Abstract:Internet of Things (IoT) devices characterized by low power and low processing capabilities do not exactly fit into the provision of existing security techniques, due to their constrained nature. Classical security algorithms which are built on complex cryptographic functions often require a level of processing that low power IoT devices are incapable to effectively achieve due to limited power and processing resources. Consequently, the option for constrained IoT devices lies in either developing new security… Show more
“…Similarly work in Huang [15], Wei et al [16], Abd El-Latif et al [17], Li et al [18], Mamvong et al [19], Niu et al [20], which propose use of multiple authority attribute-based encryption, blockchain based data access control ABE (DAC ABE), controlled alternate quantum walks (CAQWs), Decisional Bilinear Diffie-Hellman (DBDH), power efficient encryption, and key aggregation searchable encryption (KASE), which assist in improving performance of encryption under different use cases. Extensions to these models are discussed in Fotovvat et al [21], Fotovvat et al [22], Khan et al [23], Hussain et al [24], Khashan [25] which propose use of Lightweight cryptography (LWC), Key-Policy Attribute Based Encryption (KPABE), Secure Surveillance Mechanism, Certificate Based Signcryption with Proxy Re-Encryption (CBSRE), and Lightweight Proxy Re-Encryption, which assists in improving security performance for different use cases.…”
Designing encryption models for IoT deployments requires analysis of multiple network level constraints. These include, estimation of energy requirements, security strength, encryption & decryption delay, computational complexity, etc. A wide variety of models are proposed to perform these tasks, but most of them are either highly complex, or require higher energy levels for encrypting data samples. Moreover, these models are contextindependent, and cannot be used for application-specific deployments. To overcome these issues, this text proposes design of a novel secure and lightweight dynamic encryption bioinspired model for IoT networks. The proposed model initially uses an Elliptic Curve Cryptography (ECC) process for data security, and optimizes its performance via Bacterial Foraging Optimization (BFO). ECC parameters that are obtained via BFO are further fine-tuned using a Q-Learning based process, which assists in identification of context-specific parametric ranges for different network types. The combination of BFO with Q-Learning results in dynamic ECC curves, which can be used for context-specific deployments. Performance of the model was evaluated on different scaled networks, and compared with other state-of-the-art encryption models in terms of encryption delay, decryption delay, security level under different attacks, and energy consumption levels. Based on this comparison, it was observed that the proposed model showcased 8.5% lower encryption delay, 3.2% lower decryption delay, and 5.9% lower energy consumption while maintaining similar security levels. Due to these enhancements, the proposed model is useful for a wide variety of low complexity IoT deployments.
“…Similarly work in Huang [15], Wei et al [16], Abd El-Latif et al [17], Li et al [18], Mamvong et al [19], Niu et al [20], which propose use of multiple authority attribute-based encryption, blockchain based data access control ABE (DAC ABE), controlled alternate quantum walks (CAQWs), Decisional Bilinear Diffie-Hellman (DBDH), power efficient encryption, and key aggregation searchable encryption (KASE), which assist in improving performance of encryption under different use cases. Extensions to these models are discussed in Fotovvat et al [21], Fotovvat et al [22], Khan et al [23], Hussain et al [24], Khashan [25] which propose use of Lightweight cryptography (LWC), Key-Policy Attribute Based Encryption (KPABE), Secure Surveillance Mechanism, Certificate Based Signcryption with Proxy Re-Encryption (CBSRE), and Lightweight Proxy Re-Encryption, which assists in improving security performance for different use cases.…”
Designing encryption models for IoT deployments requires analysis of multiple network level constraints. These include, estimation of energy requirements, security strength, encryption & decryption delay, computational complexity, etc. A wide variety of models are proposed to perform these tasks, but most of them are either highly complex, or require higher energy levels for encrypting data samples. Moreover, these models are contextindependent, and cannot be used for application-specific deployments. To overcome these issues, this text proposes design of a novel secure and lightweight dynamic encryption bioinspired model for IoT networks. The proposed model initially uses an Elliptic Curve Cryptography (ECC) process for data security, and optimizes its performance via Bacterial Foraging Optimization (BFO). ECC parameters that are obtained via BFO are further fine-tuned using a Q-Learning based process, which assists in identification of context-specific parametric ranges for different network types. The combination of BFO with Q-Learning results in dynamic ECC curves, which can be used for context-specific deployments. Performance of the model was evaluated on different scaled networks, and compared with other state-of-the-art encryption models in terms of encryption delay, decryption delay, security level under different attacks, and energy consumption levels. Based on this comparison, it was observed that the proposed model showcased 8.5% lower encryption delay, 3.2% lower decryption delay, and 5.9% lower energy consumption while maintaining similar security levels. Due to these enhancements, the proposed model is useful for a wide variety of low complexity IoT deployments.
“…IoT ecosystems' sheer scale and heterogeneity contribute to an inherently complex security landscape where a one-size-fits-all approach is untenable. Researchers emphasized that the constrained nature of many IoT devices, characterized by limited processing power and memory, amplifies the challenge of implementing robust security measures (Mamvong et al, 2020;Pisani et al, 2020;Samaila et al, 2018;Singh et al, 2017). These resource limitations hinder the incorporation of sophisticated security protocols and make devices susceptible to resource-intensive attacks.…”
The research paper delves into the intricate realm of IoT device security, unravelling the multifaceted risks and presenting a nuanced exploration of mitigation strategies. A comprehensive literature review unveils common security threads and the current state of IoT security measures. The subsequent analysis identifies security risks, including unauthorized access, encryption lapses, authentication weaknesses, physical vulnerabilities, and privacy concerns. Mitigation strategies encompass technical measures, policy frameworks, and user education, forming a holistic approach. The paper concludes by outlining recommendations for future research, emphasizing interdisciplinary collaboration, dynamic threat modelling, privacy-preserving technologies, standardization, certification, and blockchain integration. Envisioning a secure and connected future, the research underscores the pivotal role of manufacturers, policymakers, and users in shaping a resilient IoT landscape.
“…Therefore additional hardware peripherals are often employed to provide security functionalities to custom solutions. In particular, hardware secure elements are exploited to provide additional computational capabilities in cryptographic operations or to provide additional security functionalities required by the applications [ 35 ]. They provides special storage capability that enable secure storage of sensitive data (e.g., encryption keys and other secrets).…”
Internet-of-Things (IoT) and sensor technologies have enabled the collection of data in a distributed fashion for analysis and evidence-based decision making. However, security concerns regarding the source, confidentiality and integrity of the data arise. The most common method of protecting data transmission in sensor systems is Transport Layer Security (TLS) or its datagram counterpart (DTLS) today, but exist an alternative option based on Distributed Ledger Technology (DLT) that promise strong security, ease of use and potential for large scale integration of heterogeneous sensor systems. A DLT such as the IOTA Tangle offers great potential to improve sensor data exchange. This paper presents L2Sec, a cryptographic protocol which is able to secure data exchanged over the IOTA Tangle. This protocol is suitable for implementation on constrained devices, such as common IoT devices, leading to greater scalability. The first experimental results evidence the effectiveness of the approach and advocate for the integration of an hardware secure element to improve the overall security of the protocol. The L2Sec source code is released as open source repository on GitHub.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.