{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,14]],"date-time":"2026-04-14T01:56:49Z","timestamp":1776131809280,"version":"3.50.1"},"reference-count":63,"publisher":"MDPI AG","issue":"10","license":[{"start":{"date-parts":[[2024,9,30]],"date-time":"2024-09-30T00:00:00Z","timestamp":1727654400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Ministry of Higher Education, Research & Innovation (MoHERI) of the Sultanate of Oman","award":["MoHERI\/BFP\/GULF\/2022"],"award-info":[{"award-number":["MoHERI\/BFP\/GULF\/2022"]}]},{"name":"Ministry of Higher Education, Research & Innovation (MoHERI) of the Sultanate of Oman","award":["BFP\/RGP\/ICT\/22\/474"],"award-info":[{"award-number":["BFP\/RGP\/ICT\/22\/474"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Future Internet"],"abstract":"In today\u2019s advanced network and digital age, the Internet of Things network is experiencing a significant growing trend and, due to its wide range of services and network coverage, has been able to take a special place in today\u2019s technology era. Among the applications that can be mentioned for this network are the field of electronic health, smart residential complexes, and a wide level of connections that have connected the inner-city infrastructure in a complex way to make it smart. The notable and critical issue that exists in this network is the extent of the elements that make up the network and, due to this, the strong and massive data exchanges at the network level. With the increasing deployment of the Internet of Things, a wide range of challenges arise, especially in the discussion of establishing network security. Regarding security concerns, ensuring the confidentiality of the data being exchanged in the network, maintaining the privacy of the network nodes, protecting the identity of the network nodes, and finally implementing the security policies required to deal with a wide range of network cyber threats are of great importance. A fundamental element in the security of IoT networks is the authentication process, wherein nodes are required to validate each other\u2019s identities to ensure the establishment of secure communication channels. Through the enforcement of security prerequisites, in this study, we suggested a security protocol focused on reinforcing security characteristics and safeguarding IoT nodes. By utilizing the security features provided by Elliptic Curve Cryptography (ECC) and employing the Elliptic Curve Diffie\u2013Hellman (ECDH) key-exchange mechanism, we designed a protocol for authenticating nodes and establishing encryption keys for every communication session within the Internet of Things. To substantiate the effectiveness and resilience of our proposed protocol in withstanding attacks and network vulnerabilities, we conducted evaluations utilizing both formal and informal means. Furthermore, our results demonstrate that the protocol is characterized by low computational and communication demands, which makes it especially well-suited for IoT nodes operating under resource constraints.<\/jats:p>","DOI":"10.3390\/fi16100357","type":"journal-article","created":{"date-parts":[[2024,9,30]],"date-time":"2024-09-30T10:00:47Z","timestamp":1727690447000},"page":"357","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["A Secure Key Exchange and Authentication Scheme for Securing Communications in the Internet of Things Environment"],"prefix":"10.3390","volume":"16","author":[{"ORCID":"https:\/\/orcid.org\/0009-0008-3995-6073","authenticated-orcid":false,"given":"Ali","family":"Peivandizadeh","sequence":"first","affiliation":[{"name":"Technology Project Management, University of Houston, Houston, TX 77204, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8004-0111","authenticated-orcid":false,"given":"Haitham","family":"Y. Adarbah","sequence":"additional","affiliation":[{"name":"Centre for Foundation Studies, Gulf College, Muscat 133, Oman"}]},{"given":"Behzad","family":"Molavi","sequence":"additional","affiliation":[{"name":"Centre for Foundation Studies, Gulf College, Muscat 133, Oman"}]},{"given":"Amirhossein","family":"Mohajerzadeh","sequence":"additional","affiliation":[{"name":"Department of Computing and Information Technology, Sohar University, Sohar 311, Oman"}]},{"given":"Ali","family":"H. Al-Badi","sequence":"additional","affiliation":[{"name":"Centre for Foundation Studies, Gulf College, Muscat 133, Oman"}]}],"member":"1968","published-online":{"date-parts":[[2024,9,30]]},"reference":[{"key":"ref_1","first-page":"93","article-title":"Wireless sensor networks: A big data source in internet of things","volume":"7","author":"Harb","year":"2017","journal-title":"Int. J. Sens. Wirel. Commun. Control"},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"052492","DOI":"10.1155\/2007\/52492","article-title":"TCP traffic control evaluation and reduction over wireless networks using parallel sequential decoding mechanism","volume":"2007","author":"Darabkh","year":"2007","journal-title":"EURASIP J. Wirel. Commun. Netw."