EARAS: An Efficient, Anonymous, and Robust Authentication Scheme for Smart Homes

1  Introduction

The IoT rapid expansion underscores the importance of security protocols in various industries, including smart homes, healthcare, industrial automation, and transportation, enhancing quality of life for disadvantaged communities [1]. IoT devices offer automation and real-time data analysis, but also pose security risks due to vulnerabilities and unauthorized access, with many users unaware of these risks [2]. Robust authentication mechanisms are crucial for data integrity and confidentiality in IoT environments, but conventional cryptographic techniques may struggle with limited resources and evolving ecosystems. Important studies [3] highlight the need for improved security architecture in IoT environments, focusing on encryption, authentication, and addressing potential security risks such as malicious attacks, data leaks, and unauthorized user access, thereby enhancing system functionality and user privacy [4]. Solutions balance security and resource efficiency, enabling secure IoT device authentication with minimal computational overhead. Various schemes use symmetric or asymmetric encryption in smart home environments such as PrivHome [5] and SKIA-SH [6] emphasize symmetric lightweight efficiency, while asymmetric schemes such as Shuai et al. [7] and Dey and Hossain [8] offer stronger security at the cost of computational overhead [9]. Smart home automation is designed to provide personalized services to homeowners, focusing on convenience, energy efficiency, security, and timely operations within the home. However, each approach has its limitations, with symmetric key schemes being lightweight but prone to vulnerabilities, and asymmetric schemes offering high security at the cost of computational complexity. Researchers propose secure smart home authentication methods to enhance user experience and optimize IoT interfaces, addressing vulnerabilities like parallel session attacks and user impersonation [10].

A proposed privacy-protective scheme for smart meters in decentralized smart homes uses consortium blockchain for secure data storage and elliptic curve point multiplication for enhanced efficiency, demonstrating improved results [11]. For smart home applications, Shuai et al. suggest An anonymous authentication system based on Elliptic Curve Cryptography (ECC) that uses the random number approach to thwart clock synchronization problems and replay assaults [7], Ali et al. [12]. A proposed privacy-protective scheme for smart meters in decentralized smart homes uses consortium blockchain for secure data storage and elliptic curve point multiplication for enhanced efficiency, demonstrating improved results. A secure session key establishment protocol was introduced by Dey and Hossian [8] that uses public key cryptosystems for smart home settings. They demonstrated that their protocol is resilient to various attacks. However, some researchers [13] have identified several security weaknesses in Dey and Hossian’s protocol [8], including susceptibility to device compromise and known-key attacks, as well as its failure to guarantee anonymity and confidentiality. Robust and lightweight mutual-authentication scheme (RLMA), a lightweight mutual authentication technique for safe connections in resource-constrained smart environments, was presented by Monga, Kim, Kumar, G.S. Gaba, and Kumar in 2020. It performs better than current systems, as confirmed by security analysis and performance evaluation [13]. The smart home architecture diagram shown in Fig. 1.

Figure 1: Smart homes architecture diagram

The novelty of EARAS compared to prior authentication schemes lies in:

•   Anonymity: Ensures that user identities remain concealed during the authentication process, preventing tracking and profiling.

•   Privacy Protection against Eavesdropping: Safeguards sensitive communication from being intercepted and exploited by adversaries.

•   Resistance to Replay Attacks: Effectively detects and blocks repeated authentication attempts using captured credentials, maintaining system integrity.

2  Related Work

Research on smart home authentication has evolved along several key directions. Lightweight symmetric-key approaches have been widely explored due to their efficiency for resource-constrained IoT devices. For example, PrivHome [5] and SKIA-SH [6] utilize symmetric primitives to provide authenticated communication with low computational cost. These methods improve practicality but often face limitations in resisting insider attacks, stolen verifiers, and ensuring full anonymity. Similarly, Fakroon et al. [14] focused on low-cost authentication, but their schemes remain vulnerable to impersonation and parallel session attacks. A comprehensive survey on IoT authentication schemes and their security assessment has been presented in recent work [15]. Asymmetric and ECC-based approaches offer stronger cryptographic assurances. Shuai et al. [7] developed an ECC-based anonymous authentication scheme resilient against replay and synchronization attacks. Dey and Hossain [8] introduced a public key-based session establishment protocol, while Zhang et al. [16] proposed a lightweight Elliptic Curve Cryptography (ECC) protocol for smart grids. Although effective against many attacks, these protocols increase computational and communication overhead, reducing their feasibility in smart home contexts. Biometric and multi-factor schemes represent another trend. Hussain and Chaudhry [17] introduced a cloud-based privacy-preserving biometric system for IoT, while Irshad et al. [18] employed fuzzy extractors for secure key agreement. Such works improve resistance against stolen verifiers and impersonation attacks but raise privacy concerns and require more complex infrastructure. Comparative analyses and surveys (e.g., [19–22]) consistently highlight gaps in existing schemes. Kaur and Kumar [23] showed weaknesses in two-factor schemes, proposing improvements but still leaving traceability and scalability issues unresolved. Reviews such as AlJanah et al. [20] and Yan et al. [21] emphasize the need for multi-level, interaction-based authentication and more energy-efficient gateway protocols. According to Gope et al. (2025), IoT authentication can be achieved through a lightweight and privacy-preserving reconfigurable scheme [24].

