Citation
AlJanah, Salem and Zhang, Ning and Tay, Siok Wah (2025) Optimizing Group Multi-Factor Authentication for Secure and Efficient IoT Device Communications. Cryptography, 9 (2). p. 35. ISSN 2410-387X![]() |
Text
cryptography-09-00035.pdf - Published Version Restricted to Repository staff only Download (727kB) |
Abstract
As more Internet of Things (IoT) devices are being used, more sensitive data and services are also being hosted by, or accessed via, IoT devices. This leads to a need for a stronger authentication solution for the IoT context, and a stronger authentication solution tends to be based on several authentication factors. Existing multi-factor authentication solutions are mostly used for user-to-system identity verification scenarios, whereas, in the IoT context, there are device-to-device communication scenarios. Therefore, more work is necessary to investigate how to facilitate multi-factor authentication for device-to-device interactions. As part of our ongoing work on the design of the M2I (Multi-factor Multilevel and Interaction-based) framework to facilitate multi-factor authentication in IoT, this paper reports an extension to an authentication framework published previously that supports the multi-factor authentication of devices in device-to-device and device-to-multidevice interactions. In this extended framework, four authentication protocols are added to facilitate multi-factor group authentication between IoT devices. Analysis results show that the protocols satisfy the specified security requirements and are resilient against authentication-related attacks. The communication and computation overheads of the protocols are also analyzed and compared with those of IoT group authentication solutions and Kerberos. The results show that the symmetric-key-based version of the proposed protocols cut the communication and computational costs, respectively, by 70∼74% and 89∼92% in comparison with those of Kerberos.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | IoT security; multi-factor authentication; group authentication; secret sharing; homomorphic encryption |
Subjects: | H Social Sciences > HD Industries. Land use. Labor > HD28-70 Management. Industrial Management > HD30.2 Electronic data processing. Information technology. Including artificial intelligence and knowledge management |
Divisions: | Faculty of Information Science and Technology (FIST) |
Depositing User: | Ms Suzilawati Abu Samah |
Date Deposited: | 01 Jul 2025 01:57 |
Last Modified: | 01 Jul 2025 01:57 |
URII: | http://shdl.mmu.edu.my/id/eprint/14204 |
Downloads
Downloads per month over past year
![]() |