Lightweight Authentication Scheme Research Articles

An Anonymous and Efficient Authentication Scheme with Conditional Privacy Preservation in Internet of Vehicles Networks

The Internet of Vehicles (IoV) is an emerging technology that enables vehicles to communicate with their surroundings, provide convenient services, and enhance transportation systems. However, IoV networks can be vulnerable to security attacks because vehicles communicate with other IoV components through an open wireless channel. The recent related work suggested a two-factor-based lightweight authentication scheme for IoV networks. Unfortunately, we prove that the related work cannot prevent various security attacks, such as insider and ephemeral secret leakage (ESL) attacks, and fails to ensure perfect forward secrecy. To address these security weaknesses, we propose an anonymous and efficient authentication scheme with conditional privacy-preserving capabilities in IoV networks. The proposed scheme can ensure robustness against various security attacks and provide essential security features. The proposed scheme ensures conditional privacy to revoke malicious behavior in IoV networks. Moreover, our scheme uses only one-way hash functions and XOR operations, which are low-cost cryptographic operations suitable for IoV. We also prove the security of our scheme using the “Burrows–Abadi–Needham (BAN) logic”, “Real-or-Random (ROR) model”, and “Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool”. We evaluate and compare the performance and security features of the proposed scheme with existing methods. Consequently, our scheme provides improved security and efficiency and is suitable for practical IoV networks.

Lightweight authentication scheme for edge control systems in Industrial Internet of Things

Lightweight authentication scheme for edge control systems in Industrial Internet of Things

ANEL: a novel efficient and lightweight authentication scheme for enhancing security in Vehicular Ad Hoc Networks (VANETs) using elliptic curve cryptography

Vehicular Ad-hoc Networks (VANETs) offer immense potential for revolutionizing modern transportation systems through real-time communication and interaction between vehicles and roadside infrastructure. These networks can significantly enhance traffic management, improve safety, and support various vehicular services. However, ensuring secure communication in VANETs remains a critical challenge due to the highly sensitive nature of the data exchanged, such as location and personal information. Current authentication schemes, including the ANEL scheme, exhibit vulnerabilities like data interception and tracking risks. In this paper, we propose a novel, efficient, and lightweight authentication scheme that leverages elliptic curve cryptography (ECC) and message mapping techniques to address these security issues. The proposed solution strengthens encryption, enhances privacy protection, and mitigates risks such as unauthorized access and man-in-the-middle attacks. Furthermore, the scheme offers scalability and distinguishes between regular and priority users, making it adaptable to various VANET applications. This approach significantly improves the overall security and privacy framework of VANET systems while ensuring the efficient use of computational resources in vehicular environments.

Lightweight Authentication Scheme Based on ECC for IoT

Lightweight Authentication Scheme Based on ECC for IoT

BeLAS: Blockchain-envisioned lightweight authentication scheme for securing eHealth records

BeLAS: Blockchain-envisioned lightweight authentication scheme for securing eHealth records

A Lightweight Authentication Scheme for LoRaWAN Nodes Represented as On-Chain Nonfungible Tokens

A Lightweight Authentication Scheme for LoRaWAN Nodes Represented as On-Chain Nonfungible Tokens

Toward designing a lightweight RFID authentication protocol for constrained environments

AbstractIn present times, Radio‐Frequency Identification (RFID) systems have seen a significant rise in their usage. There has been an increasing interest in developing even lighter RFID protocols suitable for resource‐constrained environments. Ensuring security and privacy remain critical challenges in RFID‐based systems. Recently proposed lightweight authentication schemes, namely LRSAS+ and LRARP+, are ideally suited for constrained devices. However, this article investigates these schemes and reveals certain vulnerabilities: LRSAS+ is susceptible to tag impersonation, desynchronization, and traceability attacks, while LRARP+ can fall prey to traceability and secret disclosure attacks. An enhanced version of these authentication systems is proposed that tackles their inherent weaknesses by leveraging the function. To verify the security of the proposed scheme, a formal analysis is conducted using Gong–Needham–Yahalom logic (GNY logic) and an automated security protocol verification tool, ProVerif. The improved scheme's effectiveness is also compared with multiple contemporary lightweight systems. The results indicate that the enhanced scheme not only meets the security requirements for lightweight authentication schemes but also achieves this with minimal computational overhead.

