Biometric Based User Authentication Protocol in Smart Homes

Document Type : Original Article


1 Tarbiat Modares University

2 Department of Computer Engineering, Shahed University


The smart home is an important Internet of Things applications. Due to the smartphones development, expansion of their network, and growing the data transfer rate, security in personal life has become a dramatic challenge. Therefore, it is essential to secure such a system to create a sense of relaxation in the lives of users and homeowners to deal with possible occurrences. The integration of technologies for the automation of home affairs with the Internet of things means that all physical objects can be accessed on cyberspace; therefore, the concerns raised by users about the lack of privacy and security are serious arguments that science and technology should answer. Therefore, addressing security issues is a crucial necessity for the development of the smart homes. Although authentication protocols have been proposed based on smart cards for multi-server architectures, their schemes cannot protect the system against stolen smart cards and dictionary attacks in the login phase and do not satisfy perfect forward secrecy. To overcome these limitations, this paper proposes an anonymous, secure protocol in connected smart home environments, using solely lightweight operations. The proposed protocol in this paper provides efficient authentication, key agreement, and enables the anonymity of devices and unlinkability. It is demonstrated that the computation complexity of the protocol is low as compared to the existing schemes, while security has been significantly improved. This protocol ensures that even if the stakeholder’s device or the IoT device is attacked, they are robust against them.