An Efficient Device Authentication Protocol Without Certification Authority for Internet of Things

Wireless network devices are used for the Internet of Things in a variety of applications, and although the IoT has many benefits, there are some security issues in this area. Hacking tools that are widely used in wireless communication enable the attacker to export the information stored in the device memory. Devices within the IoT should not allow this information to be accessed without an authentication. In this paper, we propose an efficient device authentication protocol without certification authority for the Internet of Things. Compared to the existing Constrained Application Protocol, the proposed protocol increases efficiency by minimizing the number of message exchanges. Since our protocol is based on a keyed hash algorithm, the Certificate of Authority is not required. Experimental results show that the proposed authentication protocol improves the security level and reduces the resource consumption of devices.