A Comparative Analysis of Lightweight Cryptographic Protocols for Enhanced Communication Security in Resource-Constrained Internet of Things (IoT) Environments
Published 30-12-2022
Keywords
- Internet of Things (IoT),
- Security Protocols,
- Lightweight Cryptography,
- Resource-Constrained Devices,
- Communication Security
- Performance Evaluation,
- Cryptographic Strength,
- Key Management,
- Message Integrity,
- Use Cases ...More
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
How to Cite
Abstract
The exponential growth of Internet of Things (IoT) devices embedded within cyber-physical systems and everyday applications has ushered in a new era of interconnected intelligence. However, the inherent resource limitations of these devices, characterized by low processing power, restricted memory, and often limited battery life, pose significant challenges in securing communication channels. Traditional cryptographic algorithms, while demonstrably robust, often incur significant computational overhead and memory footprint, rendering them unsuitable for deployment on resource-constrained IoT devices. This necessitates the exploration of lightweight cryptographic protocols specifically designed to balance security efficacy with efficient resource utilization within the confines of the IoT domain.
This research paper presents a comprehensive comparative analysis of prominent lightweight security protocols tailored for IoT environments. The analysis delves into three well-established protocols: Lightweight Secure Messaging Protocol (LSMWP), Constrained Application Protocol (CoAP) with Datagram Transport Layer Security (DTLS), and Efficient Cryptographic Primitives for Internet of Things (ECIoT). The evaluation employs a multifaceted approach, encompassing three key dimensions: security effectiveness, performance efficiency, and suitability for diverse IoT use cases.
On the security front, the paper meticulously examines the cryptographic strength of the ciphers and hash functions employed by each protocol. This analysis assesses their resistance to well-known cryptanalytic attacks, ensuring the confidentiality, integrity, and authenticity of data exchanged between IoT devices. Furthermore, the research scrutinizes the key management strategies adopted by each protocol, evaluating their effectiveness in mitigating key exposure and unauthorized device impersonation. Finally, the analysis investigates the message integrity mechanisms employed by the protocols, ensuring data hasn't been tampered with during transmission across the network.
Performance efficiency is a critical concern for resource-constrained IoT devices. The paper leverages established performance benchmarks from existing literature to compare the processing overhead introduced by each protocol. This includes evaluating the impact on encryption/decryption times, message signing/verification operations, and overall communication latency. Additionally, the research assesses the memory footprint of each protocol, considering the limited memory resources available on IoT devices.
The final dimension of the analysis explores the suitability of each protocol for various IoT use cases. The paper considers factors such as the sensitivity of the data being transmitted, the processing capabilities of the devices involved, and the real-time constraints of the application. By mapping the strengths and weaknesses of each protocol to specific use cases, the research aims to provide valuable insights for developers and security professionals in selecting the optimal protocol for their unique IoT deployment scenarios.
Through this comprehensive evaluation, the paper aims to bridge the knowledge gap regarding the trade-offs between security and performance inherent in lightweight cryptographic protocols for IoT environments. The findings will contribute to the development of secure and efficient communication strategies, ultimately fostering a more robust and trustworthy IoT ecosystem.
Downloads
References
- A. Rahman, M. Atiqur Rahman, S. Islam, M. A. Mahmud, and A. Kader, "Lightweight Security Protocols for Internet of Things: A Review," International Journal of Advanced Trends in Computer Science and Engineering, vol. 8, no. 4, pp. 1462-1468, 2019.
- M. A. Khan, K. Salah, N. A. Khan, and M. Atiquzzaman, "A Secure and Lightweight Authentication Protocol for IoT-Based Smart Homes," MDPI Sensors, vol. 20, no. 4, p. 1124, 2020.
- N. Asokan, W. Zhou, C. H. Kim, and M. G. Kayalar, "Lightweight secure messaging protocol for resource-constrained devices," IACR Cryptol. ePrint Archive, vol. 2014, p. 410, 2014.
- H. Tschofnig and D. Basin, "DTLS: Datagram Transport Layer Security," RFC 6347, IETF, 2012.
- Y. Liu and Z. Yu, "Efficient cryptographic primitives for internet of things security," in 2017 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 1-4, IEEE, 2017.
- A. Puttegowda, D. He, S. Banerjee, and J. Baek, "SPHINX: Lightweight Authenticated Encryption for Secure Communication in the Internet of Things," in Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 1677-1688, 2017.
- A. Bogdanov, L. R. Knudsen, G. Leander, C. Paar, A. Poschmann, M. Robshaw, Y. Seurin, and C. Rechberger, "PRESENT: An Ultra-Lightweight Block Cipher," in Lecture Notes in Computer Science, pp. 450-466, Springer, Berlin, Heidelberg, 2007.
- J. Guo, T. Peyrin, A. Poschmann, and M. Robshaw, "The LEA lightweight block cipher," in Cryptographic Hardware and Embedded Systems - CHES 2011, vol. 6911, pp. 301-316, Springer, Berlin, Heidelberg, 2011.
- K. Gajek, N. Kumar, P. Landman, M. Rostovtsev, and K. Schindler, "Keccak: Pseudo-random functions and stream ciphers," Submission to NIST (Cryptographic Hash Algorithm Competition), vol. 3, pp. 1-54, 2013.
- M. Dworkin, "Recommendation for Block Cipher Modes of Operation (CMBs) and Message Authentication Codes (MACs)," National Institute of Standards and Technology (NIST) Special Publication 800-38B, Dec. 2012.
- D. Boneh and V. Shoup, "A practical PKI for electronic commerce," in Proceedings of the 1998 ACM SIGCOMM Conference on Data Communication, pp. 117-126, 1998.
- D. Huang, M. Qu, and S. Guo, "Lightweight Cryptographic Algorithms for Resource-Constrained Devices in the Internet of Things," Security and Communication Networks, vol. 9, no. 18, pp. 5779-5793, 2016.
- D. Le Hoang, S. Jangte, T. Nguyen, H. Dao, Z. Sun, and D. Ni, "Lightweight Authentication and Key Agreement Protocols for Secure Group Communication in Fog Computing," IEEE Transactions on Sustainable Computing, pp. 1-11, 2020.
- X. Wang, Y. Liu, Y. Sun, and Z. Yu, "Lightweight Anonymous Authentication Scheme for Secure and Efficient Data Aggregation in Internet of Things," IEEE Access, vol. 6, pp. 71287-71297, 2018.
- A. Nayak, S. Jaiswal, and N. Singh, "Lightweight Identity-Based Encryption for Secure Communication in Internet of Things," in 2019 10th International Conference on Computing, Communication, Control and Automation (C5-CCA), pp. 1-6, IEEE, 2019.
- Abu Al‐Haija, Q., Al Badawi, A., & Bojja, G. R. (2022). Boost‐Defence for resilient IoT networks: A head‐to‐toe approach. Expert Systems, 39(10), e12934.