Comparative Analysis of Cryptography Library in IoT

The paper aims to do a survey along with a comparative analysis of the various cryptography libraries that are applicable in the field of Internet of Things (IoT). The first half of the paper briefly introduces the various cryptography libraries available in the field of cryptography along with a list of all the algorithms contained within the libraries. The second half of the paper deals with cryptography libraries specifically aimed for application in the field of Internet of Things. The various libraries and their performance analysis listed down in this paper are consolidated from various sources with the aim of providing a single comprehensive repository for reference to the various cryptography libraries and the comparative analysis of their features in IoT.Comment: 5 pages, 14 table

Residual Vulnerabilities to Power side channel attacks of lightweight ciphers cryptography competition Finalists

The protection of communications between Internet of Things (IoT) devices is of great concern because the information exchanged contains vital sensitive data. Malicious agents seek to exploit those data to extract secret information about the owners or the system. Power side channel attacks are of great concern on these devices because their power consumption unintentionally leaks information correlatable to the device\u27s secret data. Several studies have demonstrated the effectiveness of authenticated encryption with advanced data, in protecting communications with these devices. A comprehensive evaluation of the seven (out of 10) algorithm finalists of the National Institute of Standards and Technology (NIST) IoT lightweight cipher competition that do not integrate built‐in countermeasures is proposed. The study shows that, nonetheless, they still present some residual vulnerabilities to power side channel attacks (SCA). For five ciphers, an attack methodology as well as the leakage function needed to perform correlation power analysis (CPA) is proposed. The authors assert that Ascon, Sparkle, and PHOTON‐Beetle security vulnerability can generally be assessed with the security assumptions “Chosen ciphertext attack and leakage in encryption only, with nonce‐misuse resilience adversary (CCAmL1)” and “Chosen ciphertext attack and leakage in encryption only with nonce‐respecting adversary (CCAL1)”, respectively. However, the security vulnerability of GIFT‐COFB, Grain, Romulus, and TinyJambu can be evaluated more straightforwardly with publicly available leakage models and solvers. They can also be assessed simply by increasing the number of traces collected to launch the attack

Risks associated with Logistics 4.0 and their minimization using Blockchain

Currently we are saying that we are at the dawn of the fourth revolution, which is marked by using cyber-physical systems and the Internet of Things. This is marked as Industry 4.0 (I4.0). With Industry 4.0 is also closely linked concept Logistics 4.0. The highly dynamic and uncertain logistic markets and huge logistic networks require new methods, products and services. The concept of the Internet of Things and Services (IoT&S), Big Data/Data Mining (DM), cloud computing, 3D printing, Blockchain and cyber physical system (CPS) etc. seem to be the probable technical solution for that. However, associated risks hamper its implementation and lack a comprehensive overview. In response, the paper proposes a framework of risks in the context of Logistics 4.0. They are here economic risks, that are associated e.g. with high or false investments. From a social perspective, risks the job losses, are considered too. Additionally, risks can be associated with technical risks, e.g. technical integration, information technology (IT)-related risks such as data security, and legal and political risks, such as for instance unsolved legal clarity in terms of data possession. It is therefore necessary to know the potential risks in the implementation process.Web of Science101857

Pengamanan Internet of Things Berbasis NodeMCU Menggunakan Algoritma AES Pada Arsitektur Web Service REST

Data confidentiality and resource's limitation issues are challenges for the Internet of Things. To implement good security on IoT systems, cryptography can do it, but it needs an effective encryption algorithm that does not require a lot of resources. The purpose of this study is to secure an IoT system by implementing an algorithm that is successful in maintaining the confidentiality of data transmitted. This research uses an experimental approach, by creating an IoT system for agriculture and adding an encryption algorithm. The IoT system uses NodeMCU as a microcontroller. NodeMCU is a microcontroller with small resources so it needs an efficient algorithm to be implemented in it. One algorithm that has good performance in a desktop computing environment is the Advance Encryption Standard (AES) algorithm. The algorithm is tested in an IoT computing environment with a data exchange architecture using an REST (Representational State Transfer) web service, resulting in an IoT system for agriculture with cryptographic implementations in it. In the tests carried out, the encryption process of 128 and 256 bits of plain text took 266.31 and 274.31 microseconds, while the memory used was 16% and 17% of the total memory, respectively. This shows the encryption time is fast, and the memory usage is relatively small.Data confidentiality and resources limitation issues are challenges for Internet of Things. To implement good security on IoT systems, cryptography can be implemented, but it needs effective encryption algorithm that does not require a lot of resources. The purpose of this study is to implement an algorithm that is effective in maintaining the confidentiality of data transmitted on an IoT system with limited resources. This research uses experimental research methods, by creating an IoT system for agriculture and adding an encryption algorithm. The IoT system uses NodeMCU as a microcontroller. NodeMCU is a microcontroller with small resources so it needs an efficient algorithm to be implemented in it. One algorithm that has good performance in a desktop computing environment is the Advance Encryption Standard (AES) algorithm. The algorithm implemented in the IoT system using a REST (Representational State Transfer) web service. The result of this research is an secured IoT system for agriculture. In the tests carried out, the encryption process of 128 and 256 bit plain text took 266.31 and 274.31 microseconds, while the memory used was 16% and 17% of the total memory. This shows the encryption time is relatively fast and the memory usage is relatively small

TD2SecIoT: Temporal, Data-Driven and Dynamic Network Layer Based Security Architecture for Industrial IoT

