The authentication protocols do not allow unauthenticated users to enjoy the benefits of IoT. Based on the authentication types, the authentication protocols are categorized into several types that are symmetric, asymmetric, lightweight, ultra-lightweight, and group. Among them, lightweight authentication protocols receive high attention in internet-based application systems. The reason is that most IoT devices are tiny in size, and their characteristics are heterogeneous. The authentication is mainly necessitated by routing layers like RPL and application layer protocols like CoAP and MQTT.
   The lightweight authentication schemes employ lightweight cryptographic keys, hash functions, and certificates for authentication. The key length is shorter in lightweight authentication. The lightweight authentication protocols are more powerful than fundamental authentication protocols. The lightweight authentication models minimize the computing power and accomplish the desired level of security in IoT-based systems. The core content of the user authentication in various IoT smart applications is cryptography. User identity authentication is the first line of defense applied in cryptography. However, node authentication via static passwords and user identity is vulnerable to the stolen password attack.
   The dynamic identity authentication scheme has been introduced to solve such issues. Another important issue is the stealing of static passwords during transmission. The dynamic identity method needs to avoid the stolen password and prevent illegal users from intruding and accessing the network. Smart card authentication is widely applied for allowing legal users to access the resources provided by IoT servers.