Please wait a minute...
Big Data Mining and Analytics  2021, Vol. 4 Issue (1): 1-9    DOI: 10.26599/BDMA.2020.9020010
Special Issue on Intelligent Recommendation System and Big Data Analysis     
New Enhanced Authentication Protocol for Internet of Things
Mourade Azrour*(),Jamal Mabrouki(),Azedine Guezzaz(),Yousef Farhaoui()
IDMS Team, Department of Computer Science, Faculty of Sciences and Techniques, Moulay Ismail University, Errachidia 52000, Morocco.
Laboratory of Spectroscopy, Molecular Modeling, Materials, Nanomaterial, Water and Environment, CERNE2D, Faculty of Science, Mohammed V University in Rabat, Rabat 10000, Morocco.
Department of Computer Science and Mathematics, High School of Technology, Cadi Ayyad University, Marrakesh 40000, Morocco.
Download: PDF (1097 KB)      HTML  
Export: BibTeX | EndNote (RIS)      


Internet of Things (IoT) refers to a new extended network that enables to any object to be linked to the Internet in order to exchange data and to be controlled remotely. Nowadays, due to its multiple advantages, the IoT is useful in many areas like environment, water monitoring, industry, public security, medicine, and so on. For covering all spaces and operating correctly, the IoT benefits from advantages of other recent technologies, like radio frequency identification, wireless sensor networks, big data, and mobile network. However, despite of the integration of various things in one network and the exchange of data among heterogeneous sources, the security of user’s data is a central question. For this reason, the authentication of interconnected objects is received as an interested importance. In 2012, Ye et al. suggested a new authentication and key exchanging protocol for Internet of things devices. However, we have proved that their protocol cannot resist to various attacks. In this paper, we propose an enhanced authentication protocol for IoT. Furthermore, we present the comparative results between our proposed scheme and other related ones.

Key wordsauthetication      Internet of Things (IoT)      sensor      security      authorization     
Received: 08 June 2020      Published: 12 January 2021
Corresponding Authors: Mourade Azrour     E-mail:;;;
About author: Mourade Azrour received the PhD degree from Faculty of Sciences and Technologies, Moulay Ismail University, Errachidia, Morocco in 2019, and the MS degree in computer and distributed systems from Faculty of Sciences, Ibn Zouhr University, Agadir, Morocco in 2014. He currently works as a computer science professor at the Department of Computer Science, Faculty of Sciences and Technologies, Moulay Ismail University. His research interests include authentication protocol, computer security, Internet of Things, and smart systems. He is a scientific committee member of numerous international conferences. He is also a reviewer of various scientific journals, such as International Journal of Cloud Computing and International Journal of Cyber-Security and Digital Forensics (IJCSDF).|Jamal Mabrouki received the PhD degree in water science and technology from Faculty of Sciences, Mohamed V University in Rabat, Morocco in 2020. He is an engineer in environment and climate. He is working on the project of migration and water and has the role of water governance in migration policy in Africa with the cooperation between MedYWat and World Bank. He is currently a researcher for the environment and climate program at ECOMED in Morocco, where he started the coordinator of the project "Adaptation of Citizens to Climate Change" .|Azidine Guezzaz received the MS degree in the field of computer science and distributed systems from Department of Mathematics and Computer Science, Faculty of Science, University Ibn Zohr, Agadir, Morocco in 2013. He received the PhD degree from Faculty of Science, University Ibn Zohr, Agadir, Morocco in 2018. He was a professor at the Technology High School and BTS in the period 2014-2018. He then joined Cadi Ayyad University in 2018 as an assistant professor. His main field of research interests are intrusion detection and prevention, computer and network security, and cryptography.|Yousef Farhaoui received the PhD degree in computer security from Ibn Zohr University of Science, Morocco in 2012. He is now a professor at Faculty of Sciences and Techniques, Moulay Ismail University. His research interests include e-learning, computer security, big data analytics, and business intelligence. He is a member of various international associations. He has authored 4 books and many book chapters with reputed publishers, such as Springer and IGI. He is served as a reviewer for IEEE, IET, Springer, Inderscience, and Elsevier journals. He is also the guest editor of many journals with Wiley, Springer, Inderscience, etc. He has been the general chair, session chair, and panelist in several conferences.
Cite this article:

Mourade Azrour,Jamal Mabrouki,Azedine Guezzaz,Yousef Farhaoui. New Enhanced Authentication Protocol for Internet of Things. Big Data Mining and Analytics, 2021, 4(1): 1-9.

