Recent Developments in Authentication Schemes Used in Machine-Type Communication Devices in Machine-to-Machine Communication:Issues and Challenges

Shafi Ullah ,Sibghat Ullah Bazai,? ,Mohammad Imran ,Qazi Mudassar Ilyas ,Abid Mehmood ,Muhammad Asim Saleem ,Muhmmad Aasim Rafique,Arsalan Haider,Ilyas Khan,Sajid Iqbal,Yonis Gulzar and Kauser Hameed

1Department of Computer Engineering,Balochistan University of Information Technology,Engineering and Management Sciences,Quetta,87300,Pakistan

2Department of Information Technology,Balochistan University of Information Technology,Engineering,and Management Sciences,Quetta,87300,Pakistan

3Department of Information Systems,College of Computer Sciences and Information Technology,King Faisal University,Hofuf in Al-Ahsa,31982,Saudi Arabia 4Department of Management Information Systems,College of Business Administration,King Faisal University,Hofuf in Al-Ahsa,31982,Saudi Arabia

5Department of Software Engineering,College of Computing,Riphah International University,Faisalabad,44000,Pakistan

6Department of Electrical Engineering Balochistan University of Information Technology,Engineering,and Management Sciences,Quetta,87300,Pakistan

7Department of Mathematics,College of Science Al-Zulfi,Majmaah University,Al-Majmaah,11952,Saudi Arabia

ABSTRACT Machine-to-machine(M2M)communication plays a fundamental role in autonomous IoT(Internet of Things)-based infrastructure,a vital part of the fourth industrial revolution.Machine-type communication devices(MTCDs)regularly share extensive data without human intervention while making all types of decisions.These decisions may involve controlling sensitive ventilation systems maintaining uniform temperature,live heartbeat monitoring,and several different alert systems.Many of these devices simultaneously share data to form an automated system.The data shared between machine-type communication devices(MTCDs)is prone to risk due to limited computational power,internal memory,and energy capacity.Therefore,securing the data and devices becomes challenging due to factors such as dynamic operational environments,remoteness,harsh conditions,and areas where human physical access is difficult.One of the crucial parts of securing MTCDs and data is authentication,where each device must be verified before data transmission.Several M2M authentication schemes have been proposed in the literature,however,the literature lacks a comprehensive overview of current M2M authentication techniques and the challenges associated with them.To utilize a suitable authentication scheme for specific scenarios,it is important to understand the challenges associated with it.Therefore,this article fills this gap by reviewing the state-of-the-art research on authentication schemes in MTCDs specifically concerning application categories,security provisions,and performance efficiency.

KEYWORDS Authentication;cyber security;internet of things;machine-type communication devices;machine-to-machine communication

1 Introduction

Internet usage has become an indispensable part of routine life.It has become integral in every facet of human lives,whether directly or indirectly,encompassing finance,education,healthcare,and social interactions.As of 2023,the global count of internet users has reached 5.18 billion,which indicates that approximately two-thirds of the world’s population is presently linked to the World Wide Web [1,2].Besides,the world of automation has also created a surge.It has not only enabled humans to communicate over the Internet but also enabled machines to communicate with each other through M2M(machine-to-machine)and MTCDs(machine-type communication devices)technologies where human intervention is no longer a mandate.It is estimated that by 2025,over fifty billion devices will be employed in the cause.Compact and well-designed equipment,also known as MTC (machine-type communication) devices,are handed down in everyone’s life,ranging from smart refrigerators,televisions,and air-conditioner controllers to smart health devices,smart offices,and smart parking.These devices serve multiple functions,such as monitoring air quality in homes,sensing the environment in cities,granting access to authorized personnel in the office via smart doors,regulating specific machines controlled by the ventilation system,and tracking vital signs like heart rate and body temperature,transmitting this health data to physicians,securing parking spots in advance on busy streets,and generating environmental data for informed decision-making and future predictions.These devices utilize internet connectivity to share data and execute tasks based on pre-programmed logic.Despite their small size,cost-effectiveness,and limited computational abilities,these diminutive yet intelligent devices communicate,exchanging information as depicted in Fig.1.

