See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/340332274

A Survey of Internet of Things (IoT) -Authentication Schemes

Article · July 2019

CITATIONS READS
0 44

2 authors, including:

Murugesan Bobby
Sri Adi Chunchangiri Women's College
6 PUBLICATIONS   4 CITATIONS   

SEE PROFILE

All content following this page was uploaded by Murugesan Bobby on 01 April 2020.

The user has requested enhancement of the downloaded file.

International Journal of Management, Technology And Engineering ISSN NO : 2249-7455

A Survey of Internet of Things (IoT) – Authentication Schemes

M.Bobby1, D.Usha2
1
Research Scholar, Department of CS, Mother Teresa Women’s University, Kodaikanal
2
Assistant Professor, Department of CS, Mother Teresa Women’s University, Kodaikanal
1
upmbobby@gmail.com, 2 ushadanabal@gmail.com

Abstract:
Internet of Things (IoT) denote to the network of physical objects—“things”—that are
embedded with sensors, software, and other technologies for the purpose of connecting
and swapping data with other devices and systems over the internet. The best security
practices require strong security credentials in order to trust devices on networks and in
online applications. Security is a supreme requirement and in particular authentication is
of high interest given the damage that could happen from a malicious unauthenticated
device in an IoT system. An overview of IoT authentication techniques, which are
proposed in the literature, is presented in this paper. The survey aims to help in exploring
into the details of such techniques by going through their classification and comparison.

Keywords: Internet of Things; security; authentication

1. Introduction
The IoT can be described as an extension of the internet and other network connections to
different sensors and devices — or “things” — giving even simple objects, such as light
bulbs, locks, and vents, a higher degree of computing and analytical capabilities.
Interoperability is one of the key aspects of the IoT that contribute to its growing
popularity. Connected or “smart” devices — as “things” in the IoT are often called —
have the capability to collect and share data from their surroundings with added devices
and networks. Through the analysis and handling of the data, devices can perform their
functions with little or no need for human interaction. In simple, the term IoT is mostly
used for devices that wouldn't typically be commonly expected to have an internet
connection, and that can communicate with the network independently of human action.
According to forecasts from Cisco Systems [1], by 2020, the Internet will consist of over
50 billion connected things, including sensors, actuators, GPS devices, mobile devices,
and all smart things that can be envisioned in the future. The development of IoT has
many influences of human life. Human life style is gradually changing toward smartness
and intelligence which can be facilitated by the development of smart homes and smart
communities as a part of the IoT [2]

Volume IX, Issue VII, JULY/2019 Page No: 535

International Journal of Management, Technology And Engineering ISSN NO : 2249-7455

2.Security Problems in IOT

The key requirements for any IoT security solution are device and data security, including
authentication of devices and confidentiality and integrity of data. Before secure
communications can take place between connected devices (e.g., device and a server or a
device and a mobile phone), proper authentication must take place. Secure data exchange
or a verified software update can only begin after both devices have been identified and
authenticated.
The main IoT security concerns are: authentication, authorization, integrity,
confidentiality, non-repudiation, Availability, and privacy [3–5].
Authentication: The process of establishing the identity of an entity that has not been
through the authentication process to prove they are who they say they are [6]. For
example, when using your passport to travel, the serial number will be checked to see its
legitimacy and then a visual comparison will be made by the person authenticating it.
The authorization: The process of giving permission to an entity to do or have something
[7]
Integrity: The way toward keeping up the reliable, accurate and trustworthiness of
information over its whole life cycle.
Confidentiality: The process of certifying that the information is only accessed by
certified people.
Non-repudiation: the object cannot deny the authenticity of a specific data transferred
Availability: The process of ensuring that the service needed is available anywhere and
anytime for the intended users.
Privacy: The process of ensuring non-accessibility to private information by public or
malicious objects [8]

