Liang Kou,Yiqi Shi,Liguo Zhang,Duo Liu,Qing Yang

DOI: https://doi.org/10.32604/cmc.2019.03760

2019-01-01

Abstract:With the development of computer hardware technology and network technology, the Internet of Things as the extension and expansion of traditional computing network has played an increasingly important role in all professions and trades and has had a tremendous impact on people lifestyle. The information perception of the Internet of Things plays a key role as a link between the computer world and the real world. However, there are potential security threats in the Perceptual Layer Network applied for information perception because Perceptual Layer Network consists of a large number of sensor nodes with weak computing power, limited power supply, and open communication links. We proposed a novel lightweight authentication protocol based on password, smart card and biometric identification that achieves mutual authentication among User, GWN and sensor node. Biometric identification can increase the non-repudiation feature that increases security. After security analysis and logical proof, the proposed protocol is proven to have a higher reliability and practicality.

Hanguang Luo,Tao Zou,Chunming Wu,Dan Li,Shunbin Li,Chu

DOI: https://doi.org/10.32604/cmc.2022.027118

2022-01-01

Abstract:In the emerging Industrial Internet of Things (IIoT), authentication problems have become an urgent issue for massive resource-constrained devices because traditional costly security mechanisms are not suitable for them. The security protocol designed for resource-constrained systems should not only be secure but also efficient in terms of usage of energy, storage, and processing. Although recently many lightweight schemes have been proposed, to the best of our knowledge, they are unable to address the problem of privacy preservation with the resistance of Denial of Service (DoS) attacks in a practical way. In this paper, we propose a lightweight authentication protocol based on the Physically Unclonable Function (PUF) to overcome the limitations of existing schemes. The protocol provides an ingenious authentication and synchronization mechanism to solve the contradictions amount forward secrecy, DoS attacks, and resource-constrained. The performance analysis and comparison show that the proposed scheme can better improve the authentication security and efficiency for resource-constrained systems in IIoT.

Chintan Patel

DOI: https://doi.org/10.48550/arXiv.2207.10353

2022-07-21

Abstract:The Internet of Things (IoT) is giving a boost to a plethora of new opportunities for the robust and sustainable deployment of cyber physical systems. The cornerstone of any IoT system is the sensing devices. These sensing devices have considerable resource constraints, including insufficient battery capacity, CPU capability, and physical security. Because of such resource constraints, designing lightweight cryptographic protocols is an opportunity. Remote User Authentication ensures that two parties establish a secure and durable session key. This study presents a lightweight and safe authentication strategy for the user-gateway (U GW) IoT network model. The proposed system is designed leveraging Elliptic Curve Cryptography (ECC). We undertake a formal security analysis with both the Automated Validation of Internet Security Protocols (AVISPA) and Burrows Abadi Needham (BAN) logic tools and an information security assessment with the Delev Yao channel. We use publish subscribe based Message Queuing Telemetry Transport (MQTT) protocol for communication. Additionally, the performance analysis and comparison of security features show that the proposed scheme is resilient to well known cryptographic threats.

Cryptography and Security

Dae-Hwi Lee,Im-Yeong Lee

DOI: https://doi.org/10.3390/s20185350

2020-09-18

Abstract:In the Internet of Things (IoT) environment, more types of devices than ever before are connected to the internet to provide IoT services. Smart devices are becoming more intelligent and improving performance, but there are devices with little computing power and low storage capacity. Devices with limited resources will have difficulty applying existing public key cryptography systems to provide security. Therefore, communication protocols for various kinds of participating devices should be applicable in the IoT environment, and these protocols should be lightened for resources-restricted devices. Security is an essential element in the IoT environment, so for secure communication, it is necessary to perform authentication between the communication objects and to generate the session key. In this paper, we propose two kinds of lightweight authentication and key agreement schemes to enable fast and secure authentication among the objects participating in the IoT environment. The first scheme is an authentication and key agreement scheme with limited resource devices that can use the elliptic curve Qu-Vanstone (ECQV) implicit certificate to quickly agree on the session key. The second scheme is also an authentication and key agreement scheme that can be used more securely, but slower than first scheme using certificateless public key cryptography (CL-PKC). In addition, we compare and analyze existing schemes and propose new schemes to improve security requirements that were not satisfactory.

