TY - JOUR
T1 - A secure and efficient cluster-based authentication scheme for Internet of Things (IoTs)
AU - Imran, Kanwal
AU - Anjum, Nasreen
AU - Alghamdi, Abdullah
AU - Shaikh, Asadullah
AU - Hamdi, Mohammed
AU - Mahfooz, Saeed
PY - 2021/9/7
Y1 - 2021/9/7
N2 - IPv6 over Low Power Wireless Personal Area Network 6LoWPAN) provides IP connectivity to the highly constrained nodes in the Internet of Things (IoTs). 6LoWPAN allows nodes with limited battery power and storage capacity to carry IPv6 datagrams over the lossy and error-prone radio links offered by the IEEE 802.15.4 standard, thus acting as an adoption layer between the IPv6 protocol and IEEE 802.15.4 network. The data link layer of IEEE 802.15.4 in 6LoWPAN is based on AES (Advanced Encryption Standard), but the 6LoWPAN standard lacks and has omitted the security and privacy requirements at higher layers. The sensor nodes in 6LoWPAN can join the network without requiring the authentication procedure. Therefore, from security perspectives, 6LoWPAN is vulnerable to many attacks such as replay attack, Man-in-the-Middle attack, Impersonation attack, and Modification attack. This paper proposes a secure and efficient cluster-based authentication scheme (CBAS) for highly constrained sensor nodes in 6LoWPAN. In this approach, sensor nodes are organized into a cluster and communicate with the central network through a dedicated sensor node. The main objective of CBAS is to provide efficient and authentic communication among the 6LoWPAN nodes. To ensure the low signalling overhead during the registration, authentication, and handover procedures, we also introduce lightweight and efficient registration, de-registration, initial authentication, and handover procedures, when a sensor node or group of sensor nodes join or leave a cluster. Our security analysis shows that the proposed CBAS approach protects against various security attacks, including Identity Confidentiality attack, Modification attack, Replay attack, Man-in-the-middle attack, and Impersonation attack. Our simulation experiments show that CBAS has reduced the registration delay by 11%, handoff authentication delay by 32%, and signalling coby 37% compared to the SGMS (Secure Group Mobility Scheme) and LAMS (Light-Wight Authentication & Mobility Scheme).
AB - IPv6 over Low Power Wireless Personal Area Network 6LoWPAN) provides IP connectivity to the highly constrained nodes in the Internet of Things (IoTs). 6LoWPAN allows nodes with limited battery power and storage capacity to carry IPv6 datagrams over the lossy and error-prone radio links offered by the IEEE 802.15.4 standard, thus acting as an adoption layer between the IPv6 protocol and IEEE 802.15.4 network. The data link layer of IEEE 802.15.4 in 6LoWPAN is based on AES (Advanced Encryption Standard), but the 6LoWPAN standard lacks and has omitted the security and privacy requirements at higher layers. The sensor nodes in 6LoWPAN can join the network without requiring the authentication procedure. Therefore, from security perspectives, 6LoWPAN is vulnerable to many attacks such as replay attack, Man-in-the-Middle attack, Impersonation attack, and Modification attack. This paper proposes a secure and efficient cluster-based authentication scheme (CBAS) for highly constrained sensor nodes in 6LoWPAN. In this approach, sensor nodes are organized into a cluster and communicate with the central network through a dedicated sensor node. The main objective of CBAS is to provide efficient and authentic communication among the 6LoWPAN nodes. To ensure the low signalling overhead during the registration, authentication, and handover procedures, we also introduce lightweight and efficient registration, de-registration, initial authentication, and handover procedures, when a sensor node or group of sensor nodes join or leave a cluster. Our security analysis shows that the proposed CBAS approach protects against various security attacks, including Identity Confidentiality attack, Modification attack, Replay attack, Man-in-the-middle attack, and Impersonation attack. Our simulation experiments show that CBAS has reduced the registration delay by 11%, handoff authentication delay by 32%, and signalling coby 37% compared to the SGMS (Secure Group Mobility Scheme) and LAMS (Light-Wight Authentication & Mobility Scheme).
KW - IoT
KW - cyber security
KW - security attacks
KW - authentication delay
KW - handover delay
KW - signalling cost
KW - 6LoWPAN
UR - https://kclpure.kcl.ac.uk/portal/en/
U2 - 10.32604/cmc.2022.018589
DO - 10.32604/cmc.2022.018589
M3 - Article
SN - 1546-2218
VL - 70
SP - 1033
EP - 1052
JO - Computers, Materials and Continua
JF - Computers, Materials and Continua
IS - 1
ER -