{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T14:19:33Z","timestamp":1773843573240,"version":"3.50.1"},"reference-count":68,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2022,2,7]],"date-time":"2022-02-07T00:00:00Z","timestamp":1644192000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2022,2,7]],"date-time":"2022-02-07T00:00:00Z","timestamp":1644192000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100009232","name":"University of Debrecen","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100009232","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2022,8]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Smart homes are a special use-case of the IoT paradigm, which is becoming more and more important in our lives. Although sensors, devices and applications make our daily lives easier, they often collect our sensitive data, which may lead to security problems (e.g., hacked devices, botnets, etc.). In several cases, the appropriate security mechanisms are missing within the devices. Therefore, security measures have become a central topic in the field of IoT. The most essential requirements are secure user\u2013device authentication and confidentiality of transferred sensitive data. Passwords are the most widely used factors in various areas, such as user authentication, key establishment, and also secret sharing. Password-based protocols that are resistant to typical threats, such as offline dictionary, man-in-the-middle and phishing attacks, generate new session keys. The major aim of these solutions is to guarantee high-level security, even if a user applies a single low-entropy human memorable password for all their accounts. We introduce a threshold and password-based, distributed, mutual authenticated key agreement with key confirmation protocol for a smart home environment. The proposed protocol is a scalable and robust scheme, which forces the adversary to corrupt <jats:inline-formula><jats:alternatives><jats:tex-math>$$l-1$$<\/jats:tex-math><mml:math xmlns:mml=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                  <mml:mrow>\n                    <mml:mi>l<\/mml:mi>\n                    <mml:mo>-<\/mml:mo>\n                    <mml:mn>1<\/mml:mn>\n                  <\/mml:mrow>\n                <\/mml:math><\/jats:alternatives><\/jats:inline-formula> smart home devices, where <jats:italic>l<\/jats:italic> is the threshold, in order to perform an offline dictionary attack. The protocol is designed to achieve password-only setting, and end-to-end security if the chosen IoT devices are also authenticated besides the user. We also provide a security analysis of the protocol in AVISPA. We apply the on-the-fly model checker and the constraint-logic-based attack searcher to perform protocol verification for bounded numbers of sessions. We show that the proposed protocol provides session key secrecy and mutual authentication of the user and the device manager. Since efficiency is a crucial aspect, we implemented our protocol to measure the computation and communication costs and demonstrate that our solution is appropriate and eligible for smart homes.\n<\/jats:p>","DOI":"10.1007\/s10207-022-00578-7","type":"journal-article","created":{"date-parts":[[2022,2,7]],"date-time":"2022-02-07T20:02:38Z","timestamp":1644264158000},"page":"707-723","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":19,"title":["Scalable, password-based and threshold authentication for smart homes"],"prefix":"10.1007","volume":"21","author":[{"given":"Andrea","family":"Huszti","sequence":"first","affiliation":[]},{"given":"Szabolcs","family":"Kov\u00e1cs","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0007-8508","authenticated-orcid":false,"given":"Norbert","family":"Ol\u00e1h","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,2,7]]},"reference":[{"issue":"13","key":"578_CR1","doi-asserted-by":"publisher","first-page":"2597","DOI":"10.1016\/j.comnet.2013.05.007","volume":"57","author":"T Acar","year":"2013","unstructured":"Acar, T., Belenkiy, M., K\u00fcpc\u00fc, A.: Single password authentication. Comput. Netw. 57(13), 2597\u20132614 (2013)","journal-title":"Comput. Netw."