{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T12:41:48Z","timestamp":1770813708821,"version":"3.50.1"},"reference-count":63,"publisher":"Frontiers Media SA","license":[{"start":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T00:00:00Z","timestamp":1770768000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["frontiersin.org"],"crossmark-restriction":true},"short-container-title":["Front. Commun. Netw."],"abstract":"<jats:p>Digital Twin Edge Networks (DITEN) encounter significant challenges in balancing security and efficiency, as many existing authentication mechanisms either fail to deliver full security guarantees, such as perfect forward secrecy or protection against insider threats, or impose excessive overhead due to the use of ECC or RSA cryptographic primitives. To overcome these limitations, we introduce TinyTwinGuard (TTG), a lightweight authentication protocol designed specifically for DITEN environments and built upon the NIST-standardized TinyJAMBU Authenticated Encryption with Associated Data (AEAD) cipher. Using formal validation with the AVISPA framework and extensive experimental evaluation on Raspberry Pi 4B devices, we show that TTG satisfies a broad set of 13 security requirements relevant to DITEN, including user anonymity, resistance to privileged insider attacks, and perfect forward secrecy. Although TTG incurs slightly higher communication overhead than minimal hash-based approaches, with 4,896 bits compared to 2,560 bits, it achieves a 43.7% reduction in computational cost relative to ECC-based schemes and lowers energy consumption by 58.3%. Overall, these findings indicate that TTG achieves an effective balance between strong security and operational efficiency, making it well suited for industrial edge scenarios where both resilience and deployment practicality are essential.<\/jats:p>","DOI":"10.3389\/frcmn.2025.1719501","type":"journal-article","created":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T07:17:09Z","timestamp":1770794229000},"update-policy":"https:\/\/doi.org\/10.3389\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["TinyTwinGuard: a lightweight authentication scheme for digital twin edge networks using TinyJAMBU"],"prefix":"10.3389","volume":"6","author":[{"given":"Mohammed","family":"El-Hajj","sequence":"first","affiliation":[{"name":"Faculty of Computer Studies, Arab Open University","place":["Beirut, Lebanon"]}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1965","published-online":{"date-parts":[[2026,2,11]]},"reference":[{"key":"B1","first-page":"11","article-title":"Advanced encryption standard (Aes) algorithm to encrypt and decrypt data","volume":"16","author":"Abdullah","year":"2017","journal-title":"Cryptogr. Netw. Secur."},{"key":"B2","first-page":"1452","article-title":"Fog-layer authentication using pedersen commitments","volume":"11","author":"Almasri","year":"2023","journal-title":"IEEE Trans. Cloud Comput."},{"key":"B3","doi-asserted-by":"publisher","first-page":"103177","DOI":"10.1016\/j.jnca.2021.103177","article-title":"Lmaas-iot: lightweight multi-factor authentication and authorization scheme for real-time data access in iot cloud-based environment","volume":"192","author":"Alsahlani","year":"2021","journal-title":"J. Netw. Comput. Appl."},{"key":"B4","first-page":"17","article-title":"Lightweight permutation-based cryptography for the ultra-low-power internet of things","volume-title":"International conference on information technology and communications security","author":"Alsahli","year":"2022"},{"key":"B5","doi-asserted-by":"crossref","first-page":"281","DOI":"10.1007\/11513988_27","article-title":"The avispa tool for the automated validation of internet security protocols and applications","volume-title":"Computer aided verification: 17Th international conference, CAV 2005, Edinburgh, Scotland, UK, July 6-10, 2005. Proceedings 17","author":"Armando","year":"2005"},{"key":"B6","first-page":"26","article-title":"Relations among notions of security for public-key encryption schemes","volume-title":"Advances in Cryptology\u2014crypto\u201998","author":"Bellare","year":"2000"},{"key":"B7","doi-asserted-by":"publisher","first-page":"1382","DOI":"10.1109\/tcsi.2005.851701","article-title":"Security of public-key cryptosystems based on chebyshev polynomials","volume":"52","author":"Bergamo","year":"2005","journal-title":"IEEE Trans. Circuits Syst. I Regul. Pap."