Skip to main content
SpringerLink
Log in

Lightweight multi-factor mutual authentication protocol for IoT devices

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

The Internet-of-Things (IoT), which refers to the interconnection of heterogeneous devices, has gained a lot of interest lately, and it witnessed a large growth in the number of IoT devices due to the importance of such systems in today’s communication networks. On the other hand, the authentication of entities (devices) is a major concern and a main security challenge in IoT systems since any weakness in the identification or authentication process will allow a compromised entity to establish communication, inject false data and launch dangerous attacks leading to system malfunction. Currently, most IoT authentication mechanisms are based on single-factor cryptographic solutions. These techniques are not practical for IoT devices that have limited computational capabilities. In this paper, we propose a lightweight and secure multi-factor device authentication protocol for IoT devices. The scheme is based on two concepts, configurable physical unclonable functions (PUF) within IoT devices, and channel-based parameters. It uses few and simple cryptographic operations such as the bit-wise exclusive-OR operation and a one-way hash function. The unique PUF value serves as the mutual secret identifier between a pair of users, which frequently changes for every session. Moreover, the proposed protocol exploits the random channel characteristics to provide high robustness against different kinds of attacks, while maintaining low complexity. To the best of the authors’ knowledge, this is the first work that combines physical layer security with PUFs to authenticate communicating devices, dynamically. Security and performance analysis prove the security and efficiency of the proposed protocol, which is designed with minimum overhead in terms of computations and communication costs.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Aman, M., Chua, K., Sikdarb, B.: A lightweight mutual authentication protocol for IoT systems. In: Proceeding of IEEE Global Communications Conference (GLOBECOM), pp. 1–6. IEEE (2017)

  2. Barbareschi, M., Bagnasco, P., Mazzeo, A.: Authenticating IOT devices with physically unclonable functions models. In: IEEE Proceeding of International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), pp. 563–567. IEEE (2015)

  3. Granjal, J., Jorge, M., Monteiro, E., Silva, J.: Security for the internet of things: a survey of existing protocols and open research issues. IEEE Commun. Surv. Tutor 17(3), 1294–1312 (2015)

    Article  Google Scholar 

  4. Zamfir, S., et al.: A security analysis on standard IoT protocols. In: IEEE Proceeding of International Conference on Applied and Theoretical Electricity (ICATE), pp. 1–6. IEEE (2016)

  5. Bauer, T., Hamlet, J.: Physical unclonable functions: a primer. IEEE Secur. Priv. 6, 97–101 (2014)

    Article  Google Scholar 

  6. Aman, M., Chua, K., Sikdar, B.: Secure data provenance for the internet of things. In: Proceedings of the 3rd ACM International Workshop on IoT Privacy, Trust, and Security, pp. 11–14. ACM (2017)

  7. Wallrabenstein, J.: Practical and secure IoT device authentication using physical unclonable functions. In: IEEE Proceeding of International Conference on Future Internet of Things and Cloud (FiCloud), pp. 99–106. IEEE (2016)

  8. Che, W., Saqib, F., Plusquellic, J.: PUF-based authentication. In: IEEE/ACM International Conference on Computer-Aided Design (ICCAD), pp. 337–344. IEEE (2015)

  9. Xu, Q., Zheng, R., Saad, W., Han, Z.: Device fingerprinting in wireless networks: challenges and opportunities. IEEE Commun. Surv. Tutor. 18(1), 94–104 (2016)

    Article  Google Scholar 

  10. Aman, M., Chua, K., Sikdar, B.: Physically secure mutual authentication for IoT. In: IEEE Proceeding Conference on Dependable and Secure Computing, pages 310–317. IEEE, 2017

  11. Aman, M., Chua, K., Sikdar, B.B.: Mutual authentication in IoT systems using physical unclonable functions. IEEE Internet Things J. 4(5), 1327–1340 (2017)

    Article  Google Scholar 

  12. Pospl, M., Mark, R.: Experimental study of wireless transceiver authentication using carrier frequency offset monitoring. In: International Conference on Radioelektronika (RADIOELEKTRONIKA), pp. 335–338 (2015)

