Lightweight Coap Based Authentication Scheme by Applying Two-Way Encryption for Secure Transmission
Pritam S. Salankar1, Vinay Avasthi2, Ashutosh Pasricha3

1Pritam S. Salankar*, PhD scholar at UPES, Dehradoon.
2Vinay Avasthi, Associate Professor at School of Computer Science,  UPES Dehardun.
3Ashutosh Pasricha, Ph.D from IIT, Delhi
Manuscript received on March 15, 2020. | Revised Manuscript received on March 27, 2020. | Manuscript published on April 10, 2020. | PP: 404-412 | Volume-9 Issue-6, April 2020. | Retrieval Number: E3017039520/2020©BEIESP | DOI: 10.35940/ijitee.E3017.049620
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (

Abstract: With the widespread popularity of the Internet of Things (IoT), different sectors-based applications are increasingly developed. One of the most popular application layer protocols is the Constrained Application Protocol (CoAP), and the necessity of ensuring data security in this layer is crucial. Moreover, attackers target the vulnerabilities of IoT to gain access to the system, which leads to a security threat and violate privacy. Typically, user authentication and data encryption are applied for securing data communication over a public channel between two or more participants. However, most of the existing solutions use cryptography for achieving security, with the exception of high computation cost. Hence, these solutions fail to satisfy the resource-constrained characteristics of IoT devices. Therefore, a lightweight security mechanism is required for achieving both secure transmission and better performance. This paper proposes a Lightweight Authentication with Two-way Encryption for Secure Transmission in CoAP Protocol (LATEST) that provides a secure transmission between the server and IoT devices. This mutual authentication mechanism uses ROT 18 Cipher with XoR operation and 128-bit AES based encryption for securing the data transmission. The ROT18 Cipher is a monoalphabetic substitution cipher, which is a combination of ROT13 and ROT5. The proposed scheme employs symmetric encryption in both client and server for ensuring secure authentication and mutually confirm each other identity. In addition, the proposed LATEST scheme ensures confidentiality and integrity by being resistant to replay attacks, impersonation attacks, and modification attacks. The experimental evaluation demonstrates that the proposed LATEST scheme is lightweight and provides better security compared to the existing scheme. 
Keywords: IoT, Secure CoAP, Mutual Authentication, AES Based Encryption, XoR Operation, Lightweight Security.
Scope of the Article: Authentication, Authorization, Accounting.