A payload-based mutual authentication scheme for Internet of Things

Mian Ahmad Jan, Fazlullah Khan, Muhammad Alam, Muhammad Usman

Research output: Journal PublicationArticlepeer-review

81 Citations (Scopus)


The Internet of Things (IoT) is a vision that broadens the scope of the Internet by incorporating physical objects to identify themselves to the participating entities. This innovative concept enables a physical object to represent itself in the digital world. There have been a lot of speculations and future forecasts about these physical objects connected with the Internet, however, most of them lack secure features and are vulnerable to a wide range of attacks. Miniature sensor nodes, embedded in these physical objects, limit the support for computationally complex and resource-consuming secured algorithms. In this paper, we propose a lightweight mutual authentication scheme for the real-world physical objects of an IoT environment. It is a payload-based encryption scheme which uses a simple four-way handshake mechanism to verify the identities of the participating objects. The real-world objects communicate with each other using the client–server interaction model. Our proposed scheme uses the lightweight features of Constrained Application Protocol (CoAP) to enable the clients to observe resources residing on the server, in an energy-efficient manner. We use Advanced Encryption Standard (AES), with a key length of 128 bits, to establish a secured session for resource observation. We evaluate our scheme for a real-world scenario using NetDuino Plus 2 boards. Our scheme is computationally efficient, incurs less connection overhead and at the same time, provides a robust defence against various attacks such as, resource exhaustion, Denial-of-Service, replay and physical tampering.

Original languageEnglish
Pages (from-to)1028-1039
Number of pages12
JournalFuture Generation Computer Systems
Publication statusPublished - Mar 2019
Externally publishedYes


  • CoAP
  • Internet of Things
  • Intrusion detection
  • Lightweight authentication
  • Payload encryption
  • Resource observation

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications


Dive into the research topics of 'A payload-based mutual authentication scheme for Internet of Things'. Together they form a unique fingerprint.

Cite this