},{"key":"B8","article-title":"Ebacs: ecrypt benchmarking of cryptographic systems","author":"Bernstein","year":"2009"},{"key":"B9","first-page":"320","article-title":"Duplexing the sponge: single-pass authenticated encryption and other applications","volume-title":"International workshop on selected areas in cryptography","author":"Bertoni","year":"2011"},{"key":"B10","doi-asserted-by":"crossref","first-page":"453","DOI":"10.1007\/3-540-44987-6_28","article-title":"Analysis of key-exchange protocols and their use for building secure channels","volume-title":"Advances in cryptology \u2014 eurocrypt 2001","author":"Canetti","year":"2001"},{"key":"B11","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1007\/978-3-030-34621-8_7","article-title":"Anonymous ae","volume-title":"Advances in Cryptology\u2013ASIACRYPT 2019: 25Th international conference on the theory and application of cryptology and information security, kobe, Japan, December 8\u201312, 2019, proceedings, part II 25","author":"Chan","year":"2019"},{"key":"B12","first-page":"3520","article-title":"Blockchain-based secure authentication for edge networks","volume":"18","author":"Chaudhry","year":"2022","journal-title":"IEEE Trans. Industrial Inf."},{"key":"B13","first-page":"1","article-title":"Sponge-based lightweight authentication for edge devices","volume":"20","author":"Chen","year":"2021","journal-title":"ACM Trans. Embed. Comput. Syst."},{"key":"B14","first-page":"193","article-title":"Risc-v instruction set extensions for lightweight symmetric cryptography","author":"Cheng","year":"","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"B15","first-page":"193","article-title":"RISC-V instruction set extensions for lightweight symmetric cryptography","volume":"2023","author":"Cheng","year":"","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"B16","doi-asserted-by":"publisher","first-page":"102997","DOI":"10.1016\/j.adhoc.2022.102997","article-title":"Multi-factor based session secret key agreement for the industrial internet of things","volume":"138","author":"Cui","year":"2023","journal-title":"Ad Hoc Netw."},{"key":"B17","first-page":"146","article-title":"Int-rup security of saeb and tinyjambu","volume-title":"International conference on cryptology in India","author":"Datta","year":"2022"},{"key":"B18","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s00145-021-09398-9","article-title":"Ascon v1. 2: lightweight authenticated encryption and hashing","volume":"34","author":"Dobraunig","year":"2021","journal-title":"J. Cryptol."},{"key":"B19","doi-asserted-by":"crossref","first-page":"523","DOI":"10.1007\/978-3-540-24676-3_31","article-title":"Fuzzy extractors: how to generate strong keys from biometrics and other noisy data","volume-title":"Advances in Cryptology-EUROCRYPT 2004: international conference on the theory and applications of cryptographic techniques, interlaken, Switzerland, may 2-6, 2004. Proceedings 23","author":"Dodis","year":"2004"},{"key":"B20","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","article-title":"On the security of public key protocol","volume":"29","author":"Dolev","year":"","journal-title":"IEEE Trans. Inf. Theory"},{"key":"B21","first-page":"350","article-title":"On the security of public key protocols","volume-title":"24th annual symposium on foundations of computer science","author":"Dolev","year":""},{"key":"B22","doi-asserted-by":"crossref","first-page":"1286","DOI":"10.1145\/1403375.1403686","article-title":"On analysis and synthesis of (n, k)-non-linear feedback shift registers","volume-title":"Proceedings of the conference on design, automation and test in Europe","author":"Dubrova","year":"2008"},{"key":"B23","first-page":"349","article-title":"Full round zero-sum distinguishers on tinyjambu-128 and tinyjambu-192 keyed-permutation in the known-key setting","volume-title":"International conference on cryptology in India","author":"Dunkelman","year":"2022"},{"key":"B24","doi-asserted-by":"crossref","first-page":"121","DOI":"10.1109\/ITNAC55475.2022.9998413","article-title":"Analysis of lightweight cryptographic algorithms on iot hardware platforms","volume-title":"2022 32nd international telecommunication networks and applications conference (ITNAC)","author":"El-Hajj","year":"2022"},{"key":"B25","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/CSNET.2017.8242006","article-title":"Analysis of authentication techniques in internet of things (Iot)","volume-title":"2017 1st cyber security in networking conference (CSNet)","author":"El-Hajj","year":"2017"},{"key":"B26","doi-asserted-by":"publisher","first-page":"1141","DOI":"10.3390\/s19051141","article-title":"A survey of internet of things (iot) authentication schemes","volume":"19","author":"El-Hajj","year":"2019","journal-title":"Sensors"},{"key":"B27","doi-asserted-by":"publisher","first-page":"54","DOI":"10.3390\/fi15020054","article-title":"Analysis of lightweight cryptographic algorithms on iot hardware platform","volume":"15","author":"El-Hajj","year":"2023","journal-title":"Future Internet"},{"key":"B28","article-title":"Systematic literature review: Digital twins\u2019 role in enhancing security for industry 4.0 applications, security and privacy e396","author":"El-Hajj","year":"2025"},{"key":"B29","first-page":"104602","volume-title":"Computational fuzzy extractors, information and computation","author":"Fuller","year":"2020"},{"key":"B30","doi-asserted-by":"publisher","first-page":"1512","DOI":"10.1016\/j.cviu.2013.06.003","article-title":"Iris image reconstruction from binary templates: an efficient probabilistic approach based on genetic algorithms","volume":"117","author":"Galbally","year":"2013","journal-title":"Comput. Vis. Image Underst."