{"id":"https://openalex.org/W7128589262","doi":"https://doi.org/10.3390/e28020205","title":"Towards Information-Theoretic Security and Privacy in IoT: A Three-Factor AKA Protocol Supporting Forgotten Password Reset","display_name":"Towards Information-Theoretic Security and Privacy in IoT: A Three-Factor AKA Protocol Supporting Forgotten Password Reset","publication_year":2026,"publication_date":"2026-02-11","ids":{"openalex":"https://openalex.org/W7128589262","doi":"https://doi.org/10.3390/e28020205","pmid":"https://pubmed.ncbi.nlm.nih.gov/41751709"},"language":"en","primary_location":{"id":"doi:10.3390/e28020205","is_oa":true,"landing_page_url":"https://doi.org/10.3390/e28020205","pdf_url":"https://www.mdpi.com/1099-4300/28/2/205/pdf?version=1770814720","source":{"id":"https://openalex.org/S195231649","display_name":"Entropy","issn_l":"1099-4300","issn":["1099-4300"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Entropy","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj","pubmed"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/1099-4300/28/2/205/pdf?version=1770814720","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5125280934","display_name":"Yicheng Yu","orcid":null},"institutions":[{"id":"https://openalex.org/I182722699","display_name":"Shenzhen Polytechnic University","ror":"https://ror.org/00d2w9g53","country_code":"CN","type":"education","lineage":["https://openalex.org/I182722699"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yicheng Yu","raw_affiliation_strings":["School of Electronic and Communication Engineering, Shenzhen Polytechnic University, Shenzhen 518055, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Electronic and Communication Engineering, Shenzhen Polytechnic University, Shenzhen 518055, China","institution_ids":["https://openalex.org/I182722699"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5125264966","display_name":"Kai Wei","orcid":null},"institutions":[{"id":"https://openalex.org/I182722699","display_name":"Shenzhen Polytechnic University","ror":"https://ror.org/00d2w9g53","country_code":"CN","type":"education","lineage":["https://openalex.org/I182722699"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Kai Wei","raw_affiliation_strings":["School of Electronic and Communication Engineering, Shenzhen Polytechnic University, Shenzhen 518055, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Electronic and Communication Engineering, Shenzhen Polytechnic University, Shenzhen 518055, China","institution_ids":["https://openalex.org/I182722699"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Hongtu Li","orcid":"https://orcid.org/0000-0002-7771-0057"},"institutions":[{"id":"https://openalex.org/I4210134929","display_name":"Jilin Province Science and Technology Department","ror":"https://ror.org/049x38272","country_code":"CN","type":"government","lineage":["https://openalex.org/I4210134929"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hongtu Li","raw_affiliation_strings":["College of Computer Science and Technology, Jilin University, Chaoyang District, Changchun 130012, China"],"raw_orcid":"https://orcid.org/0000-0002-7771-0057","affiliations":[{"raw_affiliation_string":"College of Computer Science and Technology, Jilin University, Chaoyang District, Changchun 130012, China","institution_ids":["https://openalex.org/I4210134929"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5125616831","display_name":"Kai Zhang","orcid":null},"institutions":[{"id":"https://openalex.org/I162838928","display_name":"National Chung Hsing University","ror":"https://ror.org/05vn3ca78","country_code":"TW","type":"education","lineage":["https://openalex.org/I162838928"]}],"countries":["TW"],"is_corresponding":true,"raw_author_name":"Kai Zhang","raw_affiliation_strings":["Department of Computer Science and Engineering, National Chung Hsing University, Taichung 402, Taiwan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, National Chung Hsing University, Taichung 402, Taiwan","institution_ids":["https://openalex.org/I162838928"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5125616831"],"corresponding_institution_ids":["https://openalex.org/I162838928"],"apc_list":{"value":2000,"currency":"CHF","value_usd":2165},"apc_paid":{"value":2000,"currency":"CHF","value_usd":2165},"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.12447056,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"28","issue":"2","first_page":"205","last_page":"205"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.7705000042915344,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.7705000042915344,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10273","display_name":"IoT