3.Survey Articles
This survey focuses on authentication methods for the Internet of Things (IoT). There are
many different authentication methods that are used in the IT industry but not all of these
can be adapted for the IoT. Lightweight and mutual authentication methods are the two
authentication methods that are commonly used in other areas of the industry. Strong IoT
device authentication is required to ensure connected devices on the IoT can be trusted to
be what they importance to be. Consequently, each IoT device needs a unique identity
that can be authenticated when the device attempts to connect to a gateway or central
server. With this unique ID in place, IT system administrators can track each device
throughout its lifecycle, communicate securely with it, and prevent it from executing

Volume IX, Issue VII, JULY/2019 Page No: 536

International Journal of Management, Technology And Engineering ISSN NO : 2249-7455

unsafe processes. If a device exhibits unpredicted performance, administrators can simply

cancel its rights.

In [9] author proposed, authentication overhead at the cloud server is reduced by handling
the authentication process using separated agents. To confirm the identity of users at the
client side, users' device should be registered to an authentication server. Each user is
assigned a unique code that will be encrypted by the server and decrypted at client side
using a chosen password. On the other hand, unregistered devices are authenticated by
Software-as-aService (SaaS) agent using modified Diffie-Hellman algorithm.
In [10-15] ID-based authentication techniques are proposed. Like bio-metric based
authentication, these techniques require users to be registered with the base station in
order to get their credentials, such as smartcard. However, user identity is used instead of
his/her biometric. The authentication process is performed based on user's registered
identity and his/her credentials, so no extra hardware is required on user’s devices.
In [13] each sensor node should be authenticated by its neighbour’s ID, which is
distributed to each node once it joins the network. The data is aggregated at each node
along with its authenticated neighbour’s ID and sent to the sink node through its
aggregator. The authentication process is performed at the sink that maintains a binding
list of nodes authentication neighbour’s ID. Once authentication is successfully
confirmed, the data is extracted.
The ID-based authentication technique proposed in [14] consists of two phases; offline
and online phases. In offline phase the general parameters and the public key of the base
station is stored in each node. In addition to that, a node trust value, which is generated at
each node, is stored in the base station. After the completion of the offline phase, mutual
authentication is performed in the online phase. The sender node encrypts its trust value
along with a nonce by the base station (sink) public key, then the base station decrypts the
message and verifies the node's trust value. If successfully verified, the base station
replies with a new nonce generated from the node nonce to be verified by that node.
In [16], the authors proposed a lightweight authentication protocol for smart grids. It
consists
of three tiers by using three different protocols for different purposes: Diffie–Hellman is
used as key agreement protocol, with the use of RSA and AES for achieving the
confidentiality, and HMAC for maintaining message integrity.
In [17], the authors proposed a lightweight authentication scheme with anonymous
features by providing hop-by-hop authentication and un-traceability. The main
contribution is the achievement of user privacy in WSN.

Volume IX, Issue VII, JULY/2019 Page No: 537

International Journal of Management, Technology And Engineering ISSN NO : 2249-7455

