A Lightweight and User-centric Two-factor Authentication Mechanism for IoT Based on Blockchain and Smart Contract
Author
Abstract

Two-factor authentication (2FA) is commonly used in Internet of Things (IoT) authentication to provide multi-layer protection. Tokens, often known as One-Time Passwords (OTP), are used to offer additional information. While this technique provides flexible verification and an additional layer of security, it still has a number of security issues. This is because it relies on third-party services to produce tokens or OTPs, which leads to serious information leakage issues. Additionally, relying on a third party to provide authentication tokens significantly increases the risk of exposure and attacks, as tokens can be stolen via Man-In-The-Middle (MITM) attacks. In trying to rectify this issue, in this paper, we propose and develop a blockchain-based two-factor authentication method for web-based access to sensor data. The proposed method provides a lightweight and usercentric authentication that makes use of Ethereum blockchain and smart contracts technologies. Then we provided performance and security analysis of our system. Based on the evaluation results, our method has proven to be effective and has the ability to facilitate reliable authentication.

Year of Publication
2022
Date Published
may
Publisher
IEEE
Conference Location
Riyadh, Saudi Arabia
ISBN Number
978-1-66540-973-5
URL
https://ieeexplore.ieee.org/document/9842430/
DOI
10.1109/SMARTTECH54121.2022.00032
Google Scholar | BibTeX | DOI