Lightweight Coap Based Authentication Scheme by Applying Two-Way Encryption for Secure Transmission

Abstract

With the widespread popularity of the Internet of Things (IoT), different sectors-based applications are increasingly developed. One of the most popular application layer protocols is the Constrained Application Protocol (CoAP), and the necessity of ensuring data security in this layer is crucial. Moreover, attackers target the vulnerabilities of IoT to gain access to the system, which leads to a security threat and violate privacy. Typically, user authentication and data encryption are applied for securing data communication over a public channel between two or more participants. However, most of the existing solutions use cryptography for achieving security, with the exception of high computation cost. Hence, these solutions fail to satisfy the resource-constrained characteristics of IoT devices. Therefore, a lightweight security mechanism is required for achieving both secure transmission and better performance. This paper proposes a Lightweight Authentication with Two-way Encryption for Secure Transmission in CoAP Protocol (LATEST) that provides a secure transmission between the server and IoT devices. This mutual authentication mechanism uses ROT 18 Cipher with XoR operation and 128-bit AES based encryption for securing the data transmission. The ROT18 Cipher is a monoalphabetic substitution cipher, which is a combination of ROT13 and ROT5. The proposed scheme employs symmetric encryption in both client and server for ensuring secure authentication and mutually confirm each other identity. In addition, the proposed LATEST scheme ensures confidentiality and integrity by being resistant to replay attacks, impersonation attacks, and modification attacks. The experimental evaluation demonstrates that the proposed LATEST scheme is lightweight and provides better security compared to the existing scheme.