Figure 1: M2M communication applications

The information exchanged by these MTCs can range from public data to overly sensitive information.For instance,a device might share temperature data from a power station to regulate fans,while another might transmit a remote heart patient’s heartbeat data to their doctor.Similarly,lifethreatening dangers can arise from hacking into medical device MTCDs.In smart grids,unauthorized access can potentially interfere with electricity distribution and cause blackouts.In the case of industrial IoT (Internet of Things) networks,unauthorized access can impact safety and manufacturing operations.In the context of smart homes,unauthorized control of IoT devices threatens the privacy and security of residents [1].Similarly,certain devices control access to secure military facilities.In these scenarios,the shared data is exceptionally sensitive.However,as MTCDs lack inherent security measures,external physical safeguards are not always feasible since these devices are meant to function remotely and autonomously.

Moreover,securing data and devices becomes challenging due to various factors,including limited connectivity,harsh environmental conditions,restricted physical access,power constraints,and limited maintenance opportunities.MTCDs deployed in remote locations often suffer from brittle network connectivity,which may compromise real-time communication with security infrastructure.As a result,security updates,patches,and monitoring activities are delayed,which increases devices’vulnerability to emerging security threats.Harsh environmental conditions,temperature variations,and exposure to dust or moisture harm the physical integrity of MTCDs,which causes hardware degradation and compromises the device’s ability to enforce security measures.Restricted physical access to MTCDs makes physical security measures challenging to implement.It also raises concerns about unauthorized access,tampering,or theft of devices.MTCDs deployed in remote environments usually lack reliable power sources and rely on batteries.Insufficient power can lead to unexpected device shutdowns,leaving systems unprotected during critical times.Finally,there are limited maintenance and update opportunities for MTCDs in remote or harsh environments,which results in outdated firmware or security protocols that may expose devices to known vulnerabilities.

The threats mentioned above may be mitigated by carefully implementing device,data,and user authentication mechanisms.A robust device authentication mechanism involves a secure device provisioning through device identity verification during device enrollment on the network,a mutual authentication mechanism to enforce mutual authentication between devices and network servers,and multi-factor authentication by requiring multiple credentials,e.g.,digital certificates,hardware tokens,or passwords for device access.Data authentication can be implemented through digital signatures,message authentication codes,and hash functions.User authentication can be implemented through strong password policies,role-based access control,and biometric authentication.

Consequently,these devices rely solely on software-based security measures.Owing to their limited computational and memory capacities,conventional Internet security protocols do not always apply to these IoTs [3].Effectively operating MTC communication necessitates a network of MTC-based devices.This network may,in turn,consist of several connected devices,and every device must be trusted to ensure security.This is achieved via authentication,where every device in the network must authenticate itself so that the data is considered trusted.

This review is based on authentication techniques proposed in different applications for securing MTC devices under the IoT (Internet of Things) framework.This article represents a thorough review of the authentication of MTC devices in M2M (machine-to-machine) communication in three categories,i.e.,local,group,andfactor-basedauthentication techniques,where several related techniques are analyzed regarding performance efficiency,security,and adaptability.

1.1 Contribution of Research

This work offers a thorough idea to the researcher related to the perceptual layer security requirements and features in M2M communication networks,as MTC devices are best suited for efficient performance in the perceptual layer.Moreover,the work categorizes authentication schemes into three categories and compares different authentication schemes.Furthermore,the authentication taxonomy in the last section offers a thorough understanding of authentication features and processes in the recent IoT security developments.

The paper is organized in the following manner.Section 2 represents Authentication in MTC devices,including perception layer security threats and requirements.Section 3 offers comparative analysis features adopted to analyze the categorized authentication schemes in the M2M communication network.Section 3 highlights issues and challenges.The paper is concluded in Section 5.

2 Machine-Type Communication Devices

MTC devices are autonomous IoT devices whose core functionality is to operate in remote areas in M2M communication networks.These devices are mostly battery-powered that collect,process,and transmit data to central nodes or gateways to be stored on the cloud for further processes[4].

2.1 MTC Device Layers

The functions of these devices are distributed in four layers,as summarized in Table 1.

