A Hybrid and Lightweight Device-to-Server Authentication Technique for the Internet of Things

The Internet of Things (IoT) is a smart networking infrastructure of physical devices, i.e., things, that are embedded with sensors, actuators, software, and other technologies, to connect and share data with the respective server module. Although IoTs are cornerstones in different application domains, the device's authenticity, i.e., of server(s) and ordinary devices, is the most crucial issue and must be resolved on a priority basis. Therefore, various field -proven methodologies were presented to streamline the verification process of the communicating devices; however, location -aware authentication has not been reported as per our knowledge, which is a crucial metric, especially in scenarios where devices are mobile. This paper presents a lightweight and location -aware device -toserver authentication technique where the device's membership with the nearest server is subjected to its location information along with other measures. Initially, Media Access Control (MAC) address and Advance Encryption Scheme (AES) along with a secret shared key, i.e., lambda i of 128 bits, have been utilized by Trusted Authority (TA) to generate MaskIDs, which are used instead of the original ID, for every device, i.e., server and member, and are shared in the offline phase. Secondly, TA shares a list of authentic devices, i.e., server Sj and members Ci, with every device in the IoT for the onward verification process, which is required to be executed before the initialization of the actual communication process. Additionally, every device should be located such that it lies within the coverage area of a server, and this location information is used in the authentication process. A thorough analytical analysis was carried out to check the susceptibility of the proposed and existing authentication approaches against well-known intruder attacks, i.e., man -in -the -middle, masquerading, device, and server impersonations, etc., especially in the IoT domain. Moreover, proposed authentication and existing state-of-the-art approaches have been simulated in the real environment of IoT to verify their performance, particularly in terms of various evaluation metrics, i.e., processing, communication, and storage overheads. These results have verified the superiority of the proposed scheme against existing state-of-the-art approaches, preferably in terms of communication, storage, and processing costs.