Authentication in IoT

By Soumili Bose
2nd year 4th sem
Information Technology
University of Calcutta
Contents:
Introduction
IoT applications

Communication in IoT
Security and authentication in
IoT
Implementation of
Authentication in IoT
Steps for Authentication

Conclusion
References
Introduction
• What is IoT ?
- The Internet of Things is
actually a pretty simple
concept, it means taking all
the things in the world and
connecting them to the
internet.
IoT Applications

Smart Smart
Agriculture Vehicles

Smart Home Smart Cities

Communication in IoT
• LoRaWAN Protocol-
- Long Range Wide Area Network
(LoRaWAN) is a protocol, which
effectively allows long-range
communication for battery-
constrained end devices in IoT
environments.
Implementation of authentication in IoT
Security and Authentication in IoT

Why do we
need Security in Authentication
IoT ? in IoT:

Most Ways in which we

importantly, to can securely
gain trust of the access connected
users. devices.
Steps for Authentication
User Registration Phase:
The user needs to register with the network
server NS of the LoRaWAN network. This
phase involves the following steps described
later.

Note: Here, the user employs the biometric

features to securely store the credentials and
secret information on the smart mobile
device. Consequently, with these features the
user accesses the secret information on the
smart mobile device in the future.
User Registration Phase:
• The user Ui chooses an identity IDi and a
password PWi.
• The user chooses two long-term secret keys πi
and ρi.
• The user computes MIDi = aes128_cmac(πi,IDi|ρi)
STEP 1: and sends {MIDi} to the network server NS
through a secure channel.
User Registration Phase:
• NS chooses a random temporary identity TIDi for Ui.
• NS computes Ai = aes128_cmac(s, TIDi) ⊕ MIDi, where the
value s is a long-term secret key of NS.
• NS computes CMIDi = MIDi ⊕ s, CMIDi = aes128_cmac(s,
CMIDi)
• NS generates a counter SUCnti initialized to 0.

Step 2: • NS keeps SUCnt i and CMIDi in its database for auditing and
sends Ai and TIDi to Ui securely.
User Registration Phase:
• After receiving Ai and TIDi from the NS, the user generates a
counter USCnt i and initializes it to 0.
• Ui imprints their biometrics template Bi at the smart mobile
device (SMDi).
• The user employs a fuzzy extractor probabilistic function and
calculates Gen(Bi) = (βi, αi), Ki = aes128_cmac(βi,IDi|PW i) and

Step 3: Ci = aes128_encrypt(Ki, πi|ρi|MIDi||IDi||Ai|TIDi|USCnt i).

• Ui saves the values Ci and αi in SMDi.
Steps for Authentication
Offline End-Device Registration Phase:
• The owner of end-device Ej or the one who is eligible to connect and configure
Ej , computes Kij = aes128_cmac(πi, DevEUI j |ρi)
• The owner loads this value to the end-device Ej offline.
• The DevEUI j is a unique identifier for the end-device Ej . This identifier is based
on the IEEE EUI-64 address space format.
• Ej generates a counter EUCnt j and initializes it to 0.
• Afterward, it stores the value Kij and EUCnt j safely and securely in its memory.
• The user generates a new counter UECnt j and initializes it to 0 and appends
UECnt j to the value of Ci in his/her SMDi.
Steps for Authentication
Login and Authentication:

This phase provides authentication

and key establishment services
through which user Ui and end-
device Ej can mutually authenticate
each other and set up a session key
SKij over the LoRaWAN network.
The full details are as follows.
Login and Authentication:
Step 1:
• Ui needs to establish a session key with Ej , they inputs their own
identity IDi and password PW i.
• Ui enters their own biometric Bi at a biometrics sensor with fuzzy
extractor.
• SMDi computes βi = Rep(Bi, αi) and Ki = aes128_cmac(βi,IDi|PW i).
• SMDi decrypts Ci by employing the key Ki as (πi|ρi|MIDi| IDi| Ai|
TIDi|USCnti|UECnti) = aes128_decrypt (Ki, Ci), and checks
whether IDi ? = IDi.
Login and Authentication:
Step 1:
• If so, it computes Kij as Kij = aes128_cmac(πi, DevEUI j |ρi).
Then, it selects a secret random number λi and computes C1 ij
= aes128_decrypt(Kij , λi), UECnt i = UECnti + 1, ECnt j = UECnti
and C2 ij = aes128_decrypt( λi, DevEUI j | ECnt j |pad16).
• Ui computes USCnti = USCnti + 1, Cnt i = USCnti, Kin = Ai ⊕
MIDi, and Cin = aes128_encrypt(Kin, MID i|Cnt i|C1 ij |C2 ij |
DevEUI j ).
• The values C1 ij and C2 ij are intended to the end-device Ej.
Login and Authentication:
Step 1:

