Skip to main content
SpringerLink
Log in

An efficient mutual authentication scheme for IoT systems

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

The resource-constrained nature of Internet of Things (IoT) devices and their diversity and abundancy represent a major challenge for the development of efficient security solutions that fit IoT systems and ensure end-to-end security. This paper presents an efficient IoT authentication scheme that provides mutual authentication between three different entities making up the IoT system under study; IoT devices, an IoT manufacturer server, and an authentication server. The authentication process is accomplished by the exchange of only six small messages in three successive stages: the IoT device association stage, the IoT device–AS server communication initialization stage, and the exchanged data encryption stage. The scheme employs the HMAC keyed hash function to provide mutual authentication and the AES-GCM lightweight symmetric cryptographic function to provide integrity and confidentiality for the exchanged data. The proposed scheme was simulated using the Network Simulator NS3 with C++ crypto++ library, using the various IoT enabling technology models. The obtained simulation results verified the proper functioning of the designed scheme and demonstrated the efficiency of the proposed scheme in terms of the low computational and communication overheads. The scheme needed 13.04 ms and 470 bytes to complete the mutual authentication process, including session key exchange. The low computational and communicational overhead of the proposed scheme are due to the scheme’s small-sized messages, lightweight cryptographic functions, and passive discovery of IoT device. Security analysis of the scheme shows that the essential security requirements, which includes mutual authentication, confidentiality, and integrity, have been met by the proposed authentication scheme. Moreover, the scheme is inherently robust against common cyber-attacks such as the DoS, impersonation, spoofing, sniffing, and man-in-the-middle attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18

Similar content being viewed by others

References

  1. Samaila MG, Neto M, Fernandes DA, Freire MM, Inácio PR (2017) Security challenges of the Internet of Things. In: Batalla J, Mastorakis G, Mavromoustakis C, Pallis E (eds) Beyond the Internet of Things. Springer, Cham, pp 53–82

    Chapter  Google Scholar 

  2. Cisco, Inc (2016) Internet of Things at a glance Retrieved 19 May 2019 from https://www.cisco.com/c/dam/en/us/products/collateral/se/internet-of-things/at-a-glance-c45-731471.pdf

  3. Hammoudi S, Aliouat Z, Harous S (2018) Challenges and research directions for Internet of Things. Telecommun Syst 67(2):367–385

    Article  Google Scholar 

  4. Kumari S, Karuppiah M, Das AK et al (2018) A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers. J Supercomput 74:6428–6453. https://doi.org/10.1007/s11227-017-2048-0

    Article  Google Scholar 

  5. Kim H (2017) Securing the Internet of Things via locally centralized, globally distributed authentication and authorization. Doctoral dissertation, UC Berkeley

  6. Sudha MN, Rajendiran M, Specht M et al (2021) A low-area design of two-factor authentication using DIES and SBI for IoT security. J Supercomput. https://doi.org/10.1007/s11227-021-04022-w

    Article  Google Scholar 

  7. Oh J, Yu S, Lee J, Son S, Kim M, Park Y (2021) A secure and lightweight authentication protocol for IoT-based smart homes. Sensors 21:1–24

    Article  Google Scholar 

  8. Adat V, Gupta BB (2018) Security in Internet of Things: issues, challenges, taxonomy, and architecture. Telecommun Syst 67(3):423–441

    Article  Google Scholar 

  9. Sadhukhan D, Ray S, Biswas GP et al (2021) A lightweight remote user authentication scheme for IoT communication using elliptic curve cryptography. J Supercomput 77:11141151. https://doi.org/10.1007/s11227-020-03318-7

    Article  Google Scholar 

  10. Lakhan A, Mohammed MA, Obaid OI et al (2022) Efficient deep-reinforcement learning aware resource allocation in SDN-enabled fog paradigm. Autom Softw Eng 29:20. https://doi.org/10.1007/s10515-021-00318-6

    Article  Google Scholar 

  11. Lakhan A, Mohammed MA, Kadry S, Abdulkareem KH, Al-Dhief FT, Hsu CH (2021) Federated learning enables intelligent reflecting surface in fog-cloud enabled cellular network. PeerJ Comput Sci 7:e758. https://doi.org/10.7717/peerj-cs.758