Mikail Mohammed Salim,Jungho Kang,Yi Pan,Jong Hyuk Park

DOI: https://doi.org/10.3934/mbe.2022546

2022-01-01

Mathematical Biosciences and Engineering

Abstract:Internet of Things (IoT) devices supporting intelligent cloud applications such as healthcare for hospitals rely on connecting with local base stations and access points to provide rich data analysis and real-time services to users. Devices authenticate with local base stations and perform handover operations to connect with access points with higher signal strength. Attackers disguise as valid base stations and access points using publicly accessible SSID information connect with local IoT devices during the handover process and give rise to data integrity and privacy concerns. This paper proposes a lightweight authentication scheme for private blockchain-based networks for securing devices from rogue base stations during the handover process. An authentication certificate is designed for base stations and machines in local clusters using SHA256 and modulo operations for enabling quick handover operations. The keys assigned to each device and base station joining the network are hashed, and their sizes are reduced using modulo operations. Furthermore, the compressed key size forms a certificate, which is used by the machines and the base stations to authenticate mutually. In comparison with existing studies, the performance analysis of the proposed scheme is based on the transmission of three messages required for completing the authentication process. Evaluation based on the Communication Overhead demonstrates a minimum improvement of 99.30% fewer bytes exchanged during the handover process and 89.58% reduced Storage Overhead compared with existing studies.

Xi Hang Cao,Xiaojiang Du,E. Paul Ratazzi

DOI: https://doi.org/10.48550/arXiv.1902.03282

2019-02-08

Cryptography and Security

Abstract:Internet of Things (IoT) is ubiquitous because of its broad applications and the advance in communication technologies. The capabilities of IoT also enable its important role in homeland security and tactical missions, including Reconnaissance, Intelligence, Surveillance, and Target Acquisition (RISTA). IoT security becomes the most critical issue before its extensive use in military operations. While the majority of research focuses on smart IoT devices, treatments for legacy dumb network-ready devices are lacking; moreover, IoT devices deployed in a hostile environment are often required to be dumb due to the strict hardware constraints, making them highly vulnerable to cyber attacks. To mitigate the problem, we propose a light-weight authentication scheme for dumb IoT devices, in a case study of the UAV-sensor collaborative RISTA missions. Our scheme utilizes the covert channels in the physical layer for authentications and does not request conventional key deployments, key generations which may cause security risks and large overhead that a dumb sensor cannot afford. Our scheme operates on the physical layer, and thus it is highly portable and generalizable to most commercial and military communication protocols. We demonstrate the viability of our scheme by building a prototype system and conducting experiments to emulate the behaviors of UAVs and sensors in real scenarios.

Chandranshu Gupta,Gaurav Varshney

2023-11-07

Abstract:The Internet of Things (IoT) has improved people's lives by seamlessly integrating into many facets of modern life and facilitating information sharing across platforms. Device Authentication and Key exchange are major challenges for the IoT. High computational resource requirements for cryptographic primitives and message transmission during Authentication make the existing methods like PKI and IBE not suitable for these resource constrained devices. PUF appears to offer a practical and economical security mechanism in place of typically sophisticated cryptosystems like PKI and IBE. PUF provides an unclonable and tamper sensitive unique signature based on the PUF chip by using manufacturing process variability. Therefore, in this study, we use lightweight bitwise XOR, hash function, and PUF to Authenticate IoT devices. Despite several studies employing the PUF to authenticate communication between IoT devices, to the authors' knowledge, existing solutions require intermediary gateway and internet capabilities by the IoT device to directly interact with a Server for Authentication and hence, are not scalable when the IoT device works on different technologies like BLE, Zigbee, etc. To address the aforementioned issue, we present a system in which the IoT device does not require a continuous active internet connection to communicate with the server in order to Authenticate itself. The results of a thorough security study are validated against adversarial attacks and PUF modeling attacks. For formal security validation, the AVISPA verification tool is also used. Performance study recommends this protocol's lightweight characteristics. The proposed protocol's acceptability and defenses against adversarial assaults are supported by a prototype developed with ESP32.

