A Lightweight authentication scheme for IoT against Rogue Base Station Attacks

Internet of Things (IoT) devices supporting intelligent cloud applications such as healthcare for hospitals rely on connecting with local base stations and access points to provide rich data analysis and real-time services to users. Devices authenticate with local base stations and perform handover operations to connect with access points with higher signal strength. Attackers disguise as valid base stations and access points using publicly accessible SSID information connect with local IoT devices during the handover process and give rise to data integrity and privacy concerns. This paper proposes a lightweight authentication scheme for private blockchain-based networks for securing devices from rogue base stations during the handover process. An authentication certificate is designed for base stations and machines in local clusters using SHA256 and modulo operations for enabling quick handover operations. The keys assigned to each device and base station joining the network are hashed, and their sizes are reduced using modulo operations. Furthermore, the compressed key size forms a certificate, which is used by the machines and the base stations to authenticate mutually. In comparison with existing studies, the performance analysis of the proposed scheme is based on the transmission of three messages required for completing the authentication process. Evaluation based on the Communication Overhead demonstrates a minimum improvement of 99.30% fewer bytes exchanged during the handover process and 89.58% reduced Storage Overhead compared with existing studies.