},{"issue":"2","key":"578_CR2","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1109\/MCE.2019.2953740","volume":"9","author":"T Alladi","year":"2020","unstructured":"Alladi, T., et al.: Consumer IoT: security vulnerability case studies and solutions. IEEE Consum. Electron. Mag. 9(2), 17\u201325 (2020)","journal-title":"IEEE Consum. Electron. Mag."},{"key":"578_CR3","unstructured":"Arabi, K.: Mobile computing opportunities, challenges and technology drivers. In: IEEE DAC 2014 Keynote https:\/\/www.youtube.com\/watch?v=vdwVcvE_OiI&ab_channel=DACTV. Accessed 31 Jan 2022"},{"key":"578_CR4","doi-asserted-by":"crossref","unstructured":"Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cu\u00e9llar, J., Drielsma, P.H., H\u00e9am, P.C., Kouchnarenko, O., Mantovani, J., et. al.: The AVISPA tool for the automated validation of internet security protocols and applications. In: International Conference on Computer Aided Verification, pp 281\u2013285. Springer (2005)","DOI":"10.1007\/11513988_27"},{"key":"578_CR5","doi-asserted-by":"crossref","unstructured":"Armando, A., Compagna, L.: Abstraction-driven SAT-based analysis of security protocols. In: Proceedings of SAT\u201903, LNCS 2919, pp. 257\u2013271. Springer (2003)","DOI":"10.1007\/978-3-540-24605-3_20"},{"key":"578_CR6","doi-asserted-by":"crossref","unstructured":"Armando, A., Compagna, L.: An optimized intruder model for SAT-based model-checking of security protocols. In: Proceedings of ARSPA\u201904. Electronic Notes in Theoretical Computer Science, vol. 125, no. 1, pp. 91\u2013108 (2005)","DOI":"10.1016\/j.entcs.2004.05.021"},{"key":"578_CR7","doi-asserted-by":"crossref","unstructured":"Armando, A., Compagna, L.: Automatic SAT-compilation of protocol insecurity problems via reduction to planning. In: Proceedings of FORTE 2002, LNCS 2529, pp. 210\u2013225. Springer (2002)","DOI":"10.1007\/3-540-36135-9_14"},{"key":"578_CR8","doi-asserted-by":"crossref","unstructured":"Armando, A., Compagna, L.: SATMC: a SAT-based model checker for security protocols. In: Proceedings of JELIA\u201904, LNAI 3229, pp. 617\u2013627. Springer (2004)","DOI":"10.1007\/978-3-540-30227-8_68"},{"key":"578_CR9","doi-asserted-by":"crossref","unstructured":"Bagherzandi, A., Jarecki, S., Saxena, N., Lu, Y.: Password-protected secret sharing. In: ACM Conference on Computer and Communications Security (2011)","DOI":"10.1145\/2046707.2046758"},{"key":"578_CR10","doi-asserted-by":"crossref","unstructured":"Basin, D., M\u00f6dersheim, S., Vigan\u00f3, L.: Algebraic intruder deductions. In: Proceedings of LPAR\u201905, LNAI 3835, pp. 549\u2013564. Springer (2005)","DOI":"10.1007\/11591191_38"},{"key":"578_CR11","doi-asserted-by":"crossref","unstructured":"Basin, D., M\u00f6dersheim, S., Vigan\u00f3, L.: Constraint differentiation: a new reduction technique for constraint-based analysis of security protocols. In: Proceedings of CCS\u201903, pp. 335\u2013344. ACM Press (2003)","DOI":"10.1145\/948109.948154"},{"issue":"3","key":"578_CR12","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1007\/s10207-004-0055-7","volume":"4","author":"D Basin","year":"2005","unstructured":"Basin, D., M\u00f6dersheim, S., Vigan\u00f3, L.: OFMC: a symbolic model checker for security protocols. Int. J. Inf. Secur. 