A Lightweight Identity Authentication Protocol for Nano-Scale IoT Devices

Authors

  • Batool Mohammed Radhi Department of Community Health Technologies, Medical Technical Institute, Southern Technical University, Basrah, Iraq
  • Abdalrahman Fatikhan Ataalla Department of Computer Engineering Techniques, College of Technical Engineering, University of Al Maarif, Al Anbar, Iraq
  • Huda Mohammed Alsayednoor Shatt Al-Arab University College, Basra, Iraq
  • Mahmood A. Al-Shareeda Department of Information Technology, Management Technical College, Southern Technical University, Basrah, Iraq | College of Engineering, Al-Ayen University, Thi-Qar, Iraq
  • Mohammed Amin Almaayah Department of Computer Science, King Abdullah the II IT School, The University of Jordan, Amman, Jordan
  • Mansour Obeidat Applied College, King Faisal University, Al-Ahsa, Saudi Arabia
Volume: 15 | Issue: 5 | Pages: 27938-27946 | October 2025 | https://doi.org/10.48084/etasr.13449

Received: 16 July 2025 | Revised: 14 August 2025 | Accepted: 20 August 2025 | Online: 6 October 2025


Corresponding author: Mahmood A. Al-Shareeda

Abstract

The nano-scale Internet of Things (nano-IoT) is ushering in a new era of applications in areas such as biomedical sensing, smart dust, and embedded environmental monitoring. Unfortunately, the utilization of nano-devices is barely feasible because of their very limited energy, computation, memory, and communication bandwidth, making existing cryptographic authentication methods infeasible. This study introduces an ultra-lightweight identity authentication protocol designed for nano-IoT systems with limited resources. The proposed protocol uses symmetric key cryptography, one-way hash functions, and XOR operations to achieve mutual authentication with low computational and communication costs. A highly modular architecture is proposed, consisting of 4 main stages: cryptographically secure pre-loading of credentials, a hash-based mutual authentication scheme, a stateless session update mechanism using hash chains and nonces, and a gateway-level revocation enforcement model. In contrast to PUF- or ECC-based protocols, the proposed protocol is extremely resistant to impersonation, replay, man-in-the-middle, desynchronization, and side-channel attacks without requiring special hardware. Simulations in nano-IoT settings show that the proposed protocol is more than 8 times faster and 11 times more energy-efficient than public-key-based algorithms, with high scalability and robust security. This study offers a solid basis for the secure bootstrapping of the forthcoming nano-IoT in dynamic, low-power, and latency-constrained environments.

Keywords:

nano-IoT, ultra-lightweight authentication, identity management, low-power cryptography, secure nano-communication, pseudonymous devices, stateless protocols, energy-efficient security, hash-based authentication, mutual verification

Downloads

Download data is not yet available.

References

K. Vijayvargia, P. Saxena, and D. S. Bhilare, "Context Management Life Cycle for Internet of Things: Tools, Techniques, and Open Issues," Engineering, Technology & Applied Science Research, vol. 15, no. 1, pp. 19449–19459, Feb. 2025.

H. A. Naser, A. T. Lateef, F. A. Bida, and M. Zorah, "Systematic Review of Internet of Nano Things (IoNT) Technology: Taxonomy, Architecture, Open Challenges, Motivation and Recommendations," Iraqi Journal of Nanotechnology, no. 2, pp. 7–19, Dec. 2021.

M. A. Al-Shareeda, A. A. H. Ghadban, A. A. H. Glass, E. M. A. Hadi, and M. A. Almaiah, "Efficient implementation of post-quantum digital signatures on Raspberry Pi," Discover Applied Sciences, vol. 7, no. 6, Jun. 2025, Art. no. 597.

M. H. Miraz, M. Ali, P. S. Excell, and R. Picking, "A review on Internet of Things (IoT), Internet of Everything (IoE) and Internet of Nano Things (IoNT)," in 2015 Internet Technologies and Applications (ITA), Wrexham, United Kingdom, Sep. 2015, pp. 219–224.

K. R. Singh, V. Nayak, J. Singh, and R. P. Singh, "Nano-enabled wearable sensors for the Internet of Things (IoT)," Materials Letters, vol. 304, Dec. 2021, Art. no. 130614.

