Lightweight anonymous authentication protocol for resource-constrained smart home devices based on elliptic curve cryptography

The communication channel between the smart home devices and the remote users is susceptible to numerous privacy and security compromise attacks. To address these issues, many authentication protocols have been developed. However, majority of these security schemes have vulnerabilities that may still be exploited to wreck havoc in smart homes. For instance, protocols based on low entropy passwords can be broken by polynomial time adversaries. Apart from security and privacy challenges, efficiency of the entire authentication process is another challenge that needs to be solved. To this end, most of the conventional smart home authentication protocols incur extensive storage, computation as well as communication overheads which are unsuitable for resource limited smart home devices. In this paper, an anonymous lightweight protocol is developed, based on one-way hashing and elliptic curve point multiplication operations. Formal verification of this protocol is executed using ProVerif while its informal security analysis demonstrates its robustness against majority of the smart home privacy and security attacks. In terms of operational efficiency, comparative analysis is carried out which shows that it incurs relatively low computation, storage and communication overheads.