Abstract
Wireless network devices are used for the Internet of Things in a variety of applications, and although the IoT has many benefits, there are some security issues in this area. Hacking tools that are widely used in wireless communication enable the attacker to export the information stored in the device memory. Devices within the IoT should not allow this information to be accessed without an authentication. In this paper, we propose an efficient device authentication protocol without certification authority for the Internet of Things. Compared to the existing Constrained Application Protocol, the proposed protocol increases efficiency by minimizing the number of message exchanges. Since our protocol is based on a keyed hash algorithm, the Certificate of Authority is not required. Experimental results show that the proposed authentication protocol improves the security level and reduces the resource consumption of devices.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Khan, B. H. (2000). A framework for web-based learning. Englewood Cliffs, NJ: Educational Technology Publications.
Zhou, H. (2010). Web 4.0: The “Chinese Style” definition of Internet of Things [Z/OL]. http://www.wlw.gov.cn/zxzx/wldt/594260.
Jacobs, I. S., & Bean, C. P. (1963). Fine particles, thin films and exchange anisotropy. In G. T. Rado & H. Suhl (Eds.), Magnetism (Vol. III, pp. 271–350). New York: Academic.
Park, J., & Kang, N. (2014). Lightweight secure communication for CoAP-enabled internet of things using delegated DTLS handshake. In International conference on information and communication technology convergence (ICTC) (pp. 28–33).
Nicole, R. (1987). Title of paper with only first word capitalized. J. Name Stand. Abbrev, 740–741.
Guo, J., Peyrin, T., Poschmann, A., & Robshaw, M. (2011). The LED block cipher. In Cryptographic hardware and embedded systems CHES 2011, LNCS (Vol. 6917/2011, pp. 326–341). Springer.
Merkle, R. C. (1989). A certified digital signature. In CRYPTO, volume 435 of lecture notes in computer science (pp. 218–238).
Lipmaa, H. (2002). On optimal hash tree traversal for interval timestamping. In Proceedings of information security conference.
Klintsevich, E., Okeya, K., Vuillaume, C., Buchmann, J., & Dahmen, E. (2007). Merkle signatures with virtually unlimited signature capacity. In 5th international conference on applied cryptography and network security—ACNS07.
Brachmann, M., Keoh, S. L., Morchon, O., & Kumar, S. (2012). End-to-end transport security in the ip-based internet of things. In Proceedings of the 21st international conference on computer communications and networks (ICCCN) (pp. 1–5).
Raza, S., Trabalza, D., & Voigt, T. (2012). 6LoWPAN compressed DTLS for CoAP. In Proceedings of 8th IEEE conference on distributed computing in sensor systems (DCOSS) (pp. 287–289).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Jang, S., Lim, D., Kang, J. et al. An Efficient Device Authentication Protocol Without Certification Authority for Internet of Things. Wireless Pers Commun 91, 1681–1695 (2016). https://doi.org/10.1007/s11277-016-3355-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-016-3355-0