{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T18:23:14Z","timestamp":1770834194998,"version":"3.50.1"},"reference-count":24,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T00:00:00Z","timestamp":1770768000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Scientific Research Startup Fund for Shenzhen High-Caliber Personnel of SZPT","award":["6022310051K"],"award-info":[{"award-number":["6022310051K"]}]},{"name":"Industry-University-Research Innovation Fund for Chinese Universities","award":["2023IT068"],"award-info":[{"award-number":["2023IT068"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Entropy"],"abstract":"<jats:p>The growth of the Internet of Things (IoT) has created many problems. A wise example is presented by the design of secure, efficient authentication and key agreement (AKA) protocols. A novel three-factor AKA protocol for the IoT is presented in this paper. The scheme integrates password, biometric, and device-based factors that achieved strong security, which gives anonymity to the user, achieves forward secrecy, and makes the scheme resilient to various attacks like replay, impersonation, and de-synchronization. It also adds a safe lost-password-reset functionality, which makes the protocol more usable. Security analysis proves its strength against the typical adversary, while performance evaluation shows that the solution is better than existing solutions in terms of computational and communication efficiency. The work proposes a practical and scalable security solution for IoT systems, which satisfies the high security standard but within the constraints of an IoT system.<\/jats:p>","DOI":"10.3390\/e28020205","type":"journal-article","created":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T17:45:36Z","timestamp":1770831936000},"page":"205","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Towards Information-Theoretic Security and Privacy in IoT: A Three-Factor AKA Protocol Supporting Forgotten Password Reset"],"prefix":"10.3390","volume":"28","author":[{"given":"Yicheng","family":"Yu","sequence":"first","affiliation":[{"name":"School of Electronic and Communication Engineering, Shenzhen Polytechnic University, Shenzhen 518055, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kai","family":"Wei","sequence":"additional","affiliation":[{"name":"School of Electronic and Communication Engineering, Shenzhen Polytechnic University, Shenzhen 518055, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7771-0057","authenticated-orcid":false,"given":"Hongtu","family":"Li","sequence":"additional","affiliation":[{"name":"College of Computer Science and Technology, Jilin University, Chaoyang District, Changchun 130012, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kai","family":"Zhang","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, National Chung Hsing University, Taichung 402, Taiwan"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2026,2,11]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"37","DOI":"10.1007\/s10922-025-09916-1","article-title":"Integrating Real-Time Wireless Sensor Networks into IoT Using MQTT-SN","volume":"33","author":"Stangaciu","year":"2025","journal-title":"J. Netw. Syst. Manag."},{"key":"ref_2","first-page":"174","article-title":"Edge-computing-driven internet of things: A survey","volume":"55","author":"Kong","year":"2022","journal-title":"ACM Comput. Surv."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"316","DOI":"10.1109\/TPDS.2022.3220221","article-title":"Loop-the-loops: Fragmented learning over networks for constrained IoT devices","volume":"34","author":"Deb","year":"2022","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"116","DOI":"10.1145\/3703444","article-title":"Iot authentication protocols: Challenges, and comparative analysis","volume":"57","author":"Alsheavi","year":"2025","journal-title":"ACM Comput. Surv."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Yu, S., Lee, J., Lee, K., Park, K., and Park, Y. (2018). Secure authentication protocol for wireless sensor networks in vehicular communications. Sensors, 18.","DOI":"10.3390\/s18103191"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"15087","DOI":"10.1109\/JIOT.2023.3264565","article-title":"A Three-Factor-Based Authentication Scheme of 5G Wireless Sensor Networks for IoT System","volume":"10","author":"Sahoo","year":"2023","journal-title":"IEEE Internet Things J."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"1787","DOI":"10.1038\/s41598-024-52134-z","article-title":"ECC-based three-factor authentication and key agreement scheme for wireless sensor networks","volume":"14","author":"Huang","year":"2024","journal-title":"Sci. Rep."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"3801","DOI":"10.1109\/JIOT.2020.3024703","article-title":"Secure multifactor authenticated key agreement scheme for industrial IoT","volume":"8","author":"Vinoth","year":"2020","journal-title":"IEEE Internet Things J."