ICCK Transactions on Information Security and Cryptography Home About Editors Current Issue
  1. Home
  2. Journals
  3. ICCK Transactions on Information Security and Cryptography
  4. Volume 2, Issue 1
Secure and Efficient Authentication Architecture for IoT Devices in Resource-Limited Networks
Research Article | Published: 08 February 2026
ICCK Transactions on Information Security and Cryptography Volume 2, Issue 1, 2026: 16-28
Volume 2, Issue 1, ICCK Transactions on Information Security and Cryptography
Volume 2, Issue 1, 2026
Submit Manuscript Edit a Special Issue
Article QR Code
Article QR Code
Scan the QR code for reading
Popular articles
Case Studies on Integrating Artificial Intelligence in Finance to Transform Decision Making and Risk Management for Enhanced Financial Outcomes Reservoir Science: A Multi-Coupling Communication Platform to Promote Energy Transformation, Climate Change and Environmental Protection Reinforcement Learning for Prompt Optimization in Language Models: A Comprehensive Survey of Methods, Representations, and Evaluation Challenges AI and the Future of Education: Advancing Personalized Learning and Intelligent Tutoring Systems From CO$_2$ Sequestration to Hydrogen Storage: Further Utilization of Depleted Gas Reservoirs Effects of Crosslinking Agents and Reservoir Conditions on the Propagation of Fractures in Coal Reservoirs During Hydraulic Fracturing The Influence of Geological Factors and Transmission Fluids on the Exploitation of Reservoir Geothermal Resources: Factor Discussion and Mechanism Analysis Plant Disease Detection Using Deep Learning Techniques YOLOv8-Lite: A Lightweight Object Detection Model for Real-time Autonomous Driving Systems Modeling Brain Functional Networks Using Graph Neural Networks: A Review and Clinical Application
ICCK Transactions on Information Security and Cryptography, Volume 2, Issue 1, 2026: 16-28

