Skip to main content
SpringerLink
Log in

3S-ALDDT: A Triple Security Scheme for Authenticating Lightweight Devices and Securing Data Transmission in Internet of Things

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

The Internet of Things (IoT) connect and link objects and people for creating, processing and sharing countless information. The use of IoT is widely spread in important life fields like smart farming, by collecting and transferring data from agricultural environment to cloud servers and farming experts. Ensure the security of the data transferred is always an important issue. Hence, many researchers have proposed secure schemes in IoT systems. However, these schemes still present some flaws and they are vulnerable against some known attacks as impersonation, man in the middle, session key disclosure, password guessing and stolen smart card. Besides, they are not all adaptable to lightweight devices. Therefore, the purpose of this present work is to ensure user’s privacy and data confidentiality by authenticating all legitimate network members and securing their communications. Accordingly, we propose three schemes of authentication and key management taking into consideration not only the security requirements but also the resource limit of network devices. A formal security verification of the three schemes is performed using Burrows-Abadi-Needham (BAN) logic, Automated Validation of Internet Security Protocols and Applications (AVISPA) and Scyther verification tool. The results show that each scheme ensures mutual authentication and session key secrecy. They are secure against some known attacks as man in the middle, replay and impersonation. Besides, the performance analysis comparison show the lightness of the proposed schemes regarding recent related schemes and hence they are adaptable to different IoT devices.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14

Similar content being viewed by others

Availability of Data and Materials

Not applicable.

References

  1. Issa, W., Moustafa, N., Turnbull, B., Sohrabi, N., & Tari, Z. (2022). Blockchain-based federated learning for securing internet of things: A comprehensive survey. ACM Computing Surveys (CSUR), 55(9), 1–43.

    Article  Google Scholar 

  2. Stoyanova, M., Nikoloudakis, Y., Panagiotakis, S., Pallis, E., & Markakis, E. K. (2020). A survey on the internet of things (iot) forensics: Challenges, approaches, and open issues. IEEE Communications Surveys & Tutorials, 22(2), 1191–1221.

    Article  Google Scholar 

  3. Kassab, W., & Darabkh, K. A. (2020). A-z survey of internet of things: Architectures, protocols, applications, recent advances, future directions and recommendations. Journal of Network and Computer Applications, 163, 102663.

    Article  Google Scholar 

  4. Popović, T., Latinović, N., Pešić, A., Zečević, Ž, Krstajić, B., & Djukanović, S. (2017). Architecting an iot-enabled platform for precision agriculture and ecological monitoring: A case study. Computers and Electronics in Agriculture, 140, 255–265.

    Article  Google Scholar 

  5. Akhter, R., & Sofi, S. A. (2022). Precision agriculture using iot data analytics and machine learning. Journal of King Saud University-Computer and Information Sciences, 34(8), 5602–5618.

    Article  Google Scholar 

  6. Soni, M., & Singh, D. K. (2021). Laka: Lightweight authentication and key agreement protocol for internet of things based wireless body area network. Wireless Personal Communications, 127(2), 1067–1084.

    Article  Google Scholar 

  7. Williams, P., Dutta, I. K., Daoud, H., & Bayoumi, M. (2022). A survey on security in internet of things with a focus on the impact of emerging technologies. Internet of Things, 19, 100564.

    Article  Google Scholar 

  8. Gupta, M., Abdelsalam, M., Khorsandroo, S., & Mittal, S. (2020). Security and privacy in smart farming: Challenges and opportunities. IEEE Access, 8, 34564–34584.

    Article  Google Scholar 

  9. Gong, X., & Feng, T. (2022). Lightweight anonymous authentication and key agreement protocol based on coap of internet of things. Sensors, 22(19), 7191.

    Article  Google Scholar 

  10. Gong, B., Wu, Y., Wang, Q., Ren, Y.-H., & Guo, C. (2022). A secure and lightweight certificateless hybrid signcryption scheme for internet of things. Future Generation Computer Systems, 127, 23–30.

    Article  Google Scholar 

  11. Bera, B., Vangala, A., Das, A. K., Lorenz, P., & Khan, M. K. (2022). Private blockchain-envisioned drones-assisted authentication scheme in iot-enabled agricultural environment. Computer Standards & Interfaces, 80, 103567.

    Article  Google Scholar 

  12. Kansal, N., Bhushan, B., & Sharma, S. (2022). Architecture, security vulnerabilities, and the proposed countermeasures in agriculture-internet-of-things (aiot) systems. Internet of Things and Analytics for Agriculture (pp. 329–353). Springer.

