RESEARCH ARTICLE
Continuous lightweight authentication according group priority and key agreement for Internet of Things
Reza Sarabi Miyanaji,
Sam Jabbehdari,
Nasser Modiri,
Reza Sarabi Miyanaji
Department of Computer Engineering, North Tehran Branch, Islamic Azad University, Tehran, Iran
Search for more papers by this authorCorresponding Author
Sam Jabbehdari
Department of Computer Engineering, North Tehran Branch, Islamic Azad University, Tehran, Iran
Correspondence
Sam Jabbehdari, Department of Computer Engineering, North Tehran Branch, Islamic Azad University, Tehran, Iran.
Email: [email protected]
Search for more papers by this authorNasser Modiri
Department of Computer Engineering, Zanjan Branch, Islamic Azad University, Zanjan, Iran
Search for more papers by this authorReza Sarabi Miyanaji,
Sam Jabbehdari,
Nasser Modiri,
Reza Sarabi Miyanaji
Department of Computer Engineering, North Tehran Branch, Islamic Azad University, Tehran, Iran
Search for more papers by this authorCorresponding Author
Sam Jabbehdari
Department of Computer Engineering, North Tehran Branch, Islamic Azad University, Tehran, Iran
Correspondence
Sam Jabbehdari, Department of Computer Engineering, North Tehran Branch, Islamic Azad University, Tehran, Iran.
Email: [email protected]
Search for more papers by this authorNasser Modiri
Department of Computer Engineering, Zanjan Branch, Islamic Azad University, Zanjan, Iran
Search for more papers by this authorFirst published: 08 March 2022
Abstract
In the IoT, authentication is challenged by the limited resources of devices. Most existing continuous authentications require plenty of memory and computing. Also, the time interval between static authentications is fixed, and no attention is paid to the importance of their traffic. Therefore, in this article, we propose a lightweight protocol for mutual authentication between nodes and servers in IoT. To this aim, the nodes have been divided into three priority groups, and for the high priority group, a longer time interval is considered. Each group node at the beginning of the time interval performs static authentication and generates tokens. Continuous authentication is performed until the end of the time interval using this token. High-priority nodes also perform more continuous authentication instead of static authentication. The proposed method provides privacy-preserving through node anonymity, forward secrecy without using asynchronous encryption, key agreement. It is resistant to eavesdropping, replay, server spoofing, and impersonation attacks. Also, the proposed method has been verified using BAN logic and AVISPA tools. The computation time of the node and server in authentication has been decreased by 16.8% and 8.7%, respectively, compared with reviewing protocols, and the communication cost is 1902 bits.
CONFLICT OF INTEREST
The present article has no financial sponsor and there is no disagreement among the authors, therefore there is no conflict of interest.
Open Research
DATA AVAILABILITY STATEMENT
Research data are not shared.
REFERENCES
- 1Megas K, Piccarreta B, O'Rourke DG. Internet of things (IoT) Cybersecurity Colloquium: A NIST Workshop Proceedings. NISTIR 8201, 2017, [Online]. https://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8201.pdf
- 2Li N, Liu D, Nepal S. Lightweight mutual authentication for IoT and its applications. IEEE Trans Sustain Comput. 2017; 2: 359-370.
10.1109/TSUSC.2017.2716953 Google Scholar
- 3Perera C, Liu CH, Jayawardena S. The emerging internet of things marketplace from an industrial perspective: a survey. IEEE Trans Emerg Top Comput. 2015; 3(4): 585-598. doi:10.1109/TETC.2015.2390034
- 4Coetzee L, Eksteen J. The Internet of Things - promise for the future? An introduction. Proceedings of the 2011 IST-Africa Conference; 2011:1-9; IEEE, Gaborone, Botswana.
- 5Shivraj V, Rajan M, Singh M, Balamuralidhar P. One time password authentication scheme based on elliptic curves for Internet of Things (IoT). Proceedings of the 2015 5th National Symposium on Information Technology: Towards New Smart World (NSITNSW), Riyadh, Saudi Arabia; 2015:1-6.
