LDA-2IoT : A Level Dependent Authentication using Two Factor for IoT Paradigm

TL;DR

This paper introduces LDA-2IoT, a novel level-dependent two-factor authentication scheme for IoT that enhances security and trustworthiness in device communication using ECC and MQTT protocol.

Contribution

It proposes a new hierarchical, ECC-based authentication method tailored for IoT, addressing security challenges in device-to-device and device-to-user communications.

Findings

Security analysis confirms robustness against Dolev Yao and ROR models.

Implementation demonstrates feasibility with MQTT protocol.

Performance comparison shows improvements over existing schemes.

Abstract

The widespread expansion of the IoT based services are changing peoples living habits. With the vast data generation and intelligent decision support system, an IoT is supporting many industries to improve their products and services. The major challenge for IoT developers is to design a secure data transmission system and a trustworthy inter device and user device communication system. The data starts its journey from the sensing devices and reaches the user dashboard through a different medium. Authentication between two IoT devices provides a reliable and lightweight key generation system. In this paper, we put forward a novel authentication approach for the IoT paradigm. We postulate an ECC based two factor Level Dependent Authentication for Generic IoT (LDA 2IoT) in which users at a particular level in the hierarchy can access the sensors deployed at below or the equal level of the hierarchy. We impart the security analysis for the proposed LDA 2IoT based on the Dolev Yao channel and widely accepted random oracle based ROR model. We provide the implementation of the proposed scheme using the MQTT protocol. Finally, we set forth a performance analysis for the proposed LDA 2IoT system by comparing it with the other existing scheme.