Continuous Entity Authentication in the Internet of Things Scenario

In the context of the Internet of Things (IoT), the proliferation of identity spoofing threats has led to the need for the constant entity verification of devices. Recently, a formal framework has been proposed to study resistance to impersonation attacks for One-Message Unilateral Entity Authentication (OM-UEA) schemes, in which the prover continuously authenticates itself through the use of a sequence of authentication messages. Given the limited computing power of the parties (particularly the prover) and the often limited bandwidth channel, in the IoT scenario it is desirable to design unilateral entity authentication schemes that require the use of a single message per session and light computations. In this paper, we first show that OM-UEA schemes can be implemented through digital signatures and that a weak form of unforgeability is sufficient to achieve security against active adversaries. We then apply the signature scheme proposed by Yang et al. in ASIACCS 2020 to our framework, resulting in an OM-UEA scheme that requires minimal computational effort and low storage requirements for the prover. Inspired by this last construction, we propose an OM-UEA scheme based on the hardness of the discrete logarithm problem, which further improves the computational performance for the prover. Our findings offer feasible options for implementing secure continuous entity authentication in IoT applications.