MAG-PUFs: Authenticating IoT devices via electromagnetic physical unclonable functions and deep learning

The challenge of authenticating Internet of Things (IoT) devices, particularly in low-cost deployments with constrained nodes that struggle with dynamic re-keying solutions, renders these devices susceptible to various attacks. This paper introduces a robust alternative mitigation strategy based on Physical-Layer Authentication (PLA), which leverages the intrinsic physical layer characteristics of IoT devices. These unique imperfections, stemming from the manufacturing process of IoT electronic integrated circuits (ICs), are difficult to replicate or falsify and vary with each function executed by the IoT device. We propose a novel lightweight authentication scheme, MAG-PUFs, that uses the unintentional Electromagnetic (EM) emissions from IoT devices as Physical Unclonable Functions (PUFs). MAG-PUFs operate by collecting these unintentional EM emissions during the execution of pre-defined reference functions by the IoT devices. The authentication is achieved by matching these emissions with profiles recorded at the time of enrollment, using state-of-the-art Deep Learning (DL) approaches such as Neural Networks (NN) and Autoencoders. Notably, MAG-PUFs offer compelling advantages: (i) it preserves privacy, as it does not require direct access to the IoT devices; and, (ii) it provides unique flexibility, permitting the selection of numerous and varied reference functions. We rigorously evaluated MAG-PUFs using 25 Arduino devices and a diverse set of 325 reference function classes. Employing a DL framework, we achieved a minimum authentication F1-Score of 0.99. Furthermore, the scheme’s efficacy in detecting impostor EM emissions was also affirmed, achieving a minimum F1-Score of 0.99. We also compared our solution to other solutions in the literature, showing its remarkable performance. Finally, we discussed code obfuscation techniques and the impact of Radio Frequency (RF) interference on the IoT authentication process.

Lightweight Privacy Preserving Scheme for IoT based Smart Home

Background: The Internet of Things (IoT) is the interconnection of physical devices, controllers, sensors and actuators that monitor and share data to another end. In a smart home network, users can remotely access and control home appliances/devices via wireless channels. Due to the increasing demand for smart IoT devices, secure communication also becomes the biggest challenge. Hence, a lightweight authentication scheme is required to secure these devices and maintain user privacy. The protocol proposed is secure against different kinds of attacks and as well as is efficient. Methods: The proposed protocol offers mutual authentication using shared session key establishment. The shared session key is established between the smart device and the home gateway, ensuring that the communication between the smart devices, home gateway, and the user is secure and no third party can access the information shared. Results: Informal and formal analysis of the proposed scheme is done using the AVISPA tool. Finally, the results of the proposed scheme also compare with existing security schemes in terms of computation and communication performance cost. The results show that the proposed scheme is more efficient and robust against different types of attacks than the existing protocols. Conclusion: In the upcoming years, there will be a dedicated network system built inside the home so that the user can have access to the home from anywhere. The proposed scheme offers secure communication between the user, the smart home, and different smart devices. The proposed protocol makes sure that security and privacy are maintained since the smart devices lack computation power which makes them vulnerable to different attacks.

