Towards a Comparative Study of Authentication Mechanisms for Low-Resource Internet of Things Devices

Joel Sousa; Emerson B. Tomaz; Allysson Allex Araújo

doi:10.5753/sbsi_estendido.2024.238987

Joel Sousa Universidade Federal do Ceará http://orcid.org/0009-0000-5602-777X
Emerson B. Tomaz Universidade Federal do Ceará https://orcid.org/0000-0002-8513-3659
Allysson Allex Araújo Universidade Federal do Cariri https://orcid.org/0000-0003-2108-2335

DOI: https://doi.org/10.5753/sbsi_estendido.2024.238987

Resumo

Authenticity represents an essential facet of information security explored across various Information Systems (IS), including Internet of Things (IoT) devices in Industry 4.0. However, deploying authentication mechanisms in specific IoT devices poses significant challenges, particularly for those with energy, memory, and computational power constraints. Given this context, this ongoing research project aims to compare conventional authentication mechanisms for low-resource IoT devices and identify the most efficient one among them. As an initial result, this paper aims to present our methodological scope and discuss preliminary empirical results derived from a computational experiment using the Non Interactive Zero Knowledge Proofs (NIZKP), algorithm in Arduino Nano. This research seeks to enhance the comprehension of authentication mechanisms in low-resource IoT devices, thus facilitating better decision-making processes in IS settings and contributing to academia and practice.

Palavras-chave: Authentication Mechanisms, Internet of Things, Low-Resource Devices, Information Security

Referências

Abomhara, M. and Køien, G. M. (2015). Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security and Mobility, pages 65–88.

Alnahari, W. and Quasim, M. T. (2021). Authentication of iot device and iot server using security key. In 2021 International Congress of Advanced Technology and Engineering (ICOTEN), pages 1–9. IEEE.

Baiyere, A., Topi, H., Venkatesh, V., and Donnellan, B. (2020). The internet of things (iot): A research agenda for information systems. Communications of the Association for Information Systems, 47.

Boscarioli, C., de Araujo, R. M., Maciel, R. S., Neto, V. V. G., Oquendo, F., Nakagawa, E. Y., Berrnardini, F. C., Viterbo, J., Vianna, D., Martins, C. B., et al. (2017). I grandsi-br: Grand research challenges in information systems in brazil 2016-2026.

Chatzigiannakis, I., Pyrgelis, A., Spirakis, P. G., and Stamatiou, Y. C. (2011). Elliptic curve based zero knowledge proofs and their applicability on resource constrained devices. In 2011 IEEE eighth international conference on mobile ad-hoc and sensor systems, pages 715–720. IEEE.

Dian, F. J., Yousefi, A., and Lim, S. (2018). A practical study on bluetooth low energy (ble) throughput. In 2018 IEEE 9th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), pages 768–771. IEEE.

Eldefrawy, M. H., Pereira, N., and Gidlund, M. (2018). Key distribution protocol for industrial internet of things without implicit certificates. IEEE Internet of Things Journal, 6(1):906–917.

Galla, L. K., Koganti, V. S., and Nuthalapati, N. (2016). Implementation of rsa. In 2016 International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT), pages 81–87. IEEE.

Hung, C.-W. and Hsu, W.-T. (2018). Power consumption and calculation requirement analysis of aes for wsn iot. Sensors, 18(6):1675.

Li, F., Hong, J., and Omala, A. A. (2017). Efficient certificateless access control for industrial internet of things. Future Generation Computer Systems, 76:285–292.

Liu, Y., Ma, X., Shu, L., Hancke, G. P., and Abu-Mahfouz, A. M. (2020). From industry 4.0 to agriculture 4.0: Current status, enabling technologies, and research challenges. IEEE Transactions on Industrial Informatics, 17(6):4322–4334.

Lohiya, R. and Thakkar, A. (2020). Application domains, evaluation data sets, and research challenges of iot: A systematic review. IEEE Internet of Things Journal, 8(11):8774–8798.

Ma, C., Xue, K., and Hong, P. (2014). Distributed access control with adaptive privacy preserving property for wireless sensor networks. Security and Communication Networks, 7(4):759–773.

Madakam, S., Lake, V., Lake, V., Lake, V., et al. (2015). Internet of things (iot): A literature review. Journal of Computer and Communications, 3(05):164.

Moosavi, S. R., Gia, T. N., Nigussie, E., Rahmani, A. M., Virtanen, S., Tenhunen, H., and Isoaho, J. (2016). End-to-end security scheme for mobility enabled healthcare internet of things. Future Generation Computer Systems, 64:108–124.

Najjar, M. (2015). d-hmac—an improved hmac algorithm. Int J Comput Sci Inf Secur, 13(4):89.

Perwej, Y., Haq, K., Parwej, F., Mumdouh, M., and Hassan, M. (2019). The internet of things (iot) and its application domains. International Journal of Computer Applications, 975(8887):182.

Puthiyidam, J. J., Joseph, S., and Bhushan, B. (2023). Enhanced authentication security for iot client nodes through t-ecdsa integrated into mqtt broker. The Journal of Supercomputing, pages 1–35.

Qin, Y., Sheng, Q. Z., Falkner, N. J., Dustdar, S., Wang, H., and Vasilakos, A. V. (2016). When things matter: A survey on data-centric internet of things. Journal of Network and Computer Applications, 64:137–153.

Roy, S. S., Puthal, D., Sharma, S., Mohanty, S. P., and Zomaya, A. Y. (2018). Building a sustainable internet of things: Energy-efficient routing using low-power sensors will meet the need. IEEE Consumer Electronics Magazine, 7(2):42–49.

Tomaz, A. E. B., Do Nascimento, J. C., Hafid, A. S., and De Souza, J. N. (2020). Preserving privacy in mobile health systems using non-interactive zero-knowledge proof and blockchain. IEEE access, 8:204441–204458.

Zhou, K., Liu, T., and Zhou, L. (2015). Industry 4.0: Towards future industrial opportunities and challenges. In 2015 12th International conference on fuzzy systems and knowledge discovery (FSKD), pages 2147–2152. IEEE.