We seek to design an authentication scheme that strongly resists impersonation, replay attempts, weak anonymity, and eavesdropping. Our proposed EARAS scheme fulfills these goals by ensuring anonymity through the encryption of user and mobile identities, safeguarding privacy with shared secret keys that protect session data from eavesdropping, and resisting replay attacks using session counters, nonces, and hash-based randomness, thereby offering a robust and privacy-preserving authentication framework for smart homes.

3  Review of Banerjee’s et al. Scheme [25]

This paper discusses security concerns with anonymous user authentication in smart home settings, highlighting the growing importance of IoT and the vulnerability of sensitive information. It proposes a new scheme that maintains efficiency, improves security, and includes remote registration for reduced communication and computation overheads.

3.1 Adversary Model and Assumptions

Before presenting the attacks on Banerjee’s et al. scheme, we first define the assumed adversary model and the underlying assumptions to clearly state the security context. The adversary 𝒜 is considered to possess the following capabilities:

•   Insider Threat: A privileged insider (e.g., administrator or registration authority staff) may access stored verifier tables or system parameters, thereby gaining sensitive information such as {RNDt1,PIDi,RNDt2}.

•   Stolen Verifier Assumption: If the Gateway Node (GWN) is compromised, the adversary can obtain the master key MK and other authentication values stored on the device.

•   Eavesdropping and Tampering: The adversary can intercept, replay, and modify authentication messages exchanged over the public channel between the user, GWN, and IoT device (SD).

•   Attack Surfaces: The protocol is vulnerable at multiple points of interaction: (i) user-to-GWN communication, (ii) GWN-to-SD communication, and (iii) registration authority storage.

These assumptions define the boundaries under which the subsequent attacks are analyzed. Based on this adversary model, the vulnerabilities in Banerjee’s et al. scheme are detailed in the following subsections.

3.2 Stolen Gateway Node Attack

Let an adversary (𝒜) be able to get MK stored in the Gateway Node (GWN) [17] then 𝒜 can easily compute the SGU=H(PIDi||H(RNDt2||MK)) which can be utilized to launch attacks as shown in the subsequent subsections. If the gateway is hacked, the attacker can impersonate any user or device.

3.3 Attack Using Tampered Verifier

In the scheme of Banerjee et al. [25], a verifier table is maintained over the Registration Authority (RA), which contains the parameters {RNDt1,PIDi,RNDt2}. Any privileged insider can access this table which leads to the following attacks (1) impersonation attack on user, (2) Impersonation attack on GWN, (3) SD impersonation attack. An insider with verifier data can log in as user, gateway, or device.

3.4 User Impersonation Attack

Banerjee’s study demonstrates that a successful authentication can be forged by 𝒜 to perform a user impersonation attack by delivering the Gateway Node a fake login message.

1.   The adversary (𝒜) will generate its own random number RNDi𝒜.

2.   The 𝒜 will compute the following by utilizing the stolen parameters:

SGU𝒜=H(PIDi||H(RNDt2||MK))(1)

3.   By employing Eq. (1), 𝒜 will compute:

Y1𝒜=(RNDi𝒜||SIDj)⊕SGU𝒜(2)

4.   Next 𝒜 will compute the following by employing Eqs. (1) and (2):

W1𝒜=H(PIDi||RNDi𝒜||SGU𝒜||Y1𝒜)(3)

5.   Finally, 𝒜 will send the message containing RNDt1,Y1𝒜,W1𝒜 to GWN over the public channel.

After receiving the message, GWN will compute the following to check the legitimacy of the user:

1.   First, the Gateway Node retrieves PIDi,RNDt2 corresponding to RNDt1.

2.   Next GWN will compute

SGU=H(PIDi||H(RNDt2||MK),

(RNDi𝒜||SIDj)=Y1𝒜⊕SGU𝒜

and W1∗=H(PIDi||RNDi𝒜||SGU𝒜||Y1).