The Internet of Things (IoT) is an emerging technology, which comprises wireless smart sensors and actuators. Nowadays, IoT is implemented in different areas such as Smart Homes, Smart Cities, Smart Industries, Military, eHealth, and several real-world applications by connecting domain-specific sensors. Designing a security model for these applications is challenging for researchers since attacks (for example, zero-day) are increasing tremendously. Several security methods have been developed to ensure the CIA (Confidentiality, Integrity, and Availability) for Industrial IoT (IIoT). Though these methods have shown promising results, there are still some security issues that are open. Thus, the security and authentication of IoT based applications become quite significant. In this paper, we propose TD2SecIoT (Temporal, Data-Driven and Dynamic Network Layer Based Security Architecture for Industrial IoT), which incorporates Elliptic Curve Cryptography (ECC) and Nth-degree Truncated Polynomial Ring Units (NTRU) methods to ensure confidentiality and integrity. The proposed method has been evaluated against different attacks and performance measures (quantitative and qualitative) using the Cooja network simulator with Contiki-OS. The TD2SecIoT has shown a higher security level with reduced computational cost and time

Security for the Industrial IoT: The Case for Information-Centric Networking

Industrial production plants traditionally include sensors for monitoring or documenting processes, and actuators for enabling corrective actions in cases of misconfigurations, failures, or dangerous events. With the advent of the IoT, embedded controllers link these `things' to local networks that often are of low power wireless kind, and are interconnected via gateways to some cloud from the global Internet. Inter-networked sensors and actuators in the industrial IoT form a critical subsystem while frequently operating under harsh conditions. It is currently under debate how to approach inter-networking of critical industrial components in a safe and secure manner. In this paper, we analyze the potentials of ICN for providing a secure and robust networking solution for constrained controllers in industrial safety systems. We showcase hazardous gas sensing in widespread industrial environments, such as refineries, and compare with IP-based approaches such as CoAP and MQTT. Our findings indicate that the content-centric security model, as well as enhanced DoS resistance are important arguments for deploying Information Centric Networking in a safety-critical industrial IoT. Evaluation of the crypto efforts on the RIOT operating system for content security reveal its feasibility for common deployment scenarios.Comment: To be published at IEEE WF-IoT 201

An Overview of Parallel Symmetric Cipher of Messages

مقدمة: على الرغم من التطورات الهامة في الاتصالات والتكنولوجيا، فقد أثبتت حماية البيانات نفسها كواحدة من أكبر الاهتمامات. يجب تشفير البيانات من أجل الارتباط بشكل آمن وسريع من خلال نقل البيانات التكنولوجية على شبكة الإنترنت. يمكن تعريف عملية التشفير بانها تحويل النص العادي إلى نص مشفر لا يمكن قراءته أو تغييره بواسطة الأشخاص المؤذيين.            طرق العمل: من أجل الحفاظ على الدرجة المطلوبة من الأمان ، استغرقت كل من عمليات تحليل التشفير وفك التشفير وقتًا طويلاً. ومع ذلك, من أجل تقليل مقدار الوقت المطلوب لإكمال عمليات التشفير وفك التشفير، طبق العديد من الباحثين طريقة التشفير بطريقة موازية. لقد كشف البحث الذي تم إجراؤه حول المشكلة عن العديد من الإجابات المحتملة. استخدم الباحثون التوازي لتحسين إنتاجية خوارزمياتهم، مما سمح لهم بتحقيق مستويات أداء أعلى في خوارزمية التشفير.                             النتائج: أظهرت الأبحاث الحديثة حول تقنيات التشفير المتوازي أن وحدات معالجة الرسومات (GPUs) تعمل بشكل أفضل من الأنظمة الأساسية المتوازية الأخرى عند مقارنة مستويات أداء التشفير.   الاستنتاجات: لإجراء بحث مقارنة حول أهم خوارزميات التشفير المتوازية من حيث فعالية أمن البيانات وطول المفتاح والتكلفة والسرعة، من بين أمور أخرى. تستعرض هذه الورقة العديد من الخوارزميات المتوازية الهامة المستخدمة في تشفير البيانات وفك تشفيرها في جميع التخصصات. ومع ذلك، يجب النظر في معايير أخرى لإظهار مصداقية أي تشفير. تعتبر اختبارات العشوائية مهمة جدًا لاكتشافها وتم تسليط الضوء عليها في هذه الدراسة.                                                              Background: Despite significant developments in communications and technology, data protection has established itself as one of the biggest concerns. The data must be encrypted in order to link securely, quickly through web-based technological data transmission. Transforming plain text into ciphered text that cannot be read or changed by malicious people is the process of encryption. Materials and Methods: In order to maintain the required degree of security, both the cryptanalysis and decryption operations took a significant amount of time. However, in order to cut down on the amount of time required for the encryption and decryption operations to be completed, several researchers implemented the cryptography method in a parallel fashion. The research that has been done on the problem has uncovered several potential answers. Researchers used parallelism to improve the throughput of their algorithms, which allowed them to achieve higher performance levels on the encryption algorithm. Results: Recent research on parallel encryption techniques has shown that graphics processing units (GPUs) perform better than other parallel platforms when comparing their levels of encryption performance. Conclusion: To carry out comparison research on the most significant parallel crypto algorithms in terms of data security efficacy, key length, cost, and speed, among other things. This paper reviews various significant parallel algorithms used for data encryption and decryption in all disciplines. However, other criteria must be considered in order to show the trustworthiness of any encryption. Randomness tests are very important to discover and are highlighted in this study