review-article

A comprehensive survey of authentication methods in Internet-of-Things and its conjunctions

Authors:

William J. Buchanan,

Tai Hoon KimAuthors Info & Claims

Volume 204, Issue C

https://doi.org/10.1016/j.jnca.2022.103414

Published: 01 August 2022 Publication History

Abstract

Internet of Thing (IoT) is one of the most influential technologies in the present time. People, processes, and things are connected with the Internet through IoT. With the increasing demands of user applications, the number of connections is also increasing exponentially. Therefore, security becomes a critical issue in IoTs. Confidentiality, Integrity, and Availability (CIA) services are important for IoT applications. IoTs must also ensure proper authentication mechanisms to ensure CIA in the second stage. Various researches in this direction address the authentication issues in IoTs.

In this paper, we survey the authentication aspects in IoTs and their allied domains. We analyze the potentialities of the existing state-of-the art-approaches and also identify their limitations. We discuss the basics of authentication and its related attacks for the ease of interpretability of the readers. We show a taxonomical understanding of the approaches and try to connect the evolution of the solution strategies. These connections, to the best of our knowledge, are novel as compared to the existing authentication surveys. Besides, the multidimensional vision of this survey for IoT extensions is an add-on to the benefits. We also provide a discussion on the future direction of research in this domain. In a nutshell, this survey is a one-stop solution for academia and industry to understand the status quo of IoT authentication schemes/protocols.

Graphical abstract

Display Omitted

Highlights

•

We show the evolution of the authentication solutions for IoTs.

•

We consider the various domains of IoTs and analyze their authentication methods.

•

We derive the open research problems for the future researchers.

References

[1]

Aakanksha Tewari B.B.G., Cryptanalysis of a novel ultra-lightweight mutual authentication protocol for IoT devices using RFID tags, J. Supercomput. 73 (2017) 1085–1102.

[2]

Abuhasel K.A., Khan M.A., A secure industrial Internet of Things (IIoT) framework for resource management in smart manufacturing, IEEE Access 8 (2020) 117354–117364,.

[3]

Adat V., Gupta B., Security in Internet of Things: issues, challenges, taxonomy, and architecture, Telecommun. Syst. 67 (2018) 423–441.

[4]

Aghili S.F., Mala H., Schindelhauer C., Shojafar M., Tafazolli R., Closed-loop and open-loop authentication protocols for blockchain-based IoT systems, Inf. Process. Manage. 58 (4) (2021).

[5]

Aghili S.F., Mala H., Shojafar M., Peris-Lopez P., LACO: Lightweight three-factor authentication, access control and ownership transfer scheme for e-health systems in IoT, Future Gener. Comput. Syst. 96 (2019) 410–424.

Digital Library

[6]

Al-Garadi M.A., Mohamed A., Al-Ali A.K., Du X., Ali I., Guizani M., A survey of machine and deep learning methods for Internet of Things (IoT) security, IEEE Commun. Surv. Tutor. 22 (3) (2020) 1646–1685,.

[7]

Albalawi A., Almrshed A., Badhib A., Alshehri S., A survey on authentication techniques for the Internet of Things, in: 2019 International Conference on Computer and Information Sciences. ICCIS, 2019, pp. 1–5,.

[8]

Alfadhli S.A., Lu S., Chen K., Sebai M., MFSPV: A multi-factor secured and lightweight privacy-preserving authentication scheme for VANETs, IEEE Access 8 (2020) 142858–142874,.

[9]

Almogren A., Mohiuddin I., Din I.U., Almajed H., Guizani N., FTM-IoMT: Fuzzy-based trust management for preventing sybil attacks in internet of medical things, IEEE Internet Things J. 8 (6) (2021) 4485–4497,.

[10]

Alshudukhi J.S., Mohammed B.A., Al-Mekhlafi Z.G., Conditional privacy-preserving authentication scheme without using point multiplication operations based on elliptic curve cryptography (ECC), IEEE Access 8 (2020) 222032–222040,.

[11]

Alsoufi D., Elleithy K.M., Abuzaghleh T., Nassar A., Security in wireless sensor networks-improving the leap protocol, Int. J. Comput. Sci. Eng. Surv. (2012).

[12]

Alzubi J.A., Blockchain-based Lamport Merkle digital signature: Authentication tool in IoT healthcare, Comput. Commun. 170 (2021) 200–208.

[13]

Amin R., Islam S.H., Biswas G., Khan M.K., Leng L., Kumar N., Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks, Comput. Netw. 101 (2016) 42–62.

Digital Library

[14]

Amin R., Kumar N., Biswas G., Iqbal R., Chang V., A light weight authentication protocol for IoT-enabled devices in distributed cloud computing environment, Future Gener. Comput. Syst. 78 (2018) 1005–1019.

[15]

Arasteh S., Aghili S.F., Mala H., A new lightweight authentication and key agreement protocol for Internet of Things, in: 2016 13th International Iranian Society of Cryptology Conference on Information Security and Cryptology. ISCISC, IEEE, 2016, pp. 52–59.

[16]

Arasteh H., Hosseinnezhad V., Loia V., Tommasetti A., Troisi O., Shafie-Khah M., Siano P., IoT-based smart cities: a survey, in: 2016 IEEE 16th International Conference on Environment and Electrical Engineering. EEEIC, IEEE, 2016, pp. 1–6.

