Towards Secure and Privacy-Preserving IoT enabled Smart Home: Architecture and Experimental Study

Internet of Things (IoT) technology is increasingly pervasive in all aspects of our life and its usage is anticipated to significantly increase in future Smart Cities to support their myriad of revolutionary applications. This paper introduces a new architecture that can support several IoT-enabled smart home use cases, with a specified level of security and privacy preservation. The security threats that may target such an architecture are highlighted along with the cryptographic algorithms that can prevent them. An experimental study is performed to provide more insights about the suitability of several lightweight cryptographic algorithms for use in securing the constrained IoT devices used in the proposed architecture. The obtained results showed that many modern lightweight symmetric cryptography algorithms, as CLEFIA and TRIVIUM, are optimized for hardware implementations and can consume up to 10 times more energy than the legacy techniques when they are implemented in software. Moreover, the experiments results highlight that CLEFIA significantly outperforms TRIVIUM under all of the investigated test cases, and the latter performs 100 times worse than the legacy cryptographic algorithms tested

An overview of memristive cryptography

Smaller, smarter and faster edge devices in the Internet of things era demands secure data analysis and transmission under resource constraints of hardware architecture. Lightweight cryptography on edge hardware is an emerging topic that is essential to ensure data security in near-sensor computing systems such as mobiles, drones, smart cameras, and wearables. In this article, the current state of memristive cryptography is placed in the context of lightweight hardware cryptography. The paper provides a brief overview of the traditional hardware lightweight cryptography and cryptanalysis approaches. The contrast for memristive cryptography with respect to traditional approaches is evident through this article, and need to develop a more concrete approach to developing memristive cryptanalysis to test memristive cryptographic approaches is highlighted.Comment: European Physical Journal: Special Topics, Special Issue on "Memristor-based systems: Nonlinearity, dynamics and applicatio

Implementasi Algoritme Clefia 128-Bit untuk Pengamanan Modul Komunikasi Lora

LoRa, yang berarti “Long Range” adalah sebuah sistem komunikasi nirkabel jarak jauh, yang dipromosikan oleh LoRa Alliance. LoRa merupakan sebuah protokol pengiriman data berdaya rendah yang menggunakan spektrum radio. LoRa memiliki tujuan agar dapat digunakan pada sebuah perangkat bertenaga baterai yang tahan lama, di mana konsumsi energi adalah yang paling utama. Namun, pada dasarnya modul komunikasi LoRa tidak memiliki sistem keamanan untuk melindungi pesan saat melakukan transfer data, dan hal itu menyebabkan modul LoRa sangat rentan terhadap serangan yang dilakukan oleh pihak yang tidak bertanggung jawab. Salah satu cara untuk mengamankan modul komunikasi LoRa adalah dengan menerapkan sistem keamanan yang dapat mencegah pihak yang tidak bertanggung jawab membaca pesan yang dikirim, yaitu dengan menggunakan metode enkripsi. Metode enkripsi yang akan digunakan adalah algoritme Clefia 128-bit. Dari hasil pengujian yang dilakukan pada penelitian, algoritme Clefia 128-bit terbukti dapat mencegah serangan sniffing dan known-plaintext-attack. Pada pengujian serangan sniffing, penyerang hanya mampu mendapatkan pesan yang masih berbentuk ciphertext sehingga pesan asli tidak dapat dibaca. Pada pengujian serangan known-plaintext-attack, penyerang gagal menemukan key asli yang digunakan pada algoritme Clefia 128-bit, sehingga penyerang gagal melakukan serangan ke sistem. AbstractLoRa, which means “Long Range” is a long range wireless communication system, promoted by the LoRa Alliance. LoRa is a low-power data transmission protocol that uses the radio spectrum. LoRa aims to be used in a battery-powered device that lasts a long time, where energy consumption is the most important. However, basically the LoRa communication module does not have a security system to protect messages when transferring data, and that causes the LoRa module to be very vulnerable to attacks by irresponsible parties. One way to secure the LoRa communication module is to implement a security system that can prevent irresponsible parties from reading the messages sent, by using the encryption method. The encryption method that will be used is the 128-bit Clefia algorithm. From the results of the tests carried out in the study, the Clefia 128-bit algorithm is proven to be able to prevent sniffing and known-plaintext-attack attacks. In sniffing attacks test, attackers are only able to get messages that are still in the form of ciphertext so that the original message cannot be read. In the known-plaintext-attack attack test, the attacker failed to find the original key used in the 128-bit Clefia algorithm, so the attacker failed to attack the system.