URL:     OR

Fig. 1 Architecture of IoTs.
IDu/IDSnIdentify of user/sensor
xGwGateway private key
PWuUser’s password
E?(a,b)Elliptic curve equation with order n
PPoint on E?(a,b)
KGSniSecret key shared between GW and Sni
h?()One way hash function
String concatenation operator
XOR operator
TiTimestamp (i=1,2,,5)
Table 1 Symbolizations and their meanings.
Fig. 2 Registration phase.
Fig. 3 Login and authentication phase.
Fig. 4 Password changing phase.
Fig. 5 Scyther test results.
AttackProtocol in Ref. [26]Protocol in Ref. [37]Protocol in Ref. [38]Protocol in Ref. [39]Our protocol
Stolen verifier××
Password guessing×-×
Mutual authentication×-
Session key secrecy×
Table 2 Security performance.
ItemComputation cost in Ref. [40]Computation cost in Ref. [41]Computation cost in Ref. [42]Computation cost in ours
Table 3 Computational comparison.
[1]   Mabrouki J., Azrour M., Farhaoui Y., and El Hajjaji S., Intelligent system for monitoring and detecting water quality, in Big Data and Networks Technologies, Farhaoui Y., ed. Springer International Publishing, 2020, pp.172-182.
[2]   Samsudin S. I., Salim S. I. M., Osman K., Sulaiman S. F., and Sabri M. I. A., A smart monitoring of a water quality detector system, Indonesian Journal of Electrical Engineering and Computer Science, vol. 10, no. 3, pp. 951-958, 2018.
[3]   Zidan N., Maree M., and Samhan S., An IoT-based monitoring and controlling system for water chlorination treatment, in Proceedings of the 2nd International Conference on Future Networks and Distributed Systems-ICFNDS’18, Amman, Jordan, 2018, pp. 1-6.
[4]   Patil B. and Digge D. J., Water quality monitoring in IoT environment, International Organization of Scientific Research Journal of Engineering, vol. 2, pp. 20-25, 2018.
[5]   Pappu S., Vudatha P., Niharika A. V., Karthick T., and Sankaranarayanan S., Intelligent IoT-based water quality monitoring system, International Journal of Engineering Research and Applications, vol. 12, no. 16, pp. 5447-5454, 2017.
[6]   Bakar N. A. A., Ramli W. M. W., and Hassan N. H., The Internet of Things in healthcare: An overview, challenges and model plan for security risks management process, Indonesian Journal of Electrical Engineering and Computer Science, vol. 15, no. 1, pp. 414-420, 2019.
[7]   Chawla N., AI, IoT and wearable technology for smart healthcare - A review, International Journal of Recent Research Aspects, vol. 7, no. 1, pp. 9-13, 2020.
[8]   Hossain M. S., Muhammad G., and Alamri A., Smart healthcare monitoring: A voice pathology detection paradigm for smart cities, Multimedia Systems, vol. 25, no. 5, pp. 565-575, 2019.
[9]   Kumar A., Chattree G., and Periyasamy S., Smart healthcare monitoring system, Wirel Pers Commun, vol. 101, no. 1, pp. 453-463, 2018.
[10]   Sukmaningsih D. W., Suparta W., Trisetyarso A., Abbas B. S., and Kang C. H., Proposing smart disaster management in urban area, in Intelligent Information and Database Systems: Recent Developments, Huk M., Maleszka M., and Szczerbicki E., eds. Springer International Publishing, 2020, pp. 3-16.
[11]   Wei X., Chang N.-B., Bai K., and Gao W., Satellite remote sensing of aerosol optical depth: Advances, challenges, and perspectives, Critical Reviews in Environmental Science and Technology, vol. 50, no. 16, pp. 1640-1725, 2020.
[12]   Bayat B., Crasta N., Crespi A., Pascoal A. M., and Ijspeert A., Environmental monitoring using autonomous vehicles: A survey of recent searching techniques, Current Opinion in Biotechnology, .
doi: 10.1016/j.copbio.2017.01.009
[13]   Kulkarni A. and Mukhopadhyay D., Internet of Things-based weather forecast monitoring system, Indonesian Journal of Electrical Engineering and Computer Science, vol. 9, no. 3, pp. 555-557, 2018.
[14]   Sayuti H., Rashid R. A., Latiff N. M. A., Rahim M. R. A., and Ghazali N. E., Smart home and ambient assisted living based on the Internet of Things, International Journal of Electrical & Computer Engineering, vol. 7, no. 3, pp. 1480-1488, 2017.
[15]   Kang W. M., Moon S. Y., and Park J. H., An enhanced security framework for home appliances in smart home, Human-centric Computing and Information Sciences, vol. 7, no. 1, pp. 1-12, 2017.
[16]   Stojkoska B. L. R. and Trivodaliev K. V., A review of Internet of Things for smart home: Challenges and solutions, Journal of Cleaner Production, vol. 140, no. 3, pp. 1454-1464, 2017.
[17]   Hong X., Yang C., and Rong C., Smart home security monitor system, International Symposium on Parallel & Distributed Computing, .
doi: 10.1109/ISPDC.2016.42
[18]   Mowad M. A. E.-L., Fathy A., and Hafez A., Smart home automated control system using android application and microcontroller, International Journal of Scientific & Engineering Research, vol. 5, no. 5, pp. 935-939, 2014.
