A Lightweight Symmetric Cryptography based User Authentication Protocol for IoT based Applications
Main Article Content
Abstract
The utilization of IoT is expanding across various domains, including telecare, intelligent home systems, and transportation networks. In these environments, IoT devices generate data gathered on remote servers, requiring external users to authenticate themselves to access the data. However, existing authentication protocols for IoT must meet the crucial requirements of speed, security against multiple attacks, and ensuring user anonymity and un-traceability. The main objective of this work is to find lightweight symmetric cryptography-based user authentication protocol tailored for IoT-based applications, focusing on MIM (Man-in-the-Middle) attack prevention, enhanced anonymity, and secure communication between IoT nodes and remote servers via IoT gateways. Existing protocols often lack sufficient defenses against MIM attacks and do not adequately address the need for enhanced user anonymity and secure communication channels within the IoT framework. Our research has identified that authentication techniques based on pairing are susceptible to attacks targeting temporary session-specific data, impersonation, privileged insiders, and offline password guessing. Furthermore, using bilinear pairing in these techniques requires significant computational and communication resources to address the security as mentioned above concerns. A new authentication mechanism must be proposed and designed explicitly for IoT scenarios. The proposed approach exclusively utilizes hash and exclusive-or operations to ensure suitability within the IoT context; thoroughly evaluated the recommended protocol against existing authentication protocols, employing both informal and formal analytical routines like BAN logic, ROR model, and AVISPA simulation. Our findings suggest protocol not only enhances performance but also enhances security. The proposed approach is a tried-and-true strategy for improving security rules in practical Internet of Things (IoT) settings addressing the inherent challenges posed by authentication requirements in IoT environments. The accuracy 98.93%, and Node detection rate 46.57% were improved which is a better outcome.