In the recent years, the Internet of Things (IoT) has become one of the leading technologies that allow the mainstreaming of smart homes and smart cities by creating a communication system for physical objects over the Internet. In a smart home, devices are not necessarily homogeneous in terms of topology, security protocols, computational power and communication. This nature of the devices causes some incompatibilities with conventional authentication methods and the security requirements of IoT standards. This paper proposes a RSA-Biometric based user Authentication Scheme for Smart Homes using Smart-phones (denoted RSA-B-ASH-S). A formal security analysis of the proposed scheme using the Burrows-Abadi-Needham (BAN) logic is provided, showing that it achieves perfect forward secrecy by utilizing a fresh encryption key for each session. The performance evaluation of the proposed scheme in terms of computational time, storage requirements, and communication overhead, is also presented.
展开▼
