Lightweight and Secure Authentication Protocol for the Internet of Things in Vehicular Systems

Vehicular systems are an application of the internet of things (IoT) in which vehicles are equipped with sensors. In these systems, sensors collect traffic information and send data to the nearest sink node. By analyzing this information special users, including police officers, can make better decisions. In this scenario, confidentiality and integrity of the information against active and passive attacks are vital. To provide these important security requirements in vehicular systems, researchers have proposed numerous authentication protocols. Recently, Mohit et al. proposed a new authentication protocol in vehicular systems and claimed that their protocol is secure against smartcard stolen attack, traceability attack and session key attack. However, in this paper we prove that their protocol is not only vulnerable against the aforementioned attacks but also it cannot preserve sensor node anonymity. Finally, we propose a new improved authentication protocol with better security; our experimental results show that our protocol not only is secure against the above attacks but also is still enough lightweight.