A lightweight mutual and transitive authentication mechanism for IoT network

IoT devices are typically authenticated directly by gateways present in the network. However, in large and complex IoT systems like the smart city or smart industry which consist of thousands of connected devices, it may not be always feasible to be directly connected to the gateway while it may be possible to be connected to another device. Therefore, already authenticated devices should facilitate the new device to get authenticated by the gateway. To address this issue, the existing protocols use multiple authentication protocols based on different cryptography techniques, which are difficult to implement and manage in resource constrained IoT devices. In this paper, we propose a Transitive device authentication protocol based on the Chebyshev polynomial. The transitive authentication protocol utilizes the session key established in the mutual authentication between the intermediate device and gateway. Both the mutual authentication and transitive authentication protocols are relying on the same preregistration and authentication mechanism. To ensure the security of the proposed authentication protocol, detailed security analysis is carried out, and the secure session key establishment is verified using the BAN logic. Moreover, the proposed protocol is tested against crucial attacks in the Scyther tool. These formal analyses and Scyther attack simulation show that the proposed protocol is capable of withstanding critical attacks. Finally, to verify the efficiency, the protocol implementation is experimentally compared with similar approaches studied in the literature. The results show that the proposed protocol offers better performance, providing significantly lower response time, handshake duration, memory utilization, and energy consumption.