With the development trend of the Internet of Things (IoT), a huge number of IoT devices are applied in various fields, and the security of device access is facing great challenges. Achieving secure authenticated communication between devices and control center (CC) is an important prerequisite for ensuring data security. Due to the narrow communication bandwidth of most IoT devices and the need to transmit a large amount of data in real time, lightweight authentication becomes more and more important in the communication process. In this paper we propose a lightweight certificate-less authentication and key negotiation protocol, which is based on the principle of ECC encryption, realises the embedding of authentication messages in ciphertexts, effectively reduces the communication overhead while ensuring security, and realises mutual authentication between devices and CC. We evaluated the security of our protocol through non-formal analysis and combined it with formal analysis by AVISPA tool. Finally we compare the performance of this protocol with other protocols and demonstrate that our protocol has low communication and computation overhead.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Lightweight Mutual Authentication Protocol for IoT Based on ECC

  • Chenglong Xu,
  • Bowei Chen,
  • Wei Zhang,
  • Yan Ke

摘要

With the development trend of the Internet of Things (IoT), a huge number of IoT devices are applied in various fields, and the security of device access is facing great challenges. Achieving secure authenticated communication between devices and control center (CC) is an important prerequisite for ensuring data security. Due to the narrow communication bandwidth of most IoT devices and the need to transmit a large amount of data in real time, lightweight authentication becomes more and more important in the communication process. In this paper we propose a lightweight certificate-less authentication and key negotiation protocol, which is based on the principle of ECC encryption, realises the embedding of authentication messages in ciphertexts, effectively reduces the communication overhead while ensuring security, and realises mutual authentication between devices and CC. We evaluated the security of our protocol through non-formal analysis and combined it with formal analysis by AVISPA tool. Finally we compare the performance of this protocol with other protocols and demonstrate that our protocol has low communication and computation overhead.