3.   Finally, the Gateway Node verifies user authenticity by confirming whether W∗1=WA1 holds.

The attacker fakes a login so the gateway thinks it’s the real user.

3.5 Attack Using a Fake Gateway Node Directed towards SD

After authenticating the user, GWN will send a message containing {Y2,W2} to IoT Device (SD), an 𝒜 can impersonate as the GWN towards SD by adopting the following procedure:

The 𝒜 will choose two arbitrary numbers RNDt2′A and RNDi𝒜. The 𝒜 will compute the following using Sections 3.2 and 3.3:

N1𝒜=H(RNDt2′ 𝒜||MK)(4)

N2𝒜=H(PIDi||RNDi𝒜||N1𝒜)(5)

𝒜 being a privileged insider can compute SGS𝒜 and can also steal from GWN as described in Section 3.2 and will further compute:

Y2𝒜=N2𝒜⊕SGS𝒜(6)

W2𝒜=H(N2𝒜||SGS𝒜)(7)

𝒜 will send the message containing {Y2𝒜,W2𝒜} to SD over the public channel impersonating as a GWN.

Upon receiving the message SD will compute the following:

1.   First, the SD will extract N2 from the message and verifies the authenticity of the GWN in the subsequent manner:

N2𝒜=Y2𝒜⊕SGS(8)

W2∗=H(N2𝒜||SGS)(9)

W2∗=?W2𝒜(10)

2.   Now the SGS used by the SD is same as computed by the 𝒜 as described in Section 3.2.

So, the Eq. (10) will be true and authentication achieved successfully, hence the protocol is prone to the impersonation attack by GWN. The attacker pretends to be the gateway and sends false commands to devices.

3.6 Gateway Node Impersonation Attack towards User

As shown in Section 3.7 that an 𝒜 can compute the SK, which can be utilized to impersonate a GWN. Following are the steps performed by the 𝒜 to perform this attack:

1.   Firstly 𝒜 will retrieve the following parameters from the captured message:

(RNDn||H(SK))=Y3⊕SGS(11)

2.   𝒜 will select RNDt1′𝒜∈Zp∗ and will compute:

Y4𝒜=(RNDt1′𝒜||N1||RNDn)⊕SGU𝒜(12)

SGU′𝒜=H(PIDi||N1)(13)

W4𝒜=H(RNDt1′𝒜||N1||RNDn||SGU′𝒜)(14)

3.   Finally, 𝒜 will send the message containing {Y4𝒜,W4𝒜} to U over the public channel.

The protocol is susceptible to Gateway Node impersonation attack on the user, as U checks the authenticity of the GWN by checking the condition W4∗=W4. The attacker tricks the user into believing a fake gateway is genuine.

3.7 IoT Device Impersonation & Parallel Session Attack

The message’s address can enable an 𝒜 to impersonate SD to the GWN using a specific procedure.

1.   Now if SIDj is included in the message the 𝒜 can calculate the parameter SGS𝒜 as described in Section 3.2.

2.   𝒜 can extract the parameter N2 from the message {Y2,W2} sent by GWN toward the IoT Device as follow.

N2=Y2⊕SGS𝒜(15)

3.   The 𝒜 will select an arbitrary number RNDn𝒜 and computes the following:

SK𝒜=H(N2||RNDn𝒜||SIDj)(16)

Hence from Eq. (16) It is evident that the protocol is susceptible to parallel session key attack. 𝒜 further computes:

Y3𝒜=(RNDn𝒜||H(SK𝒜))⊕SGS𝒜(17)

W3𝒜=H(RNDn𝒜||SGS𝒜||H(SK𝒜)(18)

4.   𝒜 will send the message containing {Y3𝒜,W3𝒜} to GWN by a public route.

Following receipt of the message, GWN will follow these steps to verify the validity of the IoT Device:

1.   GWN will retrieve SK𝒜 and RNDn𝒜 from the message as follow:

(RNDn𝒜||H(SK𝒜))=Y3𝒜⊕SGS𝒜(19)

W3∗=H(RNDn𝒜||SGS𝒜||H(SK𝒜))(20)

2.   The GWN will check the subsequent equation to authenticate the Smart dev.

W3∗=?W3𝒜(21)

The Eq. (21) will be passed successfully as SGS used by the 𝒜 is genuine as described in Section 3.2. Hence, the protocol suffers from the SD impersonation attack toward the GWN. The attacker poses as a smart device to join or hijack sessions.

