Skip to main content
SpringerLink
Log in

LAPE2D: Lightweight Authentication Protocol to Secure End and Edge Devices in Iot Framework

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

The Internet of Things (IoT) is omnipresent in every industry and has extended its footprint in various domains. This IoT device augmentation in today’s smart world demands lightweight and secure authentication mechanisms for resource-constrained types of devices. This work proposed new authentication and key management schemes to equip these devices by leveraging lightweight cryptographic mechanisms. The proposed approach utilized various multi-device authentication scenarios such as end node to (edge) gateway, Gateway to Gateway and Node to Node through the gateway. In an IoT ecosystem, two end nodes have the same session key, which may be used for more secure communication. The robustness of the proposed mechanism is instantiated with the message exchange process of various scenarios and thorough cryptanalysis of the most common network intrusion attacks. Also, this proposed methodology provides more efficiency than existing works concerning communication overhead and computing complexity.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

Data availability

All data generated or analysed during this study are included in this published article.

References

  1. Ostad-Sharif, A., Arshad, H., Nikooghadam, M., & Abbasinezhad-Mood, D. (2019). Three party secure data transmission in IoT networks through design of a lightweight authenticated key agreement scheme. Future Generation Computer Systems, 100, 882–892.

    Google Scholar 

  2. Amin, R., Islam, S. H., Biswas, G., Khan, M. K., Leng, L., & Kumar, N. (2016). Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks. Computer Networks, 101, 42–62.

    Google Scholar 

  3. Jiang, Q., Zeadally, S., Ma, J., & He, D. (2017). Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks. IEEE Access, 5, 3376–3392.

    Google Scholar 

  4. Guo, H., Gao, Y., Xu, T., Zhang, X., & Ye, J. (2019). A secure and efficient three-factor multi-gateway authentication protocol for wireless sensor networks. Ad Hoc Networks, 95, 101965.

    Google Scholar 

  5. Aghili, S. F., Mala, H., Shojafar, M., & Peris-Lopez, P. (2019). LACO: Lightweight three-factor authentication, access control and ownership transfer scheme for e-health systems in IoT. Future Generation Computer Systems, 96, 410–424.

    Google Scholar 

  6. Zhang, L., Zhang, Y., Tang, S., & Luo, H. (2018). Privacy protection for e-health systems by means of dynamic authentication and three-factor key agreement. IEEE Transactions on Industrial Electronics, 65(3), 2795–2805.

    Google Scholar 

  7. Gupta, A., Tripathi, M., Shaikh, T. J., & Sharma, A. (2019). A lightweight anonymous user authentication and key establishment scheme for wearable devices. Computer Networks, 149, 29–42.

    Google Scholar 

  8. Das, A. K., Wazid, M., Kumar, N., Khan, M. K., Choo, K. K. R., & Park, Y. (2017). Design of secure and lightweight authentication protocol for wearable devices environment. IEEE Journal of Biomedical and Health Informatics, 22(4), 1310–1322.

    Google Scholar 

  9. Amin, R., Kumar, N., Biswas, G. P., Iqbal, R., & Chang, V. (2018). A light weight authentication protocol for IoT-enabled devices in distributed cloud computing environment. Future Generation Computer Systems, 78, 1005–1019.

    Google Scholar 

  10. Wazid, M., Das, A. K., & Vasilakos, A. V. (2018). Authenticated key management protocol for cloud-assisted body area sensor networks. Journal of Network and Computer Applications, 123, 112–126.

    Google Scholar 

  11. Venkatasubramanian, K. K., Banerjee, A., & Gupta, S. K. S. (2009). PSKA: Usable and secure key agreement scheme for body area networks. IEEE Transactions on Information Technology in Biomedicine, 14(1), 60–68.

    Google Scholar 

  12. Li, C. T., Wu, T. Y., Chen, C. L., Lee, C. C., & Chen, C. M. (2017). An efficient user authentication and user anonymity scheme with provably security for IoT-based medical care system. Sensors, 17(7), 1482.

    Google Scholar 

  13. Watro, R., Kong, D., Cuti, S. F., Gardiner, C., Lynn, C., & Kruus, P. (2004). TinyPK: securing sensor networks with public key technology. Proceedings of the 2nd ACM workshop on security of ad hoc and sensor networks (pp. 59-64)

  14. Wong, K. H., Zheng, Y., Cao, J., & Wang, S. (2006). A dynamic user authentication scheme for wireless sensor networks. IEEE international conference on sensor networks, ubiquitous, and trustworthy computing (SUTC'06) (Vol. 1, pp. 8-pp). IEEE

  15. Xu, J., Zhu, W.-T., & Feng, D.-G. (2009). An improved smart card based password authentication scheme with provable security. Comput. Stand. Interfaces, 31(4), 723–728.