  13. Liu, M., et al.: TBAS: enhancing wi-fi authentication by actively eliciting channel state information. In: IEEE International Conference on Sensing, Communication, and Networking (SECON), pp. 1–9 (2016)

  14. Du, X., et al.: Physical layer challenge-response authentication in wireless networks with relay. In: Proceeding IEEE International Conference on Computer Communications (INFOCOM), pp. 1276–1284 (2014)

  15. Caparra, G., et al.: Energy-based anchor node selection for IoT physical layer authentication. In: Proceeding IEEE International Conference on Communications (ICC), pp. 1–6. IEEE (2016)

  16. Wen, H., et al.: A novel framework for message authentication in vehicular communication networks. In: Proceeding IEEE Global Communications Conference (GLOBECOM), pp. 1–6. IEEE (2009)

  17. Verma, G., et al.: Physical layer authentication via fingerprint embedding using software-defined radios. IEEE Access 3, 81–88 (2015)

    Article  Google Scholar 

  18. Wu, X., et al.: A channel coding approach for physical-layer authentication. In: IEEE Proceeding of Wireless Communications and Signal Processing (WCSP), pp. 1–5. IEEE (2016)

  19. Wu, X., et al.: Artificial-noise-aided physical layer phase challenge-response authentication for practical OFDM transmission. IEEE Trans. Wirel. Commun. 15(10), 6611–6625 (2016)

    Article  Google Scholar 

  20. Babaei, A., et al.: Physical unclonable functions in the Internet of Things: state of the art and open challenges. Sensors 19, 3208 (2019)

    Article  Google Scholar 

  21. Liu, F., et al.: A two dimensional quantization algorithm for CIR-based physical layer authentication. In: 2013 IEEE International Conference on Communications (ICC) pp. 4724–4728 (2013)

  22. Zhang, J., et al.: Using basis expansion model for physical layer authentication in time-variant system. In: IEEE Conference on Communications and Network Security (CNS), pp. 348–349. IEEE (2016)

  23. Wang, W., et al.: Privacy-preserving location authentication in Wi-Fi networks using fine-grained physical layer signatures. IEEE Trans. Wirel. Commun 15(2), 1218–1225 (2016)

    Article  Google Scholar 

  24. Melki, R., et al.: A survey on OFDM physical layer security. Phys. Commun. 32, 1–30 (2019)

    Article  Google Scholar 

  25. Gope, P., et al.: Lightweight and privacy-preserving RFID authentication scheme for distributed IoT infrastructure with secure localization services for smart city environment. In: Sloot, P., Cambria, E., Abramson, D., Altintas, I. (eds.) Future Generation Computer Systems, vol. 83, pp. 629–637. Elsevier, Amsterdam (2018)

    Google Scholar 

  26. Amin, R., et al.: A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment. In: Sloot, P., Cambria, E., Abramson, D., Altintas, I. (eds.) Future Generation Computer Systems, vol. 78, pp. 1005–1019. Elsevier, Amsterdam (2018)

    Google Scholar 

  27. Kunal, S., et al.: An overview of cloud-fog computing: architectures, applications with security challenges. In: Security and Privacy, vol. 2, pp. e72. Wiley, New York (2019)

  28. Das, K., Wazid, M., Kumar, N., Khan, M., Choo, K., Park, Y.: Design of secure and lightweight authentication protocol for wearable devices environment. IEEE J. Biomed. Health Inform. 22(4), 1310–1322 (2018)

    Article  Google Scholar 

  29. Li, X., et al.: A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments. J. Netw. Comput. Appl. 103, 194–204 (2018)

    Article  Google Scholar 

  30. Das, A., et al.: Provably secure user authentication and key agreement scheme for wireless sensor networks. Secur. Commun. Netw. 9(16), 3670–3687 (2016)

