A secure lightweight authentication mechanism for IoT devices in generic domain

The Internet of Things prompt deployment enhances the security concerns of these systems in recent years. The enormous exchange of sensory information between devices raises the necessity for a secure authentication scheme for Internet of Things devices. Despite many proposed schemes, providing authenticated and secure communication for Internet of Things devices is still an open issue. This research addresses challenges pertaining to the Internet of Things authentication, verification, and communication, and proposes a new secure lightweight mechanism for Internet of Things devices in the generic domain. The proposed authentication method utilizes environmental variables obtained by sensors to allow the system to identify genuine devices and reject anomalous connections

A Lightweight Multi-receiver Encryption Scheme with Mutual Authentication

"In this paper, we propose a lightweight multi-receiver encryption scheme for the device to device communications on Internet of Things (IoT) applications. In order for the individual user to control the disclosure range of his/her own data directly and to prevent sensitive personal data disclosure to the trusted third party, the proposed scheme uses device-generated public keys. For mutual authentication, third party generates Schnorr-like lightweight identity-based partial private keys for users. The proposed scheme provides source authentication, message integrity, replay-attack prevention and implicit user authentication. In addition to more security properties, computation expensive pairing operations are eliminated to achieve less time usage for both sender and receiver, which is favourable property for IoT applications. In this paper, we showed a proof of security of our scheme, computational cost comparison and experimental performance evaluations. We implemented our proposed scheme on real embedded Android devices and confirmed that it achieves less time cost for both encryption and decryption comparing with the existing most efficient certificate-based multi-receiver encryption scheme and certificateless multi-receiver encryption scheme.

TAW: cost-effective threshold authentication with weights for internet of things

In the Internet of Things, based on the collaboration of sensing nodes, sensing data are collected and transmitted. The collaboration of sensing nodes also plays an important role in the safeguard of the Internet of Things. Owing to the limited ability of the single sensing node, the threshold authentication based on the collaboration of sensing nodes can improve the trust of security authentication of sensing nodes. The current threshold authentication schemes may require high-computational complexity, and more importantly, most of them are instantiated by membership authentication. It’s challenging to apply the current state of the arts to the case where sensing nodes with various weights join together to fulfill a relatively lightweight authentication. In this paper, we first design a communication key distribution scheme for sensing networks based on a symmetric operator. Using the permutation function, the scheme is able to generate characteristic sequences to improve the efficiency of key distribution in sensing networks. In addition, we propose a threshold authentication scheme based on weights, in which the higher weight represents the more important role in authentication. Our authentication scheme only requires lightweight operations, so that, it is extremely friendly to the IoT nodes with restricted computation power. The security analysis and the case verification demonstrate that our novel authentication protects IoT nodes without yielding significantly computational burden to the nodes

Lightweight and privacy-preserving two-factor authentication scheme for IoT devices

Device authentication is an essential security feature for Internet of Things (IoT). Many IoT devices are deployed in the open and public places, which makes them vulnerable to physical and cloning attacks. Therefore, any authentication protocol designed for IoT devices should be robust even in cases when an IoT device is captured by an adversary. Moreover, many of the IoT devices have limited storage and computational capabilities. Hence, it is desirable that the security solutions for IoT devices should be computationally efficient. To address all these requirements, in this paper, we present a lightweight and privacy-preserving two-factor authentication scheme for IoT devices, where physically uncloneable functions have been considered as one of the authentication factors. Security and performance analysis show that our proposed scheme is not only robust against several attacks, but also very efficient in terms of computational efficiently

Lightweight Three-Factor Authentication and Key Agreement Protocol for Internet-Integrated Wireless Sensor Networks

Wireless sensor networks (WSNs) will be integrated into the future Internet as one of the components of the Internet of Things, and will become globally addressable by any entity connected to the Internet. Despite the great potential of this integration, it also brings new threats, such as the exposure of sensor nodes to attacks originating from the Internet. In this context, lightweight authentication and key agreement protocols must be in place to enable end-to-end secure communication. Recently, Amin et al. proposed a three-factor mutual authentication protocol for WSNs. However, we identified several flaws in their protocol. We found that their protocol suffers from smart card loss attack where the user identity and password can be guessed using offline brute force techniques. Moreover, the protocol suffers from known session-specific temporary information attack, which leads to the disclosure of session keys in other sessions. Furthermore, the protocol is vulnerable to tracking attack and fails to fulfill user untraceability. To address these deficiencies, we present a lightweight and secure user authentication protocol based on the Rabin cryptosystem, which has the characteristic of computational asymmetry. We conduct a formal verification of our proposed protocol using ProVerif in order to demonstrate that our scheme fulfills the required security properties. We also present a comprehensive heuristic security analysis to show that our protocol is secure against all the possible attacks and provides the desired security features. The results we obtained show that our new protocol is a secure and lightweight solution for authentication and key agreement for Internet-integrated WSNs

PUF Security: Reviewing The Validity of Spoofing Attack Against Safe is the New Smart

Due to the heterogeneity and the particular security requirements of IoT (Internet of Things), developing secure, low-cost, and lightweight authentication protocols has become a serious challenge. This has excited the research community to design and develop new authentication protocols that meet IoT requirements. An interesting hardware technology, called PUFs (Physical Unclonable Functions), has been the subject of many subsequent publications on lightweight, low-cost, and secure-by-design authentication protocols for the past six years. In 2020, a lightweight PUF-based authenticated key-exchange (AKE) scheme was proposed. The scheme claimed to provide mutual authentication and key establishment. The protocol was demonstrated to be vulnerable to a spoofing attack, where an attacker is able to compromise the authentication claims that are made during the execution of the protocol. Recently, some researchers have argued the validity of the attack due to a misunderstanding of security protocol specification principles. In this paper, we show how the authentication claim, as well as the key-establishment claim of the authentication protocol, can be compromised by spoofing the server and fooling the meter

Impersonation Attacks on Lightweight Anonymous Authenticated Key Exchange Scheme for IoT

Recently, in IEEE Internet of Things Journal (DOI: 10.1109/JIOT.2019.2923373 ), Banerjee et al. proposed a lightweight anonymous authenticated key exchange scheme for IoT based on symmetric cryptography. In this paper, we show that the proposal can not resist impersonation attacks due to vulnerable mutual authentication, and give improvements

A robust authentication scheme for observing resources in the internet of things environment

© 2014 IEEE. The Internet of Things is a vision that broadens the scope of the internet by incorporating physical objects to identify themselves to the participating entities. This innovative concept enables a physical device to represent itself in the digital world. There are a lot of speculations and future forecasts about the Internet of Things devices. However, most of them are vendor specific and lack a unified standard, which renders their seamless integration and interoperable operations. Another major concern is the lack of security features in these devices and their corresponding products. Most of them are resource-starved and unable to support computationally complex and resource consuming secure algorithms. In this paper, we have proposed a lightweight mutual authentication scheme which validates the identities of the participating devices before engaging them in communication for the resource observation. Our scheme incurs less connection overhead and provides a robust defence solution to combat various types of attacks