“A lightweight authentication scheme for 6LoWPAN-based Internet-of -things”

ABSTRACT IPv6-based IoT networks, i.e. 6LoWPAN network, require authentication for security. The existing authentication schemes on symmetric-key based approaches for 6LoWPAN consume huge computational and processing overhead in the literature. In a large network, pre-deployment of the key leads to huge memory consumption due to storing many keys. Furthermore, in asymmetric key cryptography, operations with the public key are computationally expensive, which is unsuitable for resource-constrained devices. We proposed a lightweight key exchange and authentication scheme for 6LoWPAN to mutually authenticate the sensor nodes, the gateway, and the server with less computational overhead and without compromising any security credentials. The authentication scheme helps to generate a session key without storing any secrets in the 6LoWPAN devices. We utilized a one-way hash function and XOR operation to reduce overhead in multi-hop communication. The AVISPA verification tool and the formal verification show that the proposed method is resistant to well-known attacks. The proposed scheme outperforms relevant methods in computational overhead, communication cost, and computation time.

IoMT-BADT: A blockchain-envisioned secure architecture with a lightweight authentication scheme for the Digital Twin environment in the Internet of Medical Things

IoMT-BADT: A blockchain-envisioned secure architecture with a lightweight authentication scheme for the Digital Twin environment in the Internet of Medical Things

A Secure Authentication Protocol Supporting Efficient Handover for UAV

Unmanned Aerial Vehicles (UAVs) are increasingly pivotal in operations such as flood rescue, wildfire surveillance, and covert military endeavors, with their integration into the Internet of Things (IoT) networks broadening the scope of services they provide. Amidst this expansion, security concerns for UAVs have come to the forefront, particularly in open communication environments where they face authentication challenges and risks of sensitive data, including location information, being exposed to unauthorized parties. To address these issues, we propose a secure and lightweight authentication scheme that combines the use of anonymity mechanisms and Physical Unclonable Functions (PUFs). Specifically, we employ pseudo- and temporary identities to maintain the anonymity of UAVs, while also utilizing PUF technology to strengthen the security of Ground Station Servers (GSSs) against physical threats. Rigorous validation through ProVerif and the Random Oracle (ROR) Model indicates our scheme’s superior performance over existing protocols in terms of both efficiency and security.

Development of a provably secure and privacy-preserving lightweight authentication scheme for roaming services in global mobility network

The accelerated development of Internet of Things services surfaced the way for providing uninterrupted and adaptable smart mobility services for mobile clients to communicate without any zone or time constraints. The global mobility network is an appropriate contender to be adopted as a communication platform to offer roaming services for swift data exchange and fast movement of mobile users in smart mobility. Nevertheless, the confidentiality and secrecy of the exchanged messages have become major concerns due to the insecure nature of the public communication channel. Additionally, it is worth monitoring that enhanced security measures must not increase the burden on limited-powered, small computationally efficient mobile devices. To fulfill these purposes, multiple authentication and key agreement protocols in the context of roaming services have been proposed in recent days. This research demonstrates that most of the previous authentication schemes for the GLOMONET environment have failed to achieve the aforesaid secrecy goals. To satisfy the purposes, this article has proposed a mutual authentication and session key negotiation scheme for roaming services that resists all security susceptibilities and provides essential requirements like anonymity with minimized computation and communication overhead. To support our claim, the security of the proposed scheme is formally verified using the well-known random oracle model and aProVerif simulation tool. Moreover, the implementation of the protocol using the broadly acknowledged NS-2 simulation tool visualizes the practical efficiency of the protocol.

A provably secure and practical end-to-end authentication scheme for tactile Industrial Internet of Things

In the Industrial Internet of Things (IIoT), haptic control of machines or robots can be managed remotely. However, with the emergence of Tactile Industrial Internet of Things (TIIoT), the transmission of haptic data over public channels has raised security and privacy concerns. In such an environment, mutual authentication between haptic users and remotely controlled entities is crucial to prevent illegal control by adversaries. Therefore, we propose an end-to-end authentication scheme, SecTIIoT, to establish secure communication between haptic users and remote IoT devices. The scheme addresses security issues by using lightweight hash cryptographic primitives and employs a useful piggyback strategy to improve authentication efficiency. We demonstrate that SecTIIoT is resilient to various known attacks with formal security proofs and informal security analysis. Furthermore, our detailed performance analysis shows that SecTIIoT outperforms existing lightweight authentication schemes as it provides more security features while reducing computation and communication costs.