[17]

Armando A., AVISPA: Automated Validation of Internet Security Protocols and Applications, 2018, https://www.ercim.eu/publication/Ercim_News/enw64/armando.html. [Online; accessed 01-Sept-2019].

[18]

Ashton K., et al., That ‘ Internet of Things’ thing, RFID J. 22 (7) (2009) 97–114.

[19]

Ayub M.F., Mahmood K., Kumari S., Sangaiah A.K., et al., Lightweight authentication protocol for e-health clouds in IoT based applications through 5G technology, Digit. Commun. Netw. (2020).

[20]

Babun L., Denney K., Celik Z.B., McDaniel P., Uluagac A.S., A survey on IoT platforms: Communication, security, and privacy perspectives, Comput. Netw. 192 (2021).

[21]

Bastos D., Cloud for IoT – A survey of technologies and security features of public cloud IoT solutions, in: Living in the Internet of Things (IoT 2019), 2019, pp. 1–6,.

[22]

Batina L., Guajardo J., Kerins T., Mentens N., Tuyls P., Verbauwhede I., Public-key cryptography for RFID-tags, in: Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops. PerComW’07, IEEE, 2007, pp. 217–222.

[23]

Batina L., Lee Y.K., Seys S., Singelée D., Verbauwhede I., Extending ECC-based RFID authentication protocols to privacy-preserving multi-party grouping proofs, Pers. Ubiquitous Comput. 16 (3) (2012) 323–335.

[24]

Bellare M., Rogaway P., Random oracles are practical: A paradigm for designing efficient protocols, in: Proceedings of the 1st ACM Conference on Computer and Communications Security, ACM, 1993, pp. 62–73.

[25]

Bridle J.S., Probabilistic interpretation of feedforward classification network outputs, with relationships to statistical pattern recognition, in: Neurocomputing, Springer, 1990, pp. 227–236.

[26]

Brij B. Gupta A.T., A Beginner’s Guide To Internet of Things Security Attacks, Applications, Authentication, and Fundamentals, CRC Press, 2020.

[27]

Butani B., Shukla P.K., Silakari S., An exhaustive survey on physical node capture attack in WSN, Int. J. Comput. Appl. 95 (3) (2014).

[28]

Castiglione A., Nappi M., Ricciardi S., Trustworthy method for person identification in IIoT environments by means of facial dynamics, IEEE Trans. Ind. Inf. 17 (2) (2021) 766–774,.

[29]

Challa S., Wazid M., Das A.K., Kumar N., Reddy A.G., Yoon E.-J., Yoo K.-Y., Secure signature-based authenticated key establishment scheme for future IoT applications, IEEE Access 5 (2017) 3028–3043.

[30]

Chang C.-C., Wu H.-L., Sun C.-Y., Notes on “secure authentication scheme for IoT and cloud servers”, Pervasive Mob. Comput. 38 (2017) 275–278.

[31]

Chen M., Chen S., An efficient anonymous authentication protocol for RFID systems using dynamic tokens, in: 2015 IEEE 35th International Conference on Distributed Computing Systems, IEEE, 2015, pp. 756–757.

[32]

Cheng G., Chen Y., Deng S., Gao H., Yin J., A blockchain-based mutual authentication scheme for collaborative edge computing, IEEE Trans. Comput. Soc. Syst. (2021) 1–13.

[33]

Choi S.-K., Ko J.-S., Kwak J., A study on IoT device authentication protocol for high speed and lightweight, in: 2019 International Conference on Platform Technology and Service. PlatCon, IEEE, 2019, pp. 1–5.

[34]

Cong G., Zhang Z.-j., Zhu L.-h., Tan Y.-a., Zhen Y., A novel secure group RFID authentication protocol, J. China Univ. Posts Telecommun. 21 (1) (2014) 94–103.

[35]

Cremers C.J.F., Scyther: Semantics and Verification of Security Protocols, Eindhoven University of Technology Eindhoven, Netherlands, 2006.

[36]

Cui J., Wu D., Zhang J., Xu Y., Zhong H., An efficient authentication scheme based on semi-trusted authority in VANETs, IEEE Trans. Veh. Technol. 68 (3) (2019) 2972–2986,.

[37]

Cui Z., XUE F., Zhang S., Cai X., Cao Y., Zhang W., Chen J., A hybrid BlockChain-based identity authentication scheme for multi-WSN, IEEE Trans. Serv. Comput. 13 (2) (2020) 241–251.

[38]

Daddala B., Wang H., Javaid A.Y., Design and implementation of a customized encryption algorithm for authentication and secure communication between devices, in: 2017 IEEE National Aerospace and Electronics Conference. NAECON, IEEE, 2017, pp. 258–262.

[39]

Dass P., Om H., A secure authentication scheme for RFID systems, Procedia Comput. Sci. 78 (2016) 100–106.

[40]

Deebak B., Al-Turjman F., Secure-user sign-in authentication for IoT-based eHealth systems, Complex Intell. Syst. (2021) 1–21.

