Lightweight Mutual Authentication for IoT and Its Applications

Abstract

The Internet of Things (IoT) provides transparent and seamless incorporation of heterogeneous and different end systems. It has been widely used in many applications including smart cities such as public water system, power grid, water management, and vehicle traffic control system. In these smart city applications, a large number of IoT devices are deployed that can sense, communicate, compute, and potentially actuate. The uninterrupted and accurate functioning of these devices are critical to smart city applications as crucial decisions will be made based on the data received. One of the challenging tasks is to assure the authenticity of the devices so that we can rely on the decision making process with a very high confidence. One of the characteristics of IoT devices deployed in such applications is that they have limited battery power. A challenge is to design a secure mutual authentication protocol which is affordable to resource constrained devices. In this paper, we propose a lightweight mutual authentication protocol based on a novel public key encryption scheme for smart city applications. The proposed protocol takes a balance between the efficiency and communication cost without sacrificing the security. We evaluate the performance of our protocol in software and hardware environments. On the same security level, our protocol performance is significantly better than existing RSA and ECC based protocols. We also provide security analysis of the proposed encryption scheme and the mutual authentication protocol.