Abstract— Lightweight authentication is a branch of the modern authentication techniques, which intended to be used in constraints network such IoT and WSN which has devices with low or extremely low resources. There are several ways for designing a lightweight authentication protocol, researchers are competing to find the best ways that fit with the features of the Internet of Things. In this paper, we propose generalized approaches to design lightweight authentication protocols. Also, we highlight some principals and security requirements for the implementation of lightweight authentication. Finally, we provide a comparative study of using symmetric and asymmetric cryptography techniques for designing lightweight authentication protocols for IoT.

IoT; IoT Security; lightweight Authentication; IoT authentication; authentication security attacks; constrained devices Authentication

Babar S, Mahalle P, Stango A, Prasad N, Prasad R. Proposed security model and threat taxonomy for the internet of things (IoT). In: Recent trends in network security and applications. Springer Berlin, Heidelberg; 2010. p. 420–9. doi: 10. 1007/978- 3- 642- 14478- 3 _ 42 .

P.K. Dhillon, S. Kalra, A lightweight biometrics based remote user authentication scheme for IoT services, Journal of Information Security and Applications (2017), http://dx.doi.org/10.1016/j.jisa.2017.01.003

R. Amin et al., Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks, Computer Networks (2016), http://dx.doi.org/10.1016/j.comnet.2016.01.006

M. Turkanovic´ et al., A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion, Ad Hoc Netw. (2014), http://dx.doi.org/10.1016/j.adhoc.2014.03.009

JingLiu et al,” Internet of things’ authentication and access control”, Int. J. Security and Networks, Vol. 7, No. 4, 2012

Savio Sciancalepore et al,’Public Key Authentication and Key agreement in IoT devices with minimal airtime consumption’, 2016 IEEE.

S. Sciancalepore, A. Capossele, G. Piro, G. Boggia, and G. Bianchi.Key Management Protocol with Implicit Certificates for IoT systems. In ACM IoT-Sys Workshop, May 2015.

K. Xue, C. Ma, P. Hong, R. Ding, A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks, J. Netw. Comput. Appl. 36 (2012) 316–323.

S. Ozdemir, Y. Xiao, Secure data aggregation in wireless sensor networks: a comprehensive overview, Comput. Netw. 53 (2009) 2022–2037.

http://williamstallings.com/Cryptography/CRYPTOGRAPHY AND NETWORK SECURITY sixth edition

Manjulata AK . Survey on lightweight primitives and protocols for RFID in wire- less sensor networks. International Journal of Communication Networks and Information Security (IJCNIS) Vol. 6, No. 1, April 2014

Jorge Granjal et al,’ Security for the Internet of Things: A Survey of Existing Protocols and Open Research issues’, DOI 10.1109/COMST.2015.2388550, IEEE Communications Surveys & Tutorials

L. Xu , F. Wu , Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care, J. Med. Syst. 39 (2) (2015) 1–9 .

M.S. Farash, M. Turkanović, S. Kumari, M. Hölbl, An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment, Ad Hoc Networks (2015), doi: http://dx.doi.org/10.1016/j.adhoc.2015.05.014

Sima Arasteh et al, “A New Lightweight Authentication and Key agreement Protocol For Internet of Things”, 13th International ISC Conference on Information Security and Cryptology (ISCISC2016) September 7-8, 2016; Shahid Beheshti University – Tehran, Iran

D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk.’Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280, May 2008.

Savio Sciancalepore et al’ Public Key Authentication and Key agreement in IoT devices with minimal airtime consumption’, 2016 IEEE.

A. Das, Kumar, P. Sharma, S. Chatterjee, S.J. Sing, Kanta, A dynamic password-based user authentication scheme for hierarchical wireless sensor networks, J. Netw. Comput. Appl. 35 (2012) 1646– 1656.

M.K. Khan, K. Alghathbar, Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’, Sensors 10 (2010) 2450–2459.

M. Turkanovic´ , M. Hölbl, An improved dynamic password-based user authentication scheme for hierarchical wireless sensor networks, Electron. Electric. Eng. 19 (2013) 109–116.

H.-F. Huang, Y.-F. Chang, C.-H. Liu, Enhancement of two-factor userauthentication in wireless sensor networks, in: IEEE Computer Society, 2010, pp. 27–30.