},{"key":"B31","first-page":"59","article-title":"Parabit: processing parallel bitwise operations in nand flash memory based ssds","volume-title":"MICRO-54: 54Th annual IEEE\/ACM international symposium on microarchitecture","author":"Gao","year":"2021"},{"key":"B32","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1007\/s11554-024-01416-w","article-title":"Modeling, hardware architecture, and performance analyses of an aead-based lightweight cipher","volume":"21","author":"Jhawar","year":"2024","journal-title":"J. Real-Time Image Process."},{"key":"B33","doi-asserted-by":"publisher","first-page":"458","DOI":"10.1016\/j.patcog.2014.08.024","article-title":"Secure biometric template generation for multi-factor authentication","volume":"48","author":"Khan","year":"2015","journal-title":"Pattern Recognit."},{"key":"B34","doi-asserted-by":"crossref","first-page":"667","DOI":"10.1109\/ICDCS.2017.107","article-title":"Fuzzy extractors for biometric identification","volume-title":"2017 IEEE 37th international conference on distributed computing systems (ICDCS)","author":"Li","year":"2017"},{"key":"B35","doi-asserted-by":"publisher","first-page":"1427","DOI":"10.1109\/jiot.2021.3086961","article-title":"Digital-twin-assisted task offloading based on edge collaboration in the digital twin edge network","volume":"9","author":"Liu","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"B36","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1007\/978-3-642-55826-9_2","article-title":"Topics of computer algebra","volume-title":"Computer algebra handbook: Foundations\u22c5 applications\u22c5 systems","author":"Loos","year":"2003"},{"key":"B37","doi-asserted-by":"publisher","first-page":"429","DOI":"10.1007\/s42452-021-04425-7","article-title":"An improved chacha algorithm for securing data on iot devices","volume":"3","author":"Mahdi","year":"2021","journal-title":"SN Appl. Sci."},{"key":"B38","doi-asserted-by":"crossref","DOI":"10.1201\/9781420036114","volume-title":"Chebyshev polynomials","author":"Mason","year":"2002"},{"key":"B39","doi-asserted-by":"publisher","first-page":"4008","DOI":"10.3390\/s24124008","article-title":"Efficiency and security evaluation of lightweight cryptographic algorithms for resource-constrained iot devices","volume":"24","author":"Radhakrishnan","year":"2024","journal-title":"Sensors"},{"key":"B40","doi-asserted-by":"crossref","first-page":"98","DOI":"10.1145\/586110.586125","article-title":"Authenticated-encryption with associated-data","volume-title":"Proceedings of the 9th ACM conference on computer and communications security","author":"Rogaway","year":"2002"},{"key":"B41","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s42979-021-00984-z","article-title":"Resource-aware cryptography: an analysis of lightweight cryptographic primitives","volume":"3","author":"Rushad","year":"2022","journal-title":"SN Comput. Sci."},{"key":"B42","article-title":"Tinyjambu: a family of lightweight authenticated encryption algorithms","volume-title":"NIST lightweight cryptography project","author":"Saha","year":"2019"},{"key":"B43","first-page":"152","volume-title":"On the security margin of tinyjambu with refined differential and linear cryptanalysis, IACR transactions on symmetric cryptology","author":"Saha","year":"2020"},{"key":"B44","doi-asserted-by":"publisher","first-page":"100269","DOI":"10.1016\/j.hcc.2024.100269","article-title":"Navigating the digital twin network landscape: a survey on architecture, applications, privacy and security","volume":"4","author":"Sai","year":"2024","journal-title":"High-Confidence Comput."},{"key":"B45","doi-asserted-by":"publisher","first-page":"5557","DOI":"10.1109\/JSYST.2021.3073537","article-title":"Security analysis on \u201ca secure three-factor user authentication protocol with forward secrecy for wireless medical sensor network systems\u201d","volume":"15","author":"Saleem","year":"2021","journal-title":"IEEE Syst. J."},{"key":"B46","article-title":"Multiprecision integer and rational arithmetic cryptographic library","author":"Sdk","year":"2020"},{"key":"B47","first-page":"892","article-title":"Multi-modal biometric authentication for industrial iot","volume":"19","author":"Singh","year":"2022","journal-title":"IEEE Trans. Industrial Inf."