Robust Hybrid Lightweight Cryptosystem for Protecting IoT Smart Devices

  • Ahmed RagabEmail author
  • Gamal Selim
  • Abdelmoniem Wahdan
  • Ahmed Madani
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11637)


There are limited numbers of reliable hybrid cryptosystems that can be used to protect IoT smart devices, specifically in smart cities, smart hospitals, smart homes, and industrial fields. Therefore, much related work has to be performed. The aim is to study the trade-off between performance and security in these constrained environments and to achieve more secure hybrid cryptosystem with high demanded performance. Several types of recommended lightweight encryption algorithms will be investigated. These hybrid cryptosystems combine symmetric encryption algorithms such as TEA, XTEA, XXTEA, and asymmetric encryption algorithms such as RSA and ECC. They have the capability to protect IoT smart devices from internet attacks. They can efficiently achieve confidentiality, authenticity, integrity, and non-repudiation. Comparative analysis and evaluation are achieved; hence a robust hybrid cryptosystem was proposed. It uses chaotic theory to generate random keys. The analysis included the most important factors that have to be tackled in case of using lightweight ciphers to suit limited resources of IoT smart devices. Among these factors are security level, memory size, power consumption, encryption time, decryption time, and throughput. Results show that the proposed hybrid cryptosystem that combined ECC and XXTEA gives better security and higher performance than RSA and XXTEA with 40%.


Hybrid cryptosystems Protecting IoT smart devices Lightweight ciphers analysis RSA ECC XXTEA 


  1. 1.
    Bhardwaj, S., Kole, A.: Review and study of the Internet of Things: it’s the future. In: 2016 IEEE International Conference Intelligent Control Power and Instrumentation (ICICPI) (2016)Google Scholar
  2. 2.
    Demblewski, M.: Security Frameworks for Machine-to-Machine Devices and Networks. Ph.D. Thesis, Nova Southeastern University (2015). Accessed 10 Feb 2019
  3. 3.
    Ali, B., Awad, A.: Cyber and physical security vulnerability assessment for IoT-based smart homes. Sensors 18(3), 817 (2018)CrossRefGoogle Scholar
  4. 4.
    Chandra, S., Paira, S., Alam, S., Sanya, G.: A comparative survey of symmetric and asymmetric key cryptography. In: International Conference on Electronics, Communication and Computational Engineering (ICECCE) (2014)Google Scholar
  5. 5.
    Kumar, Y., Munjal, R., Sharma, H.: Comparison of symmetric and asymmetric cryptography with existing vulnerabilities and countermeasures. IJCSMS Int. J. Comput. Sci. Manag. Stud. 11(03), (2011)Google Scholar
  6. 6.
    Henriques, M., Vernekar, N.: Using symmetric and asymmetric cryptography to secure communication between devices in IoT. In: 2017 IEEE International Conference IoT and Application (ICIOT) (2017)Google Scholar
  7. 7.
    Ruan, C., Luo, J.: Design and implementation of a mobile payment system for intelligent travel. In: 2014 IEEE 3rd International Conference Cloud Computing and Intelligence Systems (CCIS) (2014)Google Scholar
  8. 8.
    Xin, M.: A mixed encryption algorithm used in the Internet of Things security transmission system. In: 2015 IEEE International Conference Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC) (2015)Google Scholar
  9. 9.
    Biswas, K., Muthukkumarasamy, V., Wu, X.-W., Singh, K.: Performance evaluation of block ciphers for wireless sensor networks. In: Choudhary, Ramesh K., Mandal, J.K., Auluck, N., Nagarajaram, H.A. (eds.) Advanced Computing and Communication Technologies. AISC, vol. 452, pp. 443–452. Springer, Singapore (2016). Scholar
  10. 10.
    Ekera, M.: Differential Cryptanalysis of MD5. Master of Science Thesis Stockholm, Sweden (2009)Google Scholar
  11. 11.
    Kaur, S., et al.: Study of multi-level cryptography algorithm: multi-prime RSA and DES. Int. J. Comput. Netw. Inf. Secur. 9(9), 22 (2017)Google Scholar
  12. 12.
    Darwish, A., El-Gendy, M.M., Hassanien, A.E.: A new hybrid cryptosystem for Internet of Things applications. In: Hassanien, A.E., Fouad, M.M., Manaf, A.A., Zamani, M., Ahmad, R., Kacprzyk, J. (eds.) Multimedia Forensics and Security. ISRL, vol. 115, pp. 365–380. Springer, Cham (2017). Scholar
  13. 13.
    Yarrkov, A.: Cryptanalysis of XXTEA, 4 May 2010. Accessed 10 Feb 2019
  14. 14.
    Bhaskar, C., Rupa, C.: An advanced symmetric block cipher based on chaotic systems. In: 2017 IEEE Innovations Power and Advanced Computing Technologies (i-PACT) (2017)Google Scholar
  15. 15.
    Yousefi, A., Jameii, S.: Improving the security of Internet of Things using encryption algorithms. In: 2017 IEEE International Conference IoT and Application (ICIOT) (2017)Google Scholar
  16. 16.
    Singh, S., Padhye, S.: Cryptanalysis of NTRU with n Public Keys. In: ISEA Asia Security and Privacy (ISEASP) (2017)Google Scholar
  17. 17.
    Khomlyak, O.: An investigation of lightweight cryptography and using the key derivation function for a hybrid scheme for security in IoT (2017)Google Scholar
  18. 18.
    Hatzivasilis, A.: Password hashing status in molecular diversity preservation. MDPI Int. J. (2017)Google Scholar
  19. 19.
    Harini, A., et al.: A novel security mechanism using hybrid cryptography algorithms. In: 2017 IEEE International Conference Electrical Instrumentation and Communication Engineering (ICEICE) (2017)Google Scholar
  20. 20.
    Elhoseny, M., et al.: Secure medical data transmission model for IoT-based healthcare systems. IEEE Access 6, 20596–20608 (2018)CrossRefGoogle Scholar
  21. 21.
    Njuki, S., et al.: An evaluation on securing cloud systems based on cryptographic key algorithms. In: Proceedings of the 2018 2nd International Conference on Algorithms, ACM Computing and Systems (2018)Google Scholar
  22. 22.
    Shoup, V.: Advances in cryptology-CRYPTO. In: 2005 Proceedings of The 25th Annual International Cryptology Conference, Santa Barbara, California, USA, 14–18 August, vol. 3621. Springer (2005)Google Scholar
  23. 23.
    Abdelminaam, D.: Improving the security of cloud computing by building new hybrid cryptography algorithms. J. Electron. Inf. Eng. 8(1), 40–48 (2018)Google Scholar