[41]

Dhillon P.K., Kalra S., A lightweight biometrics based remote user authentication scheme for IoT services, J. Inf. Secur. Appl. 34 (2017) 255–270.

[42]

Dong S., Yang H., Yuan J., Jiao L., Yu A., Zhang J., Blockchain-based cross-domain authentication strategy for trusted access to mobile devices in the IoT, in: 2020 International Wireless Communications and Mobile Computing. IWCMC, 2020, pp. 1610–1612.

[43]

E27 S., The advantages and disadvantages of Internet of Things, 2018, https://e27.co/advantages-disadvantages-internet-things-20160615/. [Online; accessed 01-Sept-2019].

[44]

Eklund E., Controlling and securing personal privacy and anonymity in the information society, in: Seminar on Network Security, 2006.

[45]

Endignoux G., Design and Implementation of a Post-Quantum Hash-Based Cryptographic Signature Scheme, (Master’s thesis) École Polytechnique Fédérale de Lausane, 2017.

[46]

Esfahani A., Mantas G., Matischek R., Saghezchi F.B., Rodriguez J., Bicaku A., Maksuti S., Tauber M.G., Schmittner C., Bastos J., A lightweight authentication mechanism for M2M communications in industrial IoT environment, IEEE Internet Things J. 6 (1) (2019) 288–296,.

[47]

Fan Q., Chen J., Deborah L.J., Luo M., A secure and efficient authentication and data sharing scheme for Internet of Things based on blockchain, J. Syst. Archit. 117 (2021).

[48]

Fan K., Gong Y., Liang C., Li H., Yang Y., Lightweight and ultralightweight RFID mutual authentication protocol with cache in the reader for IoT in 5G, Secur. Commun. Netw. 9 (16) (2016) 3095–3104.

[49]

Fan X., Niu B., Security of a new lightweight authentication and key agreement protocol for Internet of Things, in: 2017 IEEE 9th International Conference on Communication Software and Networks. ICCSN, IEEE, 2017, pp. 107–111.

[50]

Farash M.S., Turkanović M., Kumari S., Hölbl M., An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment, Ad Hoc Netw. 36 (2016) 152–176.

Digital Library

[51]

Fayad, A., Hammi, B., Khatoun, R., Serhrouchni, A., 2019. A Blockchain-based Lightweight Authentication Solution for IoT. In: 2019 3rd Cyber Security in Networking Conference. CSNet. pp. 28–34.

[52]

Feng W., Qin Y., Zhao S., Feng D., AAoT: Lightweight attestation and authentication of low-resource things in IoT and CPS, Comput. Netw. 134 (2018) 167–182.

[53]

Feng Y., Wang W., Weng Y., Zhang H., A replay-attack resistant authentication scheme for the internet of things, in: 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC), vol. 1, IEEE, 2017, pp. 541–547.

[54]

Fotouhi M., Bayat M., Das A.K., Far H.A.N., Pournaghi S.M., Doostari M., A lightweight and secure two-factor authentication scheme for wireless body area networks in health-care IoT, Comput. Netw. 177 (2020).

[55]

Frustaci M., Pace P., Aloi G., Fortino G., Evaluating critical security issues of the IoT world: Present and future challenges, IEEE Internet Things J. 5 (4) (2017) 2483–2495.

[56]

Fu J., Wu C., Chen X., Fan R., Ping L., Scalable pseudo random RFID private mutual authentication, in: 2010 2nd International Conference on Computer Engineering and Technology, vol. 7, IEEE, 2010, pp. V7–497.

[57]

Garg N., Wazid M., Das A.K., Singh D.P., Rodrigues J.J.P.C., Park Y., BAKMP-IoMT: Design of blockchain enabled authenticated key management protocol for internet of medical things deployment, IEEE Access 8 (2020) 95956–95977,.

[58]

Glouche, Y., Genet, T., Heen, O., Courtay, O., 2006. A security protocol animator tool for AVISPA. In: ARTIST2 Workshop on Security Specification and Verification of Embedded Systems, Pisa.

[59]

Gope P., Hwang T., A realistic lightweight authentication protocol preserving strong anonymity for securing RFID system, Comput. Secur. 55 (2015) 271–280.

[60]

Gu Z., Chen H., Xu P., Li Y., Vucetic B., Physical layer authentication for non-coherent massive SIMO-enabled industrial IoT communications, IEEE Trans. Inf. Forensics Secur. 15 (2020) 3722–3733,.

Digital Library

[61]

Gui Y.-Q., Zhang J., A new authentication RFID protocol with ownership transfer, in: 2013 International Conference on ICT Convergence. ICTC, IEEE, 2013, pp. 359–364.

[62]

Guo S., Hu X., Guo S., Qiu X., Qi F., Blockchain meets edge computing: A distributed and trusted authentication system, IEEE Trans. Ind. Inf. 16 (3) (2020) 1972–1983.

[63]

Guo S., Wang F., Zhang N., Qi F., Qiu X., Masterslave chain based trusted cross-domain authentication mechanism in IoT, J. Netw. Comput. Appl. 172 (2020).

[64]

Hamadaqa E., Adi W., Clone-resistant authentication for medical operating environment, in: 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability. WorldS4, 2020, pp. 757–762,.