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1109\/MCOM.2016.1600397CM","article-title":"Rpl: The routing standard for the internet of things... or is it?","volume":"54","author":"Iova","year":"2016","journal-title":"IEEE Commun. Mag."},{"key":"ref_4","first-page":"1765","article-title":"Markov-based distributed approach for mitigating self-coexistence problem in IEEE 802.22 WRANs","volume":"57","author":"Hawa","year":"2013","journal-title":"Comput. J."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"1582","DOI":"10.1109\/COMST.2018.2885894","article-title":"Routing attacks and mitigation methods for RPL-based Internet of Things","volume":"21","author":"Raoof","year":"2018","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"25","DOI":"10.1016\/j.adhoc.2013.08.009","article-title":"Efficient topology construction for RPL over IEEE 802.15. 4 in wireless sensor networks","volume":"15","author":"Pavkovic","year":"2014","journal-title":"Ad Hoc Netw."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"441","DOI":"10.1109\/JIOT.2015.2493082","article-title":"On networking of internet of things: Explorations and challenges","volume":"3","author":"Ma","year":"2015","journal-title":"IEEE Internet Things J."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"5105","DOI":"10.1007\/s11831-023-09985-y","article-title":"Retraction Note: A Review and State of Art of Internet of Things (IoT)","volume":"30","author":"Laghari","year":"2023","journal-title":"Arch. Computat. Methods Eng."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"11268","DOI":"10.1109\/ACCESS.2022.3221434","article-title":"Security Challenges of Selective Forwarding Attack and design a Secure ECDH-Based Authentication Protocol to Improve RPL Security","volume":"11","author":"Adarbah","year":"2022","journal-title":"IEEE Access"},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"134871","DOI":"10.1109\/ACCESS.2019.2941473","article-title":"An electronic nose natural neural learning model in real work environment","volume":"7","author":"Ouhmad","year":"2019","journal-title":"IEEE Access"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"100227","DOI":"10.1016\/j.iot.2020.100227","article-title":"Survey on IoT security: Challenges and solution using machine learning, artificial intelligence and blockchain technology","volume":"11","author":"Mohanta","year":"2020","journal-title":"Internet Things"},{"key":"ref_12","first-page":"1","article-title":"The internet of things: An overview","volume":"80","author":"Rose","year":"2015","journal-title":"Internet Soc. (ISOC)"},{"key":"ref_13","first-page":"558","article-title":"Improving the security of internet of things using encryption algorithms","volume":"11","author":"Amirhossein","year":"2017","journal-title":"Int. J. Comput. Inf. Eng."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"73182","DOI":"10.1109\/ACCESS.2020.2987764","article-title":"An efficient authentication and key agreement scheme based on ECDH for wireless sensor network","volume":"8","author":"Moghadam","year":"2020","journal-title":"IEEE Access"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Silverman, J.H. (2009). The Arithmetic of Elliptic Curves, Springer Science & Business Media.","DOI":"10.1007\/978-0-387-09494-6"},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"1143","DOI":"10.1109\/JIOT.2017.2659783","article-title":"Security and privacy preservation scheme of face identification and resolution framework using fog computing in internet of things","volume":"4","author":"Hu","year":"2017","journal-title":"IEEE Internet Things J."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"7824686","DOI":"10.1155\/2016\/7824686","article-title":"Fine-grained support of security services for resource constrained internet of things","volume":"12","author":"Ban","year":"2016","journal-title":"Int. J. Distrib. Sens. Netw."