Towards a Lightweight Continuous Authentication Protocol for Device-to-Device Communication
This addresses security challenges in critical infrastructure IoT systems, but it is incremental as it builds on existing authentication concepts for constrained devices.
The paper tackles the problem of continuous authentication for IoT device-to-device communication, which is vulnerable to attacks with existing methods, by proposing a lightweight protocol that uses channel properties and a tunable function to generate dynamic session keys, with preliminary analysis showing resistance to known attacks.
Continuous Authentication (CA) has been proposed as a potential solution to counter complex cybersecurity attacks that exploit conventional static authentication mechanisms that authenticate users only at an ingress point. However, widely researched human user characteristics-based CA mechanisms cannot be extended to continuously authenticate Internet of Things (IoT) devices. The challenges are exacerbated with increased adoption of device-to-device (d2d) communication in critical infrastructures. Existing d2d authentication protocols proposed in the literature are either prone to subversion or are computationally infeasible to be deployed on constrained IoT devices. In view of these challenges, we propose a novel, lightweight, and secure CA protocol that leverages communication channel properties and a tunable mathematical function to generate dynamically changing session keys. Our preliminary informal protocol analysis suggests that the proposed protocol is resistant to known attack vectors and thus has strong potential for deployment in securing critical and resource-constrained d2d communication.