Hybrid Cryptosystems for Protecting IoT Smart Devices with Comparative Analysis and Evaluation

  • Ahmed Ab. M. RagabEmail author
  • Ahmed Madani
  • A. M. Wahdan
  • Gamal M. I. Selim
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 1069)


There are limited numbers of reliable hybrid cryptosystems that can be used to protect IoT smart devices, specifically in smart cities, smart hospitals, smart homes, and industrial fields. Therefore, much related work has to be performed. The aim is to achieve more secure hybrid cryptosystem with high demanded performance. This paper investigates some recommended types of hybrid cryptosystems for protecting IoT smart devices from internet attacks. Then, a robust hybrid cryptosystem is proposed. These hybrid cryptosystems combine symmetric encryption algorithms such as TEA, XTEA, XXTEA, and asymmetric encryption algorithms such as RSA and ECC. They should have the capability to protect IoT smart devices from internet attacks. Since, they could efficiently achieve confidentiality, authenticity, integrity, and non-repudiation. Comparative analysis and evaluation are achieved. The analysis included the most important factors that have to be investigated in case of using lightweight ciphers to suit limited resources IoT smart devices. Among these factors are security level, memory size, power consumption, encryption time, decryption time, and throughput. Results show that the proposed hybrid cryptosystem that combined ECC and XXTEA gives better security and performance than RSA and XXTEA.


Hybrid cryptosystems Protecting IoT smart devices Lightweight ciphers analysis RSA ECC XXTEA 