- 6Ammar M, Russello G, Crispo B. Internet of things: a survey on the security of IoT frameworks. J Inf Secur Appl. 2018; 38: 8-27. doi:10.1016/j.jisa.2017.11.002
- 7Li J, Qu Y, Chao F, Shum HPH, Ho ESL, Yang L. Machine learning algorithms for network intrusion detection. In: LF Sikos, ed. BT - AI in Cybersecurity. Cham: Springer International Publishing; 2019: 151-179.
10.1007/978-3-319-98842-9_6 Google Scholar
- 8Mahmoud R, Yousuf T, Aloul F, Zualkernan I. Internet of Things (IoT) security: current status, challenges and prospective measures. Proceedings of the 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST), London, UK; 2015:336-341.
- 9Zhu F, Li P, Xu H, Wang R. A novel lightweight authentication scheme for rfid-based healthcare systems. Sensors (Switzerland). 2020; 20(17): 1-22. doi:10.3390/s20174846
- 10Oh J, Yu S, Lee J, Son S, Kim M, Park Y. A secure and lightweight authentication protocol for iot-based smart homes. Sensors. 2021; 21(4): 1-24. doi:10.3390/s21041488
- 11Tahir M, Sardaraz M, Muhammad S, Saud Khan M. A lightweight authentication and authorization framework for Blockchain-enabled IoT network in health-informatics. Sustainability. 2020; 12(17): 1–12. doi:10.3390/su12176960
- 12Abomhara M, Køien GM. Security and privacy in the Internet of Things: current status and open issues. Proceedings of the 2014 International Conference on Privacy and Security in Mobile Systems, Aalborg, Denmark; 2014:1-8.
- 13Alqassem I, Svetinovic D. A taxonomy of security and privacy requirements for the internet of things (IoT). Proceedings of the 2014 IEEE International Conference on Industrial Engineering and Engineering Management; 2014:1244-1248; IEEE, Selangor, Malaysia.
- 14Faraji-Mehmandar M, Jabbehdari S, Javadi HHS. A proactive fog service provisioning framework for internet of things applications: an autonomic approach. Trans Emerg Telecommun Technol. 2021; 32:e4342. doi:10.1002/ett.4342
- 15Masud M, Gaba GS, Choudhary K, Hossain MS, Alhamid MF, Muhammad G. Lightweight and anonymity-preserving user authentication scheme for IoT-based healthcare. IEEE Internet Things J. 2021; 9: 2649-2656. doi:10.1109/JIOT.2021.3080461
- 16Kumar P, Chouhan L. A secure authentication scheme for IoT application in smart home. Peer-to-Peer Netw Appl. 2021; 14(1): 420-438. doi:10.1007/s12083-020-00973-8
- 17Chuang Y-H, Lo N-W, Yang C-Y, Tang S-W. A lightweight continuous authentication protocol for the internet of things. MDPI. 2018; 18: 1-26. doi:10.3390/s18041104
- 18Aziz MF, Khan AN, Shuja J, Khan IA, Khan FG, Khan A. A lightweight and compromise-resilient authentication scheme for IoTs. Trans Emerg Telecommun Technol. 2019: 1–17. doi:10.1002/ett.3813
- 19Traore I, Woungang I, Nakkabi Y, Obaidat MS, Ahmed AAE, Khalilian B. Dynamic sample size detection in learning command line sequence for continuous authentication. IEEE Trans Syst Man, Cybern B Cybern Publ IEEE Syst Man Cybern Soc. 2012; 42(5): 1343-1356. doi:10.1109/TSMCB.2012.2191403
- 20Mondal S, Bours P. Continuous authentication in a real world settings. Proceedings of the 2015 8th International Conference on Advances in Pattern Recognition (ICAPR); 2015:1-6; IEEE, Kolkata, India.