• Ui employs the AES decrypt operation to encrypt the messages intended to

the end-device so the end-device can use the AES encrypt operation in
electronic code book (ECB) mode to decrypt the messages.
• Ui uses the AES decrypt operation in ECB mode to encrypt C1 ij and C2 ij , and
Ej can employ an AES encryption operation in ECB mode to decrypt C1 ij and
C2 ij .
• The pad16 function annexes zero bytes so that the length of the data is a
multiple of 16.
• Finally, Ui sends M1 = {TID i, Cin} to the network server NS.
Login and Authentication:
Step 2:
• Upon receiving Ui’s message, NS employs its secret key s and TIDi, and calculates Kni
= aes128_cmac(s, TIDi).
• NS decrypts Cin as (MIDi|Cnt i|C1 ij |C2 ij |DevEUIj ) = aes128_decrypt(Kni, Cin). Then,
it computes CMIDi = MIDi ⊕ s, CMIDi = aes128_cmac(s, CMID i ) and checks whether
CMIDi is equal to the stored vale CMIDi.
• If so, it checks Cnt i > SUCnt i. If it does not hold, NS rejects the request.
• Otherwise, NS chooses a new random nonce, λn, and encrypts (CID|C1 ij |C2 ij |
DevEUI j |λn) with the key NwkSEncKeynj , which is shared between NS and Ej during
the activation process of Ej .
• Ultimately, NS sends M2 = {Cnj : KeyEstablishReq} to the end-device Ej through a
LoRaWAN gateway.
Login and Authentication:
Step 3:
• Based on the LoRaWAN specification, end-device Ej checks the MIC value of
the received message, decrypts the ciphertext with the key NwkSEncKeyjn
and extracts (CID |C1 ij |C2 ij |DevEUI j |λ n).
• Then, based on the MAC command type CID, it decrypts C1 ij as (λ i) =
aes128_encrypt(Kji, C1 ij) and decrypts C2 ij as (DevEUIj |ECnt j |pad16) =
aes128_encrypt(λ i, C2 ij).
• Then, it checks if DevEUI j ? = DevEUIj ? = DevEUI j and ECnt j > EUCnt j . If
both checks hold, it concludes that the request is valid, and this request is
initiated by Ui.
Login and Authentication:
Step 3:
• Afterward, the Ej selects a new secret random number λj and
computes EUCnt j = ECnt j , SKji = λ i ⊕ λj , C1 ji =
aes128_encrypt(Kji ⊕ λi, λj ) and C2 ji = aes128_encrypt(λj , SKji).
• Subsequently, it encrypts (C1 ji|C2 ji|λ n) with the key
NwkSEncKeyjn, computes the MIC value for the message and
gets the result Cjn.
• Eventually, Ej sends M3 = {Cjn : KeyEstablishAns} as a response to
KeyEstablishReq via a gateway.
Login and Authentication:
Step 4:
• Upon receiving Ej ’s response, NS checks the MIC value, uses the
key NwkSEncKeynj and decrypts the message.
• NS extracts (C1 ji|C2 ji|λn). Then, it verifies whether λn ? = λn.
• If so, NS selects a new temporary identity TIDnew i and
computes Anew i = aes128_cmac(s, TIDnew i ) ⊕ MIDi, SUCnt i =
Cnt i, and Cni = aes128_encrypt(Kni, C1 ji|C2 ji|TIDnew i |Anew i |
Cnt i).
• Finally, it sends M4 = {Cni} back to the user Ui.
Login and Authentication:
Step 5:
• After receiving the message, Ui decrypts Cni as (C1 ji |C2 ji |TIDnew i |Anew i |Cnt
i) = aes128_decrypt(Kin, Cni) and checks whether Cnt i = USCnt.
• If it holds, he/she decrypts C1 ji and C2 ji as (λ j ) = aes128_decrypt(Kij ⊕ λi, C1 ji)
and (SK ji) = aes128_decrypt(λ j , C2 ji), respectively.
• The user computes the session key SKij = λi ⊕ λ j .
• The user checks whether SKij ? = SKji. If so, he/she is convinced that the values C1
ji and C2 ji are generated by the end-device Ej .
• Then, Ui computes Cnew i = aes128_encrypt(Ki, π i|ρ i |MID i|ID i|Anew i |TIDnew i
|USCnti|UECnt i), and replaces Ci with Cnew i .
• Therefore, Ui can establish the session key Kij with Ej .
Steps for Authentication
Biometric and Password Update
Phase
This phase allows Ui to update his/her
biometrics template and password. The
required steps to perform this phase are
demonstrated in the following.
Biometric and Password Update Phase

• Ui inputs his/her identity IDi and password PW i. Subsequently, Ui inserts

his/her biometrics Bi at a biometrics sensor.
• Afterward, the user’s smart mobile device SMDi computes βi = Rep(Bi, αi),
and Ki = aes128_cmac(βi,IDi|PW i).
• Then, it decrypts Ci as (π i|ρ i|MID i|ID i|A i|TID i|USCnt i|UECnt j ) =

Step 1: aes128_decrypt(Ki, Ci), and verifies whether ID i ? = IDi and MID i ? =

aes128_cmac(π i,IDi|ρ i).
• If these conditions do not hold, the biometric and password update
request is rejected by SMDi.
• Else, Ui is prompted to insert a new biometrics template Bnew i and a new
secure password PW new i .
Biometric and Password Update Phase

• Upon receiving the values Bnew i and PW new i

from the user Ui, SMDi calculates Gen(Bnew i)
=(βnew i , αnew i ), Knew i = aes128_cmac(βnew
i ,IDi|PW new i ) and Cnew i =
Step 2: aes128_encrypt(Knew i , π i|ρ i|MID i|ID i|A i|TID i|
USCnt i| UECnt j ).
• Ultimately, SMDi replaces the values Ci with Cnew
i and αi with αnew i .
Conclusion
At the end, we can say that, at a growing technology like Internet
of Things, the privacy and security of the data given by its users, is
one of the major concerns. To attain security and privacy we need
to implement authentication. It is not that easy to implement
authentication in a growing technology like this, without
authentication (mainly privacy and security of the users’ data)
there is no meaning of it. So authentication must be implemented
to secure privacy.
References
• “A Secure and LoRaWAN Compatible User Authentication
Protocol for Critical Applications in the IoT Environment” by
Abdollah Jabbari and Jamshid Bagherzadeh Mohasefi.
• https://blog.universalbusinessschool.com/the-internet-of-things-i
ot-explained-simple-and-non-technical/
• https://www.geeksforgeeks.org/top-applications-of-iot-in-the-
world/
• https://yourtechdiet.com/blogs/biometric-authentication-tools-fo
r-businesses/
THANK YOU