Research Article

A Secure Data Transmission System using Multi-Factor Authentication and Split-Key Diffie-Hellman Protocol to Prevent Man-In-The-Middle Attacks on IoT Devices

by  Adama Zakari Yahaya, Muhammad Mukhtar Liman, Timothy Moses, Samuel Isah Odoh, T.T. Salau-Ibrahim
journal cover
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 187 - Issue 112
Published: June 2026
Authors: Adama Zakari Yahaya, Muhammad Mukhtar Liman, Timothy Moses, Samuel Isah Odoh, T.T. Salau-Ibrahim
10.5120/ijca17b0941ecf9c
PDF

Adama Zakari Yahaya, Muhammad Mukhtar Liman, Timothy Moses, Samuel Isah Odoh, T.T. Salau-Ibrahim . A Secure Data Transmission System using Multi-Factor Authentication and Split-Key Diffie-Hellman Protocol to Prevent Man-In-The-Middle Attacks on IoT Devices. International Journal of Computer Applications. 187, 112 (June 2026), 44-54. DOI=10.5120/ijca17b0941ecf9c

                        @article{ 10.5120/ijca17b0941ecf9c,
                        author  = { Adama Zakari Yahaya,Muhammad Mukhtar Liman,Timothy Moses,Samuel Isah Odoh,T.T. Salau-Ibrahim },
                        title   = { A Secure Data Transmission System using Multi-Factor Authentication and Split-Key Diffie-Hellman Protocol to Prevent Man-In-The-Middle Attacks on IoT Devices },
                        journal = { International Journal of Computer Applications },
                        year    = { 2026 },
                        volume  = { 187 },
                        number  = { 112 },
                        pages   = { 44-54 },
                        doi     = { 10.5120/ijca17b0941ecf9c },
                        publisher = { Foundation of Computer Science (FCS), NY, USA }
                        }
                        %0 Journal Article
                        %D 2026
                        %A Adama Zakari Yahaya
                        %A Muhammad Mukhtar Liman
                        %A Timothy Moses
                        %A Samuel Isah Odoh
                        %A T.T. Salau-Ibrahim
                        %T A Secure Data Transmission System using Multi-Factor Authentication and Split-Key Diffie-Hellman Protocol to Prevent Man-In-The-Middle Attacks on IoT Devices%T 
                        %J International Journal of Computer Applications
                        %V 187
                        %N 112
                        %P 44-54
                        %R 10.5120/ijca17b0941ecf9c
                        %I Foundation of Computer Science (FCS), NY, USA
Abstract

In today’s highly interconnected digital landscape, the secure transmission of sensitive data is critical to countering increasingly sophisticated cyber threats, particularly Man-in-the-Middle (MITM) attacks. These attacks exploit vulnerabilities during key exchanges, enabling malicious actors to intercept and compromise communication channels. While protocols like Diffie-Hellman (DH) are widely used for secure key exchange, they remain susceptible to interception when keys are transmitted over unsecured networks. Similarly, traditional single-factor authentication schemes provide limited defense against such threats. Although Multi-Factor Authentication (MFA) enhances identity verification by incorporating multiple layers of authentication, its integration with secure key exchange mechanisms has not been sufficiently explored. This study introduces a Secure Data Transmission System that combines a Three-Factor Authentication (3FA) approach with a novel Split-Key Diffie-Hellman Protocol. The system utilizes a password or PIN, a One-Time Password (OTP), and a graphical password for robust user authentication. Additionally, it strengthens the key exchange process by splitting the public key into two parts, which are transmitted through separate channels, thereby reducing the likelihood of successful MITM interception. The Advanced Encryption Standard (AES) is employed to ensure confidentiality and data integrity during transmission. Simulation results and performance evaluations demonstrate the system’s high efficiency, minimal latency, and strong resistance to MITM attacks. The findings confirm that integrating 3FA with the enhanced key exchange protocol significantly improves the overall security of data transmission. The research contributes to the advancement of cybersecurity solutions by addressing a critical gap in secure communication frameworks.

