Abstract
Smart cities are rapidly gaining momentum and aims at improving the quality of life of citizens by adopting Information and Communication Technology. E-governance have become the smarter way of deployment of administration by the authority under its jurisdiction. The citizens can access the services of government anywhere at any time. Since this technique requires the transmission of sensitive information between the government and the citizen through the Internet, information security is of utmost importance. This paper proposes a lightweight, robust remote user authentication and key agreement protocol for e-governance applications in the smart cities. The proposed protocol is based on XOR and hash operations, and includes (1) a password and smart card, (2) user anonymity, (3) mutual authentication, (4) shared session key, and (5) key freshness. It satisfies desirable security attributes and is resistant against all well-known security attacks. Further, the formal security verification using AVISPA and informal security proves the security strength of the proposed protocol and its robustness against all possible security threats.
Similar content being viewed by others
References
Hu Y, Tilke D, Adams T, Crandall AS, Cook DJ, Schmitter-Edgecombe M (2016) Smart home in a box: usability study for a large scale self-installation of smart home technologies. J Reliab Intell Environ 2(2):93–106. doi:10.1007/s40860-016-0021-y
Dahmen J, Cook DJ, Wang X, Honglei W (2017) Smart secure homes: a survey of smart home technologies that sense, assess, and respond to security threats. J Reliab Intell Environ. doi:10.1007/s40860-017-0035-0
Chen S, Song S, Li L, Shen J (2009) Survey on smart grid technology [J]. Power Syst Technol 8:1–7
Adeli H, Jiang X (2009) Intelligent infrastructure: neural networks, wavelets, and chaos theory for intelligent transportation systems and smart structures. Crc Press, Boca Raton
Vithanwattana N, Mapp G, George C (2017) Developing a comprehensive information security framework for mHealth: a detailed analysis. J Reliab Intell Environ. doi:10.1007/s40860-017-0038-x
Kummitha RKR, Crutzen N (2017) How do we understand smart cities? An evolutionary perspective. Cities 67:43–52. doi:10.1016/j.cities.2017.04.010
Corno F, Guercio E, De Russis L, Gargiulo E (2015) Designing for user confidence in intelligent environments. J Reliab Intell Environ 1(1):11–21. doi:10.1007/s40860-015-0001-7
Datta A (2015) A 100 smart cities, a 100 utopias. Dialogues Hum Geogr 5(1):49–53. doi:10.1177/2043820614565750
Hollands RG (2008) Will the real smart city please stand up? Intelligent, progressive or entrepreneurial? City 12(3):303–320. doi:10.1080/13604810802479126
Graham S, Marvin S (2001) Splintering urbanism: networked infrastructures, technological mobilities and the urban condition. Psychology Press, Routledge
Haider SF et al (2016) Taxonomy and issues for antifragile-based multimedia cloud computing. J Reliab Intell Environ 2(1):37–49. doi:10.1007/s40860-016-0017-7
Banda G, Bommakanti CK, Mohan H (2016) One IoT: an IoT protocol and framework for OEMs to make IoT-enabled devices forward compatible. J Reliab Intell Environ 2(3):131–144. doi:10.1007/s40860-016-0027-5
Kim S, Kim HJ, Lee H (2009) An institutional analysis of an e-government system for anti-corruption: the case of OPEN. Gov Inf Q 26(1):42–50. doi:10.1016/j.giq.2008.09.002
Awoleye OM, Ojuloge B, Ilori MO (2014) Web application vulnerability assessment and policy direction towards a secure smart government. Gov Inf Q 31:S118–S125. doi:10.1016/j.giq.2014.01.012
Roy A, Banik S, Karforma S (2011) Object oriented modelling of RSA digital signature in e-governance security. Int J Comput Eng Inf Technol 26:24–33
Roy A, Karforma S (2012) Object oriented approach of digital certificate based e-governance mechanism. ACEEE Conf Proc Ser 3:3–4
