PUF-Based Two-Factor Group Authentication in Smart Home

Various IoT-based applications such as smart home, intelligent medical and VANETs, have been put into practical utilization. Smart home is one of the most concerned environments, which allows users to remotely access and control smart devices via a public network. With development of the mobile network and smart devices, more services can be provided to users by smart devices. To securely access devices and obtain collected data over the public network, multi-factor authentication schemes for smart home have obtained wide attention. However, most of these schemes cannot withstand impersonation attack, physical device lost attack, privileged-insider attack, smart card lost attack and so on. Besides, high communication and computational costs weaken the system performance, which causes that most authentication schemes are not suitable for resource-constrained smart devices. To mitigate the aforementioned drawbacks, we proposed a two-factor anonymous group authentication scheme to implement secure access to multiple devices simultaneously using chinese remainder theorem and secret sharing technology. Our scheme also utilizes fuzzy extractor to extract personal biometric information, which helps uniquely validate authorized users in smart home. Our scheme can support various security features and withstand the most well-known attacks in smart home. Performance analysis indicates that the proposed scheme can efficiently reduce communication/computational costs when the user accesses multiple devices simultaneously.