A Secure and Efficient Cluster-Based Authentication Scheme for Internet of Things (IoTs)

Imran, Kanwal, Anjum, Nasreen ORCID: 0000-0002-7126-2177, Alghamdi, Abdullah, Shaikh, Asadullah, Hamdi, Mohammed and Mahfooz, Saeed (2022) A Secure and Efficient Cluster-Based Authentication Scheme for Internet of Things (IoTs). Computers, Materials and Continua, 70 (1). pp. 1033-1052. doi:10.32604/cmc.2022.018589

Text (Peer Reviewed Version)
11690 Imran, Anjum, Alghamdi, Shaikh, HAmdi and Mahfooz (2021) A_Secure_and_Efficient_Cluster_Based_Authentication_Scheme_for_Internet_of_Things_(IoTs).pdf - Published Version
Available under License Creative Commons Attribution 4.0.

Download (1MB) | Preview


IPv6 over Low Power Wireless Personal Area Network 6LoWPAN) provides IP connectivity to the highly constrained nodes in the Internet of Things (IoTs). 6LoWPAN allows nodes with limited battery power and storage capacity to carry IPv6 datagrams over the lossy and error-prone radio links offered by the IEEE 802.15.4 standard, thus acting as an adoption layer between the IPv6 protocol and IEEE 802.15.4 network. The data link layer of IEEE 802.15.4 in 6LoWPAN is based on AES (Advanced Encryption Standard), but the 6LoWPAN standard lacks and has omitted the security and privacy requirements at higher layers. The sensor nodes in 6LoWPAN can join the network without requiring the authentication procedure. Therefore, from security perspectives, 6LoWPAN is vulnerable to many attacks such as replay attack, Man-in-the-Middle attack, Impersonation attack, and Modification attack. This paper proposes a secure and efficient cluster-based authentication scheme (CBAS) for highly constrained sensor nodes in 6LoWPAN. In this approach, sensor nodes are organized into a cluster and communicate with the central network through a dedicated sensor node. The main objective of CBAS is to provide efficient and authentic communication among the 6LoWPAN nodes. To ensure the low signalling overhead during the registration, authentication, and handover procedures, we also introduce lightweight and efficient registration, de-registration, initial authentication, and handover procedures, when a sensor node or group of sensor nodes join or leave a cluster. Our security analysis shows that the proposed CBAS approach protects against various security attacks, including Identity Confidentiality attack, Modification attack, Replay attack, Man-in-the-middle attack, and Impersonation attack. Our simulation experiments show that CBAS has reduced the registration delay by 11%, handoff authentication delay by 32%, and signalling coby 37% compared to the SGMS (Secure Group Mobility Scheme) and LAMS (Light-Wight Authentication & Mobility Scheme).

Item Type: Article
Article Type: Article
Uncontrolled Keywords: IoT; Cyber Security; Security Attacks; Authentication Delay; Handover Delay; Signalling Cost; 6LoWPAN
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: Schools and Research Institutes > School of Business, Computing and Social Sciences
Research Priority Areas: Applied Business & Technology
Depositing User: Nasreen Anjum
Date Deposited: 27 Oct 2022 13:54
Last Modified: 31 Oct 2023 11:18
URI: https://eprints.glos.ac.uk/id/eprint/11690

University Staff: Request a correction | Repository Editors: Update this record

University Of Gloucestershire

Bookmark and Share

Find Us On Social Media:

Social Media Icons Facebook Twitter Google+ YouTube Pinterest Linkedin

Other University Web Sites

University of Gloucestershire, The Park, Cheltenham, Gloucestershire, GL50 2RH. Telephone +44 (0)844 8010001.