LDA-2IoT: A level dependent authentication using two factor for IoT paradigm

Abstract

The widespread expansion of IoT-based services is transforming people’s living habits. With the vast data generation and intelligent decision making system, IoT supports many industries to improve their quality of services. The major challenge for IoT developers is to design a secure data transmission system and a trustworthy inter-device and user-device communication system. The data starts its journey from the sensing devices and reaches the user dashboard via a different medium. An authentication among IoT devices provides a reliable and lightweight key generation system. This paper puts forward a novel authentication approach for the IoT paradigm and postulates an ECC-based two-factor Level Dependent Authentication for Generic IoT (LDA-2IoT) in which users at a particular level in the hierarchy can access the sensors deployed below or at the equal level of the hierarchy. Security analysis is given based on the Dolev–Yao channel and widely accepted random oracle-based ROR model. A real-time implementation of the proposed scheme with MQTT protocol over a lab IoT environment shows that it is highly efficient in terms of network throughput, computation cost, and communication cost compared to existing schemes.