- 21Buduru AB, Yau SS. An effective approach to continuous user authentication for touch screen smart devices. Proceedings of the 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS; September 2015:219-226, Vancouver, BC, Canada, doi: 10.1109/QRS.2015.40
- 22Mondal S, Bours P. Continuous authentication and identification for mobile devices: combining security and forensics. Proceedings of the 2015 IEEE International Workshop on Information Forensics and Security (WIFS); 2015:1-6; IEEE, Rome, Italy.
- 23Brocardo ML, Traore I, Woungang I. Toward a framework for continuous authentication using stylometry. Proceedings of the 2014 IEEE 28th International Conference on Advanced Information Networking and Applications; 2014:106-115; IEEE, Victoria, BC, Canada.
- 24Shen C, Cai Z, Guan X. Continuous authentication for mouse dynamics: a pattern-growth approach. Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012); 2012:1-12; IEEE, Boston, MA, USA.
- 25Adeel A, Ali M, Khan AN, et al. A multi-attack resilient lightweight IoT authentication scheme. Trans Emerg Telecommun Technol. 2019; 1–15. doi:10.1002/ett.3676
- 26Mehmandar M, Jabbehdari S, Javadi HHS. A dynamic fog service provisioning approach for IoT applications. Int J Commun Syst. 2020; 33: Jul. doi:10.1002/dac.4541
- 27Jan MA, Khan F, Alam M, Usman M. A payload-based mutual authentication scheme for internet of things. Futur Gener Comput Syst. 2019; 92: 1028-1039. doi:10.1016/j.future.2017.08.035
- 28Bamasag OO, Arabia S. Towards continuous authentication in internet of things based on secret sharing scheme. Proceedings of the WESS'15: Workshop on Embedded Systems Security; 2015:1-8, Amsterdam, Netherlands. doi: 10.1145/2818362.2818363
- 29Kumar P, Chouhan L. Design of secure session key using unique addressing and identification scheme for smart home internet of things network. Trans Emerg Telecommun Technol. 2020; 32: 1–21. doi:10.1002/ett.3993
- 30Shimshon T, Moskovitch R, Rokach L, Elovici Y. Continuous verification using keystroke dynamics. Proceedings of the 2010 International Conference on Computational Intelligence and Security; 2010:411-415, Nanning, China.
- 31Niinuma K, Park U, Jain AK. Soft biometric traits for continuous user authentication. IEEE Trans Inf Forens Secur. 2010; 5(4): 771-780.
- 32Mock K, Weaver J, Milton M. Poster: real-time continuous iris recognition for authentication using an eye tracker; 2012:1007-1009.
- 33Kothmayr T, Schmitt C, Hu W, Brünig M, Carle G. DTLS based security and two-way authentication for the internet of things. Ad Hoc Netw. 2013; 11(8): 2710-2723. doi:10.1016/j.adhoc.2013.05.003
- 34“Rescorla E, Modadugu N. Datagram transport layer security version 1.2. RFC 6347, Internet Engineering Task Force (IETF); 2012.
- 35Bailey KO, Okolica JS, Peterson GL. User identification and authentication using multi-modal behavioral biometrics. Comput Secur. 2014; 43: 77-89. doi:10.1016/j.cose.2014.03.005
- 36Porambage P, Schmitt C, Kumar P, Gurtov A, Ylianttila M. Two-phase authentication protocol for wireless sensor networks in distributed IoT applications. Proceedings of the 2014 IEEE Wireless Communications and Networking Conference (WCNC); 2014:2728-2733; Istanbul, Turkey.
- 37Mahalle PN, Prasad NR, Prasad R. Threshold Cryptography-based Group Authentication (TCGA) scheme for the Internet of Things (IoT). Proceedings of the 4th International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems (VITAE); 2014:1-5; Aalborg, Denmark. doi: 10.1109/VITAE.2014.6934425
- 38Gope P, Hwang T. Untraceable sensor movement in distributed IoT infrastructure. IEEE Sens J. 2015; 15(9): 5340-5348.