In [18], the authors provided an authentication protocol for WSN, which can guarantee
different security features such as the privacy of the user, un-traceability, backward
secrecy, and strong forward secrecy. It is also resilient to node capture and key
compromise impersonation attack.
In [19] the author explains three methods used in authentication. The first method consists
in a signature-based mechanism, this signature could be an ID or an elliptic curve
signature, for example. The advantage of this authentication method is that it provides fast
messaging authentication, with sender repudiation [19]. The second method ensures
immediate messaging authentication and inherits security of different signatures. The
third method implements a lightweight symmetric primitives.
In [20] Esfahani et al. [20] proposed a lightweight authentication scheme to ensure secure
integration of Industrial Internet of Things (IIoT) solutions. Specifically, the work
considers an IIoT scenario where a machine equipped with a Secure Element (SE), is
authenticated by a network element equipped with a Trusted Platform Module (TPM).
Based on two procedures, namely, (a) the registration procedure and (b) the authentication
procedure, the work is characterized by low computational cost, communication, and
storage overhead.
In [27] the author proposed an extremely lightweight payload-based mutual
authentication, called PAWN, for the cluster-based hierarchical WSN. The PAWN
scheme is based on two main phases, namely, (1) token-based cluster head election and
(2) payload-based mutual authentication. With phase 1, the higher-energy nodes perform
various administrative tasks such as route discovery, route maintenance, and
neighbourhood discovery
4.Conclusion
One of the important challenge in implementing IoT is authentication. There are some
potential authentication scheme can be implemented in order to minimize the attacks and
preserve data confidentiality. The survey will find that Mutual authentication is vital for
the IoT and, due to the constraints that are apparent within the IoT devices; the
lightweight option is very useful when it comes to dealing with areas like low bandwidth.
A conclusion to this paper is that, by combining different methods of encryption and
authentication methods, there are always possibilities to make the proposed protocols
more lightweight and secure.

Volume IX, Issue VII, JULY/2019 Page No: 538

International Journal of Management, Technology And Engineering ISSN NO : 2249-7455

References
[1] D. Evans, “The internet of things, How the Next Evolution of the Internet is Changing
Everything,” Whitepaper, Cisco Internet Business Solutions Group (IBSG), vol. 1, pp. 1–12, 2011,
http:// www.cisco.com/c/dam/en us/about/ac79/docs/innov/IoT IBSG 0411FINAL.pdf.
[2] Zhao, K., and Ge, L., "A Survey on the Internet of Things Security," Ninth International
Conference on Computational Intelligence and Security, IEEE, 2013, pp. 663 – 667.
[3]. Husamuddin, M.; Qayyum, M. Internet of Things: A study on security and privacy threats.
In Proceedings of the 2017 2nd International Conference on Anti-Cyber Crimes (ICACC), Abha,
Saudi Arabia,26–27 March 2017.
[4] El Mouaatamid, O.; Lahmer, M.; Belkasmi, M. Internet of Things Security: Layered
classification of attacks and possible Countermeasures. Electron. J. Inf. Technol. 2016, 9, 24–37.
[5] Mahmoud, R.; Yousuf, T.; Aloul, F.; Zualkernan, I. Internet of things (IoT) security: Current
status, challenges and prospective measures. In Proceedings of the 2015 10th International
Conference for Internet Technology and Secured Transactions (ICITST), London, UK, 14–16
December 2015.
[6] 541 Lopez-Research (2017). An introduction to the internet of things (iot). https: 542
//www.cisco.com/c/dam/en_us/solutions/trends/iot/introduction_to_ 543 IoT_november.pdf.
[7] Jung, S.W.; Jung, S. Personal OAuth authorization server and push OAuth for Internet of
Things. Int. J. Distrib. Sens. Netw. 2017, 13. [CrossRef]
[8] Weber, R.H. Internet of Things—New security and privacy challenges. Comput. Law Secur.
Rev. 2010, 26, 23–30. [CrossRef]
[9] Moghaddam, F. F., Moghaddam, S. G., and Rouzbeh, S., "A Scalable and Efficient User
Authentication Scheme for Cloud Computing Environments," IEEE Region 10 Symposium, 2014,
pp. 508-513.
[10] Tseng, H.-R., Jan, R.-H., and Yang, W., "A Robust Password-based Authentication Scheme
for Heterogeneous Sensor Networks," Communications of IICM, vol.11, no.3, 2008, pp. 1-13.
[11] Mnif, A., Cheikhrouhou, O., And Jemaa, M. B., "An ID-based User Authentication Scheme
for Wireless Sensor Networks using ECC," IEEE International Conference on Microelectronics
(ICM), Hammamet, 2011, pp . 1-9.
[12] Sarvabhatla, M., Kodavali, L., and vorugunti, C., "An Energy Efficient Temporal Credential
Based Mutual Authentication Scheme for WSN," IEEE 3rd International Conference on Eco-
friendly Computing and Communication Systems, 2014, pp. 73-78.
[13] Peng, S., "An Id-Based Multiple Authentication Scheme Against Attacks In Wireless Sensor
Networks," Proceedings of IEEE CCIS2012, 2012, pp. 1042-1045.
[14]Rosli, R., Yusoff, Y., and Hashim, H., "Performance Analysis of ID Based Authentication On
Zigbee Transceiver," IEEE symposium on Wireless Technology and Applications (ISWTA),
Bandung, Indonesia, 2012, pp. 187-191.
[15] Nguyen, T.-D., and Huh, E.-N., "A Dynamic ID-Based Authentication Scheme For M2M
Communication Of Healthcare Systems," International Arab Journal of Information Technology
(IAJIT), vol.9, no.6, 2012, pp. 511-519.
[16]Mahmood, K.; Chaudhry, S.A.; Naqvi, H.; Shon, T.; Ahmad, H.F. A lightweight message
authentication scheme for Smart Grid communications in power sector. Comput. Electr. Eng. 2016,
52, 114–124.
[17]Chung, Y.; Choi, S.; Lee, Y.; Park, N.; Won, D. An Enhanced Lightweight Anonymous
Authentication Scheme for a Scalable Localization Roaming Service in Wireless Sensor Networks.
Sensors 2016, 16, 1653. [CrossRef]
[18] Gope, P.; Hwang, T. A Realistic Lightweight Anonymous Authentication Protocol for
Securing Real-Time Application Data Access in Wireless Sensor Networks. IEEE Trans. Ind.
Electron. 2016, 63, 7124–7132. [CrossRef]
[19] B. Mbarek, A. Meddeb, W. Ben Jaballah, and M. Mosbah, “A Secure Authentication
Mechanism for Resource Constrained Devices,” pp. 1–7, 2015.

