The advent of Internet of Things (IoT) technology has brought considerable advantages to both personal and professional realms. However, the integration of IoT devices into diverse systems has underscored the pressing issue of security. Safeguarding data confidentiality in IoT systems necessitates the implementation of robust security measures, including encryption, authentication, and access control mechanisms. When effectively employed, these measures pave the way for the development of an efficient and secure IoT system, offering substantial benefits to end-users. This paper introduces a lightweight authentication solution tailored for IoT edge devices. Specifically designed for the edge network's large-scale nodes, our proposed solution optimally transmits information under limited bandwidth using lightweight symmetric cryptography, leveraging the chacha20 algorithm for session key establishment. Rigorous protocol correctness analysis using the Scyther tool confirms the superiority of our proposed protocol over alternative approaches, particularly in terms of communication and time costs.

J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of Things (IoT): A vision, architectural elements, and future directions,” Future Generation Computer Systems, vol. 29, no. 7, pp. 1645–1660, Sep. 2013, doi: https://doi.org/10.1016/j.future.2013.01.010.

E. Fazeldehkordi and T.-M. Grønli, “A Survey of Security Architectures for Edge Computing-Based IoT,” IoT, vol. 3, no. 3, pp. 332–365, Jun. 2022, doi: https://doi.org/10.3390/iot3030019.

M. binti Mohamad Noor and W. H. Hassan, “Current research on Internet of Things (IoT) security: A survey,” Computer Networks, vol. 148, pp. 283–294, Jan. 2019, doi: https://doi.org/10.1016/j.comnet.2018.11.025.

H. A. Khattak, M. A. Shah, S. Khan, I. Ali, and M. Imran, “Perception layer security in Internet of Things,” Future Generation Computer Systems, vol. 100, pp. 144–164, Nov. 2019, doi: https://doi.org/10.1016/j.future.2019.04.038.

Deogirikar, J., Vidhate, A ,”Security attacks in IoT: A survey”. In 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC), 2017, February, (pp. 32-37). IEEE.

A. Mosenia and N. K. Jha, “A Comprehensive Study of Security of Internet-of-Things,” IEEE Transactions on Emerging Topics in Computing, vol. 5, no. 4, pp. 586–602, Oct. 2017, doi: https://doi.org/10.1109/tetc.2016.2606384.

P. Kumar and L. Chouhan, “A secure authentication scheme for IoT application in smart home,” Peer-to-Peer Networking and Applications, vol. 14, no. 1, pp. 420–438, Aug. 2020, doi: https://doi.org/10.1007/s12083-020-00973-8.

F. Wu, X. Li, L. Xu, S. Kumari, M. Karuppiah, and J. Shen, “A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server,” Computers & Electrical Engineering, vol. 63, pp. 168–181, Oct. 2017, doi: https://doi.org/10.1016/j.compeleceng.2017.04.012.

U. Khalid, M. Asim, T. Baker, P. C. K. Hung, M. A. Tariq, and L. Rafferty, “A decentralized lightweight blockchain-based authentication mechanism for IoT systems,” Cluster Computing, Feb. 2020, doi: https://doi.org/10.1007/s10586-020-03058-6.

Santoso, F. K., Vun, N. C. “Securing IoT for smart home system”. In 2015 international symposium on consumer electronics (ISCE) 2015, June, (pp. 1-2). IEEE.

N. Li, D. Liu, and S. Nepal, “Lightweight Mutual Authentication for IoT and Its Applications,” IEEE Transactions on Sustainable Computing, vol. 2, no. 4, pp. 359–370, Oct. 2017, doi: https://doi.org/10.1109/TSUSC.2017.2716953.

Rachini, A. S., & Khatoun, R. (2020, February). Distributed Key Management Authentication algorithm in Internet of Things (IOT). In 2020 Sixth International Conference on Mobile And Secure Services (MobiSecServ) (pp. 1-5). IEEE.

L. Kong et al., “Edge-Computing-Driven Internet of Things: A Survey,” ACM Computing Surveys, Aug. 2022, doi: https://doi.org/10.1145/3555308.

Shah, T., Venkatesan, S.,”Authentication of IoT device and IoT server using secure vaults”. In 2018 17th IEEE international conference on trust, security and privacy in computing and communications/12th IEEE international conference on big data science and engineering (TrustCom/BigDataSE) (2018, August), (pp. 819-824). IEEE.

KF, M. A., Ganesan, V., Bodduna, R., & Rebeiro, C. PARAM: A microprocessor hardened for power side-channel attack resistance. In 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) , (2020, December) (pp. 23-34). IEEE

Christodorescu, M., Gaddam, S., Mukherjee, P., & Sinha, R. (2021, November). Amortized threshold symmetric-key encryption. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (pp. 2758-2779).

https://people.cispa.io/cas.cremers/scyther/

A. Shahidinejad, M. Ghobaei-Arani, A. Souri, M. Shojafar, and S. Kumari, “Light-Edge: A Lightweight Authentication Protocol for IoT Devices in an Edge-Cloud Environment,” IEEE Consumer Electronics Magazine, pp. 1–1, 2021, doi: https://doi.org/10.1109/mce.2021.3053543.

C.-M. Chen, L. Chen, Y. Huang, S. Kumar, and J. M.-T. Wu, “Lightweight authentication protocol in edge-based smart grid environment,” EURASIP Journal on Wireless Communications and Networking, Mar. 2021, doi: https://doi.org/10.1186/s13638-021-01930-6