Scalable and Secure Remote Authentication for Resource-Constrained IoT-Based Smart Homes
摘要
With the increasing adoption of Internet of Things (IoT) devices within smart homes, there is the need for secure fast and scalable authentication because many IoT devices have very limited power and processing resources to allow standard public digital signature schemes. In this paper, the authors investigate the development of a remote authentication framework that is lightweight and scalable and also resistant towards quantum-based attacks in long term. To mitigate latency and prevent gateway overloading, the approach proposes a cluster-based authentication mechanism; to preserve energy-life, is an energy-aware adaptive authentication algorithm, and hybrid key exchange that integrates Elliptic Curve Cryptography (ECC) with Post-Quantum Cryptography (PQC), enhancing the security level. Authentication logs are stored securely within a lightweight blockchain/DAG ledger preventing impersonation with context-aware MFA. Experimental results indicated our method could achieve up to 48.6% in computation reduction, 27.5% in communication cost reduction and up to 22% prolong device life over the state-of-the-art approaches. Compatibility with AVISPA, ProVerif, and Tamarin security testing yields no replay attack, no man-in-the-middle or impersonation issue and of course forward privacy. This makes the suggested system ideal for secured and efficient smart home IoT implementations.