    Article  Google Scholar 

  31. Chang, C., Le, H.: A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Trans. Wirel. Commun. 15(1), 357–366 (2016)

    Article  MathSciNet  Google Scholar 

  32. Atzori, L., et al.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)

    Article  Google Scholar 

  33. Van den Abeele, F., et al.: Scalability analysis of large-scale LoRaWAN networks in ns-3. IEEE Internet Things J. 4(6), 2186–2198 (2017)

    Article  Google Scholar 

  34. Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inform. Theory 29(2), 198–208 (1983)

    Article  MathSciNet  Google Scholar 

  35. Delignat-Lavaud, A.: On the security of authentication protocols on the web. PhD thesis, Paris Sciences et Lettres (2016)

  36. Amin, R., et al.: A software agent enabled biometric security algorithm for secure file access in consumer storage devices. IEEE Trans. Consum. Electron. 63(1), 53–61 (2017)

    Article  Google Scholar 

  37. Mesaritakis, C., et al.: Physical unclonable function based on a multi-mode optical waveguide. Sci. Rep. 8, 9653 (2018)

    Article  Google Scholar 

  38. Hamamreh, J., Arslan, H.: Secure orthogonal transform division multiplexing (OTDM) waveform for 5g and beyond. IEEE Commun. Lett. 21(5), 1191–1194 (2017)

    Article  Google Scholar 

  39. Badawy, A., et al.: Unleashing the secure potential of the wireless physical layer: secret key generation methods. Phys. Commun. 19, 1–10 (2016)

    Article  Google Scholar 

  40. Szalachowski, P., Ksiezopolski, B., Kotulski, Z.: CMAC, CCM and GCM/GMAC: advanced modes of operation of symmetric block ciphers in wireless sensor networks. Inf. Process. Lett. 110(7), 247–251 (2010)

    Article  MathSciNet  Google Scholar 

  41. Abdalla, M., Fouque, P., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: International Workshop on Public Key Cryptography, pp. 65–84. Springer (2005)

  42. Odelu, V., Das, A., Goswami, A.: SEAP: secure and efficient authentication protocol for NFC applications using pseudonyms. IEEE Trans. Consum. Electron. 62(1), 30–38 (2016)

    Article  Google Scholar 

  43. Wazid, M., et al.: A novel authentication and key agreement scheme for implantable medical devices deployment. IEEE J. Biomed. Health Inform. 22(4), 1299–1309 (2018)

    Article  Google Scholar 

  44. Wazid, M., et al.: Secure authentication scheme for medicine anti-counterfeiting system in IoT environment. IEEE Internet Things J. 4(5), 1634–1646 (2017)

    Article  Google Scholar 

  45. Challa, S., et al.: Secure signature-based authenticated key establishment scheme for future IoT applications. IEEE Access 5, 3028–3043 (2017)

    Article  Google Scholar 

  46. Chatterjee, S., et al.: Secure biometric-based authentication scheme using chebyshev chaotic map for multi-server environment. IEEE Trans. Dependable Secure Comput. 15(5), 824–839 (2018)

    Article  Google Scholar 

  47. Amin, R., et al.: Design and analysis of bilinear pairing based mutual authentication and key agreement protocol usable in multi-server environment. Wirel. Pers. Commun. 84(1), 439–642 (2015)

    Article  Google Scholar 

Download references

Funding

This research is supported by the Maroun Semaan Faculty of Engineering and Architecture at the American University of Beirut.

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, American University of Beirut, Beirut, Lebanon

    Reem Melki, Hassan N. Noura & Ali Chehab

  2. Department of Computer Sciences, Arab Open University, Beirut, Lebanon

    Hassan N. Noura

Authors
  1. Reem Melki
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hassan N. Noura
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ali Chehab
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Reem Melki.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Melki, R., Noura, H.N. & Chehab, A. Lightweight multi-factor mutual authentication protocol for IoT devices. Int. J. Inf. Secur. 19, 679–694 (2020). https://doi.org/10.1007/s10207-019-00484-5

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-019-00484-5

Keywords

Search

Navigation