A Trustworthy, Reliable, and Lightweight Privacy and Data Integrity Approach for the Internet of Things

Abstract

Data integrity and authenticity are among the key challenges faced by the interacting devices of Internet of Things (IoT). The resource-constrained nature of sensor-embedded devices makes it even more difficult to design lightweight security schemes for these networks. In view of limited resources of the IoT devices, this article proposes a lightweight and trustworthy device-to-server mutual authentication scheme for edge-enabled IoT networks. Initially, a trusted authority generates and assigns identities (IDs) and mask them to servers and clients, also known as member devices, in an offline phase. These IDs are utilized to prevent possible infiltration of the adversary device(s). Next, every device ensures the authenticity of requesting devices using a sophisticated challenge, which is encrypted using a 128-b secret key, <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$\lambda _{i}$</tex-math></inline-formula> . Each device expects a reply from the intended destination device for resolving the encrypted challenge within the defined timeframe, <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$i.e., \bigtriangleup T$</tex-math></inline-formula> . Moreover, authenticity of the requesting device is verified through the stored IDs, which are shared in the offline phase. Simulation results have verified the exceptional performance of the proposed authentication scheme against field proven approaches in terms of computational and communication costs.