    Google Scholar 

  13. Hussain, S., Mahmood, K., Khan, M. K., Chen, C.-M., Alzahrani, B. A., & Chaudhry, S. A. (2022). Designing secure and lightweight user access to drone for smart city surveillance. Computer Standards & Interfaces, 80, 103566.

    Article  Google Scholar 

  14. Bohli, J.-M., Langendörfer, P., & Skarmeta, A. F. (2022). Security and privacy challenge in data aggregation for the iot in smart cities. Internet of Things (pp. 225–244). UK: River Publishers.

    Chapter  Google Scholar 

  15. Fotouhi, M., Bayat, M., Das, A. K., Far, H. A. N., Pournaghi, S. M., & Doostari, M.-A. (2020). A lightweight and secure two-factor authentication scheme for wireless body area networks in health-care iot. Computer Networks, 177, 107333.

    Article  Google Scholar 

  16. Harkanson, R., & Kim, Y. (2017). Applications of elliptic curve cryptography: A light introduction to elliptic curves and a survey of their applications, In: Proceedings of the 12th annual conference on cyber and information security research (pp. 1–7).

  17. Sharma, G., & Kalra, S. (2018). A lightweight multi-factor secure smart card based remote user authentication scheme for cloud-iot applications. Journal of Information Security and Applications, 42, 95–106.

    Article  Google Scholar 

  18. Lee, J., Kim, M., Yu, S., Park, K., & Park, Y. (2019). A secure multi-factor remote user authentication scheme for cloud-iot applications, In: 2019 28th international conference on computer communication and networks (ICCCN) (pp. 1–2). IEEE.

  19. Park, K., Noh, S., Lee, H., Das, A. K., Kim, M., Park, Y., & Wazid, M. (2020). Laks-nvt: Provably secure and lightweight authentication and key agreement scheme without verification table in medical internet of things. IEEE Access, 8, 119387–119404.

    Article  Google Scholar 

  20. Xu, Z., Xu, C., Liang, W., Xu, J., & Chen, H. (2019). A lightweight mutual authentication and key agreement scheme for medical internet of things. IEEE Access, 7, 53922–53931.

    Article  Google Scholar 

  21. Chom Thungon, L., Ahmed, N., Chandra Sahana, S., & Hussain, M. I. (2021). A lightweight authentication and key exchange mechanism for ipv6 over low-power wireless personal area networks-based internet of things. Transactions on Emerging Telecommunications Technologies, 32(5), e4033.

    Article  Google Scholar 

  22. Chen, C.-M., Li, Z., Chaudhry, S. A., & Li, L. (2021). Attacks and solutions for a two-factor authentication protocol for wireless body area networks. Security and Communication Networks, 2021, 1–12.

    Google Scholar 

  23. Dewanta, F., & Mambo, M. (2019). A mutual authentication scheme for secure fog computing service handover in vehicular network environment. IEEE Access, 7, 103095–103114.

    Article  Google Scholar 

  24. Kumar, A., Singh, K., Shariq, M., Lal, C., Conti, M., Amin, R., & Chaudhry, S. A. (2023). An efficient and reliable ultralightweight rfid authentication scheme for healthcare systems. Computer Communications, 205, 147–157.

    Article  Google Scholar 

  25. Shariq, M., & Singh, K. (2022). A secure and lightweight rfid-enabled protocol for iot healthcare environment: A vector space based approach. Wireless Personal Communications, 127(4), 3467–3491.

    Article  Google Scholar 

  26. Safkhani, M., Bagheri, N., Kumari, S., Tavakoli, H., Kumar, S., & Chen, J. (2020). Reseap: An ecc-based authentication and key agreement scheme for iot applications. IEEE Access, 8, 200851–200862.

    Article  Google Scholar 

  27. Kumari, A., Jangirala, S., Abbasi, M. Y., Kumar, V., & Alam, M. (2020). Eseap: Ecc based secure and efficient mutual authentication protocol using smart card. Journal of Information Security and Applications, 51, 102443.

    Article  Google Scholar 

  28. Rostampour, S., Safkhani, M., Bendavid, Y., & Bagheri, N. (2020). Eccbap: A secure ecc-based authentication protocol for iot edge devices. Pervasive and Mobile Computing, 67, 101194.

    Article  Google Scholar 

  29. Kalra, S., & Sood, S. K. (2015). Secure authentication scheme for iot and cloud servers. Pervasive and Mobile Computing, 24, 210–223.

    Article  Google Scholar 

  30. Chang, C.-C., Wu, H.-L., & Sun, C.-Y. (2017). Notes on secure authentication scheme for iot and cloud servers. Pervasive and Mobile Computing, 38, 275–278.

