A secure lightweight mutual authentication and message exchange protocol for iot environments based on the existence of active server

Abstract

Recently, the Internet of Things (IoT) has started to play an important role and one of the states of art solutions to solve various issues in different ICT application domains due to its intrinsic characteristics. However, its security and privacy mechanisms are still not well-tailored and lagging behind. Massive academic and industrial surveys, researches, and studies have been conducted and implemented but the general consensus is that conventional cryptographic methods are not overly suitable for adoption in IoT environments in a straightforward manner without incurring huge operational, computational, storage, and energy costs. Therefore, an alternative is to a lightweight cryptographic method offering high levels of data and system security to mitigate such computational cost, storage capacity, and energy consumption. This paper proposes a lightweight mutual authentication and message exchange scheme between IoT devices via a publically available server based on symmetric and asymmetric hybrid cryptography. The server plays an important role to register and authenticate different IoT devices in a federated environment. Security analysis shows that the proposed scheme satisfies the main security properties and it is resistant against attacks.