Selecting cryptographic algorithms for Internet of Things (IoT) devices is a critical process as it directly impacts the security, performance, and viability of these devices. When selecting cryptographic algorithms for IoT devices, many factors need to be taken into account, the central ones being computing power, memory usage, and power consumption. The optimal choice of algorithms can significantly improve the security of devices while maintaining their performance and energy efficiency. Balancing these factors is the key to successfully integrating cryptography into the IoT ecosystem. The research paper evaluates the effectiveness of cryptographic solutions, compares and analyzes their performance, power consumption, security, and other parameters. As a result, optimal algorithms are selected that meet the requirements of the IoT system and provide effective protection.
Cryptographic security is essential for maintaining data confidentiality in IoT systems, where
multiple devices interact and exchange sensitive information [
methods is crucial for ensuring its confidentiality and preventing
unauthorized access [
Cryptographic data encryption is the primary method for protecting information in IoT systems.
Abber Bertino et al. [
Lightweight cryptography and post-quantum cryptography are two important areas of modern cryptographic research. Lightweight cryptography aims to create efficient algorithms for devices with limited resources, while quantum-resistant algorithms are developed to protect information from potential threats associated with the development of quantum computing. Lightweight cryptography focuses on algorithms that can operate in environments with limited computing power and memory, which is especially relevant for the IoT, mobile devices, and embedded systems [13].
Evaluating cryptographic solutions in IoT systems is a complex task that must consider performance, attack resistance, and resource constraints. However, previous studies have not fully addressed various cryptographic techniques or provided specific recommendations for their application in different scenarios. A thorough evaluation of cryptographic solutions is crucial for ensuring data reliability, security, and privacy. This evaluation not only protects against current threats but also prepares systems for future challenges. As the number of connected devices and the volume of transmitted information continue to grow, robust cryptographic protection is essential for maintaining reliable and secure IoT systems. This research paper explores effective cryptographic algorithms for safeguarding IoT devices and provides a comprehensive assessment of key parameters, including encryption and decryption efficiency, power consumption, and memory usage.
Data protection is essential to ensure that this data is not misused or accessed without permission, preserving user privacy and personal information. It is important to carefully select and implement encryption algorithms based on the specific needs of the IoT system, as well as securely manage encryption keys to maintain encryption integrity.
Until 2001, the DES algorithm was the US federal standard for the protection of information not related to state secrets [14]. It was supported by NIST and ABA. The DES algorithm allows software and hardware implementation.
Consider an exemplary scheme of the DES algorithm. Let K be the encryption key (length 64 bits, of which 8 control bits); IP – initial permutation of bits in a block of plain text P with a length of 64 bits; I P−1 – reverse to IP permutation; L and R are, respectively, the left and right half-blocks (32 bits long) of block P; ki – internal encryption key of the i-th round, 48 bits long ( ki= KS ( i , K )); f is the encryption function, the input of which is a 32-bit block, and the output is also a 32-bit block.
A generalized diagram of the encryption process in the DES block algorithm is shown in Figure 1.
In situations where the reliability of the DES algorithm is considered insufficient, its modification is used - 3DES [15]. It should be noted that there are several variants of 3DES. As shown in Figure 2. the most commonly used variant of encryption on three keys: the plain text is encrypted on the first key, the received ciphertext - on the second and, finally, the data received after the second step - on the third key. All three keys are selected independently of each other. This cryptoalgorithm is sufficiently resistant to all attacks. Obviously, if you need to improve the security of a large fleet of equipment using DES, then it is cheaper to switch to 3DES schemes than to switch to another type of cryptosystem.
It is the same as DES, but there 3 keys are used.