Table 1: Generic four-layer architecture of IoT

2.2 Security Features in the Perception Layer of MTC Devices

Research offered by[4]and[9]shows that the perceptual layer security can be separated into two categories,i.e.,security and technological challenges.The technological category focuses on challenges due to the dynamic topologies of MTC devices and the ubiquitous behavior of IoT and M2M network applications.It includes areas such as energy,power,distributed features,and risks.Whereas,security challenges primarily aim to address solutions and weaknesses in end-to-end encryption,data integrity,data confidentiality,and scalability to ensure authentication between these devices[9].Moreover,the authentication scheme is chosen considering the nature of communication within the network and the type of business application required,and with certain cryptosystem techniques.

Table 2 represents perceptual layer security features for MTC devices in the M2M communication network.Each perceptual layer security feature enhances resilience against the perceptual layer security threats,as shown in Table 3.The represented authentication schemes are tested for performance efficiency and verified for security proofs against several features,as shown in Table 4.

Table 2: Perception layer security features in M2M communication

Table 4: Comparative analysis tools and features used in M2M communication

3 Authentication in MTC Devices

Authentication is a software-based security technique used in different topologies.MTC devices form three types of authentications in M2M communication,i.e.,local,group-based,and hybrid(factor-based).In the local authentication,all devices authenticate within the connected network.Any other device outside the network cannot share the data.In comparison,group-based authentication is used for a large number of devices working in simultaneous prospects of applications.Several devices form a group using local authentication techniques and cluster single groups.These groups authenticate other groups,and data is shared.Such authentication processes usually occur in LTE(long-term evolution)/CDMA(code-division multiple access)and 3GPP(3rd Generation Partnership Project)-based network infrastructures.

Moreover,in hybrid or factor-based authentication,M2M communication occurs between an end device,i.e.,MTC,and a gateway,making it two-factor authentication.The process of key sharing,encryption,and decryption is performed for both MTC and gateway.Similarly,three-factor authentication involves servers or clouds as the third tier of communication.In such a technique,servers and gateways must utilize similar distributed encrypted keys for authentication.Additionally,mutual authentication is an important part of authentication where data transmitting and receiving devices must mutually authenticate each other before sharing the actual data.

3.1 Group-Based Authentication

Such authentication protocols are used when a network consists of a large number of MTC devices.Single-device authentication is costly,and it includes extreme network overheads.Moreover,the area coverage is extremely large.Thus,numerous devices communicate simultaneously,so groupbased authentication is effective against network overheads [45].Standard encryption systems use either symmetric,asymmetric,or hybrid cryptographies.With extreme growth in wireless sensor networks[4],MTC devices are also introduced in LTE-A(long-term evolution-Advanced)networks,implementing 4G heterogeneous networks with low latency.LTE/LET-A networks tend to have a predefined authentication system between communication units for MTC network architecture,which was introduced by the 3GPP committee [2].The network comprises MME (mobile management entity)and HSS(home subscriber server).The architecture includes users or MTC devices and servers,whereas the user is outside the network domain.Users or MTC devices and servers communicate over an API (application programmable interface),as shown in Fig.2.Users or MTC devices must authenticate over the LTE/LTE-A network.In this regard,the EPS-AKA (evolved packet systembased authentication and key agreement)developed a packet delivery system for the 3GPP network with an extended version called EAP-AKA(extensible authentication protocol-authentication and key agreement)for the non-3GPP network over WLAN(wireless local area network)/WiMAX(worldwide interoperability for microwave access) was implemented for the objective of secure data transfer between MTC devices and server[46].