GRANULE: An Ultra lightweight cipher design for embedded security

In this paper we proposed an ultra-lightweight cipher GRANULE. It is based on Feistel network which encrypts 64 bits of data with 80/128 bits of key. GRANULE needs very less memory space as compared to existing lightweight ciphers .GRANULE needs 1288 GEs for 80 bit and 1577 GEs for 128 bit key size. It also shows good resistance against linear and differential cryptanalysis. GRANULE needs very small footprint area and provides robust secure design which thwart attacks like biclique attack, zero correlation attack, meet in the middle attack ,key schedule attack and key collision attack. GRANULE is having a strong S-box which is the key designing aspect in any cipher design. In this paper GRANULE is proposed with 32 rounds which are enough to provide resistance against all possible types of attacks. GRANULE consumes very less power as compared to other modern lightweight ciphers. We believe GRANULE cipher is the best suited cipher for providing robust security in applications like IoT

SIMON and SPECK: Block Ciphers for the Internet of Things

The U.S. National Security Agency (NSA) developed the SIMON and SPECK families of lightweight block ciphers as an aid for securing applications in very constrained environments where AES may not be suitable. This paper summarizes the algorithms, their design rationale, along with current cryptanalysis and implementation results

BitCryptor: Bit-Serialized Compact Crypto Engine on Reconfigurable Hardware

There is a significant effort in building lightweight cryptographic operations, yet the proposed solutions are typically single-purpose modules that can implement a single functionality. In contrast, we propose BitCryptor, a multi-purpose, bit-serialized compact processor for cryptographic applications on reconfigurable hardware. The proposed crypto engine can perform pseudo-random number generation, strong collision-resistant hashing and variable-key block cipher encryption. The hardware architecture utilizes SIMON, a recent lightweight block cipher, as its core. The complete engine uses a bit-serial design methodology to minimize the area. Implementation results on the Xilinx Spartan-3 s50 FPGA show that the proposed architecture occupies 95 slices (187 LUTs, 102 registers), which is 10$\times$ smaller than the nearest comparable multi-purpose design. BitCryptor is also smaller than the majority of recently proposed lightweight single-purpose designs. Therefore, it is a very efficient cryptographic IP block for resource-constrained domains, providing a good performance at a minimal area overhead

A Comprehensive Survey on the Implementations, Attacks, and Countermeasures of the Current NIST Lightweight Cryptography Standard

This survey is the first work on the current standard for lightweight cryptography, standardized in 2023. Lightweight cryptography plays a vital role in securing resource-constrained embedded systems such as deeply-embedded systems (implantable and wearable medical devices, smart fabrics, smart homes, and the like), radio frequency identification (RFID) tags, sensor networks, and privacy-constrained usage models. National Institute of Standards and Technology (NIST) initiated a standardization process for lightweight cryptography and after a relatively-long multi-year effort, eventually, in Feb. 2023, the competition ended with ASCON as the winner. This lightweight cryptographic standard will be used in deeply-embedded architectures to provide security through confidentiality and integrity/authentication (the dual of the legacy AES-GCM block cipher which is the NIST standard for symmetric key cryptography). ASCON's lightweight design utilizes a 320-bit permutation which is bit-sliced into five 64-bit register words, providing 128-bit level security. This work summarizes the different implementations of ASCON on field-programmable gate array (FPGA) and ASIC hardware platforms on the basis of area, power, throughput, energy, and efficiency overheads. The presented work also reviews various differential and side-channel analysis attacks (SCAs) performed across variants of ASCON cipher suite in terms of algebraic, cube/cube-like, forgery, fault injection, and power analysis attacks as well as the countermeasures for these attacks. We also provide our insights and visions throughout this survey to provide new future directions in different domains. This survey is the first one in its kind and a step forward towards scrutinizing the advantages and future directions of the NIST lightweight cryptography standard introduced in 2023

A survey of IoT security based on a layered architecture of sensing and data analysis

The Internet of Things (IoT) is leading today’s digital transformation. Relying on a combination of technologies, protocols, and devices such as wireless sensors and newly developed wearable and implanted sensors, IoT is changing every aspect of daily life, especially recent applications in digital healthcare. IoT incorporates various kinds of hardware, communication protocols, and services. This IoT diversity can be viewed as a double-edged sword that provides comfort to users but can lead also to a large number of security threats and attacks. In this survey paper, a new compacted and optimized architecture for IoT is proposed based on five layers. Likewise, we propose a new classification of security threats and attacks based on new IoT architecture. The IoT architecture involves a physical perception layer, a network and protocol layer, a transport layer, an application layer, and a data and cloud services layer. First, the physical sensing layer incorporates the basic hardware used by IoT. Second, we highlight the various network and protocol technologies employed by IoT, and review the security threats and solutions. Transport protocols are exhibited and the security threats against them are discussed while providing common solutions. Then, the application layer involves application protocols and lightweight encryption algorithms for IoT. Finally, in the data and cloud services layer, the main important security features of IoT cloud platforms are addressed, involving confidentiality, integrity, authorization, authentication, and encryption protocols. The paper is concluded by presenting the open research issues and future directions towards securing IoT, including the lack of standardized lightweight encryption algorithms, the use of machine-learning algorithms to enhance security and the related challenges, the use of Blockchain to address security challenges in IoT, and the implications of IoT deployment in 5G and beyond