A Lightweight Mutual Authentication Protocol for IoT

Due to the resource-constrained of Internet of things (IoT) devices, the traditional cryptography protocols are not suitable for IoT environments. When they can be implemented, their performances often are not acceptable. As a result, a lightweight protocol is re-quired to cope with these challenges. To address security challenges in IoT networks, we present a lightweight mutual authentication protocol for IoT. The protocol aims to provide a secure mutual authentication mechanisms between the sensor node and gateway using a lightweight cryptography algorithms. The protocol is relied on two main shared secret keys, a permanent key (k_p) used for encrypting messages during the mutual authentication phase and an update key (k_u) used for the communication session. The session key is constantly updated after a pre-defined session time (sess_timei) by using the previous session information. We used a lightweight cryptography mechanisms that includes symmetric-key cryptography, hash-based message authentication code (HMAC), and hash function to design the protocol. We analyze the protocol using the Barrows-Abadi-Needham (BAN)-logic method and the results show that the proposed scheme has good security and performance compared to existing related protocols. It can provide a secure mutual authentication mechanism in the IoT environment.