Figure 2: Local authentication network structure based on[1]

Several key agreeing protocols use the 3GPP network architecture.These protocols improve security and lessen network overheads.Jung et al.[47]devised congestion avoidance to prevent signaling congestion.In extension,Chen et al.[48]applied a similar grouping approach in G-AKA where the initiator device is verified by HSS,which then authorizes the MME entity.Still,it is susceptible to MiTM (man in the middle) and DoS (denial of service) threats.Lai et al.[49] proposed SE-AKA(secure and efficient authentication and key agreement),where a novel asymmetric method of encoding keys was introduced,which later proved less usefulvs.signaling congestion.Jiang et al.[50]proposed EG-AKA (EAP-based group authentication and key agreement) to validate a local group of MTC devices.Still,the procedure is susceptible to MiTM,DoS,and re-directional threats.The MTC-AKA(machine-type communication authentication and key agreement) by Lai et al.[51] first used fully authenticated MTC devices with HSS,which authenticated reaming MTC devices through a group temporary key—however,the protocol suffered from security attacks.Choi et al.[52] endorsed the GROUP-AKA protocol to alleviate signaling congestion where groups of devices were validated with reduced signaling congestion.Devices could easily join and leave the group but lacked in device privacy preservation.Cao et al.[53]developed GBAAM-AKA(group-based access authentication for MTCauthentication and key agreement) to address the privacy preservation challenge.Moreover,Highlevel computation overheads were created as GBAAM-AKA followed an asymmetric cryptosystem.Fu et al.[54]introduced the PRIVACY-AKA protocol that creates pseudo-identity via elliptic curve cryptography through group leaders,where the group leaders receive MAC from devices and produce an accumulated MAC.The scheme responds to primary security risk without key secrecy and produces network overheads.Lai et al.[55] recommended GLARM-AKA (group lightweight authentication scheme for resource-constrained M2M-authentication and key agreement),which is lightweight and produces less network signaling overheads in comparison to primitive AKA protocols but it fails due to unlink-capability.The protocol deteriorates from newly joining and old devices leaving the system,which gives a chance to DoS assaults and privacy issues.Li et al.[38]improved GR-AKA’s unlinkability by endorsing a dynamic policy in LTE-A.However,strong cryptography resulted in heavy bandwidth consumption.Yao et al.[56]proposed GBS-AKA(group-based secure authentication and key agreement)and improved overhead and bandwidth consumption but failed to incorporate privacy preservation.

Table 5 shows the group-based techniques that attempt to improve performance and adapt resilience against several security threats.Each work achieves a specific goal but lacks a thorough security-resilient mutual authentication scheme.

Table 5: Summary of discussed group-based authentication schemes

3.2 Local Authentication

Local authentication is adopted when devices are near or in close vicinity.It requires user equipment to be within reach of MTC devices and does not require Internet or remote access.For example,for patients’clinical tests via sensors,the patient has to be available within the medical facility.Similarly,for sensitive laboratories,the door has to be opened by the user through RFID(radio frequency identification),thus accessing the facilities only,and smart parking where parking space is allocated to drivers within the parking station[23].In such circumstances,local authentication is more suitable and less costly regarding security and operational feasibility.However,unlike the GBA schemes,the communication protocols are less robust than those of 4G or mobile networks.This is why operating local authentication-based systems is challenging[1],especially when numerous users are authenticated simultaneously.Local authentication is usually designed for access control systems where users have different privileges,such as two users with different hierarchies.One is granted full access,while the other is granted half access for certain system features.The local authentication network consists of M2M devices,a gateway,and communication channels where gateways can transfer data over the Internet and the cloud.During the transmission,the M2M device encounters three major challenges.

? All devices must be authenticated to ensure secure data transfer because an impersonator can easily use fake nodes to monitor data transmission and obtain crucial information related to security.In contrast,with malicious nodes,the integrity of the entire network could be at risk.To authenticate both,a mutual authentication scheme is mostly adopted [57].Mutual authentication in MTC devices happens with encrypted shared keys.These keys are generated via symmetric or asymmetric crypto-mechanism with the cost of complex MAC and high computation power.

? All M2M communicating devices must ensure user privacy through anonymity.It is very crucial to ensure secrecy.During communication,MTC devices must not share any data relating to the data sender’s identity [58].If such privacy is neglected,logs generated by devices may reveal sensitive information related to who,when,and where access was granted to a particular privileged user.Furthermore,a service provider could also reveal the information of all M2M devices’access control operations.That is why anonymity will ensure that the information is kept hidden from other devices[26,59].

