LAM-CIoT: Lightweight authentication mechanism in cloud-based IoT environment

Internet of Things (IoT) becomes a new era of the Internet, which consists of several connected physical smart objects (i.e., sensing devices) through the Internet. IoT has different types of applications, such as smart home, wearable devices, smart connected vehicles, industries, and smart cities. Therefore, IoT based applications become the essential parts of our day-to-day life. In a cloud-based IoT environment, cloud platform is used to store the data accessed from the IoT sensors. Such an environment is greatly scalable and it supports realtime event processing which is very important in several scenarios (i.e., IoT sensors based surveillance and monitoring). Since some applications in cloud-based IoT are very critical, the information collected and sent by IoT sensors must not be leaked during the communication. To accord with this, we design a new lightweight authentication mechanism in cloud-based loT environment, called LAM-CIoT. By using LAM-CIoT, an authenticated user can access the data of IoT sensors remotely. LAM-CIoT applies efficient "one-way cryptographic hash functions" along with "bitwise XOR operations". In addition, fuzzy extractor mechanism is also employed at the user's end for local biometric verification. LAM-CIoT is methodically analyzed for its security part through the formal security using the broadly-accepted "Real-Or-Random (ROR)" model, formal security verification using the widely-used "Automated Validation of Internet Security Protocols and Applications (AVISPA)" tool as well as the informal security analysis. The performance analysis shows that LAM-CIoT offers better security, and low communication and computation overheads as compared to the closely related authentication schemes. Finally, LAM-CIoT is evaluated using the NS2 network simulator for the measurement of network performance parameters that envisions the impact of LAM-CIoT on the network performance of LAM-CIoT and other schemes.