Abstract
Device authentication is essential for protecting IIoT networks due to the industrial internet of things (IIoT) rise in connected devices. This work presents a novel protocol for IIoT device authentication using XOR and hash functions, two simple cryptographic techniques. Our protocol makes use of authentication and session key generation to increase the security of IIoT devices in IIoT networks. In our proposed protocol, IIoT devices send a message to a server requesting authentication, and the server responds with session keys. In order to maintain a secure connection, the IIoT device refreshes the session key and stores it for use in upcoming communications. We used the AVISPA (automated validation of internet security protocols and applications) and ProVerif tools to assess our proposed protocol. The outcomes of our proposed protocol demonstrate that this protocol provides a low-overhead, secure, and effective mechanism for IIoT device authentication. Our proposed protocol uses the least amount of energy, making it simple to implement in a real-time context.
Similar content being viewed by others
References
Agrawal M, Zhou J, Chang D (2019) A survey on lightweight authenticated encryption and challenges for securing industrial IoT. In: Security and privacy trends in the industrial internet of things, pp 71–94
Aman MN, Sikdar B (2018) ATT-Auth: a hybrid protocol for industrial IoT attestation with authentication. IEEE Internet Things J 5(6):5119–5131
Armando A, Basin D, Boichut Y, Chevalier Y, Compagna L, Cuéllar J, Vigneron L (2005) The AVISPA tool for the automated validation of internet security protocols and applications. In: Computer aided verification: 17th international conference, CAV 2005, Edinburgh, Scotland, UK, July 6–10, 2005. Proceedings 17. Springer, Berlin, pp 281–285
Blanchet B, Smyth B, Cheval V, Sylvestre M (2018) ProVerif 2.00: automatic cryptographic protocol verifier, user manual and tutorial. Version from, 05-16
Boyes H, Hallaq B, Cunningham J, Watson T (2018) The industrial internet of things (IIoT): an analysis framework. Comput Ind 101:1–12
Esfahani A, Mantas G, Matischek R, Saghezchi FB, Rodriguez J, Bicaku A, Bastos J (2017) A lightweight authentication mechanism for M2M communications in industrial IoT environment. IEEE Internet Things J 6(1):288–296
Hussain M, Jain U (2020) Simple and secure device authentication mechanism for smart environments using Internet of things devices. Int J Commun Syst 33(16):e4570
Kumar P, Gurtov A, Sain M, Martin A, Ha PH (2018) Lightweight authentication and key agreement for smart metering in smart energy networks. IEEE Trans Smart Grid 10(4):4349–4359
Lara E, Aguilar L, Sanchez MA, García JA (2020) Lightweight authentication protocol for M2M communications of resource-constrained devices in industrial internet of things. Sensors 20:501. https://doi.org/10.3390/s20020501
Li N, Liu D, Nepal S (2017a) Lightweight mutual authentication for IoT and its applications. IEEE Trans Sustain Comput 2(4):359–370
Li X, Peng J, Niu J, Wu F, Liao J, Choo KKR (2017b) A robust and energy efficient authentication protocol for industrial internet of things. IEEE Internet Things J 5(3):1606–1615
Lupascu C, Lupascu A, Bica I (2020) DLT based authentication framework for industrial IoT devices. Sensors 20(9):2621
Mick T, Tourani R, Misra S (2017) LASeR: lightweight authentication and secured routing for NDN IoT in smart cities. IEEE Internet Things J 5(2):755–764
Patel C, Bashir AK, AlZubi AA, Jhaveri R (2022) EBAKE-SE: a novel ECC-based authenticated key exchange between industrial IoT devices using secure element. Dig Commun Netw 9(2):358–366
Pi R. Raspberry pi 3 Model B. https://projects.raspberrypi.org/en/projects/raspberry-pi-setting-up
Sengupta J, Ruj S, Bit SD (2020) A comprehensive survey on attacks, security issues and blockchain solutions for IoT and IIoT. J Netw Comput Appl 149:102481
Serror M, Hack S, Henze M, Schuba M, Wehrle K (2020) Challenges and opportunities in securing the industrial internet of things. IEEE Trans Ind Inform 17(5):2985–2996
Shahzad K, Alam M, Javaid N, Waheed A, Chaudhry SA, Mansoor N, Zareei M (2022) SF-LAP: secure M2M communication in IIoT with a single-factor lightweight authentication protocol. J Sens 2022
Shen M, Liu H, Zhu L, Xu K, Yu H, Du X, Guizani M (2020) Blockchain-assisted secure device authentication for cross-domain industrial IoT. IEEE J Sel Areas Commun 38(5):942–954
Singh J, Gimekar A, Venkatesan S (2019) An efficient lightweight authentication scheme for human-centered industrial internet of things. Int J Commun Syst 36:e4189
Srikanth GU, Geetha R, Prabhu S (2023) An efficient key agreement and authentication scheme (KAAS) with enhanced security control for IIoT systems. Int J Inf Tecnol 15:1221–1230. https://doi.org/10.1007/s41870-023-01173-2
Tanveer M, Alkhayyat A, Kumar N, Alharbi AG (2022) REAP-IIoT: resource-efficient authentication protocol for the industrial internet of things. IEEE Internet Things J 9(23):24453–24465
Team TA (2006) Avispa v1. 1 user manual. Information society technologies programme (June 2006) 62, p 112. http://avispa-project.org
Vigano L (2006) Automated security protocol analysis with the AVISPA tool. Electron Notes Theor Comput Sci 155:61–86
Vinoth R, Deborah LJ, Vijayakumar P, Kumar N (2020) Secure multifactor authenticated key agreement scheme for industrial IoT. IEEE Internet Things J 8(5):3801–3811
Yu X, Guo H (2019) A survey on IIoT security. In: 2019 IEEE VTS Asia Pacific wireless communications symposium (APWCS). IEEE, pp 1–5
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Jain, U., Tripathi, A., Kumar, S. et al. Simple, secure and lightweight authentication protocol with session-key generation for IIoT device in IIoT networks. Microsyst Technol (2023). https://doi.org/10.1007/s00542-023-05566-y
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s00542-023-05566-y