection of physical devices all around the world to the internet by collecting and sharing critical and real-time data among each other. The increment of devices increases the computational cost during data transmission between devices and towards the internet. In this paper we proposed a solution that is a multi-factor authentication protocol to enhance the protocol proposed by Li et al. For Industrial IoT by adding One Time Password (OTP) after the biometric information of the user is checked by the Gateway Node (GWN) to be able to tackle additional network attack aside from those that are overcome by Li et al. scheme. Our contribution for this project is, we proposed the solution that a multi-factor authentication protocol to enhance the protocol proposed. For Industrial IoT by adding One Time Password (OTP) after the biometric information of the user is checked by the Gateway Node (GWN) to be able to tackle additional network attack aside from those that are overcome. The idea of adding OTP is inspired by where they scheme correlates to biometric of user as well. Our proposal is lower cost than the three protocols regarding authentication overhead and computational cost perspectives. Challenges and future directions of this paper examined the security shortcomings of a client confirmation convention for WSN, which is as proposed by Chang and Le. To address the normal security shortcomings of past protocols, we proposed a strong and energy effective three-factor authentication protocol for WSN.

References

Banerjee, S., Odelu, V., Das, A., Chattopadhyay, S., Rodrigues, J. J., Park, Y. (2019). Physically secure lightweight anonymous user authentication protocol for internet of things using physically unclonable functions. IEEE Access. 7, 85627-85644.
Barker, E. (2018). Recommendation for Key Management. NIST, Gaithersburg, MD, USA. Tech. Rep.
Belcic, I., Farrier, E. (2021). What is spoofing and how can you prevent it? Retrieved from https://www.avast.com/c-spoofing
Cao, J., Yu, P., Ma, M., Gao, W. (2019). Fast authentication and data transfer scheme for massive NB-IoT devices in 3GPP 5G network. IEEE Internet Thing J, 6(2), 1561-1575.
Cao, J., Yu, P., Xiang, X.Y., Ma, M., Li, H. (2019). Anti-Quantum fast authentication and data transmission scheme for massive devices in 5G NB-IoT system. IEEE Internet of Things Journal, 6(6), 9794-9805. https:/doi.org/10.1109/JIOT.2019.2931724
Christensson, P. (2018, April). NFC Definition. Retrieved from https://techterms.com
Digital Guide Ionos. (2020). One-time password (OTP)-more security online. Retrieved from https://www.ionos.com/digitalguide/server/security/what-is-a-one-time-password-otp/
Feng, Z. (2020). A Secure RFID Mutual Authentication Protocol for Healthcare Systems. Special Section on Lightweight Security and Provenance for Internet of Health Things, 8, 192192-192205.
Gope, P., Sikdar, B. (2019). Robust and Energy Efficient Authentication Protocol for Industrial Internet of Things. IEEE Internet of Things Journal, 6(1), 580-589.
Huang, Y., Huang, Z., Zhao, H., Lai, X. (2013). A new One-time Password Method. IERI Procedia, 4, 32-37
Imran, M.A., Mridha, M.F., Rahman, M. (2017). A Lightweight One Time Pad (OTP) and Biometric based Secure authentication scheme for IoT environment. Retrieved from https://www.researchgate.net/publication/320034057_A_Lightweight_One_Time_Pad_OTP_and_Biometric_based_Secure_Authentication_Scheme_for_IoT_Environment/stats
Ismail, K.A., Singh, M. M., Mustaffa, N., Keikhosrokiani, P., Zulkefi, Z. (2018). Security Strategies for Hindering Watering Hole Cyber Crime Attack. Procedia Computer Science, 127, 656-663.
Kaspersky. (2021). What is a Reply Attack? Retrieved from https://www.kaspersky.com/resource-center/definitions/replay-attack
Li, J., Zhang, N., Chen, J., Du, R. (2020). Secure and Lightweight Authentication with Key Agreement for Smart Wearable Systems. IEEE Internet of Things Journal, 7(8), 7334-7344.
Li, X. Peng, J.Y., Liao, J., Choo, K.K.R. (2018). Robust and Energy Efficient Authentication Protocol for Industrial Internet of Things. IEEE Internet of Things Journal, 5(3), 1606-1615.
Ranger, S. (2020, February). What is the IoT? Everything you need to know about the Internet of Things right now. Retrieved from https://www.zdnet.com/article/what-is-the-internet-of-things-everything-you-need-to-know-about-the-iot-right-now/
Safkhani, M. & Vasilakos, A. (2019). A new secure authentication protocol for telecare medicine information system and smart campus. IEEE Access,7, 23514-23526.
SearchSecurity (2021). Session Key. Retrieved from https://searchsecurity.techtarget.com/definition/session-key
Sethia, D., Gupta, D., Saran, H. (2018). NFC secure element-based mutual authentication and attestation for IoT access. IEEE Transactions on Consumer Electronics, 64(4), 470-479.
Varanasi,P. (2020, October). Learn About Internal and External Cyber Attacks & Ideas to be safe from them. CloudCodes. Retrieved from https://www.cloudcodes.com/blog/internal-external-cyber-attacks.html
Wang, D., He, D., Wang, P., Chu, C. (2015). Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment. IEEE Transactions on Dependable and Secure Computing, 12(4), 428-442. 10.1109/TDSC.2014.2355850.
Published
2021-11-30
How to Cite
Chan Suet Yan, S., Tang Su Wei, A., Bong, J. H., Teh, Q. L., Sivalingam, S., Khoo, S. Y., & Nafy, T. M. (2021). Authentication of IoT device with the enhancement of One-time Password (OTP). Journal of IT in Asia, 9(1), 29-40. https://doi.org/10.33736/jita.3841.2021
Section
Articles