4(3), 181\u2013208 (2005)","journal-title":"Int. J. Inf. Secur."},{"key":"578_CR13","doi-asserted-by":"crossref","unstructured":"Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: Proceedings of the 1992 IEEE Computer Society Conference on Research in Security and Privacy. IEEE (1992)","DOI":"10.1145\/168588.168618"},{"key":"578_CR14","unstructured":"Bitdefender Whitepaper: Severe vulnerability in iBaby Monitor M6S camera leads to remote access to video storage bucket. https:\/\/www.bitdefender.com\/files\/News\/CaseStudies\/study\/315\/Bitdefender-Whitepaper-Severe-Vulnerability-in-iBaby-Monitor-M6S-Camera-interactive.pdf (2019). Accessed 31 Jan 2022"},{"key":"578_CR15","unstructured":"Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In:14th IEEE Computer Security Foundations Workshop (CSFW-14), pp. 82\u201396 (2001)"},{"key":"578_CR16","unstructured":"Boichut, Y., Heam, P.-C., Kouchnarenko, O., Oehl, F.: Improvements on the genet and klay technique to automatically verify security protocols. In: Proceedings of the International Workshop on Automated Verification of Infinite-State Systems (AVIS\u20192004), pp. 1\u201311 (2004)"},{"key":"578_CR17","unstructured":"Boichut, Y., H\u00e9am, P.-C., Kouchnarenko, O.: Automatic verification of security protocols using approximations. Technical report RR-5727, INRIA (2005)"},{"key":"578_CR18","doi-asserted-by":"crossref","unstructured":"Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. In: Advances in Cryptography\u2014Proceedings of Crypto 2001, Vol 2139 of LNCS, pp. 213\u2013229 (2001)","DOI":"10.1007\/3-540-44647-8_13"},{"key":"578_CR19","doi-asserted-by":"crossref","unstructured":"Boyen, X.: Hidden credential retrieval from a reusable password. In: Proceedings of the 4th International Symposium on Information, pp. 228\u2013238. ACM (2009)","DOI":"10.1145\/1533057.1533089"},{"key":"578_CR20","doi-asserted-by":"crossref","unstructured":"Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie\u2013Hellman. In: EUROCRYPT 2000. Springer (2000)","DOI":"10.1007\/3-540-45539-6_12"},{"key":"578_CR21","unstructured":"Brainard, J., Juels, A., Kaliski, B., Szydlo, M.: A new two-server approach for authentication with short secrets. In: Proceeding SSYM\u201903, Proceedings of the 12th Conference on USENIX Security Symposium, vol. 12, pp 1\u201314 (2003)"},{"key":"578_CR22","doi-asserted-by":"crossref","unstructured":"Cao, J., Xu, L., Abdallah, R., Shi, W.: EdgeOS_H: a home operating system for Internet of everything. In: Proceedings of the 37th IEEE International Conference on Distributed Computing Systems, pp. 1756\u20131764 (2017)","DOI":"10.1109\/ICDCS.2017.325"},{"issue":"1","key":"578_CR23","first-page":"198","volume":"9","author":"N Chen","year":"2014","unstructured":"Chen, N., Jiang, R.: Security analysis and improvement of user authentication framework for cloud computing. J. Netw. 9(1), 198\u2013203 (2014)","journal-title":"J. Netw."},{"key":"578_CR24","doi-asserted-by":"crossref","unstructured":"Chevalier, Y., K\u00fcsters, R., Rusinowitch, M., Turuani, M., Vigneron, L.: Deciding the security of protocols with Diffie\u2013Hellman exponentiation and products in exponents. In: Proceedings of FST TCS\u20192003, LNCS 2914, pp. 124\u2013135. Springer (2003)","DOI":"10.1007\/978-3-540-24597-1_11"},{"key":"578_CR25","doi-asserted-by":"crossref","unstructured":"Chevalier, Y., K\u00fcsters, R., Rusinowitch, M., Turuani, M., Vigneron, L.: Extending the Dolev\u2013Yao intruder for analyzing an unbounded number of sessions. In: Proceedings of CSL\u20192003, LNCS 