4  Proposed Solution

This section introduces a lightweight anonymous authentication protocol for two GWN-enabled smart home scenarios, ensuring privacy and security by requiring smart entities to authenticate and confirm message freshness.

4.1 User to GWN Proposed Registration Scheme

The registration process for smart home users using mobile devices involves two main stages: IoT smart device and user registration in Fig. 2. Notations of the proposed scheme as shown in Table 1.

Figure 2: User to GWN controller registration scheme

The smart home administrator is responsible for configuring the GWN controller and managing user and IoT device registration. The steps in the process are as follows:

•   User IDs (UID) and mobile phone (MID) identities are linked, with each user requesting registration from a secure channel.

•   The GWN controller uses a 64-bit counter, Cc, to generate a sequence number for a transaction flow, Cn=TFSseq, and a secret key, kUC, that the controller and user share. Additionally, the controller computes the controller session parameter and generates a nonce, Cn. SPMIDi=h(UIDi‖MIDi‖Cn), where the user identity UIDi is bound to a specific mobile phone MIDi for the ongoing session. Finally, session ID of UIDi is generated, signifying the encryption of every user-associated parameter, i.e., SIDui=EKUC(UIDi,MIDi,SPMID,TFSseq). The key kUC, along with SIDui parameters, is transmitted via a secure channel to the user’s registered mobile device. The session credentials are saved by the user on the registered mobile device. For additional validation, all of the controller-generated and calculated parameters are kept in the Reg. DB and Auth. DB databases.

4.2 Iot Device to GWN Proposed Registration Scheme

1) Similarly, the SD with identity SDID initiates the registration process by requesting registration from the controller through a secure channel.

2) The GWN controller CID plus a nonce Cm generate the controller identifier following a request from SDIDi. Then, specifically for Iot Devices, the controller session parameter is computed SPSDid=h(SDIDi‖Cm). Next, the Iot Device’s session identity, SDIDi, is created as SIDSDid=EKUC(SDIDi,SPSDid,Cm). SIDSDid is then encrypted using the shared secret key Ekc that is kept at the controller level. SIDSDid, is transmitted via the secure channel to the Iot Device and stored there along with CID. The Reg.DB and Auth.DB databases contain all of the parameters as well as EKc shown in Fig. 3.

Figure 3: Iot Device To GWN controller registration scheme

4.3 Login Phase

Since the user session identification is dependent on the GWN controller session parameter, the proposed approach calls for a first step for registered users who intend to use smart home services and repeating this step when utilizing a new mobile device to connect with the GWN. The following steps are the part of authentication scheme:

Step 1:

The user-generated random number Rn defines the user authentication parameter for the Gateway Authu by computing Uap=Un⊕MIDi. The formula Authu=h(SIDui||Uap||kUC||T1||Rn||TFSseq) is used in the computation. The stored SIDUI, Authu,Uap, and timestamp T1 are then sent to the controller by the user.

Step 2:

Upon receiving the message M1, the GWN controller initially determines the time difference, denoted as △T. It then computes Rn=Up⊕MIDi to get MIDi.The controller then decrypts SIDUI=DKUC(UIDi,MIDi,SPMID,TFSseq) and compares the registered mobile values with the user identity (UIDi), mobile identity (MIDi), and controller session parameter (SPMID). It also compares the stored values in its database with the transaction flow sequence number (TFSseq).

If the comparison verifies thatMIDirecv=?MIDisave, the controller encounters two possible situations: The TFSseq numbers saved and received are identical

(TFSseqrecv=?TFSseqsave)

The user sends a previous TFSseq number, so TFSseqold=?TFSseqnew. Below is a detailed discussion of both scenarios.

Case 1: The controller retrieves Rn by calculating Rn=Uap⊕MIDi if TFSseqrecv is not equal to TFSseqsave, which is always the case in the first authentication request following the initial registration. To verify Authu, the user authenticator parameter, it calculates and checks whether Authurecv is equal to Authusave. After successful verification, the controller calculates Authd=h(SIDSDid‖T2‖CID), the authenticator for the Iot Device, and sends Authd along with T2 in M2 to the smart gadget in order to verify. Upon receiving message M2, the smart device verifies the time difference (ΔT) to ensure message freshness. Then, using Authd=?h(SIDSDid‖T2‖CID), it compares Authd with the calculated value to validate the received Authd. The Iot Device authenticator parameter is then calculated Authdc=h(SIDSDID‖T3‖CID) and returns M3 to the controller if this is successfull verification. The controller confirms the authenticator parameter and determines whether Authdcrecv=h(SIDSD‖T3‖CID) after receiving M3 from the Iot Device. The Iot Device authenticator parameter is then calculated.

