Skip to main content
Log in

An Efficient Device Authentication Protocol Without Certification Authority for Internet of Things

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript


Wireless network devices are used for the Internet of Things in a variety of applications, and although the IoT has many benefits, there are some security issues in this area. Hacking tools that are widely used in wireless communication enable the attacker to export the information stored in the device memory. Devices within the IoT should not allow this information to be accessed without an authentication. In this paper, we propose an efficient device authentication protocol without certification authority for the Internet of Things. Compared to the existing Constrained Application Protocol, the proposed protocol increases efficiency by minimizing the number of message exchanges. Since our protocol is based on a keyed hash algorithm, the Certificate of Authority is not required. Experimental results show that the proposed authentication protocol improves the security level and reduces the resource consumption of devices.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others


  1. Khan, B. H. (2000). A framework for web-based learning. Englewood Cliffs, NJ: Educational Technology Publications.

    Google Scholar 

  2. Zhou, H. (2010). Web 4.0: The “Chinese Style” definition of Internet of Things [Z/OL].

  3. Jacobs, I. S., & Bean, C. P. (1963). Fine particles, thin films and exchange anisotropy. In G. T. Rado & H. Suhl (Eds.), Magnetism (Vol. III, pp. 271–350). New York: Academic.

    Google Scholar 

  4. Park, J., & Kang, N. (2014). Lightweight secure communication for CoAP-enabled internet of things using delegated DTLS handshake. In International conference on information and communication technology convergence (ICTC) (pp. 28–33).

  5. Nicole, R. (1987). Title of paper with only first word capitalized. J. Name Stand. Abbrev, 740–741.

  6. Guo, J., Peyrin, T., Poschmann, A., & Robshaw, M. (2011). The LED block cipher. In Cryptographic hardware and embedded systems CHES 2011, LNCS (Vol. 6917/2011, pp. 326–341). Springer.

  7. Merkle, R. C. (1989). A certified digital signature. In CRYPTO, volume 435 of lecture notes in computer science (pp. 218–238).

  8. Lipmaa, H. (2002). On optimal hash tree traversal for interval timestamping. In Proceedings of information security conference.

  9. Klintsevich, E., Okeya, K., Vuillaume, C., Buchmann, J., & Dahmen, E. (2007). Merkle signatures with virtually unlimited signature capacity. In 5th international conference on applied cryptography and network security—ACNS07.

  10. Brachmann, M., Keoh, S. L., Morchon, O., & Kumar, S. (2012). End-to-end transport security in the ip-based internet of things. In Proceedings of the 21st international conference on computer communications and networks (ICCCN) (pp. 1–5).

  11. Raza, S., Trabalza, D., & Voigt, T. (2012). 6LoWPAN compressed DTLS for CoAP. In Proceedings of 8th IEEE conference on distributed computing in sensor systems (DCOSS) (pp. 287–289).

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Inwhee Joe.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Jang, S., Lim, D., Kang, J. et al. An Efficient Device Authentication Protocol Without Certification Authority for Internet of Things. Wireless Pers Commun 91, 1681–1695 (2016).

Download citation

  • Published:

  • Issue Date:

  • DOI: