REAP-IIoT: Resource-Efficient Authentication Protocol for the Industrial Internet of Things

With the widespread utilization of Internet-enabled smart devices (SDs), the Industrial Internet of Things (IIoT) has become prevalent in recent years. SDs exchange information through the open Internet, which creates security and privacy concerns for the exchanged information. To address these concerns, various solutions exist in the literature which, because of high computational and communication overheads, are not appropriate for the resource-constricted IIoT environment. This article proposes a resource-efficient authentication protocol for the IIoT, called REAP-IIoT, which employs a lightweight cryptography (LWC)-based authenticated encryption with associative data (AEAD) primitive AEGIS along with hash function. LWC-based AEAD primitives are suitable for resource constraint SDs because they require fewer computational resources. Moreover, REAP-IIoT renders the privacy-preserving user authentication functionality and establishes a session key (SK) between SDs deployed in the IIoT environment and users. Both user and SD utilize the established SK for encrypted communication. The security of SK, established during the authentication and key exchange (AKE) process of REAP-IIoT, is validated through the broadly accepted random or real model. Besides, Scyther-based security verification is conducted to illustrate that REAP-IIoT is secure and can protect the man-in-the-middle and replay attacks. Additionally, the informal security analysis is carried out to show that REAP-IIoT is protected against various covert security risks. A thorough comparison reveals that REAP-IIoT renders enhanced security characteristics apart from its low communication, storage, and computational overheads than the relevant AKE protocols.