? Since MTC devices possess low computational power,limited memory,and heterogeneity with dynamic topology,computational complexity must be designed so that 8-16-bit microprocessors can process smoothly.These limitations make the authentication process more difficult as traditional robust authentication methods may strain the limited resources.Complex encryption algorithm implementation may result in higher processing demands,which could impair the device responsiveness and performance.

Thus,it becomes essential to strike a balance between the requirement to save resources and strong security measures in order to guarantee that the authentication process stays efficient without unnecessarily straining the limited capabilities of MTCDs.Lightweight cryptography is also adopted to ensure privacy and mutual authentication.However,achieving all basic security features with efficiency is an ongoing research.

Table 6 provides a summary of local authentication schemes according to Table 4.Local authentication and access scheme in WSN (wireless sensor network) using a public key with a symmetric cryptosystem for healthcare applications was proposed by Le et al.[60].Sensor nodes’task was to perform symmetric-key encryption computation and were verified online by third-party coordinate nodes.Shen[61]designed a user access control scheme based on a symmetric encryption system using Merkle tree and hash chain functions.The scheme reduced space complexity but did not achieve basic security features.Due to compromised user anonymity,a user’s sensitive information is exposed during communication.Wang et al.[62]introduced hybrid authentication by merging local and remote access control system features and incorporating ECC (elliptical curve cryptography) lightweight cryptography [63].However,the sensor authentication property is ignored and thus is vulnerable to impersonator/fake nodes.Zhang et al.[36] proposed RSA (Rivest-Shamir-Adleman)-based blind signatures as tokens for users to obtain access rights.The proposed mechanism ensured user privacy and sensor node anonymity.He et al.[35] highlighted that Zhang’s mechanism did not account for double-spending,resulting in heavy memory consumption and network overheads.He et al.introduced an improved mechanism version by adding ring signatures based on elliptic curve cryptography to achieve user anonymity and reduce memory and communication overheads.The technique was also vulnerable to MiTM attacks using the ECDH (elliptic curve Deffie-Hellman) algorithm [63].He et al.further attempted to improve the scheme by adding node accountability[64]to implement network-based rules.Sophisticated privacy-ensuring mechanisms resulted in high computation costs and memory consumption,which MTC devices cannot afford.Similar related works [60–62] aimed to compensate operations in resource-constrained MTC devices by ignoring privacy.Both schemes[60,62]are based on certificate-based authentication.Users can identify logs and logging activities by verifying their certificates.On the contrary,references [36,64] required the MTC devices to execute complex computation for acheivement of privacy.Furthermore,references[35,36],and[61,62]did not incorporate device authentication properly and lacked in achieving basic security features.Meanwhile,computational tasks are offloaded to another powerful sever to mitigate MTC devices’computational and memory overheads while achieving privacy and efficiency.However,it is challenging as the whole network relies on the server for computations.Any delay in servers can result in increased latency and network losses.In[60],mutual authentication is carried out through the authority of coordinated nodes despite authenticating each node directly.However,the user cannot access sensor nodes when controlled by coordinate nodes if coordinate nodes face any malfunction.Cai et al.[1] proposed a scheme that improve resource management for resource-constrained MTC devices inclduing user anonymity where computation is transferred to third part server which authenticates all devices via pre-shared keys.However,the mechanism could not perform well in noisy signals and did not register lost bytes in noisy signal losses.The proposed mechanism is also prone to failure if the authenticating server either loses the communincation ability or malfuncations.Moreover,there are security problems in the schemes where users’secrets are unprotected throughout the communication.He et al.[64] accomplished user privacy in contradiction to the service provider but their proposed method consumes more energy.Energy consumption increases with the increase of group member devices sharing similar access privileges.The schemes of [36] and [62] devour continuous energy for the MTC device for every user access operation despite unguaranteed user privacy.For the execution costs on MTC devices and users,proposed schemes[35,61,62]need to include a certificate generation and verification function,which necessitate exponentiation and inversion executions.Furthermore,associated with [35],LACS’s multiplication cost does not raise with the increase in group members.However,references[61,62]cost significantly more energy.

