Lightweight Authentication for IOT Edge Devices

Authors

  • Imane Zerraza

DOI:

https://doi.org/10.31449/inf.v48i18.6012

Abstract

The advent of Internet of Things (IoT) technology has brought considerable advantages to both personal and professional realms. However, the integration of IoT devices into diverse systems has underscored the pressing issue of security. Safeguarding data confidentiality in IoT systems necessitates the implementation of robust security measures, including encryption, authentication, and access control mechanisms. When effectively employed, these measures pave the way for the development of an efficient and secure IoT system, offering substantial benefits to end-users. This paper introduces a lightweight authentication solution tailored for IoT edge devices. Specifically designed for the edge network's large-scale nodes, our proposed solution optimally transmits information under limited bandwidth using lightweight symmetric cryptography, leveraging the chacha20 algorithm for session key establishment. Rigorous protocol correctness analysis using the Scyther tool confirms the superiority of our proposed protocol over alternative approaches, particularly in terms of communication and time costs.

References

J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of Things (IoT): A vision, architectural elements, and future directions,” Future Generation Computer Systems, vol. 29, no. 7, pp. 1645–1660, Sep. 2013, doi: https://doi.org/10.1016/j.future.2013.01.010.

E. Fazeldehkordi and T.-M. Grønli, “A Survey of Security Architectures for Edge Computing-Based IoT,” IoT, vol. 3, no. 3, pp. 332–365, Jun. 2022, doi: https://doi.org/10.3390/iot3030019.

M. binti Mohamad Noor and W. H. Hassan, “Current research on Internet of Things (IoT) security: A survey,” Computer Networks, vol. 148, pp. 283–294, Jan. 2019, doi: https://doi.org/10.1016/j.comnet.2018.11.025.

H. A. Khattak, M. A. Shah, S. Khan, I. Ali, and M. Imran, “Perception layer security in Internet of Things,” Future Generation Computer Systems, vol. 100, pp. 144–164, Nov. 2019, doi: https://doi.org/10.1016/j.future.2019.04.038.

Deogirikar, J., Vidhate, A ,”Security attacks in IoT: A survey”. In 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC), 2017, February, (pp. 32-37). IEEE.

A. Mosenia and N. K. Jha, “A Comprehensive Study of Security of Internet-of-Things,” IEEE Transactions on Emerging Topics in Computing, vol. 5, no. 4, pp. 586–602, Oct. 2017, doi: https://doi.org/10.1109/tetc.2016.2606384.

P. Kumar and L. Chouhan, “A secure authentication scheme for IoT application in smart home,” Peer-to-Peer Networking and Applications, vol. 14, no. 1, pp. 420–438, Aug. 2020, doi: https://doi.org/10.1007/s12083-020-00973-8.

F. Wu, X. Li, L. Xu, S. Kumari, M. Karuppiah, and J. Shen, “A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server,” Computers & Electrical Engineering, vol. 63, pp. 168–181, Oct. 2017, doi: https://doi.org/10.1016/j.compeleceng.2017.04.012.

U. Khalid, M. Asim, T. Baker, P. C. K. Hung, M. A. Tariq, and L. Rafferty, “A decentralized lightweight blockchain-based authentication mechanism for IoT systems,” Cluster Computing, Feb. 2020, doi: https://doi.org/10.1007/s10586-020-03058-6.

Santoso, F. K., Vun, N. C. “Securing IoT for smart home system”. In 2015 international symposium on consumer electronics (ISCE) 2015, June, (pp. 1-2). IEEE.

N. Li, D. Liu, and S. Nepal, “Lightweight Mutual Authentication for IoT and Its Applications,” IEEE Transactions on Sustainable Computing, vol. 2, no. 4, pp. 359–370, Oct. 2017, doi: https://doi.org/10.1109/TSUSC.2017.2716953.

Rachini, A. S., & Khatoun, R. (2020, February). Distributed Key Management Authentication algorithm in Internet of Things (IOT). In 2020 Sixth International Conference on Mobile And Secure Services (MobiSecServ) (pp. 1-5). IEEE.

L. Kong et al., “Edge-Computing-Driven Internet of Things: A Survey,” ACM Computing Surveys, Aug. 2022, doi: https://doi.org/10.1145/3555308.

Shah, T., Venkatesan, S.,”Authentication of IoT device and IoT server using secure vaults”. In 2018 17th IEEE international conference on trust, security and privacy in computing and communications/12th IEEE international conference on big data science and engineering (TrustCom/BigDataSE) (2018, August), (pp. 819-824). IEEE.

KF, M. A., Ganesan, V., Bodduna, R., & Rebeiro, C. PARAM: A microprocessor hardened for power side-channel attack resistance. In 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) , (2020, December) (pp. 23-34). IEEE

Christodorescu, M., Gaddam, S., Mukherjee, P., & Sinha, R. (2021, November). Amortized threshold symmetric-key encryption. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (pp. 2758-2779).

https://people.cispa.io/cas.cremers/scyther/

A. Shahidinejad, M. Ghobaei-Arani, A. Souri, M. Shojafar, and S. Kumari, “Light-Edge: A Lightweight Authentication Protocol for IoT Devices in an Edge-Cloud Environment,” IEEE Consumer Electronics Magazine, pp. 1–1, 2021, doi: https://doi.org/10.1109/mce.2021.3053543.

C.-M. Chen, L. Chen, Y. Huang, S. Kumar, and J. M.-T. Wu, “Lightweight authentication protocol in edge-based smart grid environment,” EURASIP Journal on Wireless Communications and Networking, Mar. 2021, doi: https://doi.org/10.1186/s13638-021-01930-6

Downloads

Published

2024-11-08

How to Cite

Zerraza, I. (2024). Lightweight Authentication for IOT Edge Devices. Informatica, 48(18). https://doi.org/10.31449/inf.v48i18.6012

Issue

Vol. 48 No. 18 (2024): Online-only issue

Section

Online-only

License

I assign to Informatica, An International Journal of Computing and Informatics ("Journal") the copyright in the manuscript identified above and any additional material (figures, tables, illustrations, software or other information intended for publication) submitted as part of or as a supplement to the manuscript ("Paper") in all forms and media throughout the world, in all languages, for the full term of copyright, effective when and if the article is accepted for publication. This transfer includes the right to reproduce and/or to distribute the Paper to other journals or digital libraries in electronic and online forms and systems.

I understand that I retain the rights to use the pre-prints, off-prints, accepted manuscript and published journal Paper for personal use, scholarly purposes and internal institutional use.

In certain cases, I can ask for retaining the publishing rights of the Paper. The Journal can permit or deny the request for publishing rights, to which I fully agree.

I declare that the submitted Paper is original, has been written by the stated authors and has not been published elsewhere nor is currently being considered for publication by any other journal and will not be submitted for such review while under review by this Journal.  The Paper contains no material that violates proprietary rights of any other person or entity. I have obtained written permission from copyright owners for any excerpts from copyrighted works that are included and have credited the sources in my article. I have informed the co-author(s) of the terms of this publishing agreement.


Copyright ©  Slovenian Society Informatika