L. H. Mahdi and A. A. Abdullah, "Fortifying Future IoT Security: A Comprehensive Review on Lightweight Post-Quantum Cryptography," Engineering, Technology & Applied Science Research, vol. 15, no. 2, pp. 21812–21821, Apr. 2025.

A. S. Haichour and K. Benfriha, "Empowering Real-Time IoT Applications: A Brief Review on Leveraging GPU Acceleration for Latency Reduction," in Internet of Things. 7th IFIPIoT 2024 International IFIP WG 5.5 Workshops, 2025, pp. 107–120.

S. S. Ahmadpour, A. Heidari, N. J. Navimpour, M. A. Asadi, and S. Yalcin, "An Efficient Design of Multiplier for Using in Nano-Scale IoT Systems Using Atomic Silicon," IEEE Internet of Things Journal, vol. 10, no. 16, pp. 14908–14909, Dec. 2023.

A. AlShuaibi, M. W. Arshad, and M. Maayah, "A Hybrid Genetic Algorithm and Hidden Markov Model-Based Hashing Technique for Robust Data Security," Journal of Cyber Security and Risk Auditing, vol. 2025, no. 3, pp. 42–56, May 2025.

S. Majumder, S. Ray, D. Sadhukhan, M. K. Khan, and M. Dasgupta, "ECC-CoAP: Elliptic Curve Cryptography Based Constraint Application Protocol for Internet of Things," Wireless Personal Communications, vol. 116, no. 3, pp. 1867–1896, Feb. 2021.

S. K. Mousavi, A. Ghaffari, S. Besharat, and H. Afshari, "Security of Internet of Things using RC4 and ECC Algorithms (Case Study: Smart Irrigation Systems)," Wireless Personal Communications, vol. 116, no. 3, pp. 1713–1742, Feb. 2021.

Z. G. Al-Mekhlaf et al., "A quantum-resilient lattice-based security framework for internet of medical things in healthcare systems," Journal of King Saud University Computer and Information Sciences, vol. 37, no. 6, Jul. 2025, Art. no. 126.

B. A. Mohammed et al., "Taxonomy-Based Lightweight Cryptographic Frameworks for Secure Industrial IoT: A Survey," IEEE Internet of Things Journal, 2025.

M. Masud, G. S. Gaba, K. Choudhary, M. S. Hossain, M. F. Alhamid, and G. Muhammad, "Lightweight and Anonymity-Preserving User Authentication Scheme for IoT-Based Healthcare," IEEE Internet of Things Journal, vol. 9, no. 4, pp. 2649–2656, Oct. 2022.

R. R. Irshad et al., "IoT-Enabled Secure and Scalable Cloud Architecture for Multi-User Systems: A Hybrid Post-Quantum Cryptographic and Blockchain-Based Approach Toward a Trustworthy Cloud Computing," IEEE Access, vol. 11, pp. 105479–105498, 2023.

S. R. Addula, S. Norozpour, and M. Amin, "Risk Assessment for Identifying Threats, vulnerabilities and countermeasures in Cloud Computing," Jordanian Journal of Informatics and Computing, vol. 2025, no. 1, pp. 37–48, Mar. 2025.

T. Alsalem and M. Amin, "Towards Trustworthy IoT Systems: Cybersecurity Threats, Frameworks, and Future Directions," Journal of Cyber Security and Risk Auditing, vol. 2023, no. 1, pp. 3–18, Feb. 2023.

A. Rana, S. Prajapat, P. Kumar, D. Gautam, and C. M. Chen, "Designing a Security Framework Based on Hybrid Communication in Internet of Nano Things," IEEE Internet of Things Journal, vol. 11, no. 4, pp. 7265–7284, Oct. 2024.

A. Rana, D. Gautam, P. Kumar, and A. Kumar Das, "Architectures, Benefits, Security, and Privacy Issues of Internet of Nano Things: A Comprehensive Survey, Opportunities, and Research Challenges," IEEE Communications Surveys & Tutorials, vol. 27, no. 2, pp. 1152–1190, Apr. 2025.

H. Albinhamad, A. Alotibi, A. Alagnam, M. Almaiah, and S. Salloum, "Vehicular Ad-hoc Networks (VANETs): A Key Enabler for Smart Transportation Systems and Challenges," Jordanian Journal of Informatics and Computing, vol. 2025, no. 1, pp. 4–15, Feb. 2025.