Table 6: Summary of mentioned local authentication schemes

3.3 Factor-Based Authentication

Apart from group and local-based authentication,several other works have been proposed in securing MTC device communication with efficiency by adding additional unique parameters,including encryption,pre-shared unique identity keys,two factors such as user and device by using encrypted keys,three-factor such as user to device and device to the gateway,device signatures and implementing secure hash-functions.Each parameter is addressed to a particular environment and topological structure of the WSN network.Such authentication schemes are used for specific business applications requiring specific networks with user-controlled privileges.

Table 7 summarizes hybrid and factor-based authentication schemes analyzed through features presented in Table 4.Das[65]proposed a two-factor user verification method for WSN by securing secret key risking,mimicking,and DoS attacks.Vaidya et al.[66] pointed out that such a scheme had some security flaws by not offering users to change passwords and shared authorization between the gateway,sensors,and nodes.Vaidya et al.brought up a strategy that proposed an improved method.However,the proposed method offered no defense against malicious insider and bruteforce attacks [67].Additionally,they proposed a scheme to counter such attacks by merging keys and XORing the results.However,the scheme could not withstand insider and disconnected secret key-guessing attacks.Reference [11] devised a simple architecture for mutual authentication by prioritizing low computational and lesser memory consumption.The scheme met low computation and less memory consumption criteria but lacked database-related security measures.Reference[13]proposed an improved AKA scheme specifically for M2M correspondences in 6LoWPAN (IPv6 over low-power wireless personal area networks) systems.To overcome the weaknesses referenced in AKAES (authentication and key agreeing encrypted system),a combination of cryptography is utilized for secure authentication and shared keys with thought of resource constraints at 6LoWPAN utilizing MTC devices.A handover ticket is produced for a mobile device(6LR)to accomplish quick authentication when performing handovers.Therefore,a full authentication process may be performed once the ticket is terminated.In addition,the proposition has a remarkable element of giving security backing to both static and portable devices in 6LoWPAN systems.Reference [68] proposed model of authentication using IBC(Identity Based Cryptography)known as AIBCwKE(authentication via identity-based cryptography without key escrow),where all devices were assigned encrypted identities via ECC cryptography,excluding key agreeing mechanisms by third parties.The MSP (Machine to Machine Service Provider)was the main connectivity server and established communication between two entities (device,gateway,and user) using a public key.Reference [69] proposed three-factor authentication to target user anonymity,an extension to [70] and [71].Jiang et al.[70] incorporated two-factor-based ECC authentication where a user would log in,authenticate,and share data.Only the shared was encrypted by lightweight cryptography based on ECC,thus achieving data integrity and a low resource-occupying mechanism,an extension of [71].Choi et al.’s work [71] proposed an enhanced scheme to improve its predecessor’s ECC techniques for user anonymity.The proposed mechanism improved authentication and disabled security faults through BAN logic.Reference[69]discussed security flaws in[70]and pointed to a lack of user-friendliness,password updating method,and missing function to detect unauthorized login.

Table 7: Summary of discussed factor-based schemes in M2M communicating networks

4 Issues and Challenges

The evidence from Tables 5–7 suggests that the methods with good encryptions successfully achieved data integrity.Good encryption on data transmission ensured countering the MiTM attacks and data spoofing attacks.Meanwhile,the schemes with mutual authentication and good encrypted keys achieved user and device privacy.Schemes with only key encryption techniques are liable to MiTM and impersonator attacks because an impersonator can guess that the encrypted MACs are predominantly keys,so it will be easier to retrieve secrets.However,to our knowledge,an efficient scheme with end-to-end encryption,encrypted keys,and mutual authentication has not been found in any of the mentioned authentication types.The two-layer encryption would prove robust against MiTM and spoofing attacks while ensuring user and device privacy,including authentication.On the contrary,efficient two-layer encryption for keys and end-to-end encryption would be challenging as it might produce network overheads and prove costly in computation and memory consumption.Achieving optimal security protocol for MTC devices is still challenging because many devices work simultaneously in one network.

Our study elaborates on the weaknesses and strengths of current protocols and schemes used to counter certain challenges in communication,as discussed in the following.Fig.3 shows a taxonomy of authentication schemes used in M2M communication.

