Open Access

ARTICLE

IECC-SAIN: Innovative ECC-Based Approach for Secure Authentication in IoT Networks

Younes Lahraoui¹, Jihane Jebrane², Youssef Amal¹, Saiida Lazaar¹, Cheng-Chi Lee^3,4,*

1Mathematics, Computer Science and Applications TEAM, Abdelmalek Essaâdi University, ENSA, Tangier, 90000, Morocco
2 National School of Applied Sciences, Sultan Moulay Slimane University, Beni Mellal, 23000, Morocco
3 Department of Library and Information Science, Fu Jen Catholic University, New Taipei City, 242062, Taiwan
4 Department of Computer Science and Information Engineering, Asia University, Taichung City, 413, Taiwan

* Corresponding Author: Cheng-Chi Lee. Email:

Computer Modeling in Engineering & Sciences 2025, 144(1), 615-641. https://doi.org/10.32604/cmes.2025.067778

Received 12 May 2025; Accepted 26 June 2025; Issue published 31 July 2025

Abstract

Due to their resource constraints, Internet of Things (IoT) devices require authentication mechanisms that are both secure and efficient. Elliptic curve cryptography (ECC) meets these needs by providing strong security with shorter key lengths, which significantly reduces the computational overhead required for authentication algorithms. This paper introduces a novel ECC-based IoT authentication system utilizing our previously proposed efficient mapping and reverse mapping operations on elliptic curves over prime fields. By reducing reliance on costly point multiplication, the proposed algorithm significantly improves execution time, storage requirements, and communication cost across varying security levels. The proposed authentication protocol demonstrates superior performance when benchmarked against relevant ECC-based schemes, achieving reductions of up to 35.83% in communication overhead, 62.51% in device-side storage consumption, and 71.96% in computational cost. The security robustness of the scheme is substantiated through formal analysis using the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool and Burrows-Abadir-Needham (BAN) logic, complemented by a comprehensive informal analysis that confirms its resilience against various attack models, including impersonation, replay, and man-in-the-middle attacks. Empirical evaluation under simulated conditions demonstrates notable gains in efficiency and security. While these results indicate the protocol’s strong potential for scalable IoT deployments, further validation on real-world embedded platforms is required to confirm its applicability and robustness at scale.

---

Keywords

---