Free to Read | Research Article | 08 February 2026
Secure and Efficient Authentication Architecture for IoT Devices in Resource-Limited Networks
by
Arjun Khurana Arjun Khurana 1
Sundaram Gopikrishnan Sundaram Gopikrishnan 1 *
Srinivasa Reddy Konda Srinivasa Reddy Konda 1
M. Kokila M. Kokila 1
1 School of Computer Science and Engineering, VIT-AP University, Amaravathi 522241, India
* Corresponding Author: Sundaram Gopikrishnan, [email protected]
DOI: 10.62762/TISC.2025.221813
ARK: ark:/57805/tisc.2025.221813
Received: 29 October 2025, Accepted: 11 December 2025, Published: 08 February 2026  
   PDF  (1.15 MB)
Article Metrics Cite This Article
Abstract
The widespread adoption of the Internet of Things (IoT) has revolutionized various sectors, including healthcare and transportation, by facilitating extensive data gathering and the provision of advanced, intelligent services. However, this growth also amplifies the risks of privacy breaches, unauthorized access, and resource exhaustion, particularly in constrained devices that cannot afford heavy cryptographic operations. Existing solutions often compromise between efficiency and security, leaving systems exposed to replay, Man-in-the-Middle, and even quantum-era threats. This paper proposes a novel authentication and privacy-preserving framework tailored for resource-constrained IoT environments. The design integrates multi-phase processes, including registration, key generation, encryption, mutual authentication, verification, and secure data retrieval. The framework leverages physical-layer features such as RSSI and LQI for enhanced authentication accuracy, supported by cryptographic primitives like hashing and elliptic curve operations. Experimental evaluation using a large-scale IoT dataset demonstrates consistent encryption times between 0.01 and 0.10 seconds, stable latency performance, minimal memory consumption of 0.497 MB, and a detection rate of 0.85. Comparative analysis shows superior efficiency over baseline models in terms of computational overhead and resilience. The results confirm that the proposed scheme provides a robust yet lightweight security architecture, paving the way for secure IoT deployments in latency-sensitive and resource-limited applications.
Graphical Abstract
Secure and Efficient Authentication Architecture for IoT Devices in Resource-Limited Networks
Keywords
internet of things (IoTs)
privacy protection
key generation
data encryption
authentication
data retrieval
Data Availability Statement
Data will be made available on request.
Funding
This work was supported without any funding.
Conflicts of Interest
The authors declare no conflicts of interest.
AI Use Statement
The authors declare that no generative AI was used in the preparation of this manuscript.
Ethical Approval and Consent to Participate
Not applicable.
References
  1. Xu, R., & Ren, Q. (2022). Cryptoanalysis on a Cloud-Centric Internet-of-Medical-Things-Enabled Smart Healthcare System. IEEE Access, 10, 23618–23624.
    [CrossRef]   [Google Scholar]
  2. Iqbal, W., Abbas, H., Deng, P., Wan, J., Rauf, B., Abbas, Y., & Rashid, I. (2021). ALAM: Anonymous Lightweight Authentication Mechanism for SDN-Enabled Smart Homes. IEEE Internet of Things Journal, 8(12), 9622–9633.
    [CrossRef]   [Google Scholar]
  3. Subramani, J., Maria, A., Sivaraman, A., Vijayakumar, P., Alqahtani, F., & Tolba, A. (2024). An efficient anonymous authentication scheme for blockchain assisted and fog-enabled smart grid. Computers and Electrical Engineering, 119, 109508.
    [CrossRef]   [Google Scholar]
  4. Bera, B., Das, A. K., & Sikdar, B. (2025). Quantum-Resistant Secure Communication Protocol for Digital Twin-Enabled Context-Aware IoT-Based Healthcare Applications. IEEE Transactions on Network Science and Engineering, 12(4), 2722–2738.
    [CrossRef]   [Google Scholar]
  5. Xu, D., Yu, K., & Ritcey, J. A. (2021). Cross-layer device authentication with quantum encryption for 5G enabled IIoT in industry 4.0. IEEE Transactions on Industrial Informatics, 18(9), 6368-6378.
    [CrossRef]   [Google Scholar]
  6. Rai, S., Paul, R., Banerjee, S., & Meher, P. (2024). An efficient hybrid multifactor mutual authentication and session key agreement scheme for patient monitoring system using IoMT. Multimedia Tools and Applications, 83(36), 83805–83835.
    [CrossRef]   [Google Scholar]
  7. Ilyas, I., Din, I. U., Alourani, A., & Ashraf, M. U. (2024). Lightweight consortium blockchain-enabled secured Vehicular ad Hoc Network using certificateless conditional privacy-preserving authentication mechanism. Plos one, 19(10), e0310267.
    [CrossRef]   [Google Scholar]
  8. Almazroi, A. A., Alqarni, M. A., Al-Shareeda, M. A., Alkinani, M. H., Almazroey, A. A., & Gaber, T. (2024). FCA-VBN: Fog computing-based authentication scheme for 5G-assisted vehicular blockchain network. Internet of Things, 25, 101096.
    [CrossRef]   [Google Scholar]
  9. Liu, G., Lu, H., Wang, W., Liu, Z., & Huang, H. (2025). A Cross-Domain Authentication Scheme for Vehicular Networks Based on Mobile Edge Computing. IEEE Internet of Things Journal, 12(11), 17581–17595.
    [CrossRef]   [Google Scholar]