Case 2: When the controller anticipates a new TFSseq value (TFSseqold≠TFSseqnew), it computes the following under two circumstances: either the user’s received TFSseq value is out-of-date, or the received Authdc from the Iot Device in M3 is confirmed. After that, the controller checks the database for the received values. After creating a fresh nonce Cn∗,The new controller session parameter is calculated by the controller SPMID∗=h(UIDi‖MIDi‖Cn∗). Furthermore, the controller encodes the new SIDui∗ as Z=SIDui∗⊕MIDi and generates the new session identity for the user, SIDui∗=EKUC(UIDi,MIDi,CSPMID∗,TFSseq∗). Upon receiving M1, the controller derives Rn from Uap⊕MIDi to retrieve the mobile identity. The new values SPMID∗,SIDui∗,Cn∗, and TFSseq∗ are added to the controller’s database. It also keeps the previous TFSseq value to verify the freshness of the session. After that, it decrypts SIDui=DKUC(UIDi,MIDi,SPMID,TFSseq) and verifies the user’s identity. (UIDi), mobile identity (MIDi), The controller computes Rn=Uap⊕MIDi to obtain MIDi after receiving the message M1. After decrypting SIDui=DKUC(UIDi,MIDi,SPMID,TFSseq), The stored values in its database are compared to the registered mobile SPMID and the transaction flow sequence number (TFSseq), as well as the user identity (UIDi), mobile identity (MIDi), and controller session parameter.

If the user sends an authentication request from a new mobile device, the verification MIDirecv≠MIDirecv fails and the user is prompted to register the new device against its identification. The process will restart. Furthermore, if the calculated Authu and the received Authc match, the GWN is authenticated. The proposed login and authentication scheme is shown in Fig. 4.

Figure 4: Authentication and Login phase of a proposed scheme

5  Security Analysis

To ensure the effectiveness of cryptographic protocols, it is crucial to thoroughly assess the participants and potential adversaries involved, and address any potential threats promptly the following aspects need to be addressed:

•   Can the recipient determine the sender’s identity?

•   Does the recipient have the ability to confirm that the message they received is current and Tempered?

•   Does the recipient have the capability to confirm that the message is not merely a repetition of a past message?

•   Can the system analyst or investigator discern the identity of the communicating parties?

•   There are two primary areas for the proposed protocol’s security analysis: formal and informal.

In future, it would also be important to analyze the resistance of EARAS against known-key attacks and device compromise scenarios. Prior studies [13] have shown that the exposure of session keys or the compromise of IoT devices can severely weaken protocol resilience. Incorporating these aspects into the evaluation framework would further strengthen the robustness assessment of EARAS.

5.1 Informal Security Analysis

The informal security analysis of cryptographic protocols uses expert judgment and common sense reasoning to identify security objectives, assess key components, and consider adversarial scenarios, complementing formal methods for greater assurance.

5.1.1 Anonymity

The proposed protocol ensures high anonymity by securely encrypting user identities and mobile information through channels UIDi and MIDi. To prevent attackers from identifying the user, a message M1=Authu,SIDui,Uap,T1 is sent to the controller during login and authentication. The cryptographic hash function h() generates random parameters, while the pre-shared secret key KUC encrypts SIDui, thereby concealing the Radio Frequency Identification (RFID) tag’s identity.

5.1.2 Privacy Protection against Eavesdropping

The proposed scheme encrypts SIDui with shared secret kUC, ensuring privacy protection against eavesdropping, and only uses shared parameters between Gateway Node and user once.

5.1.3 Replay Attacks

The user and controller are aware of TFSseq, which is modified each session to enhance mutual authentication and prevent replay attacks. Parameters Up and SPMIDi are derived from nonce Rn and Cn. The primary defense against replay attacks in EARAS is the combined use of timestamps (ΔT) and session sequence numbers (TFSseq), which ensure message freshness across sessions. While pseudo-random functions contribute to generating unpredictable values, they are not sufficient alone to prevent replay attempts. In EARAS, any repeated or delayed message will fail verification due to mismatched sequence numbers or timestamp expiration, thereby ensuring robust resistance against replay attacks.

5.2 Formal Security Analysis

Formal security analysis is a rigorous methodical examination of cryptographic protocols, ensuring their security properties through definition of objectives, model creation, mathematical notation, and verification using well known automated tool ProVerif, thereby ensuring robust security. ProVerif is an automated formal verification tool used to analyze and prove the security properties of cryptographic protocols. Table 2 contains the comprehensive procedure for each query and its corresponding outcomes. Informal techniques are frequently used in conjunction with it to provide a comprehensive assessment.

