Dynamic key revocation and recovery framework for smart city authentication systems
Abstract
As smart city infrastructure continues to be deployed, it is essential that the authentication protocols employed are lightweight, secure, and resilient to real-world threats, including device loss, credential compromise, and leakage of biometric data. This paper proposes an authentication framework incorporating physically unclonable functions (PUFs), biometric verification, and dynamic key lifecycle management for end-to-end security in smart city systems. The proposed scheme is more sophisticated than traditional ones, providing a blockchain-based revocation mechanism and delegated recovery via proxy re-encryption and threshold secret sharing. This allows for secure credential reacquisition without the need for re-registration, meaning that user privacy is preserved and operations do not need to be halted. The system offers mutual authentication, anonymity, and forward secrecy with low computational and communication overhead, making it suitable for IoT-class devices. Under the Real-or-Random (RoR) model, a formal analysis demonstrates that the scheme is resilient against impersonation, insider, and replay attacks, with experimental evaluation further confirming these findings. Comparative results show that the solution performs better than existing biometric and PUF-based schemes in terms of complete lifecycle support while maintaining efficiency. This makes it a strong candidate for secure authentication in large, decentralized smart cities.
Authors
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