2803, pp. 128\u2013141. Springer (2003)","DOI":"10.1007\/978-3-540-45220-1_13"},{"key":"578_CR26","doi-asserted-by":"crossref","unstructured":"Chevalier, Y., K\u00fcsters, R., Rusinowitch, M., Turuani, M.: Deciding the security of protocols with commuting public key encryption. In: Proceedings of ARSPA\u201904. Electronic Notes in Theoretical Computer Science, vol. 125, no. 1, pp. 55\u201366 (2005)","DOI":"10.1016\/j.entcs.2004.05.019"},{"key":"578_CR27","doi-asserted-by":"crossref","unstructured":"Chevalier, Y., Rusinowitch, M.: Combining intruder theories. In: Proceedings of ICALP 2005, LNCS 3580, pp. 639\u2013651. Springer (2005)","DOI":"10.1007\/11523468_52"},{"issue":"1\u20133","key":"578_CR28","doi-asserted-by":"publisher","first-page":"247","DOI":"10.1016\/j.tcs.2005.01.015","volume":"338","author":"Y Chevalier","year":"2005","unstructured":"Chevalier, Y., K\u00fcsters, R., Rusinowitch, M., Turuani, M.: An NP decision procedure for protocol insecurity with XOR. Theor. Comput. Sci. 338(1\u20133), 247\u2013274 (2005)","journal-title":"Theor. Comput. Sci."},{"key":"578_CR29","doi-asserted-by":"crossref","unstructured":"Choudhury, A.J., Kumar, P., Sain, M.: A strong user authentication framework for cloud computing. In: Proceedings of IEEE Asia\u2013Pacific Services Computing Conference, pp. 110\u2013115 (2011)","DOI":"10.1109\/APSCC.2011.14"},{"key":"578_CR30","doi-asserted-by":"crossref","unstructured":"Di Raimondo, M., Gennaro, R.: Provably secure threshold password-authenticated key exchange. In: International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin (2003)","DOI":"10.1007\/3-540-39200-9_32"},{"key":"578_CR31","doi-asserted-by":"crossref","unstructured":"Drielsma, P.H., M\u00f6dersheim, S.: The ASW protocol revisited: a unified view. In: Proceedings of ARSPA\u201904. Electronic Notes in Theoretical Computer Science, vol. 125, no. 1, pp. 141\u2013156 (2005)","DOI":"10.1016\/j.entcs.2004.05.024"},{"key":"578_CR32","unstructured":"Fr\u00e1nik, M., Cerm\u00e1k, M.: Serious flaws found in multiple smart home hubs: Is your device among them? https:\/\/www.welivesecurity.com\/2020\/04\/22\/serious-flaws-smart-home-hubs-is-your-device-among-them\/ (2020). Accessed 31 Jan 2022"},{"key":"578_CR33","doi-asserted-by":"crossref","unstructured":"Genet, T., Klay, F.: Rewriting for cryptographic protocol verification. In: Proceedings of CADE\u201900, LNCS 1831, pp. 271\u2013290. Springer (2000)","DOI":"10.1007\/10721959_21"},{"key":"578_CR34","doi-asserted-by":"crossref","unstructured":"Genet, T., Viet Triem Tong, V.: Reachability analysis of term rewriting systems with Timbuk. In: Proceedings of LPAR\u201901, LNCS 2250 (2001)","DOI":"10.1007\/3-540-45653-8_48"},{"key":"578_CR35","doi-asserted-by":"crossref","unstructured":"Gu, T., Mohapatra, P.: BF-IoT: securing the IoT networks via fingerprinting-based device authentication. In: 2018 IEEE 15th International Conference on Mobile Ad Hoc and Sensor Systems (MASS), pp. 254\u2013262. IEEE (2018)","DOI":"10.1109\/MASS.2018.00047"},{"key":"578_CR36","doi-asserted-by":"crossref","unstructured":"Hoang, V.H., Lehtihet, E., Ghamri-Doudane, Y.: Password-based authenticated key exchange based on signcryption for the Internet of Things. In: 2019 Wireless Days (WD), pp. 1\u20138. IEEE","DOI":"10.1109\/WD.2019.8734196"},{"key":"578_CR37","doi-asserted-by":"crossref","unstructured":"Huszti, A., Ol\u00e1h, N.: A simple authentication scheme for clouds. In: Proceedings of IEEE Conference on Communications and Network Security (CNS), pp. 565\u2013569 (2016)","DOI":"10.1109\/CNS.2016.7860549"},{"issue":"1","key":"578_CR38","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1109\/30.826377","volume":"46","author":"MS Hwang","year":"2000","unstructured":"Hwang, M.S., Li, L.H.: A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(1), 28\u201330 (2000)","journal-title":"IEEE Trans. Consum. Electron."