Designing a Lightweight IoT Authentication Protocol for Resource-Constrained Devices

Summary:

Many IoT devices are too weak to run heavy authentication or encryption protocols. One solution is a lightweight authentication system that mixes elliptic curve cryptography (ECC) for key exchange with symmetric encryption for actual data transmission. This hybrid approach made a lot of sense for ECC offers a strong security with small keys, while symmetric encryption is fast and energy-efficient. They tested their protocol on a simulated network of 100 IoT sensor nodes using real sensor data from the Intel Berkeley Research Lab. Compared to other authentication methods, their approach reduced energy use, authentication time, and communication overhead pretty significantly.

Key Points:

  1. IoT constrained devices cannot efficiently run heavy cryptography like full TLS/SSL.
  2. Protocol has 3 phases: key generation, authentication, session key creation.
  3. Achievements:
    • 20% lower energy usage
    • 18% lower authentication time
    • 15% lower communication overhead
    • 13% reduced memory usage
  4. More resilient to common IoT security threats.

Images

Start
Step #
1 Generates Key Pair
2 Generates Symmetric Key Session
3 Sends Hashed Identity
4 Verifies Identity
5 Sends Challenge Message
6 Responds With Correct Challenge
7 Authentication Successful
8 Secure Session Key Exchange
End
Figure 1: Proposed Architecture diagram
Shows Comparison of Energy Consumption
Figure 2: Shows Comparison of Energy Consumption
Shows Memory Usage
Figure 3: Shows Memory Usage

Bibliography Citation:

N. T and L. R, "Designing a Lightweight IoT Authentication Protocol for Resource-Constrained Devices," 2024
International Conference on IoT, Communication and Automation Technology (ICICAT), Gorakhpur, India, 2024,
pp. 962–966, doi: 10.1109/ICICAT62666.2024.10923434.