Providing lightweight mutual group authentication of Internet of Things
Subject Areas : electrical and computer engineeringreza sarabi miyanaji 1 , sam jabbehdari 2 , nasser modiri 3
1 -
2 -
3 - zanjan
Keywords: Group authentication, light weight authentication, Internet of things, key agreement,
Abstract :
The Internet of things is becoming the largest computing platform and we are seeing an increase in the number of devices in this environment. In addition, most Things in this infrastructure have the computational power and memory constraints. They cannot perform complex computational operations. These limitations have been ignored in most traditional authentication methods. Meanwhile, in the new methods of authentication of this environment, not much attention has been paid to the issue of scalability. Therefore, the need for a lightweight, scalable authentication is felt. In this paper, a lightweight authentication protocol is presented in which things are placed in different groups. In each group, a group manager node is considered and as an agent, it performs authentication on behalf of other members. Therefore, Authentication is done in groups, which makes the proposed protocol highly scalable. The proposed method reduces the computational cost of nodes and servers and provides privacy through node anonymity. In addition, it has forward-looking privacy without the use of asynchronous encryption and key agreement. The AVISPA tool has been used to confirm the security of the proposed method. In our method, the computation time of the node and server in authentication has been decreased by 7.8% and 3.5%, respectively, compared with reviewing protocols.
[1] M. Ammar, G. Russello, and B. Crispo, "Internet of Things: a survey on the security of IoT frameworks," J. Inf. Secur. Appl., vol. 38, pp. 8-27, Feb. 2018.
[2] K. Sha, W. Wei, T. Andrew Yang, Z. Wang, and W. Shi, "On security challenges and open issues in Internet of Things," Futur. Gener. Comput. Syst., vol. 83, pp. 326-337, Jun. 2018.
[3] Y. H. Chuang, N. W. Lo, C. Y. Yang, and S. W. Tang, "A lightweight continuous authentication protocol for the Internet of Things," Sensors, vol. 8, no. 4, Article No. 4, 26 pp., 2018.
[4] M. Dammak, O. Rafik, M. Boudia, M. A. Messous, S. M. Senouci, and C. Gransart, "Token-based lightweight authentication to secure IoT networks," in Proc. 16th IEEE Annu. Consum. Commun. Netw. Conf., 4 pp., Las Vegas, NV, USA, 11-14 Jan. 2019.
[5] Z. Xu, C. Xu, W. Liang, J. Xu, and H. Chen, "A lightweight mutual authentication and key agreement scheme for medical Internet of Things," IEEE Access, vol. 7, pp. pp. 53922-53931, 2019.
[6] L. Harn, "Group authentication," IEEE Trans. Comput., vol. 62, no. 9, pp. 1893-1898, Sept. 2013.
[7] A. Gupta, "A lightweight mutually authenticated key-agreement scheme for wireless body area networks in Internet of things environment," in Proc. of the 24th Annual Int. Conf. on Mobile Computing and Networking, pp. 804-806, New Delhi, India, 29 Oct.-2 Nov. 2018.
[8] M. Hamada, S. Kumari, and A. Kumar, "Secure anonymous mutual authentication for star two-tier wireless body area networks," Comput. Methods Programs Biomed., vol. 135, pp. 37-50, Oct. 2016.
[9] C. Chen, B. Xiang, T. Wu, and K. Wang, "An anonymous mutual authenticated key agreement scheme for wearable sensors in wireless body area networks," Appl. Sci., vol. 8, no. 7, Article No.: 1074, 2018.
[10] P. Punithavathi, S. Geetha, M. Karuppiah, S. K. H. Islam, M. M. Hassan, and K. R. Choo, "A lightweight machine learning-based authentication framework for smart IoT devices," Inf. Sci., vol. 84, pp. 255-268, May 2019.
[11] K. Fan, Y. Gong, C. Liang, H. Li, and Y. Yang, "Lightweight and ultralightweight RFID mutual authentication protocol with cache in the reader for IoT in 5G," Secur. Commun. Networks, vol. 9, pp. 3095-3104, 2016.
[12] K. Fan, P. Song, and Y. Yang, "ULMAP: ultralightweight NFC mutual authentication protocol with pseudonyms in the tag for IoT in 5G," Mob. Inf. Syst., vol. 2017, Article No.: 2349149, 7 pp., 2017.
[13] M. Durairaj and K. Muthuramalingam, "A new authentication scheme with elliptical curve cryptography for Internet of Things (IoT) environments," Int. J. Eng. Technol., vol. 7, no. 2.26, pp. 119-124, 2018.
[14] G. Sharma and S. Kalra, "A lightweight user authentication scheme for cloud-IoT based healthcare services," Iranian J. of Science and Technology-Trans. of Electrical Engineering, vol. 43, pp. 619-636, 2019.
[15] A. Xiang and J. Zheng, "A situation-aware scheme for efficient device authentication in smart grid-enabled home area networks," Electronics, vol. 9, no. 6, Article No.: 989, 2020.
[16] P. Kumar and L. Chouhan, "A privacy and session key based authentication scheme for medical IoT networks," Comput. Commun., vol. 166, pp. 154-164, 15 Jan. 2021.
[17] M. N. Aman, K. C. Chua, and B. Sikdar, "Mutual authentication in IoT systems using physical unclonable functions," IEEE Internet Things J., vol. 4, no. 5, pp. 1327-1340, Oct. 2017.
[18] M. T. Hammi, B. Hammi, P. Bellot, and A. Serhrouchni, "Bubbles of trust: a decentralized blockchain-based authentication system for IoT," Comput. Secur., vol. 78, pp. 126-142, Sept. 2018.
[19] L. Zhou, X. Li, K. H. Yeh, C. Su, and W. Chiu, "Lightweight IoT-based authentication scheme in cloud computing circumstance," Futur. Gener. Comput. Syst., vol. 91, pp. 244-251, Feb. 2019.
[20] Y. Chen, W. Xu, L. Peng, and H. Zhang, "Light-weight and privacy-preserving authentication protocol for mobile payments in the context of IoT," IEEE Access, vol. 7, pp. 15210-15221, 2019.
[21] D. Dolev and A. Yao, "On the security of public key protocols," IEEE Trans. Inf. Theory, vol. 29, no. 2, pp. 198-208, Mar. 1983.
[22] A. Armando, D. Basin, Y. Boichut, Y. Chevalier, and L. Compagna, "The AVISPA Tool for the Automated Validation," pp. 281-285.
[23] R. Amin and G. P. Biswas, "A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks," Ad Hoc Networks, vol. 36, pt. 1, pp. 58-80, Jan. 2016.