},{"key":"578_CR39","doi-asserted-by":"publisher","unstructured":"W. Iqbal, H. Abbas, B. Rauf, Y. Abbas, F. Amjad, A. Hemani PCSS: Privacy preserving communication scheme for SDN enabled smart homes IEEE Sens J (c) (2021), pp. 1\u201313. https:\/\/doi.org\/10.1109\/JSEN.2021.30877798","DOI":"10.1109\/JSEN.2021.30877798"},{"key":"578_CR40","doi-asserted-by":"crossref","unstructured":"I\u015fler, D., K\u00fcp\u00e7\u00fc, A.: Threshold single password authentication.  ESORICS Data Privacy Management, Cryptocurrencies and Blockchain Technology, pp. 143-162, (2017)","DOI":"10.1007\/978-3-319-67816-0_9"},{"key":"578_CR41","first-page":"1","volume":"976","author":"D I\u015fler","year":"2018","unstructured":"I\u015fler, D., K\u00fcp\u00e7\u00fc, A.: Distributed single password protocol framework. IACR Cryptol. ePrint Arch. 976, 1\u201324 (2018)","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"578_CR42","doi-asserted-by":"crossref","unstructured":"Jarecki, S., Kiayias, A., Krawczyk, H.: Round-optimal password-protected secret sharing and T-PAKE in the password-only model. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 233\u2013253. Springer, Berlin (2014)","DOI":"10.1007\/978-3-662-45608-8_13"},{"key":"578_CR43","doi-asserted-by":"crossref","unstructured":"Jiang, Y., Huang, Q., Zhu, C., Wang, Y., Shen, J.: An efficient key agreement protocol for secure group communications using periodic array. In: 2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification (ASID), pp. 36\u201340. IEEE","DOI":"10.1109\/ICASID.2019.8925248"},{"key":"578_CR44","doi-asserted-by":"publisher","unstructured":"Katz, J., Ostrovsky, R., Yung, M. Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475\u2013494. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44987-629","DOI":"10.1007\/3-540-44987-629"},{"key":"578_CR45","doi-asserted-by":"publisher","first-page":"395","DOI":"10.1016\/j.future.2017.11.022","volume":"82","author":"MA Khan","year":"2018","unstructured":"Khan, M.A., Salah, K.: IoT security: review, blockchain solutions, and open challenges. Future Gener. Comput. Syst. 82, 395\u2013411 (2018)","journal-title":"Future Gener. Comput. Syst."},{"issue":"7","key":"578_CR46","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1109\/MC.2017.201","volume":"50","author":"C Kolias","year":"2017","unstructured":"Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80\u201384 (2017)","journal-title":"Computer"},{"issue":"1","key":"578_CR47","doi-asserted-by":"publisher","first-page":"204","DOI":"10.1109\/TCE.2004.1277863","volume":"50","author":"WC Ku","year":"2004","unstructured":"Ku, W.C., Chen, S.M.: Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 50(1), 204\u2013207 (2004)","journal-title":"IEEE Trans. Consum. Electron."},{"issue":"1","key":"578_CR48","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1016\/j.compeleceng.2009.08.007","volume":"36","author":"Y Lee","year":"2010","unstructured":"Lee, Y., Kim, S., Won, D.: Enhancement of two-factor authenticated key exchange protocols in public wireless LANs. Comput. Electr. Eng. 36(1), 213\u2013223 (2010)","journal-title":"Comput. Electr. Eng."},{"key":"578_CR49","unstructured":"LHN: Zipato smart home hub exploits discovered that could allow an attacker to open iOT door locks. https:\/\/latesthackingnews.com\/2019\/07\/05\/hackers-can-exploit-zipato-smart-home-hub-flaws-to-break-in\/ (2019). Accessed 31 Jan 2022"},{"key":"578_CR50","doi-asserted-by":"publisher","first-page":"3573","DOI":"10.1109\/TIFS.2021.3081263","volume":"16","author":"W Li","year":"2021","unstructured":"Li, W., Cheng, H., Wang, P., Liang, K.: Practical threshold multi-factor authentication. IEEE Trans. Inf. Forensics Secur. 