  10. Cui, J., Bian, F., Zhong, H., Zhang, Q., Xu, S., Gu, C., & Liu, L. (2022). An anonymous and outsourcing-supported multiauthority access control scheme with revocation for edge-enabled IIoT system. IEEE Systems Journal, 16(4), 6569-6580.
    [CrossRef]   [Google Scholar]
  11. Xiang, X., Cao, J., & Fan, W. (2024). Lightweight privacy-preserving authentication mechanism in 5G-enabled industrial cyber physical systems. Information Sciences, 666, 120391.
    [CrossRef]   [Google Scholar]
  12. Mehta, P. J., Parne, B. L., & Patel, S. J. (2024). PF-AKA: PUF-FSM based Authentication and Key Agreement Framework for IoT based Smart Grid Networks. Cluster Computing, 27(6), 8099–8117.
    [CrossRef]   [Google Scholar]
  13. Farha, F., Ning, H., Ali, K., Chen, L., & Nugent, C. (2020). SRAM-PUF-based entities authentication scheme for resource-constrained IoT devices. IEEE internet of things journal, 8(7), 5904-5913.
    [CrossRef]   [Google Scholar]
  14. Feng, X., Cui, K., Wang, L., Liu, Z., & Ma, J. (2024). PBAG: A privacy-preserving blockchain-based authentication protocol with global-updated commitment in IoVs. IEEE Transactions on Intelligent Transportation Systems, 25(10), 13524-13545.
    [CrossRef]   [Google Scholar]
  15. Wang, W., Yan, B., Chai, B., Shen, R., Dong, A., & Yu, J. (2025). EBIAS: ECC-enabled blockchain-based identity authentication scheme for IoT device. High-Confidence Computing, 5(1), 100240.
    [CrossRef]   [Google Scholar]
  16. Feigenbaum, J., Jaggard, A. D., & Wright, R. N. (2020). Accountability in computing: concepts and mechanisms. Foundations and Trends® in Privacy and Security, 2(4), 247-399.
    [CrossRef]   [Google Scholar]
  17. Das, S., & Namasudra, S. (2024). A Lightweight and Anonymous Mutual Authentication Scheme for Medical Big Data in Distributed Smart Healthcare Systems. IEEE/ACM Transactions on Computational Biology and Bioinformatics, 21(4), 1106–1116.
    [CrossRef]   [Google Scholar]
  18. Ashraf, Z., Mahmood, Z., & Iqbal, M. (2023). Lightweight Privacy-Preserving Remote User Authentication and Key Agreement Protocol for Next-Generation IoT-Based Smart Healthcare. Future Internet, 15(12), 386.
    [CrossRef]   [Google Scholar]
  19. Man, Z., Pan, S., Xu, Z., & Ye, M. (2025). Strong anonymous batch authentication scheme against sybil attack in VANET. Wireless Networks, 31(7), 4519-4540.
    [CrossRef]   [Google Scholar]
  20. Ahmed, K. I., Tahir, M., Lau, S. L., Habaebi, M. H., Ahad, A., & Pires, I. M. (2024). Dataset for authentication and authorization using physical layer properties in indoor environment. Data in Brief, 55, 110589.
    [CrossRef]   [Google Scholar]
  21. Yin, J., & Cui, J. (2022). Secure authentication scheme in 6G-enabled mobile Internet of things for online English education. IET Networks, 11(5), 182–194.
    [CrossRef]   [Google Scholar]
  22. Das, S., & Namasudra, S. (2023). Lightweight and efficient privacy-preserving mutual authentication scheme to secure Internet of Things-based smart healthcare. Transactions on Emerging Telecommunications Technologies, 34(11), e4716.
    [CrossRef]   [Google Scholar]
  23. Patwary, A. A. N., Naha, R. K., Garg, S., Battula, S. K., Patwary, M. A. K., Aghasian, E., ... & Gong, M. (2021). Towards secure fog computing: A survey on trust management, privacy, authentication, threats and access control. Electronics, 10(10), 1171.
    [CrossRef]   [Google Scholar]
  24. Fathalla, E., Azab, M., Xin, C., & Wu, H. (2025). Self-Sovereign Identity as a Secure and Trustworthy Approach to Digital Identity Management: A Comprehensive Survey. ACM Computing Surveys.
    [CrossRef]   [Google Scholar]
  25. Patruni, M. R., & Humayun, A. G. (2024). PPAM-mIoMT: a privacy-preserving authentication with device verification for securing healthcare systems in 5G networks. International Journal of Information Security, 23(1), 679–698.
    [CrossRef]   [Google Scholar]
  26. Lee, H. J., Kook, S., Kim, K., Ryu, J., Lee, Y., & Won, D. (2025). LAMT: Lightweight and Anonymous Authentication Scheme for Medical Internet of Things Services. Sensors, 25(3), 821.
    [CrossRef]   [Google Scholar]
  27. Abirami, I., Selvi, S., & Lalitha, R. (2025, January). A High-Speed Compression and Secure Authentication Framework for Data Sharing Cloud-Enabled Big Data Environments. In 2025 International Conference on Multi-Agent Systems for Collaborative Intelligence (ICMSCI) (pp. 185-191). IEEE.
    [CrossRef]   [Google Scholar]
  28. Li, M., & Wang, S. (2025). Multifunctional adversarial examples: A novel mechanism for authenticatable privacy protection of images. Signal Processing, 230, 109816.
    [CrossRef]   [Google Scholar]
Cite This Article
APA Style
Khurana, A., Gopikrishnan, S., Konda, S. R., & Kokila, M. (2026). Secure and Efficient Authentication Architecture for IoT Devices in Resource-Limited Networks. ICCK Transactions on Information Security and Cryptography, 2(1), 16–28. https://doi.org/10.62762/TISC.2025.221813
Export Citation
RIS Format
Compatible with EndNote, Zotero, Mendeley, and other reference managers
RIS format data for reference managers
TY  - JOUR
AU  - Khurana, Arjun
AU  - Gopikrishnan, Sundaram
AU  - Konda, Srinivasa Reddy
AU  - Kokila, M.
PY  - 2026
DA  - 2026/02/08
TI  - Secure and Efficient Authentication Architecture for IoT Devices in Resource-Limited Networks