Figure 3: Taxonomy of authentication in M2M communication

? Groups-based authentication suits a network of large amounts of devices that require remote access via the Internet or use cloud services for data storage and access control.Such schemes require 3GPP or 4G infrastructure that provides seamless connectivity for remote users and mobility for mobile devices.However,MiTM and spoofing attacks are yet to be encountered efficiently in remote areas.

? Local authentication schemes better counter MiTM and Spoofing attacks due to easy access in sensitive and crucial business applications,which must ensure user privacy.That is why security features must be addressed,assuming risky threat models.However,efficient computational power and memory consumption are still lacking in the proposed schemes in Table 5.

? With no 3GPP or 4G infrastructure,several devices must communicate simultaneously via a well-organized network that ensures user privacy and mutual authentication.However,forward and back security is still challenging for such big networks.The risk extends to the whole network if a single device faces vulnerability.A complete collision detection text must be taken out for all devices in the network,which is time-consuming,costly,and highly complex.

? No scheme mentioned in this article addressed data availability during communication failure scenarios.If the network faces communication failure for any reason,the devices will also lose functionality and data.A system enabling such devices to work even during communication failure is still challenging.

? There is a gap in achieving a standard authentication model for a general authentication scheme that can address all general M2M communication applications.

5 Conclusion

In conclusion,establishing fool-proof security in the domain of Internet of Things(IoT)remains a formidable challenge.Authentication,as a fundamental component of security provisions,plays a crucial role in ensuring the integrity and confidentiality of Machine-Type Communication (MTC)devices.Our study delves into various authentication techniques aimed at achieving optimal performance efficiency and security while minimizing associated costs.The investigation sheds light on persistent challenges and outlines potential avenues for enhancing security in the future.Despite the advancements in two-layer encryption,which ensures user and device privacy and guards against spoofing and Man-in-the-Middle (MiTM) attacks,it comes with noticeable computational and network overheads.Group-based authentication emerges as a suitable solution for large networks,but its efficacy requires efficient countermeasures in remote areas.Local authentication schemes effectively address MiTM and spoofing attacks but encounter computational power challenges,while the unresolved issue of data availability during communication failures persists.

This study can further benefit from state-of-the-art techniques in the evolving landscape of IoT security,such as edge and fog computing,biometric authentication,blockchain-based authentication,risk-based authentication,machine learning,and anomaly detection.Furthermore,quantum-resistant authentication can be used to cope up with dynamic nature of IoT security.In this context,some prominent works on state-of-the-art concepts in IoT security can be used as a basis for further research,such as [72–74],that emphasizes who has described the security implications of quantum cryptography,artificial intelligence and lightweight peer-to-peer authentication.Additionaly,the research of Bonandrini et al.[75] has also contributed to anomaly detection in IoT networks,while researches in[76,77]proposed a Blockchain-based scheme for authentication and cloud based security in IoT environments.Furthermore,a secure authentication and protocol for M2M communication by Thammarat et al.[78] and the research of Zareen et al.[73] on authentication and authorization of IoT devices using AI can also be further research direction.These works further propose innovative approaches to address the multifaceted challenges in IoT security.As the field continues to evolve,embracing these trends and leveraging their unique contributions will be pivotal in establishing a standardized authentication model for general M2M communication applications.

Acknowledgement:The authors acknowledge the gracious support provided by the King Faisal University,Saudi Arabia.

Funding Statement:This work was funded by the Deanship of Scientific Research,Vice Presidency for Graduate Studies and Scientific Research,King Faisal University,Saudi Arabia (Grant No.GRANT5,208).

Author Contributions:The authors worked together on different parts of the research.S.U.started with problem formulation and conducted initial studies.S.U.B.performed problem analysis and critical review of related studies.M.I.checked for mistakes and planned research methodology.Q.M.I.and A.M.critically analyzed and interpreted the results.M.A.S.analyzed the research challenges,while M.A.R.and I.K.proposed potential future works.A.H.critically reviewed and revised the draft.S.I.,Y.G.,and K.H.helped with the manuscript write-up.

Availability of Data and Materials:All data used in this research are available from the corresponding authors upon request.

Conflicts of Interest:The authors declare that they have no conflicts of interest to report regarding the present study.