With the increasing adoption of Internet of Things (IoT) devices within smart homes, there is the need for secure fast and scalable authentication because many IoT devices have very limited power and processing resources to allow standard public digital signature schemes. In this paper, the authors investigate the development of a remote authentication framework that is lightweight and scalable and also resistant towards quantum-based attacks in long term. To mitigate latency and prevent gateway overloading, the approach proposes a cluster-based authentication mechanism; to preserve energy-life, is an energy-aware adaptive authentication algorithm, and hybrid key exchange that integrates Elliptic Curve Cryptography (ECC) with Post-Quantum Cryptography (PQC), enhancing the security level. Authentication logs are stored securely within a lightweight blockchain/DAG ledger preventing impersonation with context-aware MFA. Experimental results indicated our method could achieve up to 48.6% in computation reduction, 27.5% in communication cost reduction and up to 22% prolong device life over the state-of-the-art approaches. Compatibility with AVISPA, ProVerif, and Tamarin security testing yields no replay attack, no man-in-the-middle or impersonation issue and of course forward privacy. This makes the suggested system ideal for secured and efficient smart home IoT implementations.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Scalable and Secure Remote Authentication for Resource-Constrained IoT-Based Smart Homes

  • P. Padmaja,
  • Phani Krishna Hari,
  • A. Praneetha,
  • Sivakumar Ponnusamy,
  • Dhiraj Kapila

摘要

With the increasing adoption of Internet of Things (IoT) devices within smart homes, there is the need for secure fast and scalable authentication because many IoT devices have very limited power and processing resources to allow standard public digital signature schemes. In this paper, the authors investigate the development of a remote authentication framework that is lightweight and scalable and also resistant towards quantum-based attacks in long term. To mitigate latency and prevent gateway overloading, the approach proposes a cluster-based authentication mechanism; to preserve energy-life, is an energy-aware adaptive authentication algorithm, and hybrid key exchange that integrates Elliptic Curve Cryptography (ECC) with Post-Quantum Cryptography (PQC), enhancing the security level. Authentication logs are stored securely within a lightweight blockchain/DAG ledger preventing impersonation with context-aware MFA. Experimental results indicated our method could achieve up to 48.6% in computation reduction, 27.5% in communication cost reduction and up to 22% prolong device life over the state-of-the-art approaches. Compatibility with AVISPA, ProVerif, and Tamarin security testing yields no replay attack, no man-in-the-middle or impersonation issue and of course forward privacy. This makes the suggested system ideal for secured and efficient smart home IoT implementations.