    Google Scholar 

  16. Anuradha, M. P., & Lino Fathima Chinna Rani, K. (2022). Blockchain technology for IoT edge devices and data security. Advances in Computers, 127, 379–412.

    Google Scholar 

  17. Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.

    Google Scholar 

  18. He, D., Gao, Y., Chan, S., Chen, C., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc & Sensor Wireless Networks, 10(4), 361–371.

    Google Scholar 

  19. https://www.globenewswire.com/news-release/2022/03/22/2407932/0/en/IoT-Security-Global-Market-Report-2022.html

  20. Yuan, J., Jiang, C., & Jiang, Z. (2010). A biometric-based user authentication for wireless sensor networks. Wuhan University Journal of Natural Sciences, 15(3), 272–276.

    Google Scholar 

  21. Yeh, H.-L., Chen, T.-H., Liu, P.-C., Kim, T.-H., & Wei, H.-W. (2011). A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 11(5), 4767–4779.

    Google Scholar 

  22. Islam, S. H., & Biswas, G. (2011). A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Journal of Systems and Software, 84(11), 1892–1898.

    Google Scholar 

  23. Das, A. K., Sharma, P., Chatterjee, S., & Sing, J. K. (2012). A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. Journal of Network and Computer Applications, 35(5), 1646–1656.

    Google Scholar 

  24. Xue, K., Ma, C., Hong, P., & Ding, R. (2013). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323.

    Google Scholar 

  25. Nižetić, S., Šolić, P., González-De, D. L. D. I., & Patrono, L. (2020). Internet of things (IoT): Opportunities, issues and challenges towards a smart and sustainable future. Journal of Cleaner Production, 274, 122877.

    Google Scholar 

  26. Li, C.-T., Weng, C.-Y., & Lee, C.-C. (2013). An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks. Sensors, 13(8), 9589–9603.

    Google Scholar 

  27. Turkanovic, M., & Holbl, M. (2013). An improved dynamic password-based user authentication scheme for hierarchical wireless sensor networks. Elektronika ir Elektrotechnika, 19(6), 109–117.

    Google Scholar 

  28. Farash, M. S., Attari, M. A., & Kumari, S. (2017). Cryptanalysis and improvement of a three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps. International Journal of Communication Systems, 30(1), e2912.

    Google Scholar 

  29. Turkanović, M., Brumen, B., & Hölbl, M. (2014). A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion. Ad Hoc Networks, 20, 96–112.

    Google Scholar 

  30. He, D., Kumar, N., & Chilamkurti, N. (2015). A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Information Sciences, 321, 263–277.

    Google Scholar 

  31. Kalra, S., & Sood, S. K. (2015). Secure authentication scheme for IoT and cloud servers. Pervasive and Mobile Computing, 24, 210–223.

    Google Scholar 

  32. Rizzardi, A., Sicari, S., Miorandi, D., & Coen-Porisini, A. (2016). AUPS: An open source AUthenticated publish/subscribe system for the internet of things. Information Systems, 62, 29–41.

    Google Scholar 

  33. Amin, R., & Biswas, G. (2015). Cryptanalysis and design of a three-party authenticated key exchange protocol using smart card. Arabian Journal for Science and Engineering, 40(11), 3135–3149.

    MathSciNet  MATH  Google Scholar 

  34. Farash, M. S., Islam, S. H., & Obaidat, M. S. (2015). A provably secure and efficient two-party password-based explicit authenticated key exchange protocol resistance to password guessing attacks. Concurrency and Computation: Practice and Experience, 27(17), 4897–4913.

    Google Scholar 

  35. Heydari, M., Sadough, S. M. S., Farash, M. S., Chaudhry, S. A., & Mahmood, K. (2016). An efficient password-based authenticated key exchange protocol with provable security for mobile client–client networks. Wireless Personal Communications, 88(2), 337–356.

    Google Scholar 

  36. Amin, R., & Biswas, G. (2016). A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Networks, 36, 58–80.

    Google Scholar 

  37. Mehta, M., & Patel, K. (2020). A review for IoT authentication–current research trends and open challenges. Materials Today: Proceedings. https://doi.org/10.1016/j.matpr.2020.10.859

    Article  Google Scholar 

  38. Kaveh, M., Martín, D., & Mosavi, M. R. (2020). A lightweight authentication scheme for V2G communications: A PUF-based approach ensuring cyber/physical security and identity/location privacy. Electronics, 9(9), 1479.

    Google Scholar 

  39. Irshad, A., Sher, M., Chaudhary, S. A., Naqvi, H., & Farash, M. S. (2016). An efficient and anonymous multi-server authenticated key agreement based on chaotic map without engaging registration centre. The Journal of Supercomputing, 72(4), 1623–1644.