    Article  Google Scholar 

  31. Kumari, S., Karuppiah, M., Das, A. K., Li, X., Wu, F., & Kumar, N. (2018). A secure authentication scheme based on elliptic curve cryptography for iot and cloud servers. The Journal of Supercomputing, 74(12), 6428–6453.

    Article  Google Scholar 

  32. Iqbal, U., Tandon, A., Gupta, S., Yadav, A. R., Neware, R., & Gelana, F. W. (2022). A novel secure authentication protocol for iot and cloud servers. Wireless Communications and Mobile Computing, 2022.

  33. He, D., Zeadally, S., Kumar, N., & Lee, J.-H. (2016). Anonymous authentication for wireless body area networks with provable security. IEEE Systems Journal, 11(4), 2590–2601.

    Article  Google Scholar 

  34. Shan, S. (2022). Cryptanalysis of a certificateless hybrid signcryption scheme and a certificateless encryption scheme for internet of things. Security and Communication Networks, 2022.

  35. Nikravan, M., & Reza, A. (2020). A multi-factor user authentication and key agreement protocol based on bilinear pairing for the internet of things. Wireless Personal Communications, 111(1), 463–494.

    Article  Google Scholar 

  36. Cherbal, S., & Benchetioui, R. (2023). Scpuak: Smart card-based secure protocol for remote user authentication and key agreement. Computers and Electrical Engineering, 109, 108759.

    Article  Google Scholar 

  37. Hu, Y., Huang, C., & Cheng, H. (2024). An efficient and certificateless conditional privacy-preserving authentication and key agreement scheme for smart healthcare. Computer Communications.

  38. Benrebbouh, C., Mansouri, H., Cherbal, S., & Pathan, A.-S.K. (2023). Enhanced secure and efficient mutual authentication protocol in iot-based energy internet using blockchain. Peer-to-Peer Networking and Applications, 17(1), 68–88.

    Article  Google Scholar 

  39. Cherbal, S. (2023). Secure key exchange scheme and blockchain-oriented data protection in the internet of vehicles, In: 2023 6th international conference on signal processing and information security (ICSPIS) (pp. 45–50). IEEE

  40. Rani, D., & Tripathi, S. (2024). Design of blockchain-based authentication and key agreement protocol for health data sharing in cooperative hospital network. The Journal of Supercomputing, 80(2), 2681–2717.

    Article  Google Scholar 

  41. Wang, W., Huang, H., Zhang, L., & Su, C. (2021). Secure and efficient mutual authentication protocol for smart grid under blockchain. Peer-to-Peer Networking and Applications, 14(5), 2681–2693.

    Article  Google Scholar 

  42. Badshah, A., Waqas, M., Muhammad, F., Abbas, G., Abbas, Z. H., Chaudhry, S. A., & Chen, S. (2022). Aake-bivt: Anonymous authenticated key exchange scheme for blockchain-enabled internet of vehicles in smart transportation. IEEE Transactions on Intelligent Transportation Systems, 24(2), 1739–1755.

    Google Scholar 

  43. Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuéllar, J., Drielsma, P. H., Héam, P.-C., Kouchnarenko, O., Mantovani, J., & Modersheim, S. (2005). The avispa tool for the automated validation of internet security protocols and applications, in: International conference on computer aided verification (pp. 281–285). Springer.

  44. Cremers, C., & Mauw, S. (2012). Operational semantics. Operational semantics and verification of security protocols (pp. 13–35). Springer.

    Chapter  Google Scholar 

  45. Kilinc, H. H., & Yanik, T. (2013). A survey of sip authentication and key agreement schemes. IEEE Communications Surveys & Tutorials, 16(2), 1005–1023.

    Article  Google Scholar 

Download references

Funding

Our work has not been funded and has been worked without financial support.

Author information

Authors and Affiliations

  1. LRSD Laboratory, Department of Computer Science, Faculty of Sciences, Univ. Ferhat Abbas Setif 1, Setif, Algeria

    Sarra Cherbal

Authors
  1. Sarra Cherbal
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

All authors contributed to this paper.

Corresponding author

Correspondence to Sarra Cherbal.

Ethics declarations

Conflict of interest

We declare that we have no Conflict of interest.

Ethical Approval

Not applicable.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Cherbal, S. 3S-ALDDT: A Triple Security Scheme for Authenticating Lightweight Devices and Securing Data Transmission in Internet of Things. Wireless Pers Commun 135, 727–762 (2024). https://doi.org/10.1007/s11277-024-11051-0

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-024-11051-0

Keywords

Search

Navigation