6  Performance Analysis

The EARAS technique is thoroughly analyzed, focusing on performance, communication overhead, and computational considerations, providing detailed comparisons and breakdowns of each stage’s computational overhead.

6.1 Comparative Analysis

This section compares the suggested protocol with current protocols using lightweight symmetric key primitives. It compares security requirements, calculation cost, communication cost, and storage complexity, contrasting the security, execution time, and running time of the suggested protocol.

Table 3 compares the suggested protocol’s security requirements to those of the current symmetric key-based protocols.

Section 2 clearly outlines the vulnerabilities of the current schemes [5,6,14,16,23–25], and which are also reproduced in Table 3.

6.2 Computation Cost Analysis

Analysis of the computational cost of the suggested plan and current schemes is explained in this section. Some notations are presented for analysis:

•   CC = Computation cost;

•   Th = CC of single hash function;

•   Tse = CC of symmetric encryption/decryption.

The computation time for 28.968 and 7.181 ms is demonstrated by the experiments of Zhang et al. [16] and Gope et al. [24]. The experiment by Kilinc and Yanik [26] demonstrates that the computation time for Tse is 0.0046 ms, while the computation time for Th is 0.00032 ms. An Intel dual-core Pentium processor with specifications of 2.20 GHz, 2048 MB, and RAM, respectively, was used for the experiment on an Ubuntu system. The Approximate values mentioned in Table 4.

In comparison to other current systems, the suggested scheme, which incorporates the key exchange process, showed a shorter predicted computational time, as shown in Table 5 and Fig. 5. The suggested protocol’s total computation time is 0.072 ms. The protocol described in [14] costs 10TH+2TSE, which adds up to 3.2 ms for computation. Likewise, the protocol described in [6] costs 29Th+17T⊕+97T∥+4T, for a total computation cost of 0.2172 ms. In a similar vein, the protocol described in [5] costs 10Th+2TSE, for a total computation cost of 0.148 ms.

Figure 5: Computation cost comparison (Poh et al. [5], Kaur and Kumar [23], Fakroon et al. [14], Alzahrani et al. [6], Banerjee et al. [25], Gope et al. [24], Zhang et al. [16])

A protocol [24] takes 28.968 ms to execute the authentication verification phases. A protocol presented in [23] incurs 16Th + 3Tse making total computation cost 1.366 ms. Comparatively, our suggested scheme uses 2Th for the tag in the proposed protocol, 2Th for the reader, and 4Th + 2Tse for the server. This means that the overall computing cost of the suggested protocol is equivalent to 8Th + 2Tse, or 0.072 ms.

6.3 Communication Cost Analysis

The table presents a computational cost analysis of a proposed protocol, comparing its communication costs with existing protocols, involving 352 bits of parameters sent and received. The suggested protocol has a less communication cost than the protocols of [5,14,23] and [6,16] but a higher communication cost than [25]. However, only the suggested protocol offers the necessary security.

The proposed protocol balances communication efficiency and security, outperforming existing protocols in cost while providing comprehensive security features, making it suitable for security-sensitive contexts. The findings of the evaluation of the communication costs between our suggested plan and other similar plans are shown in Table 6 and Fig. 6.

Figure 6: Communication cost (Poh et al. [5], Kaur and Kumar [23], Fakroon et al. [14], Alzahrani et al. [6], Banerjee et al. [25], Gope et al. [24], Zhang et al. [16])

7  Conclusion and Future Work

We emphasized security, a crucial component of the smart ecosystem that has frequently been overlooked by both researchers and industry leaders. Insufficient or nonexistent authentication procedures in smart ecosystems lead to attacks, questioning users’ trust. To address this, a smart, secure home system based on GWN aims to transfer processing complexity to a centralized controller. The study presents a new security architecture for smart homes using GWN and introduces the EARAS (An Efficient, Anonymous, and Robust Authentication Scheme), aiming to maintain privacy while ensuring successful authentication. The ProVerif tool was used for both formal and informal analyses, confirming the scheme’s practicality and safety for IoT devices with limited resources, making it suitable for various smart system applications. In future, integrating searchable encryption with GWN would allow users to perform secure queries over encrypted smart home data without revealing sensitive information. This approach directly complements EARAS by extending privacy preservation beyond authentication to data access and management. The current validation of EARAS has focused on analytical evaluation and formal verification, with performance results obtained through comparative benchmarks. As a next step, future work will involve implementing and testing the scheme in simulation tools (e.g., NS-3, OMNeT++) and real-world smart home environments to provide deeper insights into its robustness and efficiency.

