Abstract
There are limited numbers of reliable hybrid cryptosystems that can be used to protect IoT smart devices, specifically in smart cities, smart hospitals, smart homes, and industrial fields. Therefore, much related work has to be performed. The aim is to study the trade-off between performance and security in these constrained environments and to achieve more secure hybrid cryptosystem with high demanded performance. Several types of recommended lightweight encryption algorithms will be investigated. These hybrid cryptosystems combine symmetric encryption algorithms such as TEA, XTEA, XXTEA, and asymmetric encryption algorithms such as RSA and ECC. They have the capability to protect IoT smart devices from internet attacks. They can efficiently achieve confidentiality, authenticity, integrity, and non-repudiation. Comparative analysis and evaluation are achieved; hence a robust hybrid cryptosystem was proposed. It uses chaotic theory to generate random keys. The analysis included the most important factors that have to be tackled in case of using lightweight ciphers to suit limited resources of IoT smart devices. Among these factors are security level, memory size, power consumption, encryption time, decryption time, and throughput. Results show that the proposed hybrid cryptosystem that combined ECC and XXTEA gives better security and higher performance than RSA and XXTEA with 40%.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bhardwaj, S., Kole, A.: Review and study of the Internet of Things: it’s the future. In: 2016 IEEE International Conference Intelligent Control Power and Instrumentation (ICICPI) (2016)
Demblewski, M.: Security Frameworks for Machine-to-Machine Devices and Networks. Ph.D. Thesis, Nova Southeastern University (2015). https://nsuworks.nova.edu/cgi/viewcontent.cgi?article=1068&context=gscis_etd. Accessed 10 Feb 2019
Ali, B., Awad, A.: Cyber and physical security vulnerability assessment for IoT-based smart homes. Sensors 18(3), 817 (2018)
Chandra, S., Paira, S., Alam, S., Sanya, G.: A comparative survey of symmetric and asymmetric key cryptography. In: International Conference on Electronics, Communication and Computational Engineering (ICECCE) (2014)
Kumar, Y., Munjal, R., Sharma, H.: Comparison of symmetric and asymmetric cryptography with existing vulnerabilities and countermeasures. IJCSMS Int. J. Comput. Sci. Manag. Stud. 11(03), (2011)
Henriques, M., Vernekar, N.: Using symmetric and asymmetric cryptography to secure communication between devices in IoT. In: 2017 IEEE International Conference IoT and Application (ICIOT) (2017)
Ruan, C., Luo, J.: Design and implementation of a mobile payment system for intelligent travel. In: 2014 IEEE 3rd International Conference Cloud Computing and Intelligence Systems (CCIS) (2014)
Xin, M.: A mixed encryption algorithm used in the Internet of Things security transmission system. In: 2015 IEEE International Conference Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC) (2015)
Biswas, K., Muthukkumarasamy, V., Wu, X.-W., Singh, K.: Performance evaluation of block ciphers for wireless sensor networks. In: Choudhary, Ramesh K., Mandal, J.K., Auluck, N., Nagarajaram, H.A. (eds.) Advanced Computing and Communication Technologies. AISC, vol. 452, pp. 443–452. Springer, Singapore (2016). https://doi.org/10.1007/978-981-10-1023-1_44
Ekera, M.: Differential Cryptanalysis of MD5. Master of Science Thesis Stockholm, Sweden (2009)
Kaur, S., et al.: Study of multi-level cryptography algorithm: multi-prime RSA and DES. Int. J. Comput. Netw. Inf. Secur. 9(9), 22 (2017)
Darwish, A., El-Gendy, M.M., Hassanien, A.E.: A new hybrid cryptosystem for Internet of Things applications. In: Hassanien, A.E., Fouad, M.M., Manaf, A.A., Zamani, M., Ahmad, R., Kacprzyk, J. (eds.) Multimedia Forensics and Security. ISRL, vol. 115, pp. 365–380. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-44270-9_16
Yarrkov, A.: Cryptanalysis of XXTEA, 4 May 2010. https://eprint.iacr.org/2010/254.pdf. Accessed 10 Feb 2019
Bhaskar, C., Rupa, C.: An advanced symmetric block cipher based on chaotic systems. In: 2017 IEEE Innovations Power and Advanced Computing Technologies (i-PACT) (2017)
Yousefi, A., Jameii, S.: Improving the security of Internet of Things using encryption algorithms. In: 2017 IEEE International Conference IoT and Application (ICIOT) (2017)
Singh, S., Padhye, S.: Cryptanalysis of NTRU with n Public Keys. In: ISEA Asia Security and Privacy (ISEASP) (2017)
Khomlyak, O.: An investigation of lightweight cryptography and using the key derivation function for a hybrid scheme for security in IoT (2017)
Hatzivasilis, A.: Password hashing status in molecular diversity preservation. MDPI Int. J. (2017)
Harini, A., et al.: A novel security mechanism using hybrid cryptography algorithms. In: 2017 IEEE International Conference Electrical Instrumentation and Communication Engineering (ICEICE) (2017)
Elhoseny, M., et al.: Secure medical data transmission model for IoT-based healthcare systems. IEEE Access 6, 20596–20608 (2018)
Njuki, S., et al.: An evaluation on securing cloud systems based on cryptographic key algorithms. In: Proceedings of the 2018 2nd International Conference on Algorithms, ACM Computing and Systems (2018)
Shoup, V.: Advances in cryptology-CRYPTO. In: 2005 Proceedings of The 25th Annual International Cryptology Conference, Santa Barbara, California, USA, 14–18 August, vol. 3621. Springer (2005)
Abdelminaam, D.: Improving the security of cloud computing by building new hybrid cryptography algorithms. J. Electron. Inf. Eng. 8(1), 40–48 (2018)
Sagar, F.: Cryptographic Hashing Functions - MD5, September 2016. http://cs.indstate.edu/~fsagar/doc/paper.pdf. Accessed 20 Apr (2019)
Habboush, A.: Multi-level encryption framework. (IJACSA) Int. J. Adv. Comput. Sci. Appl. 9(4), 130–134 (2018)
Mahto, D., Khan, D., Yadav, D.: Security analysis of elliptic curve cryptography and RSA. In: Proceedings of the World Congress on Engineering 2016, WCE 2016, 29 June–1 June 2016, London, U.K, vol. I (2016)
Ragab, A.: Robust hybrid cryptosystem for protecting smart devices in Internet of Things (IoT), Master thesis, record number 14120399, Dept. of Computer Engineering, Arab Academy for Science, Technology and Maritime Transport, Cairo, Egypt (2019)
Bhasher, U., Rupa, C.: An advanced symmetric block cipher based on chaotic systems. In: IEEE International Conference on Innovations in Power and Advanced Computing Technologies (2017)
Libelium-Techedge: Smart Industrial Protocols Solution Kit. https://www.the-iot-marketplace.com/libelium-techedge-smart-industrial-protocols-solution-kit. Accessed 10 Feb 2019
AWS IoT Device Defender: Security management for IoT devices. https://aws.amazon.com/iot-device-defender/?nc=sn&loc=2&dn=5. Accessed 20 Apr 2019
Security on arm. https://developer.arm.com/technologies/security-on-arm. Accessed 20 Apr 2019
Wheeler, D., Needham, R.: Correction to XTEA. Computer Laboratory, Cambridge University, England (1998)
Andem, V.: A cryptanalysis of the tiny encryption algorithm, Master thesis, Department of Computer Science in the Graduate School of The University of Alabama (2003)
Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). https://doi.org/10.1007/3-540-39799-X_31
Kaur, S., Bharadwaj, P., Mankotia, S.: Study of multi-level cryptography algorithm: multi-prime RSA and DES. Modern Education and Computer Science (MECS) Press (2017)
Barker, E., Dang, Q.: Recommendation for key management. NIST Special Publication 800-57 Part-3 Revision 1, National Institute of Standards and Technology (NIST), January 2015
Percival, C.: Stronger key derivation via sequential memory-hard functions, pp 1–16 (2009)
Dunkelman, O., Sekar, G., Preneel, B.: Improved meet-in-the-middle attacks on reduced-round DES. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 86–100. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77026-8_8
Stamp, M., Low, R.: Applied Cryptanalysis: Breaking Ciphers in the Real World. Wiley, Hoboken (2017)
Albela, M., Lamas, P., Caramés, T.: A practical evaluation on RSA and ECC-based cipher suites for IoT high-security energy-efficient fog and mist computing devices. Sensors 18, 3868 (2018)
Ertaul, L., Kaur, M., Gudise, V.: Implementation and performance analysis of PBKDF2, Bcrypt, Scrypt algorithms. In: Proceedings of the International Conference on Wireless Networks (ICWN), Athens, pp. 66–72. Athens (2016)
Rajesh, S., Paul, V., Menon, V., Khosravi, M.: A secure and efficient lightweight symmetric encryption scheme for transfer of text files between embedded IoT devices. Symmetry 11, 293 (2019)
Shah, A., Engineer, M.: A survey of lightweight cryptographic algorithms for IoT-based applications. In: Tiwari, S., Trivedi, M.C., Mishra, K.K., Misra, A.K., Kumar, K.K. (eds.) Smart Innovations in Communication and Computational Sciences. AISC, vol. 851, pp. 283–293. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-2414-7_27. Accessed 20 Apr 2019
Percival, C.: Stronger key derivation via sequential memory-hard functions. https://www.tarsnap.com/scrypt/scrypt.pdf. Accessed 20 Apr 2019
Sehrawat, D., Nasib Gill, N.: Lightweight block ciphers for IoT based applications: a review. Int. J. Appl. Eng. Res. 13(5), 2258–2270 (2018). ISSN 0973-4562
Dinu, D.: Efficient and secure implementations of lightweight symmetric cryptographic primitives. Ph.D. Dissertation, Luxembourg University (2017) https://zdoc.pub/2017-in-luxembourg-to-obtain-the-degree-of.html. Accessed 20 Apr 2019
Mohd, B., Hayajneh, T.: Lightweight block ciphers for IoT: energy optimization and survivability techniques. IEEE Access 6, 35966–35978 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Ragab, A., Selim, G., Wahdan, A., Madani, A. (2019). Robust Hybrid Lightweight Cryptosystem for Protecting IoT Smart Devices. In: Wang, G., Feng, J., Bhuiyan, M., Lu, R. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2019. Lecture Notes in Computer Science(), vol 11637. Springer, Cham. https://doi.org/10.1007/978-3-030-24900-7_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-24900-7_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-24899-4
Online ISBN: 978-3-030-24900-7
eBook Packages: Computer ScienceComputer Science (R0)