    Article  Google Scholar 

  12. Lakhan A, Memon MS, Mastoi Q et al (2021) Cost-efficient mobility offloading and task scheduling for microservices IoVT applications in container-based fog cloud network. Cluster Comput. https://doi.org/10.1007/s10586-021-03333-0

    Article  Google Scholar 

  13. Choi S, Ko J, Kwak J (2019) A study on IoT device authentication protocol for high speed and lightweight. In: International Conference on Platform Technology and Service (PlatCon) 2019, pp 1–5.https://doi.org/10.1109/PlatCon.2019.8669418

  14. Chuang M-C, Yen C-C (2021) Geometric authentication mechanism for enhancing security in IoT environment. Symmetry 13(8):1369

    Article  Google Scholar 

  15. Fremantle P, Scott P (2017) A survey of secure middleware for the Internet of Things. PeerJ Comput Sci 3:e114

    Article  Google Scholar 

  16. Tewari A, Gupta BB (2017) Cryptanalysis of a novel ultra-lightweight mutual authentication protocol for IoT devices using RFID tags. J Supercomput 73:1085–1102. https://doi.org/10.1007/s11227-016-1849-x

    Article  Google Scholar 

  17. Fakroon M, Alshahrani M, Gebali F, Traore I (2020) Secure remote anonymous user authentication scheme for smart home environment. Internet Things 9:100158

    Article  Google Scholar 

  18. Lin J, Yu W, Zhang N, Yang X, Zhang H, Zhao W (2017) A survey on Internet of Things: architecture, enabling technologies, security and privacy, and applications. IEEE Internet Things J 4(5):1125–1142

    Article  Google Scholar 

  19. Kang B, Han Y, Qian K, Jianqi Du (2020) Analysis and improvement on an authentication protocol for IoT-enabled devices in distributed cloud computing environment. Math Probl Eng. https://doi.org/10.1155/2020/1970798

    Article  MathSciNet  MATH  Google Scholar 

  20. Huang H, Lu S, Wu Z et al (2021) An efficient authentication and key agreement protocol for IoT-enabled devices in distributed cloud computing architecture. J Wirel Commun Netw 2021:150. https://doi.org/10.1186/s13638-021-02022-1

    Article  Google Scholar 

  21. Pereira GC, Alves RC, Silva FLD, Azevedo RM, Albertini BC, Margi CB (2017) Performance evaluation of cryptographic algorithms over IoT platforms and operating systems. Secur Commun Netw 2017:1–16

    Article  Google Scholar 

  22. Toshihiko O (2017) Lightweight cryptography applicable to various IoT devices. NEC Tech J 12(1):67–71

    Google Scholar 

  23. Kiran SKVVNL, Harini N (2018) Evaluating efficiency of HMAC and digital signatures to enhance security in IoT. Int J Pure Appl Math 119:13991–13997

    Google Scholar 

  24. Sfar AR, Natalizio E, Challal Y, Chtourou Z (2018) A roadmap for security challenges in the Internet of Things. Digit Commun Netw 4(2):118–137

    Article  Google Scholar 

  25. Xue K, Meng W, Li S, Wei DSL, Zhou H, Yu N (2019) A secure and efficient access and handover authentication protocol for Internet of Things in space information networks. IEEE Internet Things J 6(3):5485–5499. https://doi.org/10.1109/JIOT.2019.2902907

    Article  Google Scholar 

  26. El-hajj M, Fadlallah A, Chamoun M, Serhrouchni A (2019) A survey of Internet of Things (IoT) authentication schemes. Sensors 19(5):1141

    Article  Google Scholar 

  27. Melki R, Noura HN, Chehab A (2020) Lightweight multi-factor mutual authentication protocol for IoT devices. Int J Inf Secur 19:679–694. https://doi.org/10.1007/s10207-019-00484-5

    Article  Google Scholar 

  28. Sanchez-Gomez J, Garcia-Carrillo D, Marin-Perez R, Skarmeta AF (2020) Secure authentication and credential establishment in narrowband IoT and 5G. Sensors (Basel) 20(3):882. https://doi.org/10.3390/s20030882