Acknowledgement: The researchers would like to thank the Deanship of Graduate Studies and Scientific Research at Qassim University for financial support (QU-APC-2025).

Funding Statement: Not applicable.

Author Contributions: Conceptualization, methodology, statistical analysis, data analysis: Muntaham Inaam Hashmi, Muhammad Ayaz Khan, and Suliman A. Alsuhibany; literature review, discussion, writing—original draft preparation, data downloading: Muntaham Inaam Hashmi, Muhammad Ayaz Khan, Khwaja Mansoor ul Hassan and Asfandyar Khan; writing—review and editing: Muntaham Inaam Hashmi, Ainur Abduvalova, Muhammad Ayaz Khan, Suliman A. Alsuhibany, and Asfandyar Khan; visualization: Muntaham Inaam Hashmi and Muhammad Ayaz Khan; supervision: Khwaja Mansoor ul Hassan, Suliman A. Alsuhibany. All authors reviewed the results and approved the final version of the manuscript.

Availability of Data and Materials: Data will made available on request.

Ethics Approval: This study does not involve human participants, human data, or animal subjects, and therefore ethics approval was not required.

Conflicts of Interest: The authors declare no conflicts of interest to report regarding the present study.

References

1. Makkonen T, Inkinen T. Inclusive smart cities? Technology-driven urban development and disabilities. Cities. 2024;154:105334. doi:10.1016/j.cities.2024.105334. [Google Scholar] [CrossRef]

2. Vardakis G, Hatzivasilis G, Koutsaki E, Papadakis N. Review of smart-home security using the Internet of Things. Electronics. 2024;13(16):3343. doi:10.3390/electronics13163343. [Google Scholar] [CrossRef]

3. Raza A, Khan S, Shrivastava S, Ashraf MWA, Wang T, Wu K, et al. A lightweight group-based SDN-driven encryption protocol for smart home IoT devices. Comput Netw. 2024;250:110537. doi:10.1016/j.comnet.2024.110537. [Google Scholar] [CrossRef]

4. Khan MN, Rahman HU, Hussain T, Yang B, Qaisar SM. Enabling trust in automotive IoT: lightweight mutual authentication scheme for electronic connected devices in Internet of Things. IEEE Trans Consum Electron. 2024;70(3):5065–78. doi:10.1109/tce.2024.3410300. [Google Scholar] [CrossRef]

5. Poh GS, Gope P, Ning J. PrivHome: privacy-preserving authenticated communication in smart home environment. IEEE Trans Dependable Secure Comput. 2019;18(3):1095–107. doi:10.1109/tdsc.2019.2914911. [Google Scholar] [CrossRef]

6. Alzahrani BA, Barnawi A, Albarakati A, Irshad A, Khan MA, Chaudhry SA. SKIA-SH: a symmetric key-based improved lightweight authentication scheme for smart homes. Wirel Commun Mob Comput. 2022;2022(1):8669941. doi:10.1155/2022/8669941. [Google Scholar] [CrossRef]

7. Shuai M, Yu N, Wang H, Xiong L. Anonymous authentication scheme for smart home environment with provable security. Comput Secur. 2019;86:132–46. [Google Scholar]

8. Dey S, Hossain A. Session-key establishment and authentication in a smart home network using public key cryptography. IEEE Sens Lett. 2019;3(4):1–4. doi:10.1109/lsens.2019.2905020. [Google Scholar] [CrossRef]

9. Raghu N, Mahesh T, Vivek V, Kumaran SY, Kannanugo N, Vishwanatha S. IoT-enabled safety and secure smart homes for elderly people. In: Future of digital technology and AI in social sectors. Hershey, PA, USA: IGI Global; 2025. p. 297–328. doi:10.4018/979-8-3693-5533-6.ch011. [Google Scholar] [CrossRef]

10. Anwarul S. Enhancing energy efficiency and safety in smart homes. In: CyberMedics: navigating AI and security in the medical field. 1st ed. Boca Raton, FL, USA: CRC Press; 2025. [Google Scholar]

11. Zhang S, Rong J, Wang B. A privacy protection scheme of smart meter for decentralized smart home environment based on consortium blockchain. Int J Electr Power Energy Syst. 2020;121:106140. doi:10.1016/j.ijepes.2020.106140. [Google Scholar] [CrossRef]