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"103","DOI":"10.1007\/s10586-018-2823-6","article-title":"Internet of Things: Information security challenges and solutions","volume":"22","author":"Miloslavskaya","year":"2018","journal-title":"Clust. Comput."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"100129","DOI":"10.1016\/j.iot.2019.100129","article-title":"A survey on internet of things security: Requirements, challenges, and solutions","volume":"14","author":"HaddadPajouh","year":"2021","journal-title":"Internet Things"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"2787","DOI":"10.1016\/j.comnet.2010.05.010","article-title":"The internet of things: A survey","volume":"54","author":"Atzori","year":"2010","journal-title":"Comput. Netw."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Tawalbeh, L., Muheidat, F., Tawalbeh, M., and Quwaider, M. (2020). IoT Privacy and security: Challenges and solutions. Appl. Sci., 10.","DOI":"10.3390\/app10124102"},{"key":"ref_22","unstructured":"Hermann, K., and Steiner, W. (2022). Internet of things. Real-Time Systems: Design Principles for Distributed Embedded Applications, Springer International Publishing."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"2027","DOI":"10.1109\/COMST.2016.2548426","article-title":"A survey of man in the middle attacks","volume":"18","author":"Conti","year":"2016","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"295","DOI":"10.1016\/j.comnet.2018.11.026","article-title":"A survey on internet of things security from data perspectives","volume":"148","author":"Hou","year":"2019","journal-title":"Comput. Netw."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Patel, C., and Doshi, N. (2019). Security challenges in IoT cyber world. Security in Smart Cities: Models, Applications, and Challenges, Springer.","DOI":"10.1007\/978-3-030-01560-2_8"},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"503","DOI":"10.1016\/j.procs.2020.10.069","article-title":"IoT security: Challenges and countermeasures","volume":"177","author":"Litoussi","year":"2020","journal-title":"Procedia Comput. Sci."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"5533843","DOI":"10.1155\/2021\/5533843","article-title":"Internet of things security: Challenges and key issues","volume":"2021","author":"Azrour","year":"2021","journal-title":"Secur. Commun. Netw."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"105101","DOI":"10.1109\/ACCESS.2021.3099299","article-title":"An improved authentication protocol for smart healthcare system using wireless medical sensor network","volume":"9","author":"Yuanbing","year":"2021","journal-title":"IEEE Access"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"101194","DOI":"10.1016\/j.pmcj.2020.101194","article-title":"ECCbAP: A secure ECC-based authentication protocol for IoT edge devices","volume":"67","author":"Rostampour","year":"2020","journal-title":"Pervasive Mob. Comput."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"126186","DOI":"10.1109\/ACCESS.2021.3111443","article-title":"Lightweight three-factor-based privacy-preserving authentication scheme for iot-enabled smart homes","volume":"9","author":"Yu","year":"2021","journal-title":"IEEE Access"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"1818","DOI":"10.1109\/JIOT.2021.3088641","article-title":"A lightweight anonymous authentication protocol for resource-constrained devices in internet of things","volume":"9","author":"Ding","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"882","DOI":"10.1016\/j.future.2019.04.019","article-title":"Three party secure data transmission in IoT networks through design of a lightweight authenticated key agreement scheme","volume":"100","author":"Arshad","year":"2019","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_33","first-page":"1","article-title":"Enhanced authentication protocol for the Internet of Things environment","volume":"2022","author":"Chen","year":"2022","journal-title":"Secur. Commun. Netw."