and Edge/Fog Computing","score":0.047200001776218414,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.035599999129772186,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/aka","display_name":"AKA","score":0.7148000001907349},{"id":"https://openalex.org/keywords/anonymity","display_name":"Anonymity","score":0.6535999774932861},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.5748999714851379},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.5590000152587891},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5440999865531921},{"id":"https://openalex.org/keywords/security-analysis","display_name":"Security analysis","score":0.526199996471405},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.46779999136924744},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.462799996137619},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.44029998779296875}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8044000267982483},{"id":"https://openalex.org/C121158502","wikidata":"https://www.wikidata.org/wiki/Q4652161","display_name":"AKA","level":2,"score":0.7148000001907349},{"id":"https://openalex.org/C178005623","wikidata":"https://www.wikidata.org/wiki/Q308859","display_name":"Anonymity","level":2,"score":0.6535999774932861},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6151000261306763},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.5748999714851379},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.5590000152587891},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5440999865531921},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.526199996471405},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.46779999136924744},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.462799996137619},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.44029998779296875},{"id":"https://openalex.org/C77618280","wikidata":"https://www.wikidata.org/wiki/Q1155772","display_name":"Scheme (mathematics)","level":2,"score":0.4293000102043152},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.38609999418258667},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.38029998540878296},{"id":"https://openalex.org/C131672422","wikidata":"https://www.wikidata.org/wiki/Q852594","display_name":"Provable security","level":3,"score":0.36959999799728394},{"id":"https://openalex.org/C2779795794","wikidata":"https://www.wikidata.org/wiki/Q7315343","display_name":"Reset (finance)","level":2,"score":0.367900013923645},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.35830000042915344},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.34389999508857727},{"id":"https://openalex.org/C3847113","wikidata":"https://www.wikidata.org/wiki/Q2746524","display_name":"Password cracking","level":5,"score":0.3393999934196472},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.3174999952316284},{"id":"https://openalex.org/C3087436","wikidata":"https://www.wikidata.org/wiki/Q1386603","display_name":"Secret sharing","level":3,"score":0.30070000886917114},{"id":"https://openalex.org/C131129157","wikidata":"https://www.wikidata.org/wiki/Q1059963","display_name":"Challenge\u2013response authentication","level":4,"score":0.2994999885559082},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.2937999963760376},{"id":"https://openalex.org/C65302260","wikidata":"https://www.wikidata.org/wiki/Q327675","display_name":"Symmetric-key algorithm","level":4,"score":0.28439998626708984},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.27000001072883606},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.2694999873638153},{"id":"https://openalex.org/C2781221063","wikidata":"https://www.wikidata.org/wiki/Q6944186","display_name":"Mutual authentication","level":3,"score":0.2612000107765198},{"id":"https://openalex.org/C205009425","wikidata":"https://www.wikidata.org/wiki/Q935662","display_name":"Forward