The Internet of Things (IoT) is comprised of a large number of miniaturized devices interconnected through the Internet. These devices, equipped with sensing, computing and communication capabilities, can be used to remotely control the environment or the monitored infrastructure. However, IoT devices usually only have limited resources, and thus designing a lightweight security authentication protocol for them is a challenge. This paper proposes an identity authentication protocol between embedded devices and server. The protocol uses elliptic curve encryption algorithm and realizes the anonymity of the device by hashing their IDs and prevents the server from replay attacks by adding security attributes timestamp. We prove the security of the protocol and its resistance to security attacks, and also formally verify it using the AVISPA tool. In addition, through experimental comparison with existing protocols, we demonstrate the performance superiority of the proposed protocol. IEEE
- Authentication,
- Embedded devices,
- Internet of Things,
- Internet of Things,
- Performance evaluation,
- Protocols,
- Resists,
- Security,
- Security,
- Servers,
- Public key cryptography
IR Deposit conditions:
OA version (pathway a) Accepted version
No embargo
When accepted for publication, set statement to accompany deposit (see policy)
Must link to publisher version with DOI
Publisher copyright and source must be acknowledged