    Google Scholar 

  40. Bakkiam-Deebak, D., & AL-Turjman, F. (2021). Lightweight privacy-aware secure authentication scheme for cyber-physical systems in the edge intelligence era. Concurrency and Computation: Practice and Experience, 35, e6510.

    Google Scholar 

  41. Mohit, P., Amin, R., & Biswas, G. (2017). Design of authentication protocol for wireless sensor network-based smart vehicular system. Vehicular Communications, 9, 64–71.

    Google Scholar 

  42. Irshad, A., Sher, M., Ashraf, M. U., Alzahrani, B. A., Wu, F., Xie, Q., & Kumari, S. (2017). An improved and secure chaotic-map based multi-server authentication protocol based on Lu et al. and Tsai and Lo’s scheme. Wireless Personal Communications, 95(3), 3185–3208.

    Google Scholar 

  43. Wu, F., Li, X., Sangaiah, A. K., Xu, L., Kumari, S., Wu, L., & Shen, J. (2018). A lightweight and robust two-factor authentication scheme for personalised healthcare systems using wireless medical sensor networks, future gener. Computing Systems, 82, 727–737.

    Google Scholar 

  44. Mishra, D., Vijayakumar, P., Sureshkumar, V., Amin, R., Islam, S. H., & Gope, P. (2018). Efficient authentication protocol for secure multimedia communications in IoT-enabled wireless sensor networks. Multimedia Tools and Applications, 77(14), 18295–18325.

    Google Scholar 

  45. Srinivas, J., Das, A. K., Wazid, M., & Kumar, N. (2018). Anonymous lightweight chaotic map-based authenticated key agreement protocol for industrial Internet of Things. IEEE Transactions on Dependable and Secure Computing, 17(6), 1133–1146.

    Google Scholar 

  46. Lawal, M. A., Shaikh, R. A., & Hassan, S. R. (2021). A DDoS attack mitigation framework for IoT networks using fog computing. Procedia Computer Science, 182, 13–20.

    Google Scholar 

  47. Oh, J., Yu, S., Lee, J., Son, S., Kim, M., & Park, Y. (2021). A secure and lightweight authentication protocol for IoT-based smart homes. Sensors, 21(4), 1488.

    Google Scholar 

  48. Chen, C. M., Chen, L., Huang, Y., Kumar, S., & Wu, J. M. (2021). T, “Lightweight authentication protocol in edge-based smart grid environment.” EURASIP Journal on Wireless Communications and Networking, 2021, 1–18.

    Google Scholar 

  49. Zargar, S., Shahidinejad, A., & Ghobaei-Arani, M. (2021). A lightweight authentication protocol for IoT-based cloud environment. International Journal of Communication Systems, 34(11), e4849.

    Google Scholar 

  50. Krishnasrija, R., Mandal, A. K., & Cortesi, A. (2023). A lightweight mutual and transitive authentication mechanism for IoT network. Ad Hoc Networks, 138, 103003.

    Google Scholar 

  51. Ryu, J., Oh, J., Kwon, D., Son, S., Lee, J., Park, Y., & Park, Y. (2022). Secure ECC-based three-factor mutual authentication protocol for telecare medical information system. IEEE Access, 10, 11511–11526.

    Google Scholar 

  52. Borgohain, P., & Choudhury, H. (2023). A lightweight D2D authentication protocol for relay coverage scenario in 5G mobile network. Computer Networks, 225, 109679.

    Google Scholar 

  53. Lee, J., Oh, J., & Park, Y. (2023). A secure and anonymous authentication protocol based on three-factor wireless medical sensor networks. Electronics, 12(6), 1368.

    Google Scholar 

Download references

Acknowledgements

The authors are thankful to the Department of Science & Technology, New Delhi, India (SR/FST/ETI-371/2014) and SASTRA Deemed University for their financial and infrastructure support.

Author information

Authors and Affiliations

  1. School of Computing, SASTRA Deemed University, Thanjavur, 613 401, India

    S. Ramya & Manivannan Doraipndian

  2. School of Electrical & Electronics Engineering, SASTRA Deemed University, Thanjavur, 613 401, India

    Rengarajan Amirtharajan

Authors
  1. S. Ramya
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Manivannan Doraipndian
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rengarajan Amirtharajan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Manivannan Doraipndian.

Ethics declarations

Conflict of interest

The authors do not have conflicts of interest associated with this publication.

Ethical approval

This article does not contain any studies with human participants or animals performed by any authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ramya, S., Doraipndian, M. & Amirtharajan, R. LAPE2D: Lightweight Authentication Protocol to Secure End and Edge Devices in Iot Framework. Wireless Pers Commun 131, 2217–2239 (2023). https://doi.org/10.1007/s11277-023-10539-5

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-023-10539-5

Keywords

Search

Navigation