A Two-Flights Mutual Authentication for Energy-Constrained IoT Devices

Yılmaz Y., Halak B.

2019 IEEE 4th International Verification and Security Workshop (IVSW), Rodos, Greece, 1 - 03 July 2019, pp.31-36 identifier identifier

  • Publication Type: Conference Paper / Full Text
  • Doi Number: 10.1109/ivsw.2019.8854438
  • City: Rodos
  • Country: Greece
  • Page Numbers: pp.31-36
  • Keywords: Internet of Things, Mutual Authentication, Wireless Sensor, Elliptic Curve Cryptography
  • Recep Tayyip Erdoğan University Affiliated: Yes


Authentication is a fundamental part of essential security operations and is a cornerstone for the Internet of Things (IoT) security. In this work an energy-efficient and secure mutual authentication protocol is proposed for constrained IoT devices wherein a combination of RC5 (Rivest Cipher) and ECC (Elliptic Curve Cryptography) cryptosystems are used. The protocol is implemented, and its functionality is verified on Zolertia RE-mote IoT devices. It supports secure data transmission along with authentication. Unlike existing schemes, mutual authentication in the proposed protocol is achieved with only two flights between client and server. The security against most common attacks is analysed, furthermore energy consumption of our protocol is evaluated and compared with existing protocol e.g. DTLS handshake. Our protocol saves up to 57% energy compared to the DTLS handshake protocol per authentication cycle.