Roy A, Karforma S (2013) UML based modeling of ECDSA for secured and smart E-Governance system. In Computer Science and Information Technology (CS and IT-CSCP 2013), Proceedings of National Conference on Advancement of Computing in Engineering Research (ACER13) organized by Global Institute of Management and Technology, pp 207–222. doi:10.5121/csit.2013.3219
Zhu J, Ma J (2004) A new authentication scheme with anonymity for wireless environments. IEEE Trans Consum Electron 50(1):231–235. doi:10.1109/TCE.2004.1277867
Lee C-C, Hwang M-S, Liao I-E (2006) Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Trans Ind Electron 53(5):1683–1687. doi:10.1109/TIE.2006.881998
Liao I-E, Lee C-C, Hwang M-S (2006) A password authentication scheme over insecure networks. J Comput Syst Sci 72(4):727–740. doi:10.1016/j.jcss.2005.10.001
Yoon E-J, Yoo K-Y (2006) Drawbacks of Liao et al.’s password authentication scheme. In: Next generation web services practices, 2006. NWeSP 2006. International conference on, pp 101–108. doi:10.1109/NWESP.2006.15
Juang W-S, Chen S-T, Liaw H-T (2008) Robust and efficient password-authenticated key agreement using smart cards. IEEE Trans Ind Electron 55(6):2551–2556. doi:10.1109/TIE.2008.921677
Xu J, Zhu W-T, Feng D-G (2009) An improved smart card based password authentication scheme with provable security. Comput Stand Interfaces 31(4):723–728. doi:10.1016/j.csi.2008.09.006
Lee S-W, Kim H-S, Yoo K-Y (2005) Improvement of Chien et al’.s remote user authentication scheme using smart cards. Comput Stand Interfaces 27(2):181–183. doi:10.1016/j.csi.2004.02.002
Sood SK, Sarje AK, Singh K (2010) An improvement of Xu et al.’s authentication scheme using smart cards. In: Third annual ACM Bangalore conference on—COMPUTE ’10, pp 1–5. doi:10.1145/1754288.1754303
Chen T-H, Hsiang H-C, Shih W-K (2011) Security enhancement on an improvement on two remote user authentication schemes using smart cards. Futur Gener Comput Syst 27(4):377–380. doi:10.1016/j.future.2010.08.007
Li X, Niu J, Khan MK, Liao J (2013) An enhanced smart card based remote user password authentication scheme. J Netw Comput Appl 36(5):1365–1371. doi:10.1016/j.jnca.2013.02.034
Mishra D, Das AK, Chaturvedi A, Mukhopadhyay S (2015) A secure password-based authentication and key agreement scheme using smart cards. J Inf Secur Appl 23:28–43. doi:10.1016/j.jisa.2015.06.001
Kalra S, Sood SK (2015) Secure authentication scheme for IoT and cloud servers. Pervasive Mob Comput 24:210–223. doi:10.1016/j.pmcj.2015.08.001
Sharma G, Kalra S (2016) A novel scheme for data security in cloud computing using quantum cryptography. In: ACM international conference proceeding series, vol 12–13-Augu. doi:10.1145/2979779.2979816
Sharma G, Kalra S (2016) Identity based secure authentication scheme based on quantum key distribution for cloud computing. Peer Peer Netw Appl. doi:10.1007/s12083-016-0528-2
Dhillon PK, Kalra S (2017) A lightweight biometrics based remote user authentication scheme for IoT services. J Inf Secur Appl. doi:10.1016/j.jisa.2017.01.003
Dhillon PK, Kalra S (2017) Secure multi-factor remote user authentication scheme for Internet of Things environments. Int J Commun Syst. doi:10.1002/dac.3323
Liu Y-J, Chang C-C, Chang S-C (2017) An efficient and secure smart card based password authentication scheme. Int J Netw Secur. doi:10.6633/IJNS.201701.19(1).01
AVISPA (2017) AVISPA Web Tool. http://www.avispaproject.org/webinterface/expert.php/. Accessed Jan 2017
Chevalier Y, Compagna L, Cuellar J, Drielsma PH, Mantovani J, Mödersheim S, Vigneron L (2004) A high level protocol specification language for industrial security-sensitive protocols. In: Workshop on Specification and Automated Processing of Security Requirements-SAPS’2004. Austrian Computer Society, 13p
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Sharma, G., Kalra, S. A secure remote user authentication scheme for smart cities e-governance applications. J Reliable Intell Environ 3, 177–188 (2017). https://doi.org/10.1007/s40860-017-0046-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s40860-017-0046-x