secrecy","level":4,"score":0.25589999556541443}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.3390/e28020205","is_oa":true,"landing_page_url":"https://doi.org/10.3390/e28020205","pdf_url":"https://www.mdpi.com/1099-4300/28/2/205/pdf?version=1770814720","source":{"id":"https://openalex.org/S195231649","display_name":"Entropy","issn_l":"1099-4300","issn":["1099-4300"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Entropy","raw_type":"journal-article"},{"id":"pmid:41751709","is_oa":false,"landing_page_url":"https://pubmed.ncbi.nlm.nih.gov/41751709","pdf_url":null,"source":{"id":"https://openalex.org/S4306525036","display_name":"PubMed","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Entropy (Basel, Switzerland)","raw_type":null},{"id":"pmh:oai:doaj.org/article:237a7c7983a94616801f46ad1e716fe6","is_oa":false,"landing_page_url":"https://doaj.org/article/237a7c7983a94616801f46ad1e716fe6","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Entropy, Vol 28, Iss 2, p 205 (2026)","raw_type":"article"},{"id":"pmh:oai:pubmedcentral.nih.gov:12939264","is_oa":true,"landing_page_url":"https://pmc.ncbi.nlm.nih.gov/articles/PMC12939264/","pdf_url":null,"source":{"id":"https://openalex.org/S2764455111","display_name":"PubMed Central","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Entropy (Basel)","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.3390/e28020205","is_oa":true,"landing_page_url":"https://doi.org/10.3390/e28020205","pdf_url":"https://www.mdpi.com/1099-4300/28/2/205/pdf?version=1770814720","source":{"id":"https://openalex.org/S195231649","display_name":"Entropy","issn_l":"1099-4300","issn":["1099-4300"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Entropy","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.5484837889671326,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320313851","display_name":"Shenzhen Polytechnic","ror":"https://ror.org/00d2w9g53"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7128589262.pdf","grobid_xml":"https://content.openalex.org/works/W7128589262.grobid-xml"},"referenced_works_count":23,"referenced_works":["https://openalex.org/W2010939995","https://openalex.org/W2029693536","https://openalex.org/W2059212242","https://openalex.org/W2088455835","https://openalex.org/W2153281696","https://openalex.org/W2248552015","https://openalex.org/W2544274814","https://openalex.org/W2891042463","https://openalex.org/W2965558750","https://openalex.org/W3132951757","https://openalex.org/W3201909053","https://openalex.org/W3207556102","https://openalex.org/W4210596428","https://openalex.org/W4311165406","https://openalex.org/W4321499004","https://openalex.org/W4367665438","https://openalex.org/W4391051921","https://openalex.org/W4402653794","https://openalex.org/W4404884164","https://openalex.org/W4406933683","https://openalex.org/W4407199541","https://openalex.org/W4407891882","https://openalex.org/W4416166794"],"related_works":[],"abstract_inverted_index":{"The":[0,42,117],"growth":[1],"of":[2,5,20,112,139],"the":[3,18,35,58,65,85,95,103,131,137],"Internet":[4],"Things":[6],"(IoT)":[7],"has":[8],"created":[9],"many":[10],"problems.":[11],"A":[12,29],"wise":[13],"example":[14],"is":[15,37,105],"presented":[16,38],"by":[17],"design":[19],"secure,":[21],"efficient":[22],"authentication":[23],"and":[24,47,63,74,114,122],"key":[25],"agreement":[26],"(AKA)":[27],"protocols.":[28],"novel":[30],"three-factor":[31],"AKA":[32],"protocol":[33,86],"for":[34,126],"IoT":[36,127,141],"in":[39,110],"this":[40],"paper.":[41],"scheme":[43,66],"integrates":[44],"password,":[45],"biometric,":[46],"device-based":[48],"factors":[49],"that":[50,102],"achieved":[51],"strong":[52],"security,":[53],"which":[54,83,129],"gives":[55],"anonymity":[56],"to":[57,68],"user,":[59],"achieves":[60],"forward":[61],"secrecy,":[62],"makes":[64,84],"resilient":[67],"various":[69],"attacks":[70],"like":[71],"replay,":[72],"impersonation,":[73],"de-synchronization.":[75],"It":[76],"also":[77],"adds":[78],"a":[79,120],"safe":[80],"lost-password-reset":[81],"functionality,":[82],"more":[87],"usable.":[88],"Security":[89],"analysis":[90],"proves":[91],"its":[92],"strength":[93],"against":[94],"typical":[96],"adversary,":[97],"while":[98],"performance":[99],"evaluation":[100],"shows":[101],"solution":[104,125],"better":[106],"than":[107],"existing":[108],"solutions":[109],"terms":[111],"computational":[113],"communication":[115],"efficiency.":[116],"work":[118],"proposes":[119],"practical":[121],"scalable":[123],"security":[124,133],"systems,":[128],"satisfies":[130],"high":[132],"standard":[134],"but":[135],"within":[136],"constraints":[138],"an":[140],"system.":[142]},"counts_by_year":[],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2026-02-11T00:00:00"}
