Vol.70, No.1, 2022, pp.1033-1052, doi:10.32604/cmc.2022.018589
A Secure and Efficient Cluster-Based Authentication Scheme for Internet of Things (IoTs)
  • Kanwal Imran1,*, Nasreen Anjum2, Abdullah Alghamdi3, Asadullah Shaikh3, Mohammed Hamdi3, Saeed Mahfooz1
1 Department of Computer Science, University of Peshawar, Peshawar, 25121, Pakistan
2 Department of Informatics, King’s College London, London, SE5 9RJ, UK
3 College of Computer Science and Information Systems, Najran University, Najran, 61441, Saudi Arabia
* Corresponding Author: Kanwal Imran. Email:
Received 13 March 2021; Accepted 29 May 2021; Issue published 07 September 2021
IPv6 over Low Power Wireless Personal Area Network (6LoWPAN) provides IP connectivity to the highly constrained nodes in the Internet of Things (IoTs). 6LoWPAN allows nodes with limited battery power and storage capacity to carry IPv6 datagrams over the lossy and error-prone radio links offered by the IEEE 802.15.4 standard, thus acting as an adoption layer between the IPv6 protocol and IEEE 802.15.4 network. The data link layer of IEEE 802.15.4 in 6LoWPAN is based on AES (Advanced Encryption Standard), but the 6LoWPAN standard lacks and has omitted the security and privacy requirements at higher layers. The sensor nodes in 6LoWPAN can join the network without requiring the authentication procedure. Therefore, from security perspectives, 6LoWPAN is vulnerable to many attacks such as replay attack, Man-in-the-Middle attack, Impersonation attack, and Modification attack. This paper proposes a secure and efficient cluster-based authentication scheme (CBAS) for highly constrained sensor nodes in 6LoWPAN. In this approach, sensor nodes are organized into a cluster and communicate with the central network through a dedicated sensor node. The main objective of CBAS is to provide efficient and authentic communication among the 6LoWPAN nodes. To ensure the low signaling overhead during the registration, authentication, and handover procedures, we also introduce lightweight and efficient registration, de-registration, initial authentication, and handover procedures, when a sensor node or group of sensor nodes join or leave a cluster. Our security analysis shows that the proposed CBAS approach protects against various security attacks, including Identity Confidentiality attack, Modification attack, Replay attack, Man-in-the-middle attack, and Impersonation attack. Our simulation experiments show that CBAS has reduced the registration delay by 11%, handoff authentication delay by 32%, and signaling cost by 37% compared to the SGMS (Secure Group Mobility Scheme) and LAMS (Light-Wight Authentication & Mobility Scheme).
IoT; cyber security; security attacks; authentication delay; handover delay; signaling cost; 6LoWPAN
Cite This Article
K. Imran, N. Anjum, A. Alghamdi, A. Shaikh, M. Hamdi et al., "A secure and efficient cluster-based authentication scheme for internet of things (iots)," Computers, Materials & Continua, vol. 70, no.1, pp. 1033–1052, 2022.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.