In today's wireless based applications, sensors are playing the vital role due to its pluses like low cost, low maintenance, hostile environment etc. On other end, cloud based technologies are increasing day-by-day to make its presence in the life of people for processing large chunk of data. Also, Internet of Things (IoT) is making its way by utilizing the sensors for various internet based applications and to connect to them with cloud. In all of these technologies, the major issue is authentication i.e. user from distance can access the server and authenticate via insecure channel. Recently, Lee et al. proposed the authentication scheme in IoT based environment using sensors and claimed it to be secure against various attacks. However, in this research we have analyzed the scheme and prove that it is yet susceptible to key control, time synchronization and stolen verifier. In addition, there will be overhead for verification which can lead to the DoS attack for large setup.
Internet of Things (IoT) is making its way in today’s technology in various areas of the human life like smart city, smart agriculture, smart transportation etc. [1-8]. Sensors are applying the vital role in IoT based applications forrequired tasks in hostile environments. On the other side, cloud based technologies makes its vital role due to high level of data from the IoT based applications.
One of the prevalent issues in this scenario is authentication from sensor device to the end server. Thus, to resolve this issue in , Lamport firstly propose the scheme of remote user authentication protocol in which user can set the session key with server apart from authentication even though the physical distance between them is much larger.
Indeed, key agreement as well as authentication is prime issue for any data transfer to begin. The existing schemes can be broadly classified into various categories like one factor, two factor and three factors [10-39]. Indeed, three factor will be more secures however requires more infrastructure as to others. As the messages are transmitted on the open channel, the channel is susceptible to the various attacks like stolen smart card, man-in-middle, etc.
Afterwards in research [40-46], many researchers have proposed various key agreement protocols as well as given the cryptanalysis of the earlier schemes. Recently in , Lee et al proposed the three factor authentication scheme and proved to be efficient as well as secure as compared to the earlier schemes. However, in this paper we have proved that the scheme is yet susceptible to the various attacks.
4. Conclusion and Future Work
IoT, sensors, Cloud are today’s technology which are playing the key role in shaping our future. As discussed, authentication and key agreement is the vital issue in any of these technologies. The recent approach by Lee et al is being analyzed in this paper and found to be insecure against various attacks. In future, one can design the more secure and efficient scheme.