Key1 in English: «CE1907CE» (8 ASCII characters, 1 byte each) Key1 in Hex (64 bits): 43 45 31 39 30 37 43 45 Key2 in English: «Computer» (8 ASCII characters, 1 byte each) Key2 in Hex (64 bits): 43 6 F 6 D 70 75 74 65 72 Key3 in English: «Kazakh12» (8 ASCII characters, 1 byte each) Key3 in Hex (64 bits): 4 B 61 7 A 61 6 B 68 31 32 Encryption: DES Encryption with Key1: 9C 78 0A D4 19 C0 8C 11 DES Decryption with Key2: 77 89 4C FA 31 E5 90 73 DES Encryption with Key3: 38 D9 D6 F5 DA 22 BA 3B Decryption: DES Decryption with Key3: 77 89 4C FA 31 E5 90 73 DES Encryption with Key2: 9C 78 0A D4 19 C0 8C 11 DES Decryption with Key1: 41 74 79 72 61 75 30 36
It was originally called «Rijndael Cipher» (pronounced «Rine Dale») after the names of the developers. It was an entrant in a competition held by NIST in 1997, to find a new secure encryption method [16]. It was the winner of this competition and thus named «AES» by 2001. It is now the most widely used symmetric key encryption algorithm in the world.
AES is a block cipher which encrypts 128 bits (16 bytes) of data at a time. It treats the 16 bytes as a grid of 4x4. Messages which are longer than 128 bits are broken into blocks of 128 bits. Each block is encrypted separately using exactly the same steps. If the message is not divisible by the block length, then padding is appended. For example, if the message is 425 bytes, 7 bytes of padding is needed to make the message 432 bytes long.
The encryption and decryption processes in AES shown in Figure 3.
In this article, it decided to work on a microcontroller from the Atmel AVR family, more precisely ATmega2560. Atmel AVR microcontrollers can be a good choice for IoT device manufacturing.
Atmel AVR microcontrollers consume very little power, which is critical for IoT devices that are often battery powered or have limited power supplies. They are relatively inexpensive, making them an attractive option for IoT device manufacturing, where cost is a major factor. They are also highly customizable, allowing developers to tailor them to specific applications and IoT requirements. They have a large community of developers and enthusiasts who provide support and resources, making it easy for developers to get started and troubleshoot any issues. Atmel AVR microcontrollers have a reputation for being rugged and reliable, which is important for IoT devices that may need to operate in challenging environments or in a variety of environments. They often come with onboard peripherals such as ADC, UART, SPI, I2C, and PWM, which can help reduce the need for additional components and simplify the design of IoT devices [17].
The technical characteristics of the ATmega2560 microcontroller of the Atmel AVR family are shown in Table 1.
Encryption algorithms in microcontroller ATmega2560
C programming language and the Atmel Studio integrated development environment created by Microchip Technology for developing and debugging applications based on AVR and ARM microcontrollers are used to program the ATmega2560 microcontroller. It is a powerful tool that provides a complete solution for developing, building and debugging applications for AVR microcontrollers. Then main task is to implement all encryption algorithms using C programming language in Atmel Studio 7. Pseudocodes of these algorithms are shown in Figures 4, 5, 6.
size ← message.length() key1_64 ← decToBinary(key1) key1_48 ← key_gen(key1_64) key2_64 ← decToBinary(key2) key2_48 ← key_gen(key2_64) key3_64 ← decToBinary(key3) key3_48 ← key_gen(key3_64) for block← 0 to size/8 do text_bin ← decToBinary(message) ciphertext ← encrypt (text_bin, key1_48) plaintext ← decrypt (ciphertext, key2_48) ciphertext ← encrypt (plaintext, key3_48) cipherHex ← BinaryToDecimal (ciphertext) end for size ← message.length() key1_64 ← decToBinary(key1) key1_48 ← key_gen(key1_64) key2_64 ← decToBinary(key2) key2_48 ← key_gen(key2_64) key3_64 ← decToBinary(key3) key3_48 ← key_gen(key3_64) for block← 0 to size/8 do text_bin ← decToBinary(message) ciphertext ← encrypt (text_bin, key3_48) plaintext ← decrypt (ciphertext, key2_48) ciphertext ← encrypt (plaintext, key3_48) cipherHex ← BinaryToDecimal (ciphertext) end for
USBasp programmer: USBasp v2.0 (Figure 7) is a programmer that is used to program AVR microcontrollers like ATmega, ATtiny, etc. It is a reliable way to program and debug AVR microcontrollers, which are commonly used in a wide range of applications such as robotics, automation, and control systems.