JO  - ICCK Transactions on Information Security and Cryptography
T2  - ICCK Transactions on Information Security and Cryptography
JF  - ICCK Transactions on Information Security and Cryptography
VL  - 2
IS  - 1
SP  - 16
EP  - 28
DO  - 10.62762/TISC.2025.221813
UR  - https://www.icck.org/article/abs/TISC.2025.221813
KW  - internet of things (IoTs)
KW  - privacy protection
KW  - key generation
KW  - data encryption
KW  - authentication
KW  - data retrieval
AB  - The widespread adoption of the Internet of Things (IoT) has revolutionized various sectors, including healthcare and transportation, by facilitating extensive data gathering and the provision of advanced, intelligent services. However, this growth also amplifies the risks of privacy breaches, unauthorized access, and resource exhaustion, particularly in constrained devices that cannot afford heavy cryptographic operations. Existing solutions often compromise between efficiency and security, leaving systems exposed to replay, Man-in-the-Middle, and even quantum-era threats. This paper proposes a novel authentication and privacy-preserving framework tailored for resource-constrained IoT environments. The design integrates multi-phase processes, including registration, key generation, encryption, mutual authentication, verification, and secure data retrieval. The framework leverages physical-layer features such as RSSI and LQI for enhanced authentication accuracy, supported by cryptographic primitives like hashing and elliptic curve operations. Experimental evaluation using a large-scale IoT dataset demonstrates consistent encryption times between 0.01 and 0.10 seconds, stable latency performance, minimal memory consumption of 0.497 MB, and a detection rate of 0.85. Comparative analysis shows superior efficiency over baseline models in terms of computational overhead and resilience. The results confirm that the proposed scheme provides a robust yet lightweight security architecture, paving the way for secure IoT deployments in latency-sensitive and resource-limited applications.
SN  - 3070-2429
PB  - Institute of Central Computation and Knowledge
LA  - English
ER  -
BibTeX Format
Compatible with LaTeX, BibTeX, and other reference managers
BibTeX format data for LaTeX and reference managers
@article{Khurana2026Secure,
  author = {Arjun Khurana and Sundaram Gopikrishnan and Srinivasa Reddy Konda and M. Kokila},
  title = {Secure and Efficient Authentication Architecture for IoT Devices in Resource-Limited Networks},
  journal = {ICCK Transactions on Information Security and Cryptography},
  year = {2026},
  volume = {2},
  number = {1},
  pages = {16-28},
  doi = {10.62762/TISC.2025.221813},
  url = {https://www.icck.org/article/abs/TISC.2025.221813},
  abstract = {The widespread adoption of the Internet of Things (IoT) has revolutionized various sectors, including healthcare and transportation, by facilitating extensive data gathering and the provision of advanced, intelligent services. However, this growth also amplifies the risks of privacy breaches, unauthorized access, and resource exhaustion, particularly in constrained devices that cannot afford heavy cryptographic operations. Existing solutions often compromise between efficiency and security, leaving systems exposed to replay, Man-in-the-Middle, and even quantum-era threats. This paper proposes a novel authentication and privacy-preserving framework tailored for resource-constrained IoT environments. The design integrates multi-phase processes, including registration, key generation, encryption, mutual authentication, verification, and secure data retrieval. The framework leverages physical-layer features such as RSSI and LQI for enhanced authentication accuracy, supported by cryptographic primitives like hashing and elliptic curve operations. Experimental evaluation using a large-scale IoT dataset demonstrates consistent encryption times between 0.01 and 0.10 seconds, stable latency performance, minimal memory consumption of 0.497 MB, and a detection rate of 0.85. Comparative analysis shows superior efficiency over baseline models in terms of computational overhead and resilience. The results confirm that the proposed scheme provides a robust yet lightweight security architecture, paving the way for secure IoT deployments in latency-sensitive and resource-limited applications.},
  keywords = {internet of things (IoTs), privacy protection, key generation, data encryption, authentication, data retrieval},
  issn = {3070-2429},
  publisher = {Institute of Central Computation and Knowledge}
}
Article Metrics
Citations:

Google Scholar
0

Crossref

0

Scopus

0

Web of Science

0
Article Access Statistics:
Views: 16
PDF Downloads: 5
Publisher's Note
ICCK stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and Permissions
Institute of Central Computation and Knowledge (ICCK) or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
ICCK Transactions on Information Security and Cryptography

ICCK Transactions on Information Security and Cryptography

ISSN: 3070-2429 (Online)

Email: [email protected]

Portico

Portico

All published articles are preserved here permanently:
https://www.portico.org/publishers/icck/