},{"key":"B48","doi-asserted-by":"publisher","first-page":"1133","DOI":"10.1109\/tdsc.2018.2857811","article-title":"Anonymous lightweight chaotic map-based authenticated key agreement protocol for industrial internet of things","volume":"17","author":"Srinivas","year":"2018","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"B49","doi-asserted-by":"publisher","first-page":"28177","DOI":"10.1109\/access.2021.3052867","article-title":"Lightweight cryptography algorithms for resource-constrained iot devices: a review, comparison and research opportunities","volume":"9","author":"Thakor","year":"2021","journal-title":"IEEE Access"},{"key":"B50","doi-asserted-by":"publisher","first-page":"3085","DOI":"10.3390\/electronics12143085","article-title":"On the efficiency of a lightweight authentication and privacy preservation scheme for mqtt","volume":"12","author":"Tian","year":"2023","journal-title":"Electronics"},{"key":"B51","doi-asserted-by":"crossref","first-page":"241","DOI":"10.1109\/ICSEC56337.2022.10049355","article-title":"Securing networks of iot devices with digital twins and automated adversary emulation","volume-title":"2022 26th international computer science and engineering conference (ICSEC)","author":"van der Wal","year":"2022"},{"key":"B52","doi-asserted-by":"publisher","first-page":"3801","DOI":"10.1109\/jiot.2020.3024703","article-title":"Secure multifactor authenticated key agreement scheme for industrial iot","volume":"8","author":"Vinoth","year":"2020","journal-title":"IEEE Internet Things J."},{"key":"B53","doi-asserted-by":"publisher","first-page":"708","DOI":"10.1109\/TDSC.2016.2605087","article-title":"Two birds with one stone: two-factor authentication with security beyond conventional bound","volume":"15","author":"Wang","year":"2018","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"B54","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3325130","article-title":"Efficient multi-factor user authentication protocol with forward secrecy for real-time data access in wsns","volume":"4","author":"Wang","year":"2020","journal-title":"ACM Trans. Cyber-Physical Syst."},{"key":"B55","doi-asserted-by":"publisher","first-page":"507","DOI":"10.1109\/TDSC.2020.2974220","article-title":"Understanding node capture attacks in user authentication schemes for wireless sensor networks","volume":"19","author":"Wang","year":"2022","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"B56","doi-asserted-by":"publisher","first-page":"7174","DOI":"10.1109\/tii.2020.3020303","article-title":"Designing authenticated key management scheme in 6g-enabled network in a box deployed for industrial applications","volume":"17","author":"Wazid","year":"2020","journal-title":"IEEE Trans. Industrial Inf."},{"key":"B57","doi-asserted-by":"publisher","first-page":"84074","DOI":"10.1109\/access.2023.3301128","article-title":"Two new lightweight cryptographic hash functions based on saturnin and beetle for the internet of things","volume":"11","author":"Windarta","year":"2023","journal-title":"IEEE Access"},{"key":"B58","doi-asserted-by":"publisher","first-page":"6900","DOI":"10.1109\/access.2017.2778504","article-title":"A survey on the edge computing for the internet of things","volume":"6","author":"Yu","year":"2017","journal-title":"IEEE Access"},{"key":"B59","first-page":"3321","article-title":"Lightchain: blockchain-empowered lightweight authentication","volume":"10","author":"Zhang","year":"2023","journal-title":"IEEE Internet Things J."},{"key":"B60","volume-title":"Rectangle: a bit-slice lightweight block cipher suitable for multiple platforms","author":"Zhang","year":"2014"},{"key":"B61","doi-asserted-by":"publisher","first-page":"17120","DOI":"10.1109\/JIOT.2021.3078175","article-title":"An energy-efficient authentication scheme based on chebyshev chaotic map for smart grid environments","volume":"8","author":"Zhang","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"B62","doi-asserted-by":"crossref","first-page":"229","DOI":"10.1109\/SP.2018.00049","article-title":"Fpga-based remote power side-channel attacks","volume-title":"2018 IEEE symposium on security and privacy (SP)","author":"Zhao","year":"2018"},{"key":"B63","doi-asserted-by":"crossref","first-page":"108","DOI":"10.1109\/ASIAJCIS.2013.25","article-title":"Formal analysis of iso\/iec 9798-2 authentication standard using avispa","volume-title":"2013 eighth Asia joint conference on information security","author":"Ziauddin","year":"2013"}],"container-title":["Frontiers in Communications and Networks"],"original-title":[],"link":[{"URL":"https:\/\/www.frontiersin.org\/articles\/10.3389\/frcmn.2025.1719501\/full","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T07:17:14Z","timestamp":1770794234000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.frontiersin.org\/articles\/10.3389\/frcmn.2025.1719501\/full"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,2,11]]},"references-count":63,"alternative-id":["10.3389\/frcmn.2025.1719501"],"URL":"https:\/\/doi.org\/10.3389\/frcmn.2025.1719501","relation":{},"ISSN":["2673-530X"],"issn-type":[{"value":"2673-530X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,2,11]]},"article-number":"1719501"}}