Protean Authentication Scheme - A Time-Bound Dynamic KeyGen Authentication Technique for IoT Edge Nodes in Outdoor Deployments

The IoT edge/sensor nodes are exposed to large attack surface and could easily succumb to several well-known attacks in the wireless sensor network (WSN) domain. Authenticating edge nodes before they join a network, especially after a sleep state, is a critical step to maintain the overall trust of any given IoT local area network (IoT LAN). The low resources and computational constraints of such IoT nodes make this a challenging and non-trivial problem. As many IoT deployments are in uncontrolled environments, the IoT devices are often placed in the open so that physical access to them is inevitable. Due to easy physical access of the devices, common attacks, including cloning of devices or stealing secret keys stored in an edge node, are some of the most common attacks on the IoT deployments. This paper focuses on developing an extremely lightweight authentication scheme for constrained end-devices that are part of a given IoT LAN. Authentication occurs between the end-device and the gateway that acts as an edge computing device. The proposed authentication scheme is put through both formal and informal security verification. Voltage drop, current, and power are measured to gauge the overall impact of the security scheme. All the three parameters were measured while configuring the edge node as an end-device or as a router. Our testing results show that the impact on the resources was minimal.