LEAF-IIoT: Lightweight and Efficient Authentication Framework for the Industrial Internet of Things

Abstract

The Internet of Things (IoT) has emerged as a revolutionary communication technology, enabling the connection of resource-limited devices to the Internet. These devices are deployed in various industrial control systems to remotely monitor and control industrial applications. However, the public Internet's inherent vulnerability to malicious attacks poses a significant challenge to the secure operation of these systems. To address this challenge, a lightweight and efficient authentication framework, LEAF-IIoT, is proposed. LEAF-IIoT leverages authenticated encryption (AE) techniques to provide a multifaceted security solution encompassing confidentiality, authentication, and data integrity. It establishes a secure channel by exchanging messages between the user, gateway, and smart embedded device, culminating in the creation of a session key for secure data exchange. Rigorous security assessment confirms the robustness of LEAF-IIoT, while performance evaluation demonstrates its significantly lower computational cost and reduced communication overhead compared to existing frameworks. Despite these efficiencies, LEAF-IIoT continues to provide strong security features, ensuring the integrity and confidentiality of data exchanged in the IIoT context.