Conventional authentication techniques based on cryptography and computational hardness are facing growing challenges for deployment in resource-constrained Internet-of-Things (IoT) devices. The dramatically increased security overhead and latency from the inherent computational processing make these conventional static security techniques undesirable for emerging machine communications. In this paper, we propose a novel lightweight continuous authentication scheme for identifying multiple resource-constrained IoT devices via their pre-arranged pseudo-random access time sequences. A transmitter will be authenticated as legitimate if and only if its access time sequential order is matched with a pre-agreed unique pseudo-random binary sequence (PRBS) between itself and the base station. The seed for generating the PRBS between each transceiver pair is acquired by exploiting the channel reciprocity, which is time-varying and difficult for a third party to predict. Hence, the proposed scheme provides seamless protection for legitimate communications by refreshing the seeds adaptively without incurring long latency, complex computation, and high communication overhead. Our results show that the proposed scheme achieves high entropy and low bit mismatch rate. Finally, we demonstrate the superiority of our scheme over the existing schemes in quantization performance, authentication performance, and computation cost.

中文翻译：

---

通过 5G 及更高技术中智能安排的伪随机接入进行轻量级连续身份验证


基于密码学和计算难度的传统身份验证技术在资源受限的物联网 (IoT) 设备中的部署面临着越来越大的挑战。固有计算处理带来的显着增加的安全开销和延迟使得这些传统的静态安全技术不适合新兴的机器通信。在本文中，我们提出了一种新颖的轻量级连续身份验证方案，用于通过预先安排的伪随机访问时间序列来识别多个资源受限的物联网设备。当且仅当发射机的接入时间顺序与其自身和基站之间预先商定的唯一伪随机二进制序列（PRBS）相匹配时，发射机才会被验证为合法。用于在每个收发器对之间生成 PRBS 的种子是通过利用信道互易性来获取的，信道互易性是随时间变化的并且第三方难以预测。因此，所提出的方案通过自适应地刷新种子来为合法通信提供无缝保护，而不会产生长延迟、复杂计算和高通信开销。我们的结果表明，所提出的方案实现了高熵和低位失配率。最后，我们证明了我们的方案在量化性能、认证性能和计算成本方面优于现有方案。