Paper 2018/891

Breaking a Lightweight M2M Authentication Protocol for Communications in IIoT Environment

Seyed Farhad Aghili and Hamid Mala


The concept of the Industrial Internet of Things (IIoT) can be defined as the integration of smart sensor networks and the Internet of Things (IoT). This technology can be employed in various industries such as agriculture, food processing industry, environmental monitoring, security surveillance, and so on. Generally, a smart sensor is a resource-constrained device which is responsible for gathering data from the monitored area. Machine-to-Machine (M2M) communication is one of the most important technologies to exchange information between entities in industrial areas. However, due to the insecure wireless communication channel and the smart sensor’s limitations, security and privacy concerns are the important challenges in IIoT environments. The goal of this paper is to address the security flaws of a recent M2M authentication protocol proposed for employing in IIoT including DoS, router impersonation and smart sensor traceability attacks. Moreover, we showed that an untrusted smart sensor can obtain the secret key of the router and the session key which another sensor establishes with the target router.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MAJOR revision.
M2M communicationsIIoTAuthenticationDoS AttackTraceability AttackImpersonation attackDisclosure Attack
Contact author(s)
aghili farhad60 @ gmail com
2019-05-04: revised
2018-09-23: received
See all versions
Short URL
Creative Commons Attribution


      author = {Seyed Farhad Aghili and Hamid Mala},
      title = {Breaking a Lightweight M2M Authentication Protocol for Communications in IIoT Environment},
      howpublished = {Cryptology ePrint Archive, Paper 2018/891},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.