  1. 1.
    Bhardwaj, S., Kole, A.: Review and study of the internet of things: it’s the future. In: 2016 IEEE International Conference on Intelligent Control Power and Instrumentation (ICICPI)Google Scholar
  2. 2.
    Demblewski, M.: Security frameworks for machine-to-machine devices and networks. Ph.D. thesis, Nova Southeastern University (2015). Accessed 10 Feb 2019
  3. 3.
    Ali, B., Awad, A.: Cyber and physical security vulnerability assessment for IoT-based smart homes. Sensors 18(3), 817 (2018)CrossRefGoogle Scholar
  4. 4.
    Chandra, S., Paira, S., Alam, S., Sanya, G.: A comparative survey of symmetric and asymmetric key cryptography. In: International Conference on Electronics, Communication and Computational Engineering (ICECCE) (2014)Google Scholar
  5. 5.
    Kumar, Y., Munjal, R., Sharma, H.: Comparison of symmetric and asymmetric cryptography with existing vulnerabilities and countermeasures. IJCSMS Int. J. Comput. Sci. Manag. Stud. 11(03), 60–63 (2011)Google Scholar
  6. 6.
    Henriques, M., Vernekar, N.: Using symmetric and asymmetric cryptography to secure communication between devices in IoT. In: 2017 IEEE International Conference on IoT and Application (ICIOT) (2017)Google Scholar
  7. 7.
    Ruan, C., Luo, J.: Design and implementation of a mobile payment system for intelligent travel. In: 2014 IEEE 3rd International Conference on Cloud Computing and Intelligence Systems (CCIS) (2014)Google Scholar
  8. 8.
    Xin, M.: A mixed encryption algorithm used in the internet of things security transmission system. In: 2015 IEEE International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC) (2015)Google Scholar
  9. 9.
    Biswas, K., et al.: Performance evaluation of block ciphers for wireless sensor networks. In: Advanced Computing and Communication Technologies, pp. 443–452. Springer, Heidelberg (2016)CrossRefGoogle Scholar
  10. 10.
    Ekera, M.: Differential Cryptanalysis of MD5. Master of Science Thesis Stockholm, Sweden (2009)Google Scholar
  11. 11.
    Kaur, S., et al.: Study of multi-level cryptography algorithm: multi-prime RSA and DES. Int. J. Comput. Netw. Inf. Secur. 9(9), 22 (2017)Google Scholar
  12. 12.
    Darwish, A., El-Gendy, M.M., Hasanien, A.: A new hybrid cryptosystem for the internet of things applications. In: Multimedia Forensics and Security, pp. 365–380. Springer, Heidelberg (2017)Google Scholar
  13. 13.
    Yarrkov, A.: Cryptanalysis of XXTEA, 4 May 2010. Accessed 10 Feb 2019
  14. 14.
    Bhaskar, C., Rupa, C.: An advanced symmetric block cipher based on chaotic systems. In: 2017 IEEE Innovations Power and Advanced Computing Technologies (i-PACT) (2017)Google Scholar
  15. 15.
    Yousefi, A., Jameii, S.: Improving the security of internet of things using encryption algorithms. In: 2017 IEEE International Conference on IoT and Application (ICIOT) (2017)Google Scholar
  16. 16.
    Singh, S., Padhye, S.: Cryptanalysis of NTRU with n Public Keys. In: 2017 ISEA Asia Security and Privacy (ISEASP) (2017)Google Scholar
  17. 17.
    Khomlyak, O.: An Investigation of Lightweight Cryptography and Using the Key Derivation Function for a Hybrid Scheme for Security in IoT (2017)Google Scholar
  18. 18.
    Hatzivasilis, G.: Password hashing status. Cryptography 1(2), 1–31 (2017) MDPI Int. J.CrossRefGoogle Scholar
  19. 19.
    Harini, A., et al.: A novel security mechanism using hybrid cryptography algorithms. In: 2017 IEEE International Conference on Electrical Instrumentation and Communication Engineering (ICEICE) (2017)Google Scholar
  20. 20.
    Elhoseny, M., et al.: Secure medical data transmission model for IoT-based healthcare systems. IEEE Access 6, 20596–20608 (2018)CrossRefGoogle Scholar
  21. 21.
    Njuki, S., et al.: An evaluation on securing cloud systems based on cryptographic key algorithms. In: Proceedings of the 2018 2nd International Conference on Algorithms, ACM Computing and Systems (2018)Google Scholar
  22. 22.
    Shoup, V.: Advances in Cryptology-CRYPTO. The 25th Annual International Cryptology Conference, Santa Barbara, California, USA, 14–18 August 2005 Proceedings, vol. 3621. Springer, Heidelberg (2005)Google Scholar
  23. 23.
    Abdelminaam, D.: Improving the security of cloud computing by building new hybrid cryptography algorithms. Int. J. Electron. Inf. Eng. 8(1), 40–48 (2018)Google Scholar
  24. 24.
    Sagar, F.: Cryptographic Hashing Functions - MD5, September 2016. Accessed 20 Apr 2019
  25. 25.
    Habboush, A.: Multi-level encryption framework. (IJACSA) Int. J. Adv. Comput. Sci. Appl. 9(4), 130–134 (2018)Google Scholar
  26. 26.
    Mahto, D., Khan, D., Yadav, D.: Security analysis of elliptic curve cryptography and RSA. In: Proceedings of the World Congress on Engineering 2016, WCE 2016, 29 June–1 July 2016, London, UK, vol. 1 (2016)Google Scholar
  27. 27.
    Ragab, A.: Robust hybrid cryptosystem for protecting smart devices in internet of things (IoT). Master thesis, record number 14120399, Department of Computer Engineering, Arab Academy for Science, Technology and Maritime Transport, Cairo, Egypt (2019)Google Scholar
  28. 28.
    Bhasher, U., Rupa, C.: An advanced symmetric block cipher based on chaotic systems. In: IEEE International Conference on Innovations in Power and Advanced Computing Technologies (2017)Google Scholar
  29. 29.
    Libelium-Techedge, Smart Industrial Protocols Solution Kit. Accessed 10 Feb 2019
  30. 30.
    AWS IoT Device Defender, Security management for IoT devices. Accessed 20 Apr 2019
  31. 31.
    Security on Arm. Accessed 20 Apr 2019
  32. 32.
    Wheeler, D., Needham, R.: Correction to XTEA. Computer Laboratory, Cambridge University, England (1998)Google Scholar
  33. 33.
    Andem, V.: A cryptanalysis of the tiny encryption algorithm. Master thesis, Department of Computer Science in the Graduate School of The University of Alabama (2003)Google Scholar
  34. 34.
    Miller, V.: Use of elliptic curves in cryptography. In: Conference on the Theory and Application of Cryptographic Techniques. Springer, Heidelberg (1985)Google Scholar
  35. 35.
    Kaur, S., Bharadwaj, P., Mankotia, S.: Study of multi-level cryptography algorithm: multi-prime RSA and DES. Int. J. Comput. Netw. Inf. Secur. 9(9), 22 (2017)Google Scholar
  36. 36.
    Barker, E., Dang, Q.: Recommendation for Key Management. NIST Special Publication 800-57 Part-3 Revision 1, National Institute of Standards and Technology (NIST), January 2015Google Scholar
  37. 37.
    Percival, C.: Stronger Key Derivation via Sequential Memory-hard Functions, pp. 1–16 (2009)Google Scholar
  38. 38.
    Dunkelman, O., Preneel, B.: Improved meet-in-the-middle attacks on reduced-round DES. In: International Conference on Cryptology in India. Springer, Heidelberg (2007)Google Scholar
  39. 39.
    Stamp, M., Low, R.: Applied Cryptanalysis: Breaking Ciphers in the Real World. Wiley, Hoboken (2017)Google Scholar
  40. 40.
    Albela, M., Lamas, P., Caramés, T.: A practical evaluation on RSA and ECC-based cipher suites for IoT high-security energy-efficient fog and mist computing devices. Sensors 18, 3868 (2018)CrossRefGoogle Scholar
  41. 41.
    Ertaul, L., Kaur, M., Gudise, V.: Implementation and performance analysis of PBKDF2, bcrypt, scrypt algorithms. In: Proceedings of the International Conference on Wireless Networks (ICWN), Athens, pp. 66–72 (2016)Google Scholar
  42. 42.
    Rajesh, S., Paul, V., Menon, V., Khosravi, M.: A secure and efficient lightweight symmetric encryption scheme for transfer of text files between embedded IoT devices. Symmetry 11, 293 (2019)CrossRefGoogle Scholar
  43. 43.
    Ankit Shah, A., Engineer, M.: A survey of lightweight cryptographic algorithms for IoT-based applications. In: Advances in Intelligent Systems and Computing (2019). Accessed 20 Apr 2019Google Scholar
  44. 44.
    Percival, C.: Stronger Key Derivation via Sequential Memory-Hard Functions. Accessed 20 Apr 2019
  45. 45.
    Sehrawat, D., Gill, N.S.: Lightweight block ciphers for IoT based applications: a review. Int. J. Appl. Eng. Res. 13(5), 2258–2270 (2018)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Ahmed Ab. M. Ragab
    • 1
    Email author
  • Ahmed Madani
    • 1
  • A. M. Wahdan
    • 2
  • Gamal M. I. Selim
    • 1
  1. 1.Arab Academy for Science, Technology and Maritime TransportCairoEgypt
  2. 2.Department of Computer and Systems EngineeringAin Shams UniversityCairoEgypt

Personalised recommendations