A Lightweight Anonymous Authentication Protocol for Resource-Constrained Devices in Internet of Things

With the rapid development of Internet of things (IoT) in recent years, the security of IoT becomes more and more prominent. To protect data privacy and device availability, identity authentication technology has been applied to IoT environment. However, although scholars have designed a variety of authentication protocols for IoT environment, the resource costs of these protocols are still expensive for resource-constrained devices. In particular, when theB frequentB upgradeB ofB computerB hardwareB hasB ledB toB aB gradualB increaseB inB theB keyB lengthB ofB theB cryptosystem,B IoTB devicesB are hard toB keepB upB withB theB upgradeB speed because of the balance between cost and tasks. Although the storage space has increased in recent years, the computational and communication capabilities are still limited by some physical factors, such as energy, power, and communication link bandwidth. To improve the situation, this paper proposes an anonymous authentication protocol suitable for IoT devices with current hardware performance, which is based on elliptic curve and signcryption techniques. Compared with other protocols, our protocol further reduces the communication and computing cost of the client devices while ensuring security requirements. Thus, we formally prove its theoretical security under the random oracle model, and use simulation experiments to verify that the protocol can effectively reduce the resource requirements.