C. Tian, J. Ma, T. Li, J. Zhang, C. Ma, and N. Xi, "Provably and Physically Secure UAV-Assisted Authentication Protocol for IoT Devices in Unattended Settings," IEEE Transactions on Information Forensics and Security, vol. 19, pp. 4448–4463, 2024.

K. Raj, S. Bodapati, and A. Chattopadhyay, "PUF-based Lightweight Mutual Authentication Protocol for Internet of Things (IoT) Devices," in 2024 IEEE International Symposium on Circuits and Systems (ISCAS), Singapore, May 2024, pp. 1–5.

A. Munshi and B. Alshawi, "Hybrid Encryption Model for Secured Three-Phase Authentication Protocol in IoT," Journal of Sensor and Actuator Networks, vol. 13, no. 4, Aug. 2024, Art. no. 41.

C. Benrebbouh, H. Mansouri, S. Cherbal, and A. S. K. Pathan, "Enhanced secure and efficient mutual authentication protocol in IoT-based energy internet using blockchain," Peer-to-Peer Networking and Applications, vol. 17, no. 1, pp. 68–88, Jan. 2024.

H. Fei, O. Millwood, P. Gope, J. Miskelly, and B. Sikdar, "PhenoAuth: A Novel PUF-Phenotype-Based Authentication Protocol for IoT Devices," in 2024 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), Tysons Corner, VA, USA, May 2024, pp. 309–319.

S. P. Satpathy, S. Mohanty, and M. Pradhan, "A sustainable mutual authentication protocol for IoT-Fog-Cloud environment," Peer-to-Peer Networking and Applications, vol. 18, no. 1, Dec. 2024, Art. no. 35.

A. S. V. Rao, P. K. Roy, T. Amgoth, and A. Bhattacharya, "A deep learning-based authentication protocol for IoT-enabled LTE systems," Future Generation Computer Systems, vol. 154, pp. 451–464, May 2024.

S. Bhamare, S. Agarwal, and G. S. Kasbekar, "PUF-Based Lightweight and Anonymity-Preserving Continuous Authentication Protocol for IoT Devices," in 2024 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), Guwahati, India, Dec. 2024, pp. 1–6.

S. Kaganurmath, N. G. Cholli, and M. R. Anala, "DLKS-MQTT: A Lightweight Key Sharing Protocol for Secure IoT Communications," Engineering, Technology & Applied Science Research, vol. 15, no. 2, pp. 21532–21538, Apr. 2025.

S. Othmen, W. Mansouri, and S. Asklany, "Robust and Secure Routing Protocol Based on Group Key Management for Internet of Things Systems," Engineering, Technology & Applied Science Research, vol. 14, no. 3, pp. 14402–14410, Jun. 2024.

M. A. Qureshi and A. Munir, "PUF-RLA: A PUF-Based Reliable and Lightweight Authentication Protocol Employing Binary String Shuffling," in 2019 IEEE 37th International Conference on Computer Design (ICCD), Abu Dhabi, United Arab Emirates, Nov. 2019, pp. 576–584.

K. Lounis, S. H. H. Ding, and M. Zulkernine, "D2D-MAP: A Drone to Drone Authentication Protocol Using Physical Unclonable Functions," IEEE Transactions on Vehicular Technology, vol. 72, no. 4, pp. 5079–5093, Apr. 2023.

W. Wang, B. Yan, B. Chai, R. Shen, A. Dong, and J. Yu, "EBIAS: ECC-enabled blockchain-based identity authentication scheme for IoT device," High-Confidence Computing, vol. 5, no. 1, Mar. 2025, Art. no. 100240.

Downloads

How to Cite

[1]
B. M. Radhi, A. F. Ataalla, H. M. Alsayednoor, M. A. Al-Shareeda, M. A. Almaayah, and M. Obeidat, “A Lightweight Identity Authentication Protocol for Nano-Scale IoT Devices”, Eng. Technol. Appl. Sci. Res., vol. 15, no. 5, pp. 27938–27946, Oct. 2025.

Metrics

Abstract Views: 9
PDF Downloads: 12

Metrics Information

License

Copyright (c) 2025 Batool Mohammed Radhi, Abdalrahman Fatikhan Ataalla, Huda Mohammed Alsayednoor, Mahmood A. Al-Shareeda, Mohammed Amin Almaayah, Mansour Obeidat

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with this journal agree to the following terms:

- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.