- 39Khemissa H, Tandjaoui D. A lightweight authentication scheme for e-health applications in the context of Internet of Things. Proceedings of the 2015 9th International Conference on Next Generation Mobile Applications Services and Technology; 2015:90-95; Cambridge, UK.
- 40Khemissa H, Tandjaoui D. A novel lightweight authentication scheme for heterogeneous wireless sensor networks in the context of Internet of Things. Proceedings of the 2016 Wireless Telecommunications Symposium; 2016:1-6; London, UK.
- 41Hamada M, Kumari S, Kumar A. Secure anonymous mutual authentication for star two-tier wireless body area networks. Comput Methods Programs Biomed. 2016; 135(July): 37-50. doi:10.1016/j.cmpb.2016.07.022
- 42Peng G, Zhou G, Nguyen DT, Qi X, Yang Q, Wang S. Continuous authentication with touch behavioral biometrics and voice on wearable glasses. IEEE Trans Human-Mach Syst. 2017; 47(3): 404-416.
- 43Kawamoto Y, Nishiyama H, Kato N, Shimizu Y, Takahara A, Jiang T. Effectively collecting data for the location-based authentication in internet of things. IEEE Syst J. 2017; 11(3): 1403-1411.
- 44Durairaj M, Muthuramalingam K. A new authentication scheme with elliptical curve cryptography for internet of things (IoT) environments. Int J Eng Technol. 2018; 7(2): 119. doi:10.14419/ijet.v7i2.26.14364
10.14419/ijet.v7i2.26.14364 Google Scholar
- 45Hammi MT, Hammi B, Bellot P, Serhrouchni A. Bubbles of trust: a decentralized blockchain-based authentication system for IoT. Comput Secur. 2018; 78: 126-142. doi:10.1016/j.cose.2018.06.004
- 46Chen C, Xiang B, Wu T, Wang K. An anonymous mutual authenticated key agreement scheme for wearable sensors in wireless body area networks. Appl Sci. 2018; 8(7): 1074. doi:10.3390/app8071074
- 47Sharma G, Kalra S. A lightweight user authentication scheme for cloud-IoT based healthcare services. Iran J Sci Technol Trans Electr Eng. 2019; 43: 619-636. doi:10.1007/s40998-018-0146-5
- 48Shuai M, Yu N, Wang H, Xiong L. Anonymous authentication scheme for smart home environment with provable security. Comput Secur. 2019; 86: 132-146. doi:10.1016/j.cose.2019.06.002
- 49Xu Z, Xu C, Liang W, Xu J, Chen H. A lightweight mutual authentication and key agreement scheme for medical internet of things. IEEE Access. 2019; 7: 53922-53931. doi:10.1109/ACCESS.2019.2912870
- 50Banerjee S, Odelu V, Das AK, Chattopadhyay S, Park Y. An efficient, anonymous and robust authentication scheme for smart home environments. Sensors (Switzerland). 2020; 20(4): 1215–1233. doi:10.3390/s20041215
- 51Xiang A, Zheng J. A situation-aware scheme for efficient device authentication in smart grid-enabled home area networks. Electronics. 2020; 9(6): 989–1005. doi:10.3390/electronics9060989
- 52Kumar P, Chouhan L. A privacy and session key based authentication scheme for medical IoT networks. Comput Commun. 2021; 166: 154-164. doi:10.1016/j.comcom.2020.11.017
- 53Dolev D, Yao A. On the security of public key protocols. IEEE Trans Inf Theory. 1983; 29(2): 198-208.
- 54Armando A, Basin D, Boichut Y, Chevalier Y, Compagna L. The AVISPA Tool for the automated validation of internet security protocols and applications. Proceedings of the International Conference on Computer Aided Verification; 2005:281-285; Springer, Berlin, Heidelberg.
- 55Amin R, Biswas GP. A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Netw. 2016; 36: 58-80. doi:10.1016/j.adhoc.2015.05.020