[65]

Hameed A., Alomary A., Security issues in IoT: A survey, in: 2019 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies. 3ICT, 2019, pp. 1–5,.

[66]

Hammi M.T., Hammi B., Bellot P., Serhrouchni A., Bubbles of Trust: A decentralized blockchain-based authentication system for IoT, Comput. Secur. 78 (2018) 126–142.

[67]

Hammi M.T., Livolant E., Bellot P., Serhrouchni A., Minet P., A lightweight mutual authentication protocol for the IoT, in: International Conference on Mobile and Wireless Technology, Springer, 2017, pp. 3–12.

[68]

Hao P., Wang X., Shen W., A collaborative PHY-aided technique for end-to-end IoT device authentication, IEEE Access 6 (2018) 42279–42293.

[69]

Hu Y.-C., Perrig A., Johnson D., Wormhole attacks in wireless networks, IEEE J. Sel. Areas Commun. 24 (2) (2006) 370–380.

Digital Library

[70]

Huang P., Guo L., Li M., Fang Y., Practical privacy-preserving ECG-based authentication for IoT-based healthcare, IEEE Internet Things J. 6 (5) (2019) 9200–9210,.

[71]

Huang J.-C., Shu M.-H., Hsu B.-M., Hu C.-M., Service architecture of IoT terminal connection based on blockchain identity authentication system, Comput. Commun. 160 (2020) 411–422.

[72]

Hussain Al-Naji F., Zagrouba R., CAB-IoT: COntinuous authentication architecture based on blockchain for Internet of Things, J. King Saud Univ. Comput. Inf. Sci. (2020).

[73]

Jablon D.P., Strong password-only authenticated key exchange, ACM SIGCOMM Comput. Commun. Rev. 26 (5) (1996) 5–26.

[74]

Jahankhani H., Hosseinian-far A., Digital forensics education, training and awareness, in: Cyber Crime and Cyber Terrorism Investigator’s Handbook, Elsevier, 2014, pp. 91–100.

[75]

Jan M.A., Usman M., He X., Ur Rehman A., SAMS: A seamless and authorized multimedia streaming framework for WMSN-based IoMT, IEEE Internet Things J. 6 (2) (2019) 1576–1583,.

[76]

Jang J., Kwon T., Song J., A time-based key management protocol for wireless sensor networks, in: International Conference on Information Security Practice and Experience, Springer, 2007, pp. 314–328.

[77]

Jiang Q., Zeadally S., Ma J., He D., Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks, IEEE Access 5 (2017) 3376–3392.

[78]

Jiao S., Liu R.P., A survey on physical authentication methods for smart objects in IoT ecosystem, Internet of Things 6 (2019).

[79]

Jing Q., Vasilakos A.V., Wan J., Lu J., Qiu D., Security of the Internet of Things: perspectives and challenges, Wirel. Netw. 20 (8) (2014) 2481–2501.

Digital Library

[80]

Kalra S., Sood S.K., Advanced password based authentication scheme for wireless sensor networks, J. Inf. Secur. Appl. 20 (2015) 37–46.

[81]

Kalra S., Sood S.K., Secure authentication scheme for IoT and cloud servers, Pervasive Mob. Comput. 24 (2015) 210–223.

Digital Library

[82]

Katz J., Menezes A.J., Van Oorschot P.C., Vanstone S.A., Handbook of Applied Cryptography, CRC Press, 1996.

[83]

Khalid U., Asim M., Baker T., Hung P.C., Tariq M.A., Rafferty L., A decentralized lightweight blockchain-based authentication mechanism for IoT systems, Cluster Comput. (2020) 1–21.

[84]

Khan M.K., Alghathbar K., Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’, Sensors 10 (3) (2010) 2450–2459.

[85]

Khor J.H., Sidorov M., Weakness of ultra-lightweight mutual authentication protocol for IoT devices using RFID tags, in: 2018 Eighth International Conference on Information Science and Technology. ICIST, IEEE, 2018, pp. 91–97.

[86]

Lavanya M., Natarajan V., Lightweight key agreement protocol for IoT based on IKEv2, Comput. Electr. Eng. 64 (2017) 580–594.

Digital Library

[87]

Lee Y., Smart-card-loss-attack and improvement of Hsiang et al.’s authentication scheme, J. Appl. Res. Technol. 11 (4) (2013) 597–603.

[88]

Lee Y.K., Batina L., Singelee D., Preneel B., Verbauwhede I., Anti-counterfeiting, untraceability and other security challenges for RFID systems: Public-key-based protocols and hardware, in: Towards Hardware-Intrinsic Security, Springer, 2010, pp. 237–257.

[89]

Lee Y.K., Batina L., Verbauwhede I., EC-RAC (ECDLP based randomized access control): Provably secure RFID authentication protocol, in: 2008 IEEE International Conference on RFID, IEEE, 2008, pp. 97–104.

[90]

Lee Y.K., Batina L., Verbauwhede I., Untraceable RFID authentication protocols: Revision of EC-RAC, in: 2009 IEEE International Conference on RFID, IEEE, 2009, pp. 178–185.

[91]

Lee J., Kim S., Cho Y., Chung Y., Park Y., HORSIC: An efficient one-time signature scheme for wireless sensor networks, Inform. Process. Lett. 112 (20) (2012) 783–787.

