Skip to main content
Log in

Simple, secure and lightweight authentication protocol with session-key generation for IIoT device in IIoT networks

  • Technical Paper
  • Published:
Microsystem Technologies Aims and scope Submit manuscript

Abstract

Device authentication is essential for protecting IIoT networks due to the industrial internet of things (IIoT) rise in connected devices. This work presents a novel protocol for IIoT device authentication using XOR and hash functions, two simple cryptographic techniques. Our protocol makes use of authentication and session key generation to increase the security of IIoT devices in IIoT networks. In our proposed protocol, IIoT devices send a message to a server requesting authentication, and the server responds with session keys. In order to maintain a secure connection, the IIoT device refreshes the session key and stores it for use in upcoming communications. We used the AVISPA (automated validation of internet security protocols and applications) and ProVerif tools to assess our proposed protocol. The outcomes of our proposed protocol demonstrate that this protocol provides a low-overhead, secure, and effective mechanism for IIoT device authentication. Our proposed protocol uses the least amount of energy, making it simple to implement in a real-time context.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  • Agrawal M, Zhou J, Chang D (2019) A survey on lightweight authenticated encryption and challenges for securing industrial IoT. In: Security and privacy trends in the industrial internet of things, pp 71–94

  • Aman MN, Sikdar B (2018) ATT-Auth: a hybrid protocol for industrial IoT attestation with authentication. IEEE Internet Things J 5(6):5119–5131

    Article  Google Scholar 

  • Armando A, Basin D, Boichut Y, Chevalier Y, Compagna L, Cuéllar J, Vigneron L (2005) The AVISPA tool for the automated validation of internet security protocols and applications. In: Computer aided verification: 17th international conference, CAV 2005, Edinburgh, Scotland, UK, July 6–10, 2005. Proceedings 17. Springer, Berlin, pp 281–285

  • Blanchet B, Smyth B, Cheval V, Sylvestre M (2018) ProVerif 2.00: automatic cryptographic protocol verifier, user manual and tutorial. Version from, 05-16

  • Boyes H, Hallaq B, Cunningham J, Watson T (2018) The industrial internet of things (IIoT): an analysis framework. Comput Ind 101:1–12

    Article  Google Scholar 

  • Esfahani A, Mantas G, Matischek R, Saghezchi FB, Rodriguez J, Bicaku A, Bastos J (2017) A lightweight authentication mechanism for M2M communications in industrial IoT environment. IEEE Internet Things J 6(1):288–296

    Article  Google Scholar 

  • Hussain M, Jain U (2020) Simple and secure device authentication mechanism for smart environments using Internet of things devices. Int J Commun Syst 33(16):e4570

    Article  Google Scholar 

  • Kumar P, Gurtov A, Sain M, Martin A, Ha PH (2018) Lightweight authentication and key agreement for smart metering in smart energy networks. IEEE Trans Smart Grid 10(4):4349–4359

    Article  Google Scholar 

  • Lara E, Aguilar L, Sanchez MA, García JA (2020) Lightweight authentication protocol for M2M communications of resource-constrained devices in industrial internet of things. Sensors 20:501. https://doi.org/10.3390/s20020501

    Article  Google Scholar 

  • Li N, Liu D, Nepal S (2017a) Lightweight mutual authentication for IoT and its applications. IEEE Trans Sustain Comput 2(4):359–370

    Article  Google Scholar 

  • Li X, Peng J, Niu J, Wu F, Liao J, Choo KKR (2017b) A robust and energy efficient authentication protocol for industrial internet of things. IEEE Internet Things J 5(3):1606–1615

    Article  Google Scholar 

  • Lupascu C, Lupascu A, Bica I (2020) DLT based authentication framework for industrial IoT devices. Sensors 20(9):2621

    Article  Google Scholar 

  • Mick T, Tourani R, Misra S (2017) LASeR: lightweight authentication and secured routing for NDN IoT in smart cities. IEEE Internet Things J 5(2):755–764

    Article  Google Scholar 

  • Patel C, Bashir AK, AlZubi AA, Jhaveri R (2022) EBAKE-SE: a novel ECC-based authenticated key exchange between industrial IoT devices using secure element. Dig Commun Netw 9(2):358–366

    Article  Google Scholar 

  • Pi R. Raspberry pi 3 Model B. https://projects.raspberrypi.org/en/projects/raspberry-pi-setting-up

  • Sengupta J, Ruj S, Bit SD (2020) A comprehensive survey on attacks, security issues and blockchain solutions for IoT and IIoT. J Netw Comput Appl 149:102481

    Article  Google Scholar 

  • Serror M, Hack S, Henze M, Schuba M, Wehrle K (2020) Challenges and opportunities in securing the industrial internet of things. IEEE Trans Ind Inform 17(5):2985–2996

    Article  Google Scholar 

  • Shahzad K, Alam M, Javaid N, Waheed A, Chaudhry SA, Mansoor N, Zareei M (2022) SF-LAP: secure M2M communication in IIoT with a single-factor lightweight authentication protocol. J Sens 2022

  • Shen M, Liu H, Zhu L, Xu K, Yu H, Du X, Guizani M (2020) Blockchain-assisted secure device authentication for cross-domain industrial IoT. IEEE J Sel Areas Commun 38(5):942–954

    Article  Google Scholar 

  • Singh J, Gimekar A, Venkatesan S (2019) An efficient lightweight authentication scheme for human-centered industrial internet of things. Int J Commun Syst 36:e4189

    Article  Google Scholar 

  • Srikanth GU, Geetha R, Prabhu S (2023) An efficient key agreement and authentication scheme (KAAS) with enhanced security control for IIoT systems. Int J Inf Tecnol 15:1221–1230. https://doi.org/10.1007/s41870-023-01173-2

    Article  Google Scholar 

  • Tanveer M, Alkhayyat A, Kumar N, Alharbi AG (2022) REAP-IIoT: resource-efficient authentication protocol for the industrial internet of things. IEEE Internet Things J 9(23):24453–24465

    Article  Google Scholar 

  • Team TA (2006) Avispa v1. 1 user manual. Information society technologies programme (June 2006) 62, p 112. http://avispa-project.org

  • Vigano L (2006) Automated security protocol analysis with the AVISPA tool. Electron Notes Theor Comput Sci 155:61–86

    Article  Google Scholar 

  • Vinoth R, Deborah LJ, Vijayakumar P, Kumar N (2020) Secure multifactor authenticated key agreement scheme for industrial IoT. IEEE Internet Things J 8(5):3801–3811

    Article  Google Scholar 

  • Yu X, Guo H (2019) A survey on IIoT security. In: 2019 IEEE VTS Asia Pacific wireless communications symposium (APWCS). IEEE, pp 1–5

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Usha Jain.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Jain, U., Tripathi, A., Kumar, S. et al. Simple, secure and lightweight authentication protocol with session-key generation for IIoT device in IIoT networks. Microsyst Technol (2023). https://doi.org/10.1007/s00542-023-05566-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s00542-023-05566-y

Navigation