Litcius/Paper detail

Comments on “ALAM: Anonymous Lightweight Authentication Mechanism for SDN Enabled Smart Homes”

Sungjin Yu, Ashok Kumar Das, Youngho Park

2021IEEE Access24 citationsDOIOpen Access PDF

Abstract

Smart home is intended to be able to enhance home automation systems and achieves goals such as reducing operational costs and increasing comfort while providing security to mobile users. However, an attacker may attempt security attacks in smart home environments because he/she can inject, insert, intercept, delete, and modify transmitted messages over an insecure channel. Secure and lightweight authentication protocols are essential to ensure useful services in smart home environments. In 2020, Iqbal et al. presented an anonymous lightweight authentication protocol for software-defined networking (SDN) enabled smart home, called ALAM. They claimed that ALAM protocol could resist security threats, and also provide secure mutual authentication and user anonymity. This comment demonstrates that ALAM protocol is fragile to various attacks, including session key disclosure, impersonation, and man-in-the-middle attacks, and also their scheme cannot provide user anonymity and mutual authentication. We propose the essential security guidelines to overcome the security flaws of ALAM protocol.

Topics & Concepts

Computer securityMutual authenticationComputer scienceAuthentication (law)AnonymityAuthentication protocolSession keyProtocol (science)Home automationSession (web analytics)Key (lock)Computer networkTelecommunicationsWorld Wide WebPathologyAlternative medicineMedicineEncryptionAdvanced Authentication Protocols SecurityUser Authentication and Security SystemsPrivacy, Security, and Data Protection