[92]

Li C.-T., Lee C.-C., Weng C.-Y., Chen C.-M., Towards secure authenticating of cache in the reader for RFID-based IoT systems, Peer-To-Peer Netw. Appl. 11 (1) (2018) 198–208.

[93]

Li X., Liu T., Obaidat M.S., Wu F., Vijayakumar P., Kumar N., A lightweight privacy-preserving authentication protocol for VANETs, IEEE Syst. J. 14 (3) (2020) 3547–3557,.

[94]

Li X., Liu Y., Yin X., An anonymous conditional privacy-preserving authentication scheme for VANETs, in: 2019 IEEE 21st International Conference on High Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems. HPCC/SmartCity/DSS, 2019, pp. 1763–1770,.

[95]

Li X., Niu J., Bhuiyan M.Z.A., Wu F., Karuppiah M., Kumari S., A robust ECC-based provable secure authentication protocol with privacy preserving for industrial Internet of Things, IEEE Trans. Ind. Inf. 14 (8) (2017) 3599–3609.

[96]

Li W., Wang P., Two-factor authentication in industrial Internet-of-Things: Attacks, evaluation and new construction, Future Gener. Comput. Syst. 101 (2019) 694–708.

[97]

Liang L., Zheng K., Sheng Q., Huang X., A denial of service attack method for an IoT system, in: 2016 8th International Conference on Information Technology in Medicine and Education. ITME, IEEE, 2016, pp. 360–364.

[98]

Liao Y.-P., Hsiao C.-M., A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol, Ad Hoc Netw. 18 (2014) 133–146.

[99]

Lin C., He D., Kumar N., Huang X., Vijayakumar P., Choo K.-K.R., HomeChain: A blockchain-based secure mutual authentication system for smart homes, IEEE Internet Things J. 7 (2) (2020) 818–829.

[100]

Lin J., Yu W., Zhang N., Yang X., Zhang H., Zhao W., A survey on Internet of Things: Architecture, enabling technologies, security and privacy, and applications, IEEE Internet Things J. 4 (5) (2017) 1125–1142.

[101]

Liu Y., Li J., Guo M., Long duration broadcast authentication for wireless sensor networks, in: 2012 IEEE 75th Vehicular Technology Conference. VTC Spring, IEEE, 2012, pp. 1–5.

[102]

Liu D., Ning P., Multilevel μTESLA: Broadcast authentication for distributed sensor networks, ACM Trans. Embedded Comput. Syst. (TECS) 3 (4) (2004) 800–836.

[103]

Liu H., Wang H., Gu H., HPBS: A hybrid proxy based authentication scheme in VANETs, IEEE Access 8 (2020) 161655–161667,.

[104]

Lu D., Han R., Shen Y., Dong X., Ma J., Du X., Guizani M., xTSeH: A trusted platform module sharing scheme towards smart IoT-ehealth devices, IEEE J. Sel. Areas Commun. 39 (2) (2021) 370–383,.

[105]

Lu Z., Wang Q., Qu G., Zhang H., Liu Z., A blockchain-based privacy-preserving authentication scheme for VANETs, IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 27 (12) (2019) 2792–2801,.

[106]

Luk M., Perrig A., Whillock B., Seven cardinal properties of sensor network broadcast authentication, in: Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks, ACM, 2006, pp. 147–156.

[107]

Mawgoud A.A., Karadawy A.I., Tawfik B.S., A secure authentication technique in internet of medical things through machine learning, 2019, ArXiv preprint arXiv:1912.12143.

[108]

Meneghello F., Calore M., Zucchetto D., Polese M., Zanella A., IoT: Internet of threats? A survey of practical security vulnerabilities in real IoT devices, IEEE Internet Things J. 6 (5) (2019) 8182–8201,.

[109]

Mohammad Z., Abusukhon A., Qattam T.A., A survey of authenticated key agreement protocols for securing IoT, in: 2019 IEEE Jordan International Joint Conference on Electrical Engineering and Information Technology. JEEIT, 2019, pp. 425–430,.

[110]

Mohammed R.S., Mohammed A.H., Abbas F.N., Security and privacy in the Internet of Things (IoT): Survey, in: 2019 2nd International Conference on Electrical, Communication, Computer, Power and Control Engineering. ICECCPCE, 2019, pp. 204–208,.

[111]

Moosavi S.R., Nigussie E., Virtanen S., Isoaho J., An elliptic curve-based mutual authentication scheme for RFID implant systems, Procedia Comput. Sci. 32 (2014) 198–206.

[112]

Mundhe P., Yadav V.K., Verma S., Venkatesan S., Efficient lattice-based ring signature for message authentication in VANETs, IEEE Syst. J. 14 (4) (2020) 5463–5474,.

[113]

Nesteruk S., Bezzateev S., Location-based protocol for the pairwise authentication in the networks without infrastructure, in: 2018 22nd Conference of Open Innovations Association. FRUCT, IEEE, 2018, pp. 190–197.

[114]

Newgenapps S., 13 IoT statistics defining the future of Internet of Things, 2018, https://www.newgenapps.com/blog/iot-statistics-internet-of-things-future-research-data. [Online; accessed 01-Sept-2019].