References
  • Ylianttila, M., Kantola, R., Gurtov, A., Mucchi, L., Oppermann, I., Yan, Z., ... & Röning, J. (2020). 6G white paper: Research challenges for trust, security and privacy. arXiv preprint arXiv:2004.11665.
  • Prakash, V., Goyanka, T., Sharma, S., Garg, L., & Shukla, V. (2023). Secure Text Transfer Using Diffie–Hellman Key Exchange Algorithm in Cloud Environment. In International Conference on Cryptology & Network Security with Machine Learning (pp. 631-643). Singapore: Springer Nature Singapore.
  • Hasan, M. K., Weichen, Z., Safie, N., Ahmed, F. R. A., & Ghazal, T. M. (2024). A Survey on Key Agreement and Authentication Protocol for Internet of Things Application. IEEE Access.
  • Mudra, G., Cui, H., & Johnstone, M. N. (2023). Survey: an overview of lightweight RFID authentication protocols suitable for the maritime internet of things. Electronics, 12(13), 2990.
  • Ahmad, M. O., Tripathi, G., Siddiqui, F., Alam, M. A., Ahad, M. A., Akhtar, M. M., & Casalino, G. (2023). BAuth-ZKP A blockchain-based multi-factor authentication mechanism for securing smart cities. Sensors, 23(5), 2757.
  • Bhansali, A., Harisha, J., & Sinha, G. (2024). Secure Data Transfer onto Cloud Environment using Diffie-Hellman Key Exchange Algorithm. In 2024 International Conference on Inventive Computation Technologies (ICICT) (pp. 1479-1484). IEEE.
  • Galu, T. S., Adeyelu, A. A., & Otor, S. U. An Improved Deffie Hellman Scheme for Mitigating an Eavesdropping Attack on a Network.
  • Adeyelu, A. A., Elusakin, O. E., Uga-Otor, S., Godwin, I. R., & John, Z. S. A New Approach to Mitigating Authentication Challenge for an Internet of Things Paradigm. International Journal of Computer Applications, 975, 8887.
  • Taparia, A., Panigrahy, S. K., & Jena, S. K. (2018). Secure key exchange using enhanced Diffie-Hellman protocol based on string comparison. Proceedings of the 2017 International Conference on Wireless Communications, Signal Processing and Networking, WiSPNET 2017, 2018-Janua, 722–726. https://doi.org/10.1109/WiSPNET.2017.8299856
  • Poh, G. S., Gope, P., & Ning, J. (2019). PrivHome: Privacy-preserving authenticated communication in smart home environment. IEEE Transactions on Dependable and Secure Computing, 18(3), 1095-1107.
  • Dey, S., & Hossain, A. (2019). Session-key establishment and authentication in a smart home network using public key cryptography. IEEE Sensors Letters, 3(4), 1-4.
  • Sahoo, S. S., Mohanty, S., & Majhi, B. (2020). Improved biometric-based mutual authentication and key agreement scheme using ECC. Wireless Personal Communications, 111(2), 991-1017.
  • Kumari, S., & Renuka, K. (2021). Design of a password authentication and key agreement scheme to access e-healthcare services. Wireless Personal Communications, 117(1), 27-45.
  • Shafiq, A., Ayub, M. F., Mahmood, K., Sadiq, M., Kumari, S., & Chen, C. M. (2020). An Identity‐Based Anonymous Three‐Party Authenticated Protocol for IoT Infrastructure. Journal of Sensors, 2020(1), 8829319.
  • Rajaram, S., Maitra, T., Vollala, S., Ramasubramanian, N., & Amin, R. (2020). eUASBP: enhanced user authentication scheme based on bilinear pairing. Journal of Ambient Intelligence and Humanized Computing, 11(7), 2827-2840.
  • Rana, S., Obaidat, M. S., Mishra, D., Mishra, A., & Rao, Y. S. (2022). Efficient design of an authenticated key agreement protocol for dew-assisted IoT systems. The Journal of Supercomputing, 78(3), 3696-3714.
  • Samal, K., Sunanda, S. K., Jena, D., & Patnaik, S. (2025). A lightweight privacy preservation authentication protocol for IoMT using ECC based blind signature. International Journal of Engineering Business Management, 17, 18479790251318538.
  • Yadav, V. K., Yadav, R. K., Chaurasia, B. K., Verma, S., & Venkatesan, S. (2020, December). MITM attack on modification of diffie-hellman key exchange algorithm. In International Conference on Communication, Networks and Computing (pp. 144-155). Singapore: Springer Singapore.
  • Owoh, N. P., & Singh, M. M. (2019). Applying Diffie-Hellman algorithm to solve the key agreement problem in mobile blockchain-based sensing applications. International Journal of Advanced Computer Science and Applications, 10(3).
  • Thapar, P., & Batra, U. (2022). Implementation of Elliptical Curve Cryptography Based Diffie-Hellman Key Exchange Mechanism in Contiki Operating System for Internet of Things. International Journal of Electrical and Electronics Research (IJEER), 10, 335-340.
  • Moussa, K. H., El-Sakka, A. H., Shaaban, S., & Kheirallah, H. N. (2022). Group security authentication and key agreement protocol built by elliptic curve diffie hellman key exchange for LTE military grade communication. IEEE Access, 10, 80352-80364.
  • Kara, M., Laouid, A., AlShaikh, M., Bounceur, A., & Hammoudeh, M. (2021). Secure key exchange against man-in-the-middle attack: Modified diffie-hellman protocol. Jurnal Ilmiah Teknik Elektro Komputer dan Informatika, 7(3), 380-387.
  • Alomari, G., & Aljarah, A. (2021). Efficiency of using the Diffie-Hellman key in cryptography for internet security. Turkish Journal of Computer and Mathematics Education, 12(6), 2039-2044.
  • Muth, R., & Tschorsch, F. (2020, August). Smartdhx: Diffie-hellman key exchange with smart contracts. In 2020 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPS) (pp. 164-168). IEEE.
  • Gupta, C., & Subba Reddy, N. V. (2022, January). Enhancement of Security of Diffie-Hellman Key Exchange Protocol using RSA Cryptography. In Journal of Physics: Conference Series (Vol. 2161, No. 1, p. 012014). IOP Publishing.
Index Terms
Computer Science
Information Sciences
No index terms available.
Keywords

Multifactor Authentication Man-in-the-Middle (MITM) attacks Cybersecurity Data Transmission Diffie-Hellman Protocol

Powered by PhDFocusTM