IoT cloud-based telecare medical healthcare system with lightweight authentication scheme

IoT cloud-based telecare medical healthcare system with lightweight authentication scheme

IoT Cloud-based Telecare Medical Healthcare System with Lightweight Authentication Scheme

IoT Cloud-based Telecare Medical Healthcare System with Lightweight Authentication Scheme

LA-IMDCN: A Lightweight Authentication Scheme With Smart Contract in Implantable Medical Device Communication Networks

LA-IMDCN: A Lightweight Authentication Scheme With Smart Contract in Implantable Medical Device Communication Networks

A Lightweight Authentication Scheme for Power IoT Based on PUF and Chebyshev Chaotic Map

A Lightweight Authentication Scheme for Power IoT Based on PUF and Chebyshev Chaotic Map

Provably Secure Lightweight Mutual Authentication and Key Agreement Scheme for Cloud-Based IoT Environments.

A paradigm that combines cloud computing and the Internet of Things (IoT) allows for more impressive services to be provided to users while addressing storage and computational resource issues in the IoT environments. This cloud-based IoT environment has been used in various industries, including public services, for quite some time, and has been researched in academia. However, various security issues can arise during the communication between IoT devices and cloud servers, because communication between devices occurs in open channels. Moreover, issues such as theft of a user's IoT device or extraction of key parameters from the user's device in a remote location can arise. Researchers interested in these issues have proposed lightweight mutual authentication key agreement protocols that are safe and suitable for IoT environments. Recently, a lightweight authentication scheme between IoT devices and cloud servers has been presented. However, we found out their scheme had various security vulnerabilities, vulnerable to insider, impersonation, verification table leakage, and privileged insider attacks, and did not provide users with untraceability. To address these flaws, we propose a provably secure lightweight authentication scheme. The proposed scheme uses the user's biometric information and the cloud server's secret key to prevent the exposure of key parameters. Additionally, it ensures low computational costs for providing users with real-time and fast services using only exclusive OR operations and hash functions in the IoT environments. To analyze the safety of the proposed scheme, we use informal security analysis, Burrows-Abadi-Needham (BAN) logic and a Real-or-Random (RoR) model. The analysis results confirm that our scheme is secure against insider attacks, impersonation attacks, stolen verifier attacks, and so on; furthermore, it provides additional security elements. Simultaneously, it has been verified to possess enhanced communication costs, and total bit size has been shortened to 3776 bits, which is improved by almost 6% compared to Wu et al.'s scheme. Therefore, we demonstrate that the proposed scheme is suitable for cloud-based IoT environments.

An efficient lightweight authentication scheme for dew‐assisted IoT networks

SummaryThe dew computing is currently considered as one of the promising technology, due to its ability to give data access in the absence of internet. However, dew computing also brings new challenges, particularly security and privacy issues. In dew computing paradigm, authentication and key agreement pose substantial challenges that must be taken into account. In this context, the present work is to provide a secure authentication scheme for Internet of Things and dew server based on elliptic curve cryptography. Moreover, the performance evaluation of proposed scheme has been assessed in terms of communication and computation cost, which shows the proposed scheme outperforms than existing related schemes. The proposed scheme has also been compared with the related schemes in terms of various security features such as location privacy, anonymity, forward secrecy, mutual authentication, key agreement, forgery attack, replay attack, denial of service attack and replay attack. Furthermore, the formal security evaluation has been verified by automated validation internet security protocols and applications (AVISPA) under on‐the‐fly model‐checker (OFMC) and constraint logic based attack searcher (CL‐AtSE) backends. The OFMC backend analyzed 228 visited nodes with four plies using search time of 0.24 s. The CL‐AtSE analyzed three states with translation time of 0.12 s. The OFMC and CL‐AtSE backends have not identified any attack trace. Therefore, the simulation results demonstrate that the proposed scheme is safe against the security threats.