Cryptography and Security

Sangjukta Das,Suyel Namasudra

DOI: https://doi.org/10.1002/ett.4716

IF: 3.6

2023-01-04

Transactions on Emerging Telecommunications Technologies

Abstract:The proposed scheme consists of three entities, namely IoT device (IoTD), gateway, and central administrator (CA). An IoTD is a resource‐constrained device associated with a patient's body. It collects patients' real‐time healthcare data and sends them to the intended entity via a gateway device. The gateway acts as an intermediate entity between the IoTD and user. The CA is the central entity of the proposed scheme. In recent years, Internet of Things (IoT) technology has been adopted in numerous application areas, such as healthcare, agriculture, industrial automation, and many more. The use of IoT and other technologies like cloud computing and machine learning has made the modern healthcare system to be smart, automated, and efficient. However, the continuous proliferation of cyber‐attacks on IoT devices has increased IoT challenges like data security, privacy protection, authentication, and so forth. In smart healthcare systems, due to the lack of authentication protocols, attackers can undermine the availability, confidentiality, and integrity of both smart healthcare devices and data, which can be life‐threatening in some situations. In this article, a privacy‐preserving mutual authentication scheme for IoT‐enabled healthcare systems is proposed to achieve lightweight and effective authentication of network devices. To support the processing capabilities of the IoT devices, this proposed authentication scheme is designed using lightweight cryptographic primitives, namely XOR, concatenation, and hash operation. The proposed scheme can establish a secure session between an authorized device and a gateway, and prevent unauthorized devices from getting access to healthcare systems. The security analysis and performance analysis assess the proposed authentication technique's effectiveness over existing well‐known schemes.

telecommunications

Dongfeng Fang,Yi Qian,Rose Qingyang Hu

DOI: https://doi.org/10.1109/jiot.2020.2970974

IF: 10.6

2020-04-01

IEEE Internet of Things Journal

Abstract:Internet-of-Things (IoT) applications have been rapidly deployed into pervasive environment, where both challenges and opportunities abound. On the one hand, a large number of IoT devices and their rich functions contribute significant volumes of data, which has brought tremendous convenience to the daily lives of end users. On the other hand, the heterogeneous IoT devices and a large amount of private information transmitted through networks also bring serious security and privacy issues. It is a big challenge to model IoT systems and trust relationships between different entities with a large number of heterogeneous IoT devices. In this article, we study a general IoT system architecture with consideration of heterogeneous IoT devices. Different trust models are proposed and analyzed based on the trust relationships between different entities in the IoT system. We propose a flexible and efficient authentication scheme with a consideration of heterogeneous IoT devices based on the least trust-required model. The proposed scheme provides security and privacy to resource-limited IoT devices flexibly and efficiently by utilizing IoT devices with better storage and computational ability. Moreover, secure data transmission is presented with contextual privacy and data integrity services. The proposed scheme achieves not only the mutual authentication, initial session key agreement, and data integrity but also anonymity, contextual privacy, forward security, end-to-end security, and key escrow resilience. Security analysis is presented to provide verification of the proposed protocol and security objectives. Moreover, performance evaluation is presented with comparison to the other schemes in terms of security features, computational overhead, and communication overhead. The performance comparisons show that our proposed scheme provides flexible and efficient security by consideration of heterogeneous IoT devices. With the higher proportion of resource-limited IoT devic-s, our proposed scheme outperforms other similar schemes.

computer science, information systems,telecommunications,engineering, electrical & electronic

Laleh Khajehzadeh,Hamid Barati,Ali Barati

DOI: https://doi.org/10.1007/s11042-024-19379-2

IF: 2.577

2024-05-22

Multimedia Tools and Applications

Abstract:The Internet of Things has opened up new opportunities in healthcare systems. Wireless sensor nodes are used to collect and exchange health-related data in the Internet of Things. In this integration, data is transmitted to medical professionals through unsecured channels to enable them to monitor patients' conditions in real-time. However, due to the high sensitivity of e-health records, there are key challenges such as security considerations, privacy, and authentication in data transmission in heterogeneous Internet of Things networks. This article examines the solution proposed by Masud and colleagues and points out the existing threats and vulnerabilities, such as node clone/replication attacks. To overcome these drawbacks, we propose an improved lightweight authentication protocol for a smart healthcare system. In the proposed protocol, the mutual authentication process consists of two steps. The doctor sends their information for authentication and the desired sensor node ID to the gateway for communication. After successful confirmation of authentication, the gateway node, in turn, sends a message to the sensor node to complete the authentication process. After confirming the authentication process, the node sends a message to the gateway to complete the authentication process and key agreement. Once the authentication process of the sensor node is confirmed, the gateway sends a message to the medical user based on their authentication along with the session key. The security of the proposed protocol is demonstrated through automatic validation of protocols using tools like ProVerif and internet security programs. Additionally, security features and performance analysis are compared to other schemes. The results show that the improved proposed protocol provides a higher level of security while ensuring computational and communication efficiency. It is also resistant to attacks such as mutual authentication, identity anonymity and untraceability, ensures data privacy, and provides perfect forward secrecy, among others.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Sensen Li,Yicai Huang,Bin Yu

