Internet of things (IoT) has become a new era of communication technology for performing information exchange. With the immense increment of usage of smart devices, IoT services become more accessible. To perform secure transmission of data between IoT network and remote user, mutual authentication, and session key negotiation play a key role. In this research, we have proposed an ECC-based three-factor remote user authentication scheme that runs in the smart device and preserves privacy, and data confidentiality of the communicating user. To support our claim, multiple cryptographic attacks are analyzed and found that the proposed scheme is not vulnerable to those attacks. Finally, the computation and communication overheads of the proposed scheme are compared with other existing protocols to confirm that the proposed scheme is lightweight. A formal security analysis using AVISPA simulation tool has been done that confirms the proposed scheme is robust against relevant security threats.

中文翻译：

---

基于椭圆曲线密码的物联网通信轻量级远程用户认证方案

物联网 (IoT) 已成为进行信息交换的通信技术的新时代。随着智能设备使用量的大幅增加，物联网服务变得更容易获得。为了在物联网网络和远程用户之间安全传输数据，相互认证和会话密钥协商起着关键作用。在这项研究中，我们提出了一种基于 ECC 的三因素远程用户身份验证方案，该方案在智能设备中运行并保护通信用户的隐私和数据机密性。为了支持我们的主张，我们分析了多种密码攻击，发现所提出的方案不易受到这些攻击的影响。最后，将所提出方案的计算和通信开销与其他现有协议进行比较，以确认所提出方案是轻量级的。