    Article  Google Scholar 

  29. Ferrag MA, Maglaras LA, Janicke H, Jiang J, Shu L (2017) Authentication protocols for Internet of Things: a comprehensive survey. Secur Commun Netw 2017:1–41

    Article  Google Scholar 

  30. Goworko M, Wytrębowicz J (2021) A secure communication system for constrained IoT devices—experiences and recommendations. Sensors 21:6906. https://doi.org/10.3390/s21206906

    Article  Google Scholar 

  31. Liu X, Zhao M, Li S, Zhang F, Trappe W (2017) A security framework for the Internet of Things in the future internet architecture. Future Internet 9(3):27

    Article  Google Scholar 

  32. Park N, Kang N (2016) Mutual authentication scheme in secure Internet of Things technology for comfortable lifestyle. Sensors 16(1):20

    Article  Google Scholar 

  33. Hammi MT, Livolant E, Bellot P, Serhrouchni A, Minet P (2017, October) A lightweight IoT security protocol. In: 2017 1st Cyber Security in Networking Conference (CSNet). IEEE, pp 1–8

  34. Bala DQ, Maity S, Jena SK (2017, May) Mutual authentication for IoT smart environment using certificate-less public key cryptography. In: 2017 Third International Conference on Sensing, Signal Processing and Security (ICSSS). IEEE, pp 29–34

  35. Rabiah AB, Ramakrishnan KK, Liri E, Kar K (2018, February) A lightweight authentication and key exchange protocol for IoT. In: Workshop on Decentralized IoT Security and Standards (DISS).

  36. Challa S, Wazid M, Das AK, Kumar N, Reddy AG, Yoon EJ, Yoo KY (2017) Secure signature-based authenticated key establishment scheme for future IoT applications. IEEE Access 5:3028–3043

    Article  Google Scholar 

  37. Kothmayr T, Schmitt C, Hu W, Brünig M, Carle G (2013) DTLS based security and two-way authentication for the Internet of Things. Ad Hoc Netw 11(8):2710–2723

    Article  Google Scholar 

  38. Edgar TW, Manz DO (2017) Research methods for cyber security. Syngress, Oxford

    Google Scholar 

  39. Gueron S (2013) AES-GCM for efficient authenticated encryption—ending the reign of HMAC-SHA-1. Real-World Cryptography. Retrieved 21 May 2019 from https://crypto.stanford.edu/RealWorldCrypto/slides/gueron.pdf

  40. Al-Haj A, Abandah G, Hussein N (2015) Crypto-based algorithms for secured medical image transmission. IET Inf Secur 9(6):365–373

    Article  Google Scholar 

  41. Koteshwara S, Das A (2017) Comparative study of Authenticated Encryption targeting lightweight IoT applications. IEEE Design Test 34(4):26–33

    Article  Google Scholar 

  42. Aghili SF, Ashouri-Talouki M, Mala HD (2018) impersonation and de-synchronization attacks against an ultra-lightweight RFID mutual authentication protocol for IoT. J Supercomput 74:509–525. https://doi.org/10.1007/s11227-017-2139-y

    Article  Google Scholar 

  43. Sadhukhan D, Ray S, Biswas GP, Khan MK, Dasgupta M (2021) A lightweight remote user authentication scheme for IoT communication using elliptic curve cryptography. J Supercomput 77(2):1114–1151

    Article  Google Scholar 

  44. Shuai M, Yu N, Wang H, Xiong L (2019) Anonymous authentication scheme for smart home environment with provable security. Comput Secur 86:132–146

    Article  Google Scholar 

  45. Dworkin M, Barker E, Nechvatal J, Foti J, Bassham L, Roback E, Dray J (2001) Advanced Encryption Standard (AES), Federal Information Processing Standards (NIST FIPS), National Institute of Standards and Technology, Gaithersburg, MD [online]. https://doi.org/10.6028/NIST.FIPS.197. Accessed 22 Feb 2022

  46. Rivest RL, Shamir A, Adleman LM (1978) A method for obtaining digital signature and public-key cryptosystems. Commun ACM 21(2):120–126