DOI: https://doi.org/10.1016/j.comnet.2024.110426

IF: 5.493

2024-05-09

Computer Networks

Abstract:With the explosive development of the Internet of Things (IoT), its security has become a critical concern. As a lightweight hardware primitive, Physical Unclonable Function (PUF) provides a promising solution for IoT security. Nevertheless, as per the knowledge of the authors, most of the existing PUF-based anonymous authentication protocols for IoT are not suitable for end-to-end IoT applications due to their flexibility or security. Specifically, there are two main issues with existing related protocols: (1) the end-to-end anonymous authentication between IoT devices requires the participation of a trusted third party, which seriously affects the flexibility of interaction; (2) most related protocols provide weak anonymity, that is, they are anonymous against only eavesdroppers. To solve these problems, a new PUF-based end-to-end anonymous authentication protocol is proposed. Without needing the real-time participation of the third party, the proposed protocol realizes end-to-end direct mutual authentication and session key agreement while maintaining strong anonymity. It also provides an online dynamic updating mechanism for security parameters. The security analysis shows that the proposed protocol has perfect forward secrecy while resisting various known attacks including physical attacks and modeling attacks. Meanwhile, it outperforms related protocols in terms of protocol rounds and communication costs.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Hsiao-Ling Wu,Chin-Chen Chang,Yao-Zhu Zheng,Long-Sheng Chen,Chih-Cheng Chen

DOI: https://doi.org/10.3390/s20195604

IF: 3.9

2020-09-30

Sensors

Abstract:The Internet of Things (IoT) is currently the most popular field in communication and information techniques. However, designing a secure and reliable authentication scheme for IoT-based architectures is still a challenge. In 2019, Zhou et al. showed that schemes pro-posed by Amin et al. and Maitra et al. are vulnerable to off-line guessing attacks, user tracking attacks, etc. On this basis, a lightweight authentication scheme based on IoT is proposed, and an authentication scheme based on IoT is proposed, which can resist various types of attacks and realize key security features such as user audit, mutual authentication, and session security. However, we found weaknesses in the scheme upon evaluation. Hence, we proposed an enhanced scheme based on their mechanism, thus achieving the security requirements and resisting well-known attacks.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Yiran Han,Hua Guo,Jianwei Liu,Brou Bernard Ehui,Yapeng Wu,Sijia Li

DOI: https://doi.org/10.1109/jiot.2024.3355228

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:The Industrial Internet of Things (IIoT) is the application of the Internet of Things (IoT) in the industrial field. IIoT allows users to remotely access industrial equipment and the data in it, which also brings certain challenges to the security of industrial data. Authentication and key agreement protocols are very effective security technologies in the matter of protecting industrial data. There is a large amount of research work on authentication protocols in IIoT, but most of the protocols have security weaknesses. Recently, Rafique et al. proposed a multi-factor protocol in IIoT that can accomplish authentication and session key establishment through a gateway. Rafique et al. claimed that their protocol is secure, unfortunately, we carefully analyze the protocol of Rafique et al. and find some security flaws, i.e., it is vulnerable to insider attack and known session-specific temporary information (KSSTI) attack, and unable to provide forward security. We explore the factors of insecurity and propose an enhanced multi-factor secure authentication and key agreement protocol in IIoT. The new protocol improves the security of the protocol while using only symmetric cryptography, hash function, and XOR operation. Formal security analysis and informal security discussions demonstrate that the new protocol is resistant to a variety of known attacks. After performance analysis, our protocol has lower computational cost, and increases no significant communication cost, while providing more secure and robust properties.

computer science, information systems,telecommunications,engineering, electrical & electronic