16, 3573\u20133588 (2021)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"issue":"8","key":"578_CR51","doi-asserted-by":"publisher","first-page":"1584","DOI":"10.1109\/JPROC.2019.2922285","volume":"107","author":"L Lin","year":"2019","unstructured":"Lin, L., Liao, X., Jin, H., Li, P.: Computation offloading toward edge computing. Proc. IEEE 107(8), 1584\u20131607 (2019). https:\/\/doi.org\/10.1109\/JPROC.2019.2922285","journal-title":"Proc. IEEE"},{"issue":"6","key":"578_CR52","doi-asserted-by":"publisher","first-page":"1899","DOI":"10.1109\/JIOT.2017.2707465","volume":"4","author":"Z Ling","year":"2017","unstructured":"Ling, Z., Luo, J., Xu, Y., Gao, C., Wu, K., Fu, X.: Security vulnerabilities of internet of things: a case study of the smart plug system. IEEE Internet of Things J. 4(6), 1899\u20131909 (2017). https:\/\/doi.org\/10.1109\/JIOT.2017.2707465","journal-title":"IEEE Internet of Things J."},{"key":"578_CR53","doi-asserted-by":"crossref","unstructured":"MacKenzie, P., Shrimpton, T., Jakobsson, M.: Threshold password-authenticated key exchange. In: CRYPTO 2002. Springer (2002)","DOI":"10.1007\/3-540-45708-9_25"},{"key":"578_CR54","doi-asserted-by":"publisher","unstructured":"Marksteiner, S., Exposito Jimenez, V.J., Vallant, H., Zeiner, H.: An overview of wireless IoT protocol security in the smart home domain. In: 2017 Joint 13th CTTE and 10th CMI Conference on Internet of Things Business Models, Users, and Networks, Copenhagen, 2017, pp. 1\u20138. https:\/\/doi.org\/10.1109\/CTTE.2017.8260940. http:\/\/ieeexplore.ieee.org\/document\/8260940\/","DOI":"10.1109\/CTTE.2017.8260940"},{"issue":"5","key":"578_CR55","doi-asserted-by":"publisher","first-page":"1639","DOI":"10.1109\/18.259647","volume":"39","author":"AJ Menezes","year":"1993","unstructured":"Menezes, A.J., Okamoto, T., Vanstone, S.A.: Reducing elliptic curve logarithms to logarithms in a finite field. iEEE Trans. Inf. Theory 39(5), 1639\u20131646 (1993)","journal-title":"iEEE Trans. Inf. Theory"},{"key":"578_CR56","doi-asserted-by":"crossref","unstructured":"Merkle, R.C.: A digital signature based on a conventional encryption function. In: Advances in Cryptology\u2014CRYPTO \u201987. Lecture Notes in Computer Science, vol. 293, pp. 369\u2013378 (1987)","DOI":"10.1007\/3-540-48184-2_32"},{"issue":"5","key":"578_CR57","first-page":"1382","volume":"E87\u2013B","author":"YM Park","year":"2004","unstructured":"Park, Y.M., Park, S.G.: Two factor authenticated key exchange (TAKE) protocol in public wireless LANs. IEICE Trans. Commun. E87\u2013B(5), 1382\u20131385 (2004)","journal-title":"IEICE Trans. Commun."},{"key":"578_CR58","doi-asserted-by":"crossref","unstructured":"Pointcheval, D., Zimmer, S.: Multi-factor authenticated key exchange. In: Bellovin, S.M., Gennaro, R. (eds.) Applied Cryptography and Network Security (ACNS) 2008, LNCS, vol. 5037, pp. 277\u2013295. Springer (2008)","DOI":"10.1007\/978-3-540-68914-0_17"},{"key":"578_CR59","doi-asserted-by":"crossref","unstructured":"Rathore, M.M., Bentafat, E., Bakiras, S.: Smart home security: a distributed identity-based security protocol for authentication and key exchange. In: 2019 28th International Conference on Computer Communication and Networks (ICCCN), pp. 1\u20139. IEEE (2019)","DOI":"10.1109\/ICCCN.2019.8847034"},{"key":"578_CR60","doi-asserted-by":"publisher","first-page":"3081","DOI":"10.1007\/s11276-018-1704-5","volume":"25","author":"MES Saeed","year":"2019","unstructured":"Saeed, M.E.S., Liu, Q.Y., Tian, G., et al.: AKAIoTs: authenticated key agreement for Internet of Things. Wirel. Netw. 25, 3081\u20133101 (2019). https:\/\/doi.org\/10.1007\/s11276-018-1704-5","journal-title":"Wirel. Netw."