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1561\/3300000004","article-title":"Modeling and verifying security protocols with the applied pi calculus and ProVerif","volume":"Volume 1","author":"Blanchet","year":"2016","journal-title":"Foundations and Trends\u00ae in Privacy and Security"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Sun, D.Z. (2021). Security and privacy analysis of Vinoth et al.\u2019s authenticated key agreement scheme for industrial IoT. Symmetry, 13.","DOI":"10.3390\/sym13101952"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"101965","DOI":"10.1016\/j.adhoc.2019.101965","article-title":"A secure and efficient three-factor multi-gateway authentication protocol for wireless sensor networks","volume":"95","author":"Guo","year":"2019","journal-title":"Ad Hoc Netw."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"12137","DOI":"10.1109\/ACCESS.2022.3146393","article-title":"A provably secure three-factor authentication protocol based on chebyshev chaotic mapping for wireless sensor network","volume":"10","author":"Mo","year":"2022","journal-title":"IEEE Access"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"83","DOI":"10.1007\/s12083-024-01839-z","article-title":"An enhanced three-factor based authentication and key agreement protocol using PUF in IoMT","volume":"18","author":"Wu","year":"2025","journal-title":"Peer-to-Peer Netw. Appl."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"1126","DOI":"10.1109\/JPROC.2014.2320516","article-title":"Physical unclonable functions and applications: A tutorial","volume":"102","author":"Herder","year":"2014","journal-title":"Proc. IEEE"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"8883","DOI":"10.1109\/JIOT.2021.3117762","article-title":"Blockchain and PUF-based lightweight authentication protocol for wireless medical sensor networks","volume":"9","author":"Wang","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"101372","DOI":"10.1016\/j.iot.2024.101372","article-title":"Robust and efficient three-factor authentication solution for WSN-based industrial IoT deployment","volume":"28","author":"Mahmood","year":"2024","journal-title":"Internet Things"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"e4747","DOI":"10.1002\/ett.4747","article-title":"Cryptanalysis and improvement of an authentication protocol for wireless sensor networks","volume":"34","author":"Kumar","year":"2023","journal-title":"Trans. Emerg. Telecommun. Technol."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Canetti, R., and Krawczyk, H. (2001). Analysis of key-exchange protocols and their use for building secure channels. Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Springer.","DOI":"10.1007\/3-540-44987-6_28"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Alghamdi, A.M. (2025). Design and analysis of lightweight and robust authentication protocol for securing the resource constrained IIoT environment. PLoS ONE, 20.","DOI":"10.1371\/journal.pone.0318064"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"100579","DOI":"10.1016\/j.array.2025.100579","article-title":"Enhancing trust in machines integration with Dirichlet distribution and self-sovereign identity","volume":"28","author":"Emati","year":"2025","journal-title":"Array"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","article-title":"On the security of public key protocols","volume":"29","author":"Dolev","year":"2003","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Veyrat-Charvillon, N., and Standaert, F.X. (2011). Generic side-channel distinguishers: Improvements and limitations. Proceedings of the Annual Cryptology Conference, Springer.","DOI":"10.1007\/978-3-642-22792-9_20"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1145\/77648.77649","article-title":"A logic of authentication","volume":"8","author":"Burrows","year":"1990","journal-title":"ACM Trans. Comput. Syst. (TOCS)"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"30","DOI":"10.1109\/TCE.2014.6780922","article-title":"Enhanced three-factor security protocol for consumer USB mass storage devices","volume":"60","author":"He","year":"2014","journal-title":"IEEE Trans. Consum. Electron."}],"container-title":["Entropy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1099-4300\/28\/2\/205\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T17:48:53Z","timestamp":1770832133000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1099-4300\/28\/2\/205"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,2,11]]},"references-count":24,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2026,2]]}},"alternative-id":["e28020205"],"URL":"https:\/\/doi.org\/10.3390\/e28020205","relation":{},"ISSN":["1099-4300"],"issn-type":[{"value":"1099-4300","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,2,11]]}}}