[115]

Odelu V., Saha S., Prasath R., Sadineni L., Conti M., Jo M., Efficient privacy preserving device authentication in WBANs for industrial e-health applications, Comput. Secur. 83 (2019) 300–312.

[116]

Paliwal S., Hash-based conditional privacy preserving authentication and key exchange protocol suitable for industrial Internet of Things, IEEE Access 7 (2019) 136073–136093,.

[117]

Patil A.S., Hamza R., Hassan A., Jiang N., Yan H., Li J., Efficient privacy-preserving authentication protocol using PUFs with blockchain smart contracts, Comput. Secur. 97 (2020).

Digital Library

[118]

Perrig A., The BiBa one-time signature and broadcast authentication protocol, in: Proceedings of the 8th ACM Conference on Computer and Communications Security, ACM, 2001, pp. 28–37.

[119]

Perrig A., Canetti R., Tygar J.D., Song D., Efficient authentication and signing of multicast streams over lossy channels, in: Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000, IEEE, 2000, pp. 56–73.

[120]

Perrig A., Szewczyk R., Tygar J.D., Wen V., Culler D.E., SPINS: Security protocols for sensor networks, Wirel. Netw. 8 (5) (2002) 521–534.

Digital Library

[121]

Pieprzyk J., Wang H., Xing C., Multiple-time signature schemes against adaptive chosen message attacks, in: International Workshop on Selected Areas in Cryptography, Springer, 2003, pp. 88–100.

[122]

Porambage P., Schmitt C., Kumar P., Gurtov A., Ylianttila M., Two-phase authentication protocol for wireless sensor networks in distributed IoT applications, in: 2014 IEEE Wireless Communications and Networking Conference. WCNC, IEEE, 2014, pp. 2728–2733.

[123]

Quora P., What is exactly backward secrecy property in cryptography, attribute-based encryption?, 2015, https://www.quora.com/What-is-exactly-backward-secrecy-property-in-cryptography-attribute-based-encryption. [Online; accessed 01-Sept-2019].

[124]

Reyzin L., Reyzin N., Better than BiBa: Short one-time signatures with fast signing and verifying, in: Australasian Conference on Information Security and Privacy, Springer, 2002, pp. 144–153.

[125]

Rezaeibagha F., Mu Y., Huang X., Yang W., Huang K., Fully secure lightweight certificateless signature scheme for IIoT, IEEE Access 7 (2019) 144433–144443,.

[126]

Roy K.S., Kalita H.K., A survey on authentication schemes in IoT, in: 2017 International Conference on Information Technology. ICIT, 2017, pp. 202–207,.

[127]

Shah T., Venkatesan S., Authentication of IoT device and IoT server using secure vaults, in: 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering. TrustCom/BigDataSE, IEEE, 2018, pp. 819–824.

[128]

Sharma V., You I., Andersson K., Palmieri F., Rehmani M.H., Lim J., Security, privacy and trust for smart mobile- Internet of Things (M-IoT): A survey, IEEE Access 8 (2020) 167123–167163,.

[129]

Shen M., Liu H., Zhu L., Xu K., Yu H., Du X., Guizani M., Blockchain-assisted secure device authentication for cross-domain industrial IoT, IEEE J. Sel. Areas Commun. 38 (5) (2020) 942–954,.

[130]

Shuai M., Xiong L., Wang C., Yu N., A secure authentication scheme with forward secrecy for industrial Internet of Things using Rabin cryptosystem, Comput. Commun. 160 (2020) 215–227.

[131]

Singh K.P., Rishiwal V., Kumar P., Classification of data to enhance data security in cloud computing, in: 2018 3rd International Conference on Internet of Things: Smart Innovation and Usages. IoT-SIU, IEEE, 2018, pp. 1–5.

[132]

Song R., Advanced smart card based password authentication protocol, Comput. Stand. Interfaces 32 (5–6) (2010) 321–325.

[133]

Soni P., Pal A.K., Islam S.H., An improved three-factor authentication scheme for patient monitoring using WSN in remote health-care system, Comput. Methods Programs Biomed. 182 (2019).

[134]

Stergiou C., Psannis K.E., Gupta B.B., Ishibashi Y., Security, privacy & efficiency of sustainable cloud computing for big data & IoT, Sustain. Comput.: Inform. Syst. 19 (2018) 174–184.

[135]

Tan H., Chung I., Secure authentication and key management with blockchain in VANETs, IEEE Access 8 (2020) 2482–2498,.

[136]

Tewari A., Gupta B., Cryptanalysis of a novel ultra-lightweight mutual authentication protocol for IoT devices using RFID tags, J. Supercomput. 73 (3) (2017) 1085–1102.

[137]

Tewari A., Gupta B., A robust anonymity preserving authentication protocol for IoT devices, in: 2018 IEEE International Conference on Consumer Electronics. ICCE, IEEE, 2018, pp. 1–5.

[138]

Tewari A., Gupta B., Security, privacy and trust of different layers in Internet-of-Things (IoTs) framework, Future Gener. Comput. Syst. 108 (2020) 909–920.

[139]

Tian Z., Yan B., Guo Q., Huang J., Du Q., Feasibility of identity authentication for IoT based on blockchain, Procedia Comput. Sci. 174 (2020) 328–332.

[140]

Turkanović M., Brumen B., Hölbl M., A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion, Ad Hoc Netw. 20 (2014) 96–112.

[141]

Tuyls P., Batina L., RFID-tags for anti-counterfeiting, in: Cryptographers’ Track at the RSA Conference, Springer, 2006, pp. 115–131.

[142]

Uddin M.A., Stranieri A., Gondal I., Balasubramanian V., A survey on the adoption of blockchain in IoT: Challenges and solutions, Blockchain: Res. Appl. (2021).

[143]

Vaidya B., Makrakis D., Mouftah H.T., Improved two-factor user authentication in wireless sensor networks, in: 2010 IEEE 6th International Conference on Wireless and Mobile Computing, Networking and Communications, IEEE, 2010, pp. 600–606.

[144]

Vangala A., Sutrala A.K., Das A.K., Jo M., Smart contract-based blockchain-envisioned authentication scheme for smart farming, IEEE Internet Things J. (2021) 1.

[145]

Vaudenay S., On privacy models for RFID, in: International Conference on the Theory and Application of Cryptology and Information Security, Springer, 2007, pp. 68–87.

[146]

Verma G.K., Singh B., Kumar N., Obaidat M.S., He D., Singh H., An efficient and provable certificate-based proxy signature scheme for IIoT environment, Inform. Sci. 518 (2020) 142–156.

[147]

Virat M.S., Bindu S., Aishwarya B., Dhanush B., Kounte M.R., Security and privacy challenges in Internet of Things, in: 2018 2nd International Conference on Trends in Electronics and Informatics. ICOEI, IEEE, 2018, pp. 454–460.

[148]

Vishwakarma L., Das D., SCAB - IoTA: Secure communication and authentication for IoT applications using blockchain, J. Parallel Distrib. Comput. 154 (2021) 94–105.

[149]

Wang K.-H., Chen C.-M., Fang W., Wu T.-Y., A secure authentication scheme for Internet of Things, Pervasive Mob. Comput. 42 (2017) 15–26.

[150]

Wang X., Gao F., Zhang J., Feng X., Hu X., Cross-domain authentication mechanism for power terminals based on blockchain and credibility evaluation, in: 2020 5th International Conference on Computer and Communication Systems. ICCCS, 2020, pp. 936–940.

[151]

Wang X., Hao P., Hanzo L., Physical-layer authentication for wireless security enhancement: current challenges and future developments, IEEE Commun. Mag. 54 (6) (2016) 152–158.

[152]

Wang P., Liu Y., SEMA: Secure and efficient message authentication protocol for VANETs, IEEE Syst. J. 15 (1) (2021) 846–855,.

[153]

Wang M., Zhang G., Zhang C., Zhang J., Li C., An IoT-based appliance control system for smart homes, in: 2013 Fourth International Conference on Intelligent Control and Information Processing. ICICIP, IEEE, 2013, pp. 744–747.

[154]

Wu Q., Mu Y., Susilo W., Qin B., Domingo-Ferrer J., Asymmetric group key agreement, in: Annual International Conference on the Theory and Applications of Cryptographic Techniques, Springer, 2009, pp. 153–170.

[155]

Xiong H., Wu Y., Jin C., Kumari S., Efficient and privacy-preserving authentication protocol for heterogeneous systems in IIoT, IEEE Internet Things J. 7 (12) (2020) 11713–11724,.

[156]

Xue K., Ma C., Hong P., Ding R., A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks, J. Netw. Comput. Appl. 36 (1) (2013) 316–323.

[157]

Yang M.H., Secure multiple group ownership transfer protocol for mobile RFID, Electron. Commer. Res. Appl. 11 (4) (2012) 361–373. https://doi.org/10.1016/j.elerap.2012.01.004. URL: https://www.sciencedirect.com/science/article/pii/S1567422312000142.

[158]

Yang M.H., Hu H.Y., Protocol for ownership transfer across authorities: with the ability to assign transfer target, Secur. Commun. Netw. 5 (2) (2012) 164–177.

[159]

Yang X., Shi P., Tian B., Zeng B., Xiao W., Trust-e: a trusted embedded operating system based on the arm trustzone, in: 2014 IEEE 11th Intl Conf on Ubiquitous Intelligence and Computing and 2014 IEEE 11th Intl Conf on Autonomic and Trusted Computing and 2014 IEEE 14th Intl Conf on Scalable Computing and Communications and Its Associated Workshops, IEEE, 2014, pp. 495–501.

[160]

Yavari M., Safkhani M., Kumari S., Kumar S., Chen C.-M., An improved blockchain-based authentication protocol for IoT network management, Secur. Commun. Netw. 2020 (2020).

[161]

Yeh H.-L., Chen T.-H., Liu P.-C., Kim T.-H., Wei H.-W., A secured authentication protocol for wireless sensor networks using elliptic curves cryptography, Sensors 11 (5) (2011) 4767–4779.

[162]

Yin Y., Xu M., Zhang Q., Chen J., Cryptanalysis of a new lightweight RFID mutual authentication protocol with cache in reader for IoT, in: 2017 IEEE 2nd Information Technology, Networking, Electronic and Automation Control Conference. ITNEC, IEEE, 2017, pp. 909–913.

[163]

Zhang Y., Li B., Liu B., Hu Y., Zheng H., A privacy-aware PUFs-based multi-server authentication protocol in cloud-edge IoT systems using blockchain, IEEE Internet Things J. (2021) 1.

[164]

Zhang C., Xue X., Feng L., Zeng X., Ma J., Group-signature and group session key combined safety message authentication protocol for VANETs, IEEE Access 7 (2019) 178310–178320,.

[165]

Zhaofeng M., Jialin M., Jihui W., Zhiguang S., Blockchain-based decentralized authentication modeling scheme in edge and IoT environment, IEEE Internet Things J. 8 (4) (2021) 2116–2123,.

[166]

Zhou J., Cao Z., Qin Z., Dong X., Ren K., LPPA: Lightweight privacy-preserving authentication from efficient multi-key secure outsourced computation for location-based services in VANETs, IEEE Trans. Inf. Forensics Secur. 15 (2020) 420–434,.

Digital Library

[167]

Zhou L., Li X., Yeh K.-H., Su C., Chiu W., Lightweight IoT-based authentication scheme in cloud computing circumstance, Future Gener. Comput. Syst. 91 (2019) 244–251.

Digital Library

[168]

Zhu S., Setia S., Jajodia S., LEAP+: Efficient security mechanisms for large-scale distributed sensor networks, ACM Trans. Sensor Netw. 2 (4) (2006) 500–528.

[169]

Zhu F., Wu W., Zhang Y., Chen X., Privacy-preserving authentication for general directed graphs in industrial IoT, Inform. Sci. 502 (2019) 218–228.

Cited By

dos Reis Bezerra WKoch FBecker Westphall C(2024)Performance of security options for message protocolsInternational Journal of Network Management10.1002/nem.227434:5Online publication date: 15-Sep-2024
https://dl.acm.org/doi/10.1002/nem.2274
Chawla DMehra P(2024)QAKATransactions on Emerging Telecommunications Technologies10.1002/ett.495735:3Online publication date: 11-Mar-2024
https://dl.acm.org/doi/10.1002/ett.4957
Zhang TZhang ZZhao KGupta BArya V(2023)A Lightweight Cross-Domain Authentication Protocol for Trusted Access to Industrial InternetInternational Journal on Semantic Web & Information Systems10.4018/IJSWIS.33348119:1(1-25)Online publication date: 8-Nov-2023
https://dl.acm.org/doi/10.4018/IJSWIS.333481
Show More Cited By

Index terms have been assigned to the content through auto-classification.

Recommendations

A Survey on Authentication Techniques for the Internet of Things
ICFNDS '17: Proceedings of the International Conference on Future Networks and Distributed Systems

The Internet of Things (IoT) is the technology, which forms the foundation of today's smart and connected world. The IoT is a network used to interconnect embedded devices, such as sensors, which are able to generate, communicate and share data with one ...
Cyberentity Security in the Internet of Things

A proposed Internet of Things system architecture offers a solution to the broad array of challenges researchers face in terms of general system security, network security, and application security.
Taxonomy and analysis of security protocols for Internet of Things
Abstract
The Internet of Things (IoT) is a system of physical as well as virtual objects (each with networking capabilities incorporated) that are interconnected to exchange and collect information locally or remotely over the Internet. Since ...
Highlights
- We first discuss essential security requirements that are needed to secure IoT environment. We also discuss the threat model and various attacks related to ...

Comments

Information & Contributors

Information

Published In

cover image Journal of Network and Computer Applications

Journal of Network and Computer Applications Volume 204, Issue C

Aug 2022

215 pages

ISSN:1084-8045

Issue’s Table of Contents

Elsevier Ltd.

Publisher

Academic Press Ltd.

United Kingdom

Publication History

Published: 01 August 2022

Author Tags

Qualifiers

Review-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

dos Reis Bezerra WKoch FBecker Westphall C(2024)Performance of security options for message protocolsInternational Journal of Network Management10.1002/nem.227434:5Online publication date: 15-Sep-2024
https://dl.acm.org/doi/10.1002/nem.2274
Chawla DMehra P(2024)QAKATransactions on Emerging Telecommunications Technologies10.1002/ett.495735:3Online publication date: 11-Mar-2024
https://dl.acm.org/doi/10.1002/ett.4957
Zhang TZhang ZZhao KGupta BArya V(2023)A Lightweight Cross-Domain Authentication Protocol for Trusted Access to Industrial InternetInternational Journal on Semantic Web & Information Systems10.4018/IJSWIS.33348119:1(1-25)Online publication date: 8-Nov-2023
https://dl.acm.org/doi/10.4018/IJSWIS.333481
Praveen RPabitha P(2023)A secure lightweight fuzzy embedder based user authentication scheme for internet of medical things applicationsJournal of Intelligent & Fuzzy Systems: Applications in Engineering and Technology10.3233/JIFS-22361744:5(7523-7542)Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.3233/JIFS-223617

View Options

View options

Figures

Tables

Media

View Issue’s Table of Contents