TY - EJOU AU - Butt, Tariq Mahmood AU - Riaz, Rabia AU - Chakraborty, Chinmay AU - Rizvi, Sanam Shahla AU - Paul, Anand TI - Cogent and Energy Efficient Authentication Protocol for WSN in IoT T2 - Computers, Materials \& Continua PY - 2021 VL - 68 IS - 2 SN - 1546-2226 AB - Given the accelerating development of Internet of things (IoT), a secure and robust authentication mechanism is urgently required as a critical architectural component. The IoT has improved the quality of everyday life for numerous people in many ways. Owing to the predominantly wireless nature of the IoT, connected devices are more vulnerable to security threats compared to wired networks. User authentication is thus of utmost importance in terms of security on the IoT. Several authentication protocols have been proposed in recent years, but most prior schemes do not provide sufficient security for these wireless networks. To overcome the limitations of previous schemes, we propose an efficient and lightweight authentication scheme called the Cogent Biometric-Based Authentication Scheme (COBBAS). The proposed scheme is based on biometric data, and uses lightweight operations to enhance the efficiency of the network in terms of time, storage, and battery consumption. A formal security analysis of COBBAS using Burrows–Abadi–Needham logic proves that the proposed protocol provides secure mutual authentication. Formal security verification using the Automated Validation of Internet Security Protocols and Applications tool shows that the proposed protocol is safe against man-in-the-middle and replay attacks. Informal security analysis further shows that COBBAS protects wireless sensor networks against several security attacks such as password guessing, impersonation, stolen verifier attacks, denial-of-service attacks, and errors in biometric recognition. This protocol also provides user anonymity, confidentiality, integrity, and biometric recovery in acceptable time with reasonable computational cost. KW - Internet of things; wireless sensor networks; authentication; Burrows–Abadi–Needham logic; fuzzy extractor; elliptic curve cryptography DO - 10.32604/cmc.2021.014966