  24. 24.
    Sagar, F.: Cryptographic Hashing Functions - MD5, September 2016. Accessed 20 Apr (2019)
  25. 25.
    Habboush, A.: Multi-level encryption framework. (IJACSA) Int. J. Adv. Comput. Sci. Appl. 9(4), 130–134 (2018)Google Scholar
  26. 26.
    Mahto, D., Khan, D., Yadav, D.: Security analysis of elliptic curve cryptography and RSA. In: Proceedings of the World Congress on Engineering 2016, WCE 2016, 29 June–1 June 2016, London, U.K, vol. I (2016)Google Scholar
  27. 27.
    Ragab, A.: Robust hybrid cryptosystem for protecting smart devices in Internet of Things (IoT), Master thesis, record number 14120399, Dept. of Computer Engineering, Arab Academy for Science, Technology and Maritime Transport, Cairo, Egypt (2019)Google Scholar
  28. 28.
    Bhasher, U., Rupa, C.: An advanced symmetric block cipher based on chaotic systems. In: IEEE International Conference on Innovations in Power and Advanced Computing Technologies (2017)Google Scholar
  29. 29.
    Libelium-Techedge: Smart Industrial Protocols Solution Kit. Accessed 10 Feb 2019
  30. 30.
    AWS IoT Device Defender: Security management for IoT devices. Accessed 20 Apr 2019
  31. 31.
    Security on arm. Accessed 20 Apr 2019
  32. 32.
    Wheeler, D., Needham, R.: Correction to XTEA. Computer Laboratory, Cambridge University, England (1998)Google Scholar
  33. 33.
    Andem, V.: A cryptanalysis of the tiny encryption algorithm, Master thesis, Department of Computer Science in the Graduate School of The University of Alabama (2003)Google Scholar
  34. 34.
    Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). Scholar
  35. 35.
    Kaur, S., Bharadwaj, P., Mankotia, S.: Study of multi-level cryptography algorithm: multi-prime RSA and DES. Modern Education and Computer Science (MECS) Press (2017)Google Scholar
  36. 36.
    Barker, E., Dang, Q.: Recommendation for key management. NIST Special Publication 800-57 Part-3 Revision 1, National Institute of Standards and Technology (NIST), January 2015Google Scholar
  37. 37.
    Percival, C.: Stronger key derivation via sequential memory-hard functions, pp 1–16 (2009)Google Scholar
  38. 38.
    Dunkelman, O., Sekar, G., Preneel, B.: Improved meet-in-the-middle attacks on reduced-round DES. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 86–100. Springer, Heidelberg (2007). Scholar
  39. 39.
    Stamp, M., Low, R.: Applied Cryptanalysis: Breaking Ciphers in the Real World. Wiley, Hoboken (2017)Google Scholar
  40. 40.
    Albela, M., Lamas, P., Caramés, T.: A practical evaluation on RSA and ECC-based cipher suites for IoT high-security energy-efficient fog and mist computing devices. Sensors 18, 3868 (2018)CrossRefGoogle Scholar
  41. 41.
    Ertaul, L., Kaur, M., Gudise, V.: Implementation and performance analysis of PBKDF2, Bcrypt, Scrypt algorithms. In: Proceedings of the International Conference on Wireless Networks (ICWN), Athens, pp. 66–72. Athens (2016)Google Scholar
  42. 42.
    Rajesh, S., Paul, V., Menon, V., Khosravi, M.: A secure and efficient lightweight symmetric encryption scheme for transfer of text files between embedded IoT devices. Symmetry 11, 293 (2019)CrossRefGoogle Scholar
  43. 43.
    Shah, A., Engineer, M.: A survey of lightweight cryptographic algorithms for IoT-based applications. In: Tiwari, S., Trivedi, M.C., Mishra, K.K., Misra, A.K., Kumar, K.K. (eds.) Smart Innovations in Communication and Computational Sciences. AISC, vol. 851, pp. 283–293. Springer, Singapore (2019). Accessed 20 Apr 2019CrossRefGoogle Scholar
  44. 44.
    Percival, C.: Stronger key derivation via sequential memory-hard functions. Accessed 20 Apr 2019
  45. 45.
    Sehrawat, D., Nasib Gill, N.: Lightweight block ciphers for IoT based applications: a review. Int. J. Appl. Eng. Res. 13(5), 2258–2270 (2018). ISSN 0973-4562Google Scholar
  46. 46.
    Dinu, D.: Efficient and secure implementations of lightweight symmetric cryptographic primitives. Ph.D. Dissertation, Luxembourg University (2017) Accessed 20 Apr 2019
  47. 47.
    Mohd, B., Hayajneh, T.: Lightweight block ciphers for IoT: energy optimization and survivability techniques. IEEE Access 6, 35966–35978 (2018)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Ahmed Ragab
    • 1
    Email author
  • Gamal Selim
    • 1
  • Abdelmoniem Wahdan
    • 1
  • Ahmed Madani
    • 1
  1. 1.Arab Academy for Science, Technology and Maritime TransportCairoEgypt

Personalised recommendations