USBasp v2.0 is an affordable programmer that is widely available. It is compatible with a wide range of AVR microcontrollers, including ATmega, ATtiny, and ATxmega. USBasp v2.0 can program AVR microcontrollers at a high speed, which makes it ideal for use in time-critical applications. The firmware for USBasp v2.0 is open-source, which means that it can be modified and customized to suit specific requirements.
ATmega2560 and USBasp programmer connection shown in Figure 8.
The NIST is responsible for developing and promoting standards and guidelines to ensure the security and interoperability of information systems. In recent years, there has been a growing demand for cryptographic algorithms that are lightweight, meaning they can be efficiently implemented on resource-constrained devices such as IoT devices and embedded systems. In response to this demand, NIST has launched a process to standardize lightweight cryptographic algorithms. he context of IoT security. These criteria, as shown in Table 3.2, are designed to help IoT developers choose encryption algorithms that are secure and appropriate for their specific use cases. mplementation
Implementation: All encryption algorithms implemented in this article are software-based encryption algorithms. The code that is written in Atmel Studio is software implementation, as written and compiled to be executed on the microcontroller. Loading the code onto the microcontroller using USBasp programmer involves hardware implementation, as USBasp hardware device physically connected to the microcontroller to transfer the compiled code from computer to the microcontroller's memory. Overall, the encryption algorithm that implemented is a softwarebased encryption algorithm, but the process of loading it onto the microcontroller involves both hardware and software components.
Speed: The speed evaluation of encryption algorithms in a microcontroller depends on several factors such as the architecture of the microcontroller, the clock frequency, the memory size, and the algorithm implementation. One way to evaluate the speed of an encryption algorithm is to measure the number of clock cycles it takes to encrypt a message of a certain size. This can be done using a timer in the microcontroller and measuring the elapsed time. Measured encryption and decryption time for symmetric encryption algorithms shown in Table 4, Figure 10. AES DES 3DES
When evaluating the speed of encryption algorithms in a microcontroller, it's important to consider the tradeoff between speed and security. Some encryption algorithms, such as AES, are considered to be secure and fast, while others, such as 3DES, are more secure but slower. Therefore, the choice of encryption algorithm depends on the security requirements and the performance limitations of the microcontroller.
Power Consumption: The power consumption of ATmega2560 microcontroller depends on several factors like clock frequency, operational mode, and the peripherals and features being utilized. Power consumption of microcontroller can be higher when microcontroller is in active mode and executing instructions and actively using peripherals. It can range from a few milliamps to tens of milliamps. It is necessary to assemble the circuit as shown in Figure 11, and measure the current on the microcontroller using a multimeter UNI-T UT120C. After measuring the current strength, you need to calculate the Power by the formula P=V × I , where V is the voltage (Arduino use 5V), I is the measured current. Results of symmetric encryption algorithms power consumption shown in Table 5.
AES DES 3DES AES DES 3DES
Input data: 32 bytes 20,12 20,30 20,37 Input data: 64 bytes 20,14 20,31 20,40 Input data: 16 bytes 20,15 20,33 20,42 0,10055 0,1014 0,10175 0,1006 0,1015 0,10185 0,1007 0,10155
0,102
Arduino power consumption is not directly related to memory usage. However, memory usage can affect the overall performance and efficiency of the Arduino, which in turn can affect power consumption. If an application or sketch uses a large amount of memory or performs complex data operations, it may require more computing resources and therefore more power for the Arduino to run. However, memory usage itself is not a direct factor in determining Arduino power consumption.
In conclusion, it should be noted that the evaluation of the effectiveness of cryptographic solutions in IoT plays a vital role in ensuring the security and reliability of systems. With the rapid development of IoT, ensuring confidentiality, integrity and availability of data is becoming increasingly important. This dissertation found that the use of effective cryptographic algorithms is crucial to protect