    Article  MathSciNet  Google Scholar 

  47. Bellare M, Canetti R, Krawczyk H (1996) Keying hash functions for message authentication. In: Koblitz N (ed) Advances in Cryptology, Proceedings Crypto ’96, LNCS 1109. Springer-Verlag, Berlin, pp 1–15

    Google Scholar 

  48. NSNAM. Network Simulator 3—NS3. (Online). https://www.nsnam.org/. Accessed 22 Feb 2022

  49. NS-3-Tutorial (2018) ns-3 tutorial, release ns-3.29. (Online). https://www.nsnam.org/docs/release/3.29/tutorial/ns-3-tutorial.pdf. Accessed 22 Feb 2022

  50. Metongnon L, Ezin EC, Sadre R (2017, May) Efficient probing of heterogeneous IoT networks. In: 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). IEEE, pp 1052–1058

  51. Crypto++ (2022). (Online). https://cryptopp.com/. Accessed 22 Feb 2022

  52. Nabil M, Bima M, Alsharif A, Johnson W, Gunukula S, Mahmoud M, Abdallah M (2019) Priority-based and privacy-preserving electric vehicle dynamic charging system with divisible e-payment. In: Rawat DB, Ghafoor KZ (eds) Smart cities cybersecurity and privacy. Elsevier, Amsterdam. https://doi.org/10.1016/B978-0-12-815032-0.00012-3

    Chapter  Google Scholar 

  53. Schmitt C, Kothmayr T, Hu W, Stiller B (2017) Two-way authentication for the internet-of-things. In: Acharjya D, Geetha M (eds) Internet of things: novel advances and envisioned applications. Springer, Cham, pp 27–56

    Chapter  Google Scholar 

  54. Christidis K, Devetsikiotis M (2016) Blockchains and smart contracts for the Internet of Things. IEEE Access 4:2292–2303

    Article  Google Scholar 

  55. Dorri A, Kanhere SS, Jurdak R, Gauravaram P (2017) LSB: a lightweight scalable blockchain for IoT security and privacy. arXiv preprint, arXiv:1712.02969

  56. Khan MA, Salah K (2018) IoT security: review, blockchain solutions, and open challenges. Futur Gener Comput Syst 82:395–411

    Article  Google Scholar 

  57. Wu L, Du X, Wang W, Lin B (2018, March). An out-of-band authentication scheme for Internet of Things using blockchain technology. In: 2018 International Conference on Computing, Networking and Communications (ICNC). IEEE, pp 769–773

  58. lakhan A, Mohammed MA, Ibrahim DA, Abdulkareem KH (2021) Bio-inspired robotics enabled schemes in blockchain-fog-cloud assisted IoMT environment. J King Saud Univ – Comput Inf Sci. https://doi.org/10.1016/j.jksuci.2021.11.009

    Article  Google Scholar 

  59. Lakhan A, Mohammed MA, Rashid AN, Kadry S, Panityakul T, Abdulkareem KH, Thinnukool O (2021) Smart-contract aware ethereum and client-fog-cloud healthcare system. Sensors 21:4093. https://doi.org/10.3390/s21124093

    Article  Google Scholar 

  60. Lakhan A, Mohammed MA, Kozlov S, Rodrigues JJPC (2021) Mobile-fog-cloud assisted deep reinforcement learning and blockchain-enable IoMT system for healthcare workflows. Trans Emerg Telecommun Technol. https://doi.org/10.1002/ett.4363

    Article  Google Scholar 

Download references

Funding

This research was not funded.

Author information

Authors and Affiliations

  1. Department of Computer Engineering, The King Abdullah II School of Engineering, Princess Sumaya University for Technology, Al-Jubeiha, P.O. BOX 1438, Amman, 11941, Jordan

    Islam Alshawish & Ali Al-Haj

Authors
  1. Islam Alshawish
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ali Al-Haj
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ali Al-Haj.

Ethics declarations

Conflict of interests

This article has no potential conflicts of interest.

Research involving human participants and/or animals

This article does not contain any studies with human participants or animals performed by any of the authors.

Informed consent

N/A.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Alshawish, I., Al-Haj, A. An efficient mutual authentication scheme for IoT systems. J Supercomput 78, 16056–16087 (2022). https://doi.org/10.1007/s11227-022-04520-5

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-022-04520-5

Keywords

Search

Navigation