12. Ali Z, Chaudhry SA, Ramzan MS, Al-Turjman F. Securing smart city surveillance: a lightweight authentication mechanism for unmanned vehicles. IEEE Access. 2020;8:43711–24. doi:10.1109/access.2020.2977817. [Google Scholar] [CrossRef]

13. Gaba GS, Kumar G, Monga H, Kim TH, Kumar P. Robust and lightweight mutual authentication scheme in distributed smart environments. IEEE Access. 2020;8:69722–33. doi:10.1109/access.2020.2986480. [Google Scholar] [CrossRef]

14. Fakroon M, Alshahrani M, Gebali F, Traore I. Secure remote anonymous user authentication scheme for smart home environment. Internet Things. 2020;9:100158. doi:10.1016/j.iot.2020.100158. [Google Scholar] [CrossRef]

15. Yalli JS, Hasan MH, Jung LT, Al-Selwi SM. Authentication schemes for Internet of Things (IoT) networks: a systematic review and security assessment. Internet of Things. 2025;30:101469. doi:10.1016/j.iot.2024.101469. [Google Scholar] [CrossRef]

16. Zhang Y, Chen J, Wang S, Ma K, Hu S. Lightweight anonymous authentication and key agreement protocol for a smart grid. Energies. 2024;17(18):4550. doi:10.3390/en17184550. [Google Scholar] [CrossRef]

17. Hussain S, Chaudhry SA. Comments on “biometrics-based privacy-preserving user authentication scheme for cloud-based industrial internet of things deployment”. IEEE Internet Things J. 2019;6(6):10936–40. doi:10.1109/jiot.2019.2934947. [Google Scholar] [CrossRef]

18. Irshad A, Usman M, Chaudhry SA, Bashir AK, Jolfaei A, Srivastava G. Fuzzy-in-the-loop-driven low-cost and secure biometric user access to server. IEEE Trans Reliability. 2020;70(3):1014–25. doi:10.1109/tr.2020.3021794. [Google Scholar] [CrossRef]

19. El-Hajj M, Fadlallah A, Chamoun M, Serhrouchni A. A survey of internet of things (IoT) authentication schemes. Sensors. 2019;19(5):1141. doi:10.3390/s19051141. [Google Scholar] [PubMed] [CrossRef]

20. AlJanah S, Zhang N, Tay SW. A survey on smart home authentication: toward secure, multi-level and interaction-based identification. IEEE Access. 2021;9:130914–27. doi:10.1109/access.2021.3114152. [Google Scholar] [CrossRef]

21. Yan W, Wang Z, Wang H, Wang W, Li J, Gui X. Survey on recent smart gateways for smart home: systems, technologies, and challenges. Trans Emerg Telecomm Technol. 2022;33(6):e4067. doi:10.1002/ett.4067. [Google Scholar] [CrossRef]

22. Beniwal G, Singhrova A. A systematic literature review on IoT gateways. J King Saud Univ-Comput Inform Sci. 2022;34(10):9541–63. doi:10.1016/j.jksuci.2021.11.007. [Google Scholar] [CrossRef]

23. Kaur D, Kumar D. Cryptanalysis and improvement of a two-factor user authentication scheme for smart home. J Inf Secur Appl. 2021;58:102787. doi:10.1016/j.jisa.2021.102787. [Google Scholar] [CrossRef]

24. Gope P, Fei H, Sikdar B. Lightweight and privacy-preserving reconfigurable authentication scheme for IoT devices. IEEE Trans Serv Comput. 2025;18(2):912–25. doi:10.1109/tsc.2025.3536314. [Google Scholar] [CrossRef]

25. Banerjee S, Odelu V, Das AK, Chattopadhyay S, Park Y. An efficient, anonymous and robust authentication scheme for smart home environments. Sensors. 2020;20(4):1215. doi:10.3390/s20041215. [Google Scholar] [PubMed] [CrossRef]

26. Kilinc HH, Yanik T. A survey of SIP authentication and key agreement schemes. IEEE Commun Surv Tut. 2013;16(2):1005–23. [Google Scholar]

27. Liu H, Kadir A, Liu J. Keyed hash function using hyper chaotic system with time-varying parameters perturbation. IEEE Access. 2019;7:37211–9. doi:10.1109/access.2019.2896661. [Google Scholar] [CrossRef]

28. Challa S, Das AK, Odelu V, Kumar N, Kumari S, Khan MK, et al. An efficient ECC-based provably secure three-factor user authentication and key agreement protocol for wireless healthcare sensor networks. Comput Electr Eng. 2018;69:534–54. doi:10.1016/j.compeleceng.2017.08.003. [Google Scholar] [CrossRef]