Continuous lightweight authentication according group priority and key agreement for Internet of Things

Abstract

AbstractIn the IoT, authentication is challenged by the limited resources of devices. Most existing continuous authentications require plenty of memory and computing. Also, the time interval between static authentications is fixed, and no attention is paid to the importance of their traffic. Therefore, in this article, we propose a lightweight protocol for mutual authentication between nodes and servers in IoT. To this aim, the nodes have been divided into three priority groups, and for the high priority group, a longer time interval is considered. Each group node at the beginning of the time interval performs static authentication and generates tokens. Continuous authentication is performed until the end of the time interval using this token. High‐priority nodes also perform more continuous authentication instead of static authentication. The proposed method provides privacy‐preserving through node anonymity, forward secrecy without using asynchronous encryption, key agreement. It is resistant to eavesdropping, replay, server spoofing, and impersonation attacks. Also, the proposed method has been verified using BAN logic and AVISPA tools. The computation time of the node and server in authentication has been decreased by 16.8% and 8.7%, respectively, compared with reviewing protocols, and the communication cost is 1902 bits.