Protean authentication scheme - a time-bound dynamic KeyGen authentication technique for IoT edge nodes in outdoor deployments

IoT edge/sensor nodes are exposed to large attack surface and could easily succumb to several well-known attacks in the wireless sensor network (WSN) domain. Authenticating edge nodes before they join a network especially after a sleep state is a critical step to maintain the overall trust of any given IoT Local Area Network (IoT LAN). The low resources and computational constraints of such IoT nodes make this a challenging and non-trivial problem. As many IoT deployments are in uncontrolled environments, IoT devices are often placed in the open so that physical access to them is inevitable. Due to easy physical access of the devices, common attacks including cloning of devices or stealing secret keys stored in an edge node are some of the most common attacks on IoT deployments. This paper focuses on developing an extremely lightweight authentication scheme for constrained end-devices that are part of a given IoT LAN. Authentication occurs between the end-device and the gateway which acts as an edge computing device. The proposed authentication scheme is put through both formal and informal security verification. Voltage drop, current, and power are measured to gauge the overall impact of the security scheme. All the three parameters were measured while configuring the edge node as an end-device or as a router. Our testing results show that the impact on the resources was minimal.