},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"2649","DOI":"10.1109\/JIOT.2021.3080461","article-title":"Lightweight and anonymity-preserving user authentication scheme for IoT-based healthcare","volume":"9","author":"Masud","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Ali, H.S., and Sridevi, R. (2022). Credential-Based Authentication Mechanism for IoT Devices in Fog-Cloud Computing. ICT Analysis and Applications, Springer.","DOI":"10.1007\/978-981-16-5655-2_30"},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"103567","DOI":"10.1016\/j.csi.2021.103567","article-title":"Private blockchain-envisioned drones-assisted authentication scheme in IoT-enabled agricultural environment","volume":"80","author":"Bera","year":"2022","journal-title":"Comput. Stand. Interfaces"},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Kim, K., Ryu, J., Lee, Y., and Won, D. (2023). An Improved Lightweight User Authentication Scheme for the Internet of Medical Things. Sensors, 23.","DOI":"10.3390\/s23031122"},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"18140","DOI":"10.1109\/JIOT.2023.3279035","article-title":"Lightweight Authentication Scheme for Healthcare with Robustness to Desynchronization Attacks","volume":"10","author":"Shihab","year":"2023","journal-title":"IEEE Internet Things J."},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"103003","DOI":"10.1016\/j.adhoc.2022.103003","article-title":"A lightweight mutual and transitive authentication mechanism for IoT network","volume":"138","author":"Krishnasrija","year":"2023","journal-title":"Ad Hoc Netw."},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"e4332","DOI":"10.1002\/dac.4332","article-title":"Secure communication in CloudIoT through design of a lightweight authentication and session key agreement scheme","volume":"36","author":"Nikooghadam","year":"2023","journal-title":"Int. J. Commun. Syst."},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"1373","DOI":"10.1007\/s10207-022-00619-1","article-title":"LASSI: A lightweight authenticated key agreement protocol for fog-enabled IoT deployment","volume":"21","author":"Abdussami","year":"2022","journal-title":"Int. J. Inf. Secur."},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Belfaik, Y., Lotfi, Y., Sadqi, Y., and Safi, S. (2024). A Comparative Study of Protocols\u2019 Security Verification Tools: Avispa, Scyther, ProVerif, and Tamarin. International Conference on Digital Technologies and Applications, Springer Nature.","DOI":"10.1007\/978-3-031-68653-5_12"},{"key":"ref_43","first-page":"102787","article-title":"Cryptanalysis and improvement of a two-factor user authentication scheme for smart home","volume":"58","author":"Kaur","year":"2021","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"1548","DOI":"10.1007\/s12083-020-01063-5","article-title":"A robust provable-secure privacy-preserving authentication protocol for Industrial Internet of Things","volume":"14","author":"Rangwani","year":"2021","journal-title":"Peer-Peer Netw. Appl."},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"150","DOI":"10.1016\/j.dcan.2021.07.002","article-title":"An enhanced scheme for mutual authentication for healthcare services","volume":"8","author":"Shamshad","year":"2021","journal-title":"Digit. Commun. Netw."},{"key":"ref_46","doi-asserted-by":"crossref","first-page":"11511","DOI":"10.1109\/ACCESS.2022.3145959","article-title":"Secure ECC-based three-factor mutual authentication protocol for telecare medical information system","volume":"10","author":"Ryu","year":"2022","journal-title":"IEEE Access"},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"102731","DOI":"10.1016\/j.sysarc.2022.102731","article-title":"A blockchain-based fine-grained data sharing scheme for e-healthcare system","volume":"132","author":"Lin","year":"2022","journal-title":"J. Syst. Archit."},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"775","DOI":"10.1080\/02564602.2021.1927863","article-title":"Internet of medical things (IoMT): Overview, emerging technologies, and case studies","volume":"39","author":"Razdan","year":"2022","journal-title":"IETE Tech. Rev."},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"1359","DOI":"10.1007\/s00607-022-01055-8","article-title":"An ECC-based lightweight remote user authentication and key management scheme for IoT communication in context of fog computing","volume":"104","author":"Chatterjee","year":"2022","journal-title":"Computing"},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"497","DOI":"10.1007\/s11227-021-03857-7","article-title":"Enhancing security and efficiency in cloud computing authentication and key agreement scheme based on smart card","volume":"78","author":"Bouchaala","year":"2022","journal-title":"J. Supercomput."