Fahem Zerrouki,Samir Ouchani,Hafida Bouarfa

DOI: https://doi.org/10.1007/s12652-022-04321-x

IF: 3.662

2022-08-07

Journal of Ambient Intelligence and Humanized Computing

Abstract:The Internet of things (IoT) is an indispensable part of our daily lives, bringing us many conveniences, including e-commerce and m-commerce services. Unfortunately, IoT networks suffer from several security issues, such as privacy, access control, and authentication. However, due to the limited computation resources, remote authentication between IoT devices and servers is vulnerable to being attacked over an insecure communication channel. Many authentication schemes have been proposed, but generally, they are based on traditional cryptographic techniques. Unfortunately, most of them are vulnerable to physical attacks since they rely mainly on a stored secret key in the device's local memory. However, recently Physically unclonable functions (PUFs) have been classified as solid security primitives that could guarantee the three pillars of security (confidentiality, authenticity, and privacy) of sent or received information by IoT devices. PUFs extract unique information from the physical characteristics of the IoT device. Nevertheless, a Fuzzy extractor (FE) should be considered to extract correct and reproducible cryptographic keys from a noisy source. This paper proposes a mutual authentication and a session key establishment protocol for IoT devices based on Silicon PUFs using Arbiter chips. We also validate our developed protocol regarding its resistance to attack scenarios. By relying on formal verification using VerifPal, we found that the proposed authentication mechanism is secure and suitable for resource-constrained IoT devices. Furthermore, our scheme is more efficient than the existing ones in terms of attack robustness. Finally, the experiments have been validated on an Arbiter PUF dataset.

computer science, information systems,telecommunications, artificial intelligence

Dipanwita Sadhukhan,Sangram Ray,G. P. Biswas,M. K. Khan,Mou Dasgupta

DOI: https://doi.org/10.1007/s11227-020-03318-7

IF: 3.3

2020-05-07

The Journal of Supercomputing

Abstract:Internet of things (IoT) has become a new era of communication technology for performing information exchange. With the immense increment of usage of smart devices, IoT services become more accessible. To perform secure transmission of data between IoT network and remote user, mutual authentication, and session key negotiation play a key role. In this research, we have proposed an ECC-based three-factor remote user authentication scheme that runs in the smart device and preserves privacy, and data confidentiality of the communicating user. To support our claim, multiple cryptographic attacks are analyzed and found that the proposed scheme is not vulnerable to those attacks. Finally, the computation and communication overheads of the proposed scheme are compared with other existing protocols to confirm that the proposed scheme is lightweight. A formal security analysis using AVISPA simulation tool has been done that confirms the proposed scheme is robust against relevant security threats.

Junhui Zhao,Fanwei Huang,Huanhuan Hu,Longxia Liao,Dongming Wang,Lisheng Fan

DOI: https://doi.org/10.1016/j.adhoc.2024.103427

IF: 4.816

2024-01-31

Ad Hoc Networks

Abstract:5G technology has been applied and popularized, leading to the widespread usage of the Internet of Things (IoT) in various areas such as intelligent transportation, home security, fire protection, industrial monitoring, healthcare, and data collection intelligence. Data sharing is one of the key factors for successful application in these fields. However, real-time data sharing through open channels may result in transmitted messages being illegally accessed by attackers, leading to privacy breaches. At present, most existing authentication schemes focus on single gateway authentication models. In order to overcome issues such as elevated communication overhead, reduced network performance, and inefficient cross-domain access in the single gateway model with larger network sizes, we introduce a multi-gateway lightweight authentication scheme as a solution. Firstly, our scheme is based on a three-factor authentication scheme of Chebyshev chaotic mapping, hash function, and XOR operation. This scheme achieves secure authentication between sensor nodes and users, establishes session keys, and also supports user key updates. Secondly, through security analysis, we demonstrate that the proposed scheme resists internal disguise attacks, sensor capture attacks, temporary secret leakage attacks, and achieves forward security of session keys. We additionally provide a demonstration of the semantic security of session keys by utilizing a Random Oracle Model (ROM). Finally, compared to other schemes, the results show that our proposed scheme has lower communication overhead and computational resource requirements, and is more in line with the requirements of lightweight device security authentication in the IoT.

computer science, information systems,telecommunications

Saud Khan,Chandra Thapa,Salman Durrani,Seyit Camtepe

DOI: https://doi.org/10.1109/JIOT.2023.3331362

2023-11-07

Abstract:Physical-layer authentication is a popular alternative to the conventional key-based authentication for internet of things (IoT) devices due to their limited computational capacity and battery power. However, this approach has limitations due to poor robustness under channel fluctuations, reconciliation overhead, and no clear safeguard distance to ensure the secrecy of the generated authentication keys. In this regard, we propose a novel, secure, and lightweight continuous authentication scheme for IoT device authentication. Our scheme utilizes the inherent properties of the IoT devices' transmission model as its source for seed generation and device authentication. Specifically, our proposed scheme provides continuous authentication by checking the access time slots and spreading sequences of the IoT devices instead of repeatedly generating and verifying shared keys. Due to this, access to a coherent key is not required in our proposed scheme, resulting in the concealment of the seed information from attackers. Our proposed authentication scheme for IoT devices demonstrates improved performance compared to the benchmark schemes relying on physical channels. Our empirical results find a near threefold decrease in the misdetection rate of illegitimate devices and close to zero false alarm rate in various system settings with varied numbers of active devices up to 200 and signal-to-noise ratio from 0 dB to 25 dB. Our proposed authentication scheme also has a lower computational complexity of at least half the computational cost of the benchmark schemes based on support vector machine and binary hypothesis testing in our studies. This further corroborates the practicality of our scheme for IoT deployments.

