The Internet of Things (IoT) connects different kinds of devices into a network, and enables two-way communication between devices. A large amount of data are collected by these devices and transmitted in this network, it is necessary to ensure secure communications between these devices, to make it impossible for an adversary to undermine this communication. To ensure secure communication, many authentication protocols have been proposed, in this study, a fully anonymous authentication scheme for the Internet of things scenario has been proposed, it enables the remote client to anonymously connect to the server and being serviced by the server. The proposed scheme has been verified by AVISPA and BAN Logic, and the result shows that it is safe. Besides, the simulation shows that the proposed scheme is more efficient in computation cost and communication cost.
Keywords: IoT security and privacy; elliptic curve cryptography; internet of things; lightweight authentication; mutual authentication; user anonymity.