Title: SLAK: secure lightweight scheme for authentication and key-agreement in internet of things

Authors: Oussama Nahnah; Sarra Cherbal

Addresses: Department of Computer Science, University of Setif 1, Setif, Algeria ' LRSD Laboratory, Department of Computer Science, University of Setif 1, Setif, Algeria

Abstract: Internet of things connect unlimited number of heterogeneous devices in order to facilitate services and hence touching most of daily life fields. However, security concerns are a major obstacle to the development and rapid deployment of this high technology. Thus, securing the authentication process has become very important, as it is necessary to prove the legitimacy of the communication devices. Recently, researchers are proposing several mutual authentication and session key agreement protocols. In this regard, we propose our own improved protocol that relies on login, mutual authentication and the agreement of session key in a safety way to secure communications. For the security evaluation of the proposal, we use the authentication BAN logic and the widely used AVISPA tool. The results prove the achievement of mutual authentication and session key agreement securely, in addition to its safety against some known attacks as eavesdropping and replay attacks. For a performance evaluation, we compare the proposal with recent related works in terms of computational and communication costs. The results show the lightness of our protocol and thus its suitability to heterogeneous IoT devices.

Keywords: authentication; internet of things; security; elliptic curve cryptography; session key; AVISPA.

DOI: 10.1504/IJICS.2024.137741

International Journal of Information and Computer Security, 2024 Vol.23 No.2, pp.200 - 226

Received: 16 Oct 2022
Accepted: 20 Mar 2023
Published online: 04 Apr 2024 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article