},{"key":"578_CR61","unstructured":"Samsung SmartCam. https:\/\/www.exploitee.rs\/index.php\/%20Samsung%20SmartCam%E2%80%8B#Fixing%20Password%20Reset%20.22Pre-Auth.22 (2014)"},{"key":"578_CR62","doi-asserted-by":"publisher","first-page":"956","DOI":"10.1016\/j.future.2016.11.033","volume":"78","author":"J Shen","year":"2018","unstructured":"Shen, J., Chang, S., Shen, J., Liu, Q., Sun, X.: A lightweight multi-layer authentication protocol for wireless body area networks. Future Gener. Comput. Syst. 78, 956\u2013963 (2018)","journal-title":"Future Gener. Comput. Syst."},{"key":"578_CR63","unstructured":"Stebila, D.J., Udupi, P.V., Shantz, S.C.: Multi-factor password-authenticated key exchange. U.S. Patent No 8,776,176 (2014)"},{"key":"578_CR64","doi-asserted-by":"publisher","unstructured":"Trimananda, R., Younis, A., Wang, B., Xu, B., Demsky, B., Xu, G.: Vigilia: securing smart home edge computing. In: IEEE\/ACM Symposium on Edge Computing (SEC), vol. 2018, pp. 74\u201389. Seattl, WA (2018). https:\/\/doi.org\/10.1109\/SEC.2018.00013","DOI":"10.1109\/SEC.2018.00013"},{"key":"578_CR65","doi-asserted-by":"publisher","first-page":"31","DOI":"10.36244\/ICJ.2019.4.5","volume":"11","author":"\u00c1 V\u00e9csi","year":"2019","unstructured":"V\u00e9csi, \u00c1., Bagossy, A., Peth\u00f6, A.: Cross-platform identity-based cryptography using WebAssembly. Infocommunications 11, 31 (2019)","journal-title":"Infocommunications"},{"key":"578_CR66","unstructured":"Wassermann, G.: ZyXEL NBG-418N, PMG5318-B20A and P-660HW-T1 routers contain multiple vulnerabilities. http:\/\/www.kb.cert.org\/vuls\/id\/870744 (2015)"},{"key":"578_CR67","doi-asserted-by":"publisher","first-page":"28096","DOI":"10.1109\/ACCESS.2020.2969986","volume":"8","author":"T Wu","year":"2020","unstructured":"Wu, T., Lee, Z., Obaidat, M.S., Kumari, S., Kumar, S., Chen, C.: An authenticated key exchange protocol for multi-server architecture in 5G networks. IEEE Access 8, 28096\u201328108 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.2969986","journal-title":"IEEE Access"},{"key":"578_CR68","doi-asserted-by":"crossref","unstructured":"Zavalyshyn, I., Duarte, N.O., Santos, N.: HomePad: a privacy-aware smart hub for home environments In: Proceedings of the IEEE\/ACM Symposium on Edge Computing, pp. 58\u201373 (2018)","DOI":"10.1109\/SEC.2018.00012"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-022-00578-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-022-00578-7\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-022-00578-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,29]],"date-time":"2022-07-29T11:55:00Z","timestamp":1659095700000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-022-00578-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,2,7]]},"references-count":68,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2022,8]]}},"alternative-id":["578"],"URL":"https:\/\/doi.org\/10.1007\/s10207-022-00578-7","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,2,7]]},"assertion":[{"value":"7 February 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"Andrea Pint\u00e9r-Huszti, Norbert Ol\u00e1h and Szabolcs Kov\u00e1cs declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"This article does not contain any studies with human participants or animals performed by any of the authors.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}}]}}