Cryptography and Security,Networking and Internet Architecture,Signal Processing

Susovan Chanda,Ashish Kr. Luhach,J. Sharmila Anand Francis,Indranil Sengupta,Diptendu Sinha Roy

DOI: https://doi.org/10.1155/2024/5998163

2024-03-23

Wireless Communications and Mobile Computing

Abstract:The exponential growth of the Internet of Things (IoT) has led to a surge in data generation, critical for business decisions. Ensuring data authenticity and integrity over unsecured channels is vital, especially due to potential catastrophic consequences of tampered data. However, IoT's resource constraints and heterogeneous ecosystem present unique security challenges. Traditional public key infrastructure offers strong security but is resource intensive, while existing cloud-based solutions lack comprehensive security and rise to latency and unwanted wastage of energy. In this paper, we propose a universal authentication scheme using edge computing, incorporating fully hashed Elliptic Curve Menezes–Qu–Vanstone (ECMQV) and PUF. This approach provides a scalable and reliable solution. It also provides security against active attacks, addressing man-in-the-middle and impersonation threats. Experimental validation on a Zybo board confirms its effectiveness, offering a robust security solution for the IoT landscape.

computer science, information systems,telecommunications,engineering, electrical & electronic

Guanjie Cheng,Yewei Wang,Shuiguang Deng,Zhengzhe Xiang,Xueqiang Yan,Peng Zhao,Schahram Dustdar

DOI: https://doi.org/10.1109/tsc.2023.3349305

IF: 11.019

2024-01-01

IEEE Transactions on Services Computing

Abstract:The property of Internet of Things (IoT) applications is their capability to execute tasks through the collaboration of interconnected IoT objects. However, IoT collaborations face significant challenges due to security threats that undermine their reliability. An uncertified task publisher may deceive IoT devices into executing illegal tasks, while malicious attackers may intercept and modify transmitted data. Existing works on IoT trusted management issues tend to concentrate on individual aspects, such as authentication, privacy protection, and access control. However, trusted management for IoT collaboration is a multifaceted and intricate endeavor that necessitates a comprehensive approach. To fill this gap, we propose a lightweight authentication-driven trusted management framework that includes a novel authentication and key agreement scheme to guarantee the validity of task publishers, with greatly reduced overheads compared to recent works. The framework also incorporates a distributed data storage scheme and a fine-grained access control mechanism. We record the interactive messages on the blockchain to ensure behavior traceability. We evaluate the authentication scheme through comparative experiments and formal security analysis, demonstrating its efficiency and effectiveness. The experimental results of data storage and acquisition in real-world IoT environments indicate that the proposed framework is a feasible solution for reliable IoT collaboration.

computer science, information systems, software engineering

Sangjukta Das,Maheshwari Prasad Singh,Suyel Namasudra

DOI: https://doi.org/10.1007/s12652-024-04810-1

IF: 3.662

2024-08-21

Journal of Ambient Intelligence and Humanized Computing

Abstract:Internet of Things (IoT) devices are often directly authenticated by the gateways within the network. In complex and large systems, IoT devices may be connected to the gateway through another device in the network. In such a scenario, new device should be authenticated with the gateway through the intermediate device. To address this issue, an authentication process is proposed in this paper for IoT-enabled healthcare systems. This approach performs a privacy-preserving mutual authentication between the gateway and an IoT device through intermediate devices, which are already authenticated by the gateway. The proposed approach relies on the session key established during gateway-intermediate device authentication. To emphasizes lightweight and efficient system, the proposed approach employs lightweight cryptographic operations, such as XOR, concatenation, and hash functions within IoT networks. This approach goes beyond the traditional device-to-device authentication, allowing authentication to propagate across multiple devices or nodes in the network. The proposed work establishes a secure session between an authorized device and a gateway, preventing unauthorized devices from accessing healthcare systems. The security of the protocol is validated through a thorough analysis using the AVISPA tool, and its performance is evaluated against existing schemes, demonstrating significantly lower communication and computation costs.

computer science, information systems,telecommunications, artificial intelligence