[19]   Soliman M., Abiodun T., Hamouda T., Zhou J., and Lung C.-H., Smart home: Integrating Internet of Things with web services and cloud computing, .
doi: 10.1109/CloudCom.2013.155
[20]   Smarter with Gartner, The IoT effect: Opportunities and challenges, , 2018.
[21]   Osseiran A., Elloumi O., Song J., and Monserrat J. F., Internet of Things, IEEE Communications Magazine, vol. 1, no. 2, p. 84, 2017.
[22]   Sedrati A. and Mezrioui A., A survey of security challenges in Internet of Things, Advances in Science Technology and Engineering Systems Journal, vol. 3, no. 1, pp. 274-280, 2018.
[23]   Ye N., Zhu Y., Wang R., Malekian R., and Qiao-min L., An efficient authentication and access control scheme for perception layer of Internet of Things, Applied Mathematics & Information Sciences, vol. 8, no. 4, pp. 1617-1624, 2014.
[24]   Azrour M., Ouanan M., Farhaoui Y., and Guezzaz A., Security analysis of Ye et al. authentication protocol for Internet of Things, in Big Data and Smart Digital Environment, Farhaoui Y. and Moussaid L., eds. Springer International Publishing, 2019, pp. 67-74.
[25]   Jan M. A., Nanda P., He X., Tan Z., and Liu R. P., A robust authentication scheme for observing resources in the Internet of Things environment, .
doi: 10.1109/TrustCom.2014.31
[26]   Kalra S. and Sood S. K., Secure authentication scheme for IoT and cloud servers, Pervasive & Mobile Computing, vol. 24, pp. 210-223, 2015.
[27]   Miller V. S., Use of elliptic curves in cryptography, .
doi: 10.1007/978-1-4939-1711-2_6
[28]   Wu M., Chen J., and Wang R., An enhanced anonymous password-based authenticated key agreement scheme with formal proof, International Journal of Network Security, vol. 19, no. 5, pp. 785-793, 2017.
[29]   Fantacci R., Pecorella T., Viti R., and Carlini C., A network architecture solution for efficient IOT WSN backhauling: Challenges and opportunities, IEEE Wireless Communications, vol. 21, no. 4, pp. 113-119, 2014.
[30]   Nguyen K. T., Laurent M., and Oualha N., Survey on secure communication protocols for the Internet of Things, Ad Hoc Networks, vol. 32, pp. 17-31, 2015.
[31]   Bayat M., Beheshti-Atashgah M., Barari M., and Aref M. R., Cryptanalysis and improvement of a user authentication scheme for Internet of Things using elliptic curve cryptography, IJ Network Security, vol. 21, no. 6, pp. 897-911, 2019.
[32]   Li X., Niu J., Kumari S., Wu F., Sangaiah A. K., and Choo K.-K. R., A three-factor anonymous authentication scheme for wireless sensor networks in Internet of Things environments, Journal of Network and Computer Applications, vol. 103, pp. 194-204, 2018.
[33]   Tai W.-L., Chang Y.-F., and Hou P.-L., Security analysis of a three-factor anonymous authentication scheme for wireless sensor networks in Internet of Things environments, IJ Network Security, vol. 21, no. 6, pp. 1014-1020, 2019.
[34]   Sharma G. and Kalra S., A secure remote user authentication scheme for smart cities e-governance applications, Journal of Reliable Intelligent Environments, vol. 3, no. 3, pp. 177-188, 2017.
[35]   Dhillon P. K. and Kalra S., Multi-factor user authentication scheme for IoT-based healthcare services, Journal of Reliable Intelligent Environments, vol. 4, no. 3, pp. 141-160, 2018.
[36]   Cremers C. J. F., The scyther tool: Verification, falsification, and analysis of security protocols, .
doi: 10.1007/978-3-540-70545-1_38
[37]   Kumari S., Karuppiah M., Das A. K., Li X., Wu F., and Kumar N., A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers, The Journal of Supercomputing, vol. 74, no. 12, pp. 6428-6453, 2018.
[38]   Hsieh W.-B. and Leu J.-S., A robust user authentication scheme using dynamic identity in wireless sensor networks, Wireless Personal Communications, vol. 77, no. 2, pp. 979-989, 2014.
[39]   Chang C.-C. and Le H.-D., A provably secure, efficient, and flexible authentication scheme for Ad Hoc wireless sensor networks, IEEE Wireless Communications, vol. 15, no. 1, pp. 357-366, 2016.
[40]   Yeh H. L., Chen T. H., Liu P. C., Kim T. H., and Wei H. W., A secured authentication protocol for wireless sensor networks using elliptic curves cryptography, Sensors, vol. 11, no. 5, pp. 4767-4779, 2011.
[41]   Das A. K., A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks, Peer-to-Peer Networking and Applications, vol. 9, no. 1, pp. 223-244, 2016.
[42]   Ghani A., Mansoor K., Mehmood S., Chaudhry S. A., Rahman A. U., and Najmus Saqib M., Security and key management in IoT-based wireless sensor networks: An authentication protocol using symmetric key, International Journal of Communication Systems, vol. 32, no. 16, pp. 1-18, 2019.
[1] Haiqin Weng, Binbin Zhao, Shouling Ji, Jianhai Chen, Ting Wang, Qinming He, Raheem Beyah. Towards Understanding the Security of Modern Image Captchas and Underground Captcha-Solving Services[J]. Big Data Mining and Analytics, 2019, 2(2): 118-144.