},{"key":"ref_51","doi-asserted-by":"crossref","first-page":"103512","DOI":"10.1016\/j.jnca.2022.103512","article-title":"Decentralized authentication and access control protocol for blockchain-based e-health systems","volume":"207","author":"Xiang","year":"2022","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_52","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3511898","article-title":"BACKM-EHA: A novel blockchain-enabled security solution for IoMT-based e-healthcare applications","volume":"23","author":"Wazid","year":"2023","journal-title":"ACM Trans. Internet Technol."},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"1012","DOI":"10.1109\/JSYST.2022.3185258","article-title":"An Efficient Identity Authentication Scheme With Provable Security and Anonymity for Mobile Edge Computing","volume":"17","author":"Xu","year":"2022","journal-title":"IEEE Syst. J."},{"key":"ref_54","doi-asserted-by":"crossref","first-page":"101753","DOI":"10.1016\/j.pmcj.2023.101753","article-title":"ECCbAS: An ECC based authentication scheme for healthcare IoT systems","volume":"90","author":"Servati","year":"2023","journal-title":"Pervasive Mob. Comput."},{"key":"ref_55","doi-asserted-by":"crossref","first-page":"106024","DOI":"10.1016\/j.epsr.2019.106024","article-title":"A lightweight key management protocol for secure communication in smart grids","volume":"178","author":"Moghadam","year":"2020","journal-title":"Electr. Power Syst. Res."},{"key":"ref_56","doi-asserted-by":"crossref","unstructured":"Farhdi Moghadam, M., Mohajerzdeh, A., Karimipour, H., Chitsaz, H., Karimi, R., and Molavi, B. (2020). A privacy protection key agreement protocol based on ECC for smart grid. Handbook of Big Data Privacy, Springer.","DOI":"10.1007\/978-3-030-38557-6_4"},{"key":"ref_57","doi-asserted-by":"crossref","first-page":"e6187","DOI":"10.1002\/cpe.6187","article-title":"Provably secure signature-based anonymous user authentication protocol in an Internet of Things-enabled intelligent precision agricultural environment","volume":"35","author":"Vangala","year":"2023","journal-title":"Concurr. Comput. Pract. Exp."},{"key":"ref_58","doi-asserted-by":"crossref","first-page":"22525","DOI":"10.1007\/s11042-022-14140-z","article-title":"A secure elliptic curve based anonymous authentication and key establishment mechanism for IoT and cloud","volume":"82","author":"Singh","year":"2022","journal-title":"Multimed. Tools Appl."},{"key":"ref_59","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1007\/s12083-022-01382-9","article-title":"4F-MAKA: Four-factor mutual authentication and key agreement protocol for internet of things","volume":"16","author":"Rangwani","year":"2023","journal-title":"Peer-Peer Netw. Appl."},{"key":"ref_60","doi-asserted-by":"crossref","first-page":"865","DOI":"10.1007\/s11227-023-05507-6","article-title":"TFAS: Two factor authentication scheme for blockchain enabled IoMT using PUF and fuzzy extractor","volume":"80","author":"Singh","year":"2024","journal-title":"J. Supercomput."},{"key":"ref_61","doi-asserted-by":"crossref","first-page":"6622","DOI":"10.1007\/s11227-023-05649-7","article-title":"Agent-based blockchain model for robust authentication and authorization in IoT-based healthcare systems","volume":"80","author":"Idrissi","year":"2024","journal-title":"J. Supercomput."},{"key":"ref_62","doi-asserted-by":"crossref","first-page":"520","DOI":"10.1109\/JSYST.2019.2932807","article-title":"Lightweight secure message broadcasting protocol for vehicle-to-vehicle communication","volume":"14","author":"Limbasiya","year":"2019","journal-title":"IEEE Syst. J."},{"key":"ref_63","doi-asserted-by":"crossref","first-page":"1067","DOI":"10.1007\/s11277-021-08565-2","article-title":"LAKA: Lightweight authentication and key agreement protocol for internet of things based wireless body area network","volume":"127","author":"Soni","year":"2022","journal-title":"Wirel. Pers. Commun."}],"container-title":["Future Internet"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-5903\/16\/10\/357\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T16:07:49Z","timestamp":1760112469000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-5903\/16\/10\/357"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,9,30]]},"references-count":63,"journal-issue":{"issue":"10","published-online":{"date-parts":[[2024,10]]}},"alternative-id":["fi16100357"],"URL":"https:\/\/doi.org\/10.3390\/fi16100357","relation":{},"ISSN":["1999-5903"],"issn-type":[{"value":"1999-5903","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,9,30]]}}}