A Review and Costing of Lightweight Authentication Schemes for Internet of Things (IoT): Towards Design of an Authentication Architecture for Smart Home Applications

  • Attlee M. Gamundani
  • Amelia Phillips
  • Hippolyte N. Muyingi
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 255)


Internet of Things (IoT) authentication for resource-constrained devices thrives under lightweight solutions. The requirements of the lightweight solutions are that, they have to meet the processing, storage and limited resource base of the resource-constrained devices. There are a number of lightweight solutions advanced for IoT under different domains. To provide feasible authentication solutions for smart home security calls for focus on key attributes that suit the domain in question. This paper is positioned to give a review of some existing lightweight authentication schemes, guide the selection and design of best possible solutions that can be applied to smart home environments. From the costing of randomly selected lightweight authentication techniques, the least costly solution is recommended for adoption.


Authentication Architecture Cost Lightweight IoT Smart home 



The support from the Digital Forensics and Information security research cluster, the Faculty of Computing and Informatics and the NUST community’s support are highly appreciated for the progress of this research work.


  1. 1.
    Witkovski, A., Santin, A., Abreu, V., Marynowski, J.: An IdM and key-based authentication method for providing single sign-on in IoT. In: 2015 IEEE Global Communications Conference, GLOBECOM 2015, IdM (2015)Google Scholar
  2. 2.
    Arafin, M.T., Gao, M., Qu, G.: VOLtA: voltage over-scaling based lightweight authentication for IoT applications. In: Proceeding Asia South Pacific Design Automation Conference, ASP-DAC, pp. 336–341 (2017)Google Scholar
  3. 3.
    Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)MathSciNetCrossRefGoogle Scholar
  4. 4.
    Ray, B.R., Chowdhury, M.U., Abawajy, J.H.: A multi-protocol security framework to support internet of things. In: Deng, R., Weng, J., Ren, K., Yegneswaran, V. (eds.) SecureComm 2016. LNICST, vol. 198, pp. 257–270. Springer, Cham (2017). Scholar
  5. 5.
    Wang, F., Xu, Y., Zhang, H., Zhang, Y., Zhu, L.: 2FLIP: a two-factor lightweight privacy-preserving authentication scheme for VANET. IEEE Trans. Veh. Technol. 65(2), 896–911 (2016)CrossRefGoogle Scholar
  6. 6.
    Zhang, R.: An enhanced lightweight authentication protocol for low-cost RFID systems. In: Proceeding 2016 IEEE International Conference on Electronic Information and Communication Technology, ICEICT 2016, ICEICT, pp. 29–33 (2017)Google Scholar
  7. 7.
    Karthi M., Harris, P.: A realistic lightweight authentication protocol for securing cloud based RFID system Surekha, pp. 168–171 (2016)Google Scholar
  8. 8.
    Jacobsen, R.H., Mikkelsen, S.A., Rasmussen, N.H.: Towards the use of pairing-based cryptography for resource-constrained home area networks. In: Proceeding—18th Euromicro Conference Digital System Design, DSD 2015, pp. 233–240 (2015)Google Scholar
  9. 9.
    Kim, Y.P., Yoo, S., Yoo, C.: DAoT: dynamic and energy-aware authentication for smart home appliances in Internet of Things. In: 2015 IEEE International Conference on Consumer Electronics, ICCE 2015 (2015)Google Scholar
  10. 10.
    Saied, Y.B., Olivereau, A., Zeghlache, D., Laurent, M.: Lightweight collaborative key establishment scheme for the internet of things. Comput. Netw. 64, 273–295 (2014)CrossRefGoogle Scholar
  11. 11.
    Denning, T., Kohno, T., Levy, H.M.: Computer security and the modern home. Commun. ACM 56(1), 94 (2013)CrossRefGoogle Scholar
  12. 12.
    Kothmayr, T., Schmitt, C., Hu, W., Brünig, M., Carle, G.: DTLS based security and two-way authentication for the internet of things. Ad Hoc Netw. 11(8), 2710–2723 (2013)CrossRefGoogle Scholar
  13. 13.
    Li, X., Liu, H., Wei, F., Ma, J., Yang, W.: A lightweight anonymous authentication protocol using k-pseudonym set in wireless networks. In: 2015 IEEE Global Communications Conference, GLOBECOM 2015 (2015)Google Scholar
  14. 14.
    Rahman, M., Sampangi, R.V., Sampalli, S.: Lightweight protocol for anonymity and mutual authentication in RFID systems. In: 2015 12th Annual IEEE Consumer Communications and Networking Conference, CCNC 2015, pp. 910–915 (2015)Google Scholar
  15. 15.
    Ray, B.R.R., Abawajy, J., Chowdhury, M., Alelaiwi, A.: Universal and secure object ownership transfer protocol for the internet of things. Future Gener. Comput. Syst. 78, 838–849 (2018)CrossRefGoogle Scholar
  16. 16.
    Abdallah, A., Shen, X.: Lightweight authentication and privacy-preserving scheme for V2G connections. IEEE Trans. Veh. Technol. 66(3), 2615–2629 (2017)CrossRefGoogle Scholar
  17. 17.
    Janbabaei, S., Gharaee, H., Mohammadzadeh, N.: Lightweight, anonymous and mutual authentication in IoT infrastructure. In: 2016 8th International Symposium on Telecommunications, IST 2016, pp. 162–166 (2017)Google Scholar
  18. 18.
    Gope, P., Hwang, T.: Authentication protocol for securing real-time application data access in wireless sensor networks. IEEE Trans. Ind. Electron. 63(11), 7124–7132 (2016)CrossRefGoogle Scholar
  19. 19.
    Abdullaziz, O.I., Chen, Y.J., Wang, L.-C.: Lightweight authentication mechanism for software defined network using information hiding. In: 2016 IEEE Global Communications Conference, GLOBECOM 2016—Proceeding, pp. 0–5 (2016)Google Scholar
  20. 20.
    Huang, J.-J., Juang, W.-S., Fan, C.-I., Tseng, Y.-F., Kikuchi, H.: Lightweight authentication scheme with dynamic group members in IoT environments. In: Proceedings of the 13th International Conference on Mobile and Ubiquitous Systems: Computing Networking and Services—MOBIQUITOUS 2016 (2016)Google Scholar
  21. 21.
    Shen, C., Li, H., Sahin, G., Choi, H.A.: Low-complexity scalable authentication algorithm with imperfect shared keys for internet of things. In: 2016 IEEE International Conference on Communications Workshops, ICC 2016, pp. 116–121 (2016)Google Scholar
  22. 22.
    Yang, M.L., Narayanan, A., Parry, D., Wang, X.: A lightweight authentication scheme for transport system farecards. 2016 IEEE International Conference on RFID Technology and Applications, RFID-TA 2016, pp. 150–155 (2016)Google Scholar
  23. 23.
    Sharaf-Dabbagh, Y., Saad, W.: On the authentication of devices in the Internet of things. In: WoWMoM 2016—17th International Symposium on A World of Wireless, Mobile and Multimedia Networks, pp. 1–3 (2016)Google Scholar
  24. 24.
    Khemissa, H., Tandjaoui, D.: A novel lightweight authentication scheme for heterogeneous wireless sensor networks in the context of internet of things. In: 2016 Wireless Telecommunications Symposium (WTS), pp. 1–6 (2016)Google Scholar
  25. 25.
    Zhang, N., Wu, X., Yang, C., Shen, Y., Cheng, Y.: A lightweight authentication and authorization solution based on Kerberos. In: Proceedings of 2016 IEEE Advanced Information Management, Communicates, Electronic and Automation Control Conference, IMCEC 2016, pp. 742–746 (2017)Google Scholar
  26. 26.
    Han, J.: Chaining the secret: lightweight authentication for security in pervasive computing. In: 2016 International Conference on Pervasive Computing and Communication Workshops, PerCom Work, pp. 0–2 (2016)Google Scholar
  27. 27.
    Liu, Y., Liu, L., Zhou, Y., Hu, S.: Leveraging carbon nanotube technologies in developing physically unclonable function for cyber-physical system authentication. In: Proceeding—IEEE INFOCOM, September 2016, pp. 176–180 (2016)Google Scholar
  28. 28.
    Hossain, M., Noor, S., Hasan, R.: HSC-IoT: a hardware and software co-verification based authentication scheme for internet of things. In: Proceeding—5th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering, MobileCloud 2017, pp. 109–116 (2017)Google Scholar
  29. 29.
    Ray, B.R., Chowdhury, M.U., Abawajy, J.H.: Secure object tracking protocol for the internet of things. IEEE Internet Things J. 3(4), 544–553 (2016)CrossRefGoogle Scholar
  30. 30.
    Gao, Y., Ma, H., Abbott, D., Al-Sarawi, S.F.: PUF sensor: exploiting PUF unreliability for secure wireless sensing. IEEE Trans. Circ. Syst. I: Reg. Pap. 1–12 (2017)Google Scholar
  31. 31.
    Yu, M.-D.M., et al.: A lockdown technique to prevent machine. IEEE Trans. Multi-Scale Comput. Syst. 2(3), 146–159 (2016)CrossRefGoogle Scholar
  32. 32.
    Schaumont, P., Moriyama, D., Gulcan, E., Aysu, A.: Compact and low-power ASIP design for lightweight PUF-based authentication protocols. IET Inf. Secur. 10(5), 232–241 (2016)CrossRefGoogle Scholar
  33. 33.
    Li, G., Xu, X., Li, Q.: LADP: a lightweight authentication and delegation protocol for RFID tags. In: International Conference on Ubiquitous and Future Networks, ICUFN, August 2015, pp. 860–865 (2015)Google Scholar
  34. 34.
    Shen, J., Liu, D., Chang, S., Shen, J., He, D.: A lightweight mutual authentication scheme for user and server in cloud. In: Proceeding—2015 1st International Conference on Computational Intelligence Theory, Systems and Applications, CCITSA 2015, pp. 183–186 (2016)Google Scholar
  35. 35.
    Yang, J.H., Lin, P.Y.: An ID-based user authentication scheme for cloud computing. In: 2014 Tenth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, pp. 98–101 (2014)Google Scholar
  36. 36.
    Yang, J.-H., Chang, Y.-F., Huang, C.-C.: A user authentication scheme on multi-server environments for cloud computing. In: ICICS 2013—Conference 9th International Conference on Information, Communications & Signal Processing, pp. 1–4 (2013)Google Scholar
  37. 37.
    Shaju, S.: BISC authentication algorithm : an efficient new authentication algorithm using three factor authentication for mobile banking (2016)Google Scholar
  38. 38.
    Amin, R., et al.: Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks. Comput. Netw. 101, 42–62 (2016)CrossRefGoogle Scholar
  39. 39.
    Arasteh, S., Aghili, S.F., Mala, H.: A new lightweight authentication and key agreement protocol for Internet of Things. In: 2016 13th International Iranian Society of Cryptology Conference on Information Security and Cryptology, pp. 52–59 (2016)Google Scholar
  40. 40.
    Jiang, Q.I., Zeadally, S., He, D.: Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks, vol. 5 (2017)CrossRefGoogle Scholar
  41. 41.
    Iinatti, J., Member, S., Ha, P.H.: Smart home environments. IEEE Trans. Inf. Forensics Secur. 12(4), 968–979 (2017)CrossRefGoogle Scholar
  42. 42.
    Silverajan, B., Luoma, J.P., Vajaranta, M., Itapuro, R.: Collaborative cloud-based management of home networks. In: Proceedings 2015 IFIP/IEEE International Symposium on Integrated Network Management, IM 2015, pp. 786–789 (2015)Google Scholar
  43. 43.
    Margulies, J.: Garage door openers: an internet of things case study. IEEE Secur. Priv. 13(4), 80–83 (2015)CrossRefGoogle Scholar
  44. 44.
    Daramas, A., Pattarakitsophon, S., Eiumtrakul, K., Tantidham, T., Tamkittikhun, N.: HIVE: home automation system for intrusion detection. In: Proceeding 2016 5th ICT International Student Project Conference, ICT-ISPC 2016, pp. 101–104 (2016)Google Scholar
  45. 45.
    Ashibani, Y., Kauling, D., Mahmoud, Q.H.: A context-aware authentication framework for smart homes (2017)Google Scholar
  46. 46.
    Shen, T.: Home area networks in smart grids, pp. 2444–2447 (2016)Google Scholar
  47. 47.
    Morsalin, S., Islam, A.M. J., Rahat, G.R., Pidim, S.R.H., Rahman, A., Siddiqe, M.A.B.: Machine-to-machine communication based smart home security system by NFC, fingerprint, and PIR sensor with mobile android application. In: 2016 3rd International Conference on Electrical Engineering and Information Communication Technology, iCEEiCT 2016 (2017)Google Scholar
  48. 48.
    Baek, J., Youm, H.Y.: Secure and lightweight authentication protocol for NFC tag based services. In: Proceeding—2015 10th Asia Joint Conference on Information Security, pp. 63–68 (2015)Google Scholar
  49. 49.
    Rigney, C., Willens, S., Rubens, A., Simpson, W.: RFC 2687 - remote authentication dial in user service (RADIUS). J. Chem. Inf. Model. 53(9), 1689–1699 (2013)Google Scholar
  50. 50.
    Sivanathan, A., Sherratt, D., Gharakheili, H.H., Sivaraman, V., Vishwanath, A.: Low-cost flow-based security solutions for smart-home IoT devices. In: 2016 IEEE International Conference on Advanced Networks and Telecommunications Systems, ANTS 2016 (2017)Google Scholar
  51. 51.
    Gope, P., Hwang, T.: Lightweight and energy-efficient mutual authentication and key agreement scheme with user anonymity for secure communication in global mobility networks. IEEE Syst. J. 10(4), 1370–1379 (2016)CrossRefGoogle Scholar
  52. 52.
    Pienaar, J.P., Fisher, R.M., Hancke, G.P.: Smartphone: the key to your connected smart home. In: Proceeding - 2015 IEEE International Conference on Industrial Informatics, INDIN 2015, pp. 999–1004 (2015)Google Scholar
  53. 53.
    Saadeh, M., Sleit, A., Qatawneh, M., Almobaideen, W.: Authentication techniques for the internet of things: a survey. In: Proceeding—2016 Cybersecurity Cyberforensics Conference, CCC 2016, pp. 28–34 (2016)Google Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018

Authors and Affiliations

  • Attlee M. Gamundani
    • 1
  • Amelia Phillips
    • 2
  • Hippolyte N. Muyingi
    • 1
  1. 1.Faculty of Computing and Informatics, Computer Science DepartmentNamibia University of Science and TechnologyWindhoekNamibia
  2. 2.CIS and Computer Science, Departments Cyber Security and Forensics BAS LeadHighline CollegeSeattleUSA

Personalised recommendations