Light-weight hashing method for user authentication in Internet-of-Things

Abstract

Abstract The goal of Internet-of-Things (IoT) is that every object across the globe be interconnected under the Internet Infrastructure. IoT is expanding its application domain to range from environmental monitoring to industrial automation thereby leading to vast research challenges. Vast presence of devices in the Internet has increased the possible challenges faced by devices and data. The devices communicate on a public channel that is more likely to be accessed by unauthorized users and disturb the privacy of genuine users. The existing solutions that ensure data authenticity and user privacy, use MD5 and SHA-family of hashing algorithms under digital signature schemes. These algorithms create a trade-off between the security concern and energy consumption of IoT devices. To provide an energy efficient authentication method, we propose a customized BLAKE2b hashing algorithm with modified elliptic curve digital signature scheme (ECDSA). The parameters considered for the evaluation of the proposed methods are signature generation time, signature verification time and hashing time. The experiments are conducted under client server model using Raspberry Pi-3. The proposed method has shown about 0.7–1.91% improvement in the signature generation time and 7.67–9.13 % improvement in signature verification time when compared with BLAKE2b based signature generation/verification. The proposed method is resistant to Man-in-the-Middle attack, Distributed DoS attack (DDoS), pre-image resistance, second pre-image resistance and collision resistance. Based on the performance obtained by the experiments, it can be inferred that the proposed scheme is feasible for resource-constrained IoT devices.