Efficient Security Algorithm for Provisioning Constrained Internet of Things (IoT) Devices

Addressing the security concerns of constrained Internet of Things (IoT) devices, such as client- side encryption and secure provisioning remains a work in progress. IoT devices characterized by low power and processing capabilities do not exactly fit into the provisions of existing security schemes, as classical security algorithms are built on complex cryptographic functions that are too complex for constrained IoT devices. Consequently, the option for constrained IoT devices lies in either developing new security schemes or modifying existing ones as lightweight. This work presents an improved version of the Advanced Encryption Standard (AES) known as the Efficient Security Algorithm for Power-constrained IoT devices, which addressed some of the security concerns of constrained Internet of Things (IoT) devices, such as client-side encryption and secure provisioning. With cloud computing being the key enabler for the massive provisioning of IoT devices, encryption of data generated by IoT devices before onward transmission to cloud platforms of choice is being advocated via client-side encryption. However, coping with trade-offs remain a notable challenge with Lightweight algorithms, making the innovation of cheaper secu- rity schemes without compromise to security a high desirable in the secure provisioning of IoT devices. A cryptanalytic overview of the consequence of complexity reduction with mathematical justification, while using a Secure Element (ATECC608A) as a trade-off is given. The extent of constraint of a typical IoT device is investigated by comparing the Laptop/SAMG55 implemen- tations of the Efficient algorithm for constrained IoT devices. An analysis of the implementation and comparison of the Algorithm to lightweight algorithms is given. Based on experimentation results, resource constrain impacts a 657% increase in the encryption completion time on the IoT device in comparison to the laptop implementation; of the Efficient algorithm for Constrained IoT devices, which is 0.9 times cheaper than CLEFIA and 35% cheaper than the AES in terms of the encryption completion times, compared to current results in literature at 26%, and with a 93% of avalanche effect rate, well above a recommended 50% in literature. The algorithm is utilised for client-side encryption to provision the device onto AWS IoT core

Efficient Security Algorithm for Power Constrained IoT Devices

Internet of Things (IoT) devices characterized by low power and low processing capabilities do not exactly fit into the provision of existing security techniques, due to their constrained nature. Classical security algorithms which are built on complex cryptographic functions often require a level of processing that low power IoT devices are incapable to effectively achieve due to limited power and processing resources. Consequently, the option for constrained IoT devices lies in either developing new security schemes or modifying existing ones to be more suitable for constrained IoT devices. In this work, an Efficient security Algorithm for Constrained IoT devices; based on the Advanced Encryption Standard is proposed. We present a cryptanalytic overview of the consequence of complexity reduction together with a supporting mathematical justification, and provisioned a secure element (ATECC608A) as a trade-off. The ATECC608A doubles for authentication and guarding against implementation attacks on the associated IoT device (ARM Cortex M4 microprocessor) in line with our analysis. The software implementation of the efficient algorithm for constrained IoT devices shows up to 35% reduction in the time it takes to complete the encryption of a single block (16bytes) of plain text, in comparison to the currently used standard AES-128 algorithm, and in comparison to current results in literature at 26.6