Lightweight Network Authentication For Resource Constrained Devices

Tech ID: 33233 / UC Case 2021-824-0

Brief Description

 Efficiency gains from MSS for a few sample applications

Efficiency gains for a few sample applications; CGM = Continuous Glucose Monitor; MSS = Mergeable Stateful Signatures.

Full Description


Authentication is a central challenge in secure protocol design for edge devices. The IoT environment often has a special system model in which IoT devices frequently communicate a small amount of authenticated data to a single server. IoT devices are often powered by batteries - so the authentication solution must not consume high energy. Symmetric key cryptography that is often used, imposes key-management issues and introduces security vulnerabilities. Authentication based on hash chains has a lifespan and requires expensive computation.


Research team at UCR led by Prof. Nael Abu-Ghazaleh have designed a novel signature/authentication scheme called Mergeable Stateful Signatures (MSS) that provides an authentication protocol with low overhead. The team has derived MSS instantiations for two cryptographic families, assuming the hardness of RSA and decisional Diffie-Hellman (DDH) respectively, thereby demonstrating the generality of the design. They have also implemented two time-based one-time password (TOTP) authentication systems from the RSA and DDH instantiations.

Authentication energy consumption of TOTP systems. 

Comparison of authentication energy consumption of TOTP systems. 


  • The implementation of RSA-TOTP system reduces authentication latency by 6X and energy consumption by 10X.
  • The implementation of ECEIGamal-TOTP system reduces authentication latency by 82X and energy consumption by 792X compared to hash chain based TOTP system.
  • MSS is versatile - it reduces the signature verification cost when client-server roles are switched and the IoT device becomes the server/verifier.

Suggested uses

Resource constrained edge devices such as:

  • Medical devices such as heart rate monitor, continuous glucose monitor, etc.
  • Drone command and control.
  • Sensors.
  • Infrastructure related devices such as smart meters, etc. 

Related Materials

Inventor Information

Patent Status

Patent Pending


Learn About UC TechAlerts - Save Searches and receive new technology matches

Other Information


authentication, Internet of things, network security, one time password, IoT, OTP, cyber-physical security

Categorized As