LCDA: Lightweight Continuous Device-to-Device Authentication for a Zero Trust Architecture (ZTA)

Continuous Authentication (CA) has been proposed as a potential solution to counter complex cybersecurity threats posed against conventional static authentication mechanisms that merely authenticate at ingress points of a platform. However, widely researched CA mechanisms that rely on user’s behavioural characteristics cannot be extended to continuously authenticate Internet of Things (IoT) devices. Challenges are exacerbated with the increased adoption of device-to-device (d2d) communication in critical infrastructures. Existing d2d authentication protocols proposed in the literature are either prone to subversion or are computationally infeasible to be deployed on constrained IoT devices. In view of these challenges, we propose a novel, Lightweight Continuous Device-to-Device Authentication (LCDA) protocol that leverages communication channel properties and a tunable mathematical function to generate dynamically changing session keys for continuous device authentication. Our extensive informal and formal analysis confirms the efficacy of the proposed LCDA protocol in terms of its resilience to known attack vectors, thereby demonstrating its strong potential for deployment in critical and resource-constrained scenarios for secure d2d communication.