Volume IX, Issue VII, JULY/2019 Page No: 539

International Journal of Management, Technology And Engineering ISSN NO : 2249-7455

[20] A. Esfahani, G. Mantas, R. Matischek et al., “A Lightweight Authentication Mechanism for

M2M Communications in Industrial IoT Environment,” IEEE Internet of Things Journal, pp. 1-1.
[21] Lee, J.Y.; Lin, W.C.; Huang, Y.H. A lightweight authentication protocol for Internet of
Things. In Proceedings of the 2014 International Symposium on Next-Generation Electronics
(ISNE), Kwei-Shan, Taiwan, 7–10 May 2014.
[22] Jan, M.A.; Khan, F.; Alam, M.; Usman, M. A payload-based mutual authentication scheme
for Internet of Things. Future Gen. Comput. Syst. 2019, 92, 1028–1039.
[23] Schmitt, C.; Noack, M.; Stiller, B. TinyTO: Two-way authentication for constrained devices
in the Internet of Things. In Internet of Things; Elsevier: Amsterdam, The Netherlands, 2016; pp.
239–258.
[24] Ferrag, M.A.; Maglaras, L.A.; Janicke, H.; Jiang, J.; Shu, L. Authentication protocols for
Internet of Things:A comprehensive survey. Secur. Commun. Netw. 2017, 2017, 6562953.
[25 Sey, D. A survey on authentication methods for the Internet of Things. PeerJ Prepr. 2018, 6,
e26474v1
[26] Zhou, L.; Li, X.; Yeh, K.H.; Su, C.; Chiu, W. Lightweight IoT-based authentication scheme in
cloud computing circumstance. Future Gen. Comput. Syst. 2019, 91, 244–251.
[27] M. Jan, P. Nanda, M. Usman, and X. He, “PAWN: A payloadbased mutual authentication
scheme for wireless sensor networks,” Concurrency Computation, 2016.

Volume IX, Issue VII, JULY/2019 Page No: 540

View publication stats