<p>Secure and scalable authentication remains a fundamental challenge in Internet of Things (IoT) networks due to constrained device resources, dynamic topology, and the absence of centralized trust infrastructures. Conventional password-based and certificate-driven authentication schemes incur high computation, storage, and communication overhead, limiting their suitability for large-scale deployments. To address these limitations, this paper proposes ScLBS, a federated learning (FL)–based self-certified authentication scheme for distributed and sustainable IoT environments. ScLBS integrates self-certified public key cryptography with FL-driven trust adaptation, enabling decentralized public key derivation without reliance on third-party certificate authorities or exposure of private credentials. A zero-knowledge mechanism combined with location-aware authentication strengthens resistance to impersonation, Sybil, and replay attacks. Hierarchical key management supported by a <InlineEquation ID="IEq1"> <EquationSource Format="TEX">\(\hbox {B}^{+}\)</EquationSource> </InlineEquation>-tree enables efficient group rekeying and preserves forward and backward secrecy under dynamic membership. Formal security verification is conducted under the Dolev–Yao adversary model using ProVerif, confirming secrecy of private and session keys (SKs) and correctness of authentication. Extensive NS-3 simulations and ablation analysis demonstrate that ScLBS achieves lower authentication delay, reduced message overhead, improved network utilization, and decreased energy consumption compared to representative IoT authentication schemes, while maintaining bounded FL overhead. These results indicate that ScLBS provides a balanced trade-off between security strength, scalability, and resource efficiency for constrained IoT networks.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A scalable and secure federated learning authentication scheme for IoT

  • Premkumar Chithaluru,
  • B. Veera Jyothi,
  • Fahd S. Alharithi,
  • Wojciech Ksiazek,
  • M. Ramchander,
  • Aman Singh,
  • Ravi Kumar Rachavaram

摘要

Secure and scalable authentication remains a fundamental challenge in Internet of Things (IoT) networks due to constrained device resources, dynamic topology, and the absence of centralized trust infrastructures. Conventional password-based and certificate-driven authentication schemes incur high computation, storage, and communication overhead, limiting their suitability for large-scale deployments. To address these limitations, this paper proposes ScLBS, a federated learning (FL)–based self-certified authentication scheme for distributed and sustainable IoT environments. ScLBS integrates self-certified public key cryptography with FL-driven trust adaptation, enabling decentralized public key derivation without reliance on third-party certificate authorities or exposure of private credentials. A zero-knowledge mechanism combined with location-aware authentication strengthens resistance to impersonation, Sybil, and replay attacks. Hierarchical key management supported by a \(\hbox {B}^{+}\) -tree enables efficient group rekeying and preserves forward and backward secrecy under dynamic membership. Formal security verification is conducted under the Dolev–Yao adversary model using ProVerif, confirming secrecy of private and session keys (SKs) and correctness of authentication. Extensive NS-3 simulations and ablation analysis demonstrate that ScLBS achieves lower authentication delay, reduced message overhead, improved network utilization, and decreased energy consumption compared to representative IoT authentication schemes, while maintaining bounded FL overhead. These results indicate that ScLBS provides a balanced trade-off between security strength, scalability, and resource efficiency for constrained IoT networks.