Citation

AlJanah, Salem and Zhang, Ning and Tay, Siok Wah (2025) Optimizing Group Multi-Factor Authentication for Secure and Efficient IoT Device Communications. Cryptography, 9 (2). p. 35. ISSN 2410-387X

Text cryptography-09-00035.pdf - Published Version Restricted to Repository staff only Download (727kB)

Abstract

As more Internet of Things (IoT) devices are being used, more sensitive data and services are also being hosted by, or accessed via, IoT devices. This leads to a need for a stronger authentication solution for the IoT context, and a stronger authentication solution tends to be based on several authentication factors. Existing multi-factor authentication solutions are mostly used for user-to-system identity verification scenarios, whereas, in the IoT context, there are device-to-device communication scenarios. Therefore, more work is necessary to investigate how to facilitate multi-factor authentication for device-to-device interactions. As part of our ongoing work on the design of the M2I (Multi-factor Multilevel and Interaction-based) framework to facilitate multi-factor authentication in IoT, this paper reports an extension to an authentication framework published previously that supports the multi-factor authentication of devices in device-to-device and device-to-multidevice interactions. In this extended framework, four authentication protocols are added to facilitate multi-factor group authentication between IoT devices. Analysis results show that the protocols satisfy the specified security requirements and are resilient against authentication-related attacks. The communication and computation overheads of the protocols are also analyzed and compared with those of IoT group authentication solutions and Kerberos. The results show that the symmetric-key-based version of the proposed protocols cut the communication and computational costs, respectively, by 70∼74% and 89∼92% in comparison with those of Kerberos.

Item Type:	Article
Uncontrolled Keywords:	IoT security; multi-factor authentication; group authentication; secret sharing; homomorphic encryption
Subjects:	H Social Sciences > HD Industries. Land use. Labor > HD28-70 Management. Industrial Management > HD30.2 Electronic data processing. Information technology. Including artificial intelligence and knowledge management
Divisions:	Faculty of Information Science and Technology (FIST)
Depositing User:	Ms Suzilawati Abu Samah
Date Deposited:	01 Jul 2025 01:57
Last Modified:	01 Jul 2025 01:57
URII:	http://shdl.mmu.edu.my/id/eprint/14204

Downloads

Edit (login required)