A Secure Lightweight Mutual Authentication and Message Exchange Protocol for IoT Environments Based on the Existence of Active Server

  • Omar AbdulkaderEmail author
  • Alwi M. Bamhdi
  • Vijey Thayananthan
  • Kamal Jambi
  • Bandar Al Ghamdi
  • Ahmed Patel
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 1041)


Recently, the Internet of Things (IoT) has started to play an important role and one of the states of art solutions to solve various issues in different ICT application domains due to its intrinsic characteristics. However, its security and privacy mechanisms are still not well-tailored and lagging behind. Massive academic and industrial surveys, researches, and studies have been conducted and implemented but the general consensus is that conventional cryptographic methods are not overly suitable for adoption in IoT environments in a straightforward manner without incurring huge operational, computational, storage, and energy costs. Therefore, an alternative is to a lightweight cryptographic method offering high levels of data and system security to mitigate such computational cost, storage capacity, and energy consumption. This paper proposes a lightweight mutual authentication and message exchange scheme between IoT devices via a publically available server based on symmetric and asymmetric hybrid cryptography. The server plays an important role to register and authenticate different IoT devices in a federated environment. Security analysis shows that the proposed scheme satisfies the main security properties and it is resistant against attacks.


IoT Lightweight Mutual authentication Cryptographic Cybersecurity Message exchange 


  1. 1.
    M. Chen, J. Wan, F. Li, Machine-to-machine communications: architectures, standards and applications (2012)Google Scholar
  2. 2.
    G. Sharma, S. Bala, A.K. Verma, Security frameworks for wireless sensor networks-review. Proc. Technol. 6, 978–987 (2012)CrossRefGoogle Scholar
  3. 3.
    X. Xiaokang, D.S. Wong, X. Deng, TinyPairing: a fast and lightweight pairing-based cryptographic library for wireless sensor networks, in 2010 IEEE Wireless Communication and Networking Conference (IEEE, 2010)Google Scholar
  4. 4.
    O. Delgado-Mohatar, A. Fúster-Sabater, J.M. Sierra, A light-weight authentication scheme for wireless sensor networks. Ad Hoc Netw. 9(5), 727–735 (2011)CrossRefGoogle Scholar
  5. 5.
    M. Sangeetha, M. Jagadeeswari, Design and implementation of new lightweight encryption technique. Int. J. Innov. Res. Sci. Eng. Technol. (2016)Google Scholar
  6. 6.
    T. Xu, J.B. Wendt, M. Potkonjak, Security of IoT systems: design challenges and opportunities, in Proceedings of the 2014 IEEE/ACM International Conference on Computer-Aided Design (IEEE Press, 2014), pp. 417–423Google Scholar
  7. 7.
    K.H. Wang, C.M. Chen, W. Fang, W. Tsu-Yang, On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags. J. Supercomput. 74(1), 65–70 (2018)CrossRefGoogle Scholar
  8. 8.
    P. Gope, R. Amin, S.H. Islam, N. Kumar, V.K. Bhalla, Lightweight and privacy-preserving RFID authentication scheme for distributed IoT infrastructure with secure localization services for smart city environment. Futur. Gener. Comput. Syst. 83, 629–637 (2018)CrossRefGoogle Scholar
  9. 9.
    B.B. Gupta, M. Quamara, An identity based access control and mutual authentication framework for distributed cloud computing services in IoT environment using smart cards. Proc. Comput. Sci. 132, 189–197 (2018)CrossRefGoogle Scholar
  10. 10.
    D. He, N. Kumar, N. Chilamkurti, J.H. Lee, Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. J. Med. Syst. 38(10), 116 (2014)CrossRefGoogle Scholar
  11. 11.
    Y.P. Liao, C.M. Hsiao, A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol. Ad Hoc Netw. 18, 133–146 (2014)CrossRefGoogle Scholar
  12. 12.
    G.U. Devi, E.V. Balan, M.K. Priyan, C. Gokulnath, Mutual authentication scheme for IoT application. Indian J. Sci. Technol. 8, 26 (2015)Google Scholar
  13. 13.
    K. Fan, Y. Gong, C. Liang, H. Li, Y. Yang, Lightweight and ultralightweight RFID mutual authentication protocol with cache in the reader for IoT in 5G. Secur. Commun. Netw. 9(16), 3095–3104 (2016)CrossRefGoogle Scholar
  14. 14.
    A. Tewari, B.B. Gupta, A lightweight mutual authentication approach for RFID tags in IoT devices. Int. J. Netw. Virtual Organ. 18(2), 97–111 (2018)CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  • Omar Abdulkader
    • 1
    Email author
  • Alwi M. Bamhdi
    • 2
  • Vijey Thayananthan
    • 1
  • Kamal Jambi
    • 1
  • Bandar Al Ghamdi
    • 3
  • Ahmed Patel
    • 4
  1. 1.Department of Computer ScienceKing Abdul-Aziz UniversityJeddahKingdom of Saudi Arabia
  2. 2.Department of Computer ScienceUmm AlQura UniversityJazanKingdom of Saudi Arabia
  3. 3.Department of ITCArab Open UniversityJeddahKingdom of Saudi Arabia
  4. 4.Universidade Estadual do CearáFortalezaBrazil

Personalised recommendations