A secure and lightweight authentication scheme for next generation IoT infrastructure

Minahil Rana, Akasha Shafiq, Izwa Altaf, Mamoun Alazab, Khalid Mahmood, Shehzad Ashraf Chaudhry, Yousaf Bin Zikria

    Research output: Contribution to journalArticlepeer-review


    While the 6G/IoT transition is on the cards, the real advantage of this transition can be realized only if the user privacy and security are guaranteed. The smartcard and password based authentication protocols can help the transition in a rapid way. However, due to insecurities and/or heavy computation, many such protocols cannot cope with the dynamic requirements of future generation networks. Recently, Kaul and Awasthi presented a robust and secure user authentication protocol based on resource friendly symmetric cryptography primitives. They declared that their introduced protocol is convenient, efficient, and secure for the applications in real-world. In contrast, this article describes that protocol of Kaul and Awasthi is not secure because an attacker can easily find the identity of a legal user that is being sent on the public channel. Further, by using the identity of a legitimate user, an attacker can impersonate himself as a legitimate user of the system and can enjoy the services given by the server. So, their protocol is susceptible to user impersonation attacks, and their claim of being secure is proven to be wrong. Therefore, we have extended their work and presented an upgraded scheme by ensuring secure communication over the entire channel. Moreover, our proposed scheme is safe not solely against user impersonation attack but also major security attacks with reasonable communication, computation, and storage costs and is a better candidate for deployment in 6G/IoT networks.

    Original languageEnglish
    Pages (from-to)85-96
    Number of pages12
    JournalComputer Communications
    Publication statusPublished - 1 Jan 2021


    Dive into the research topics of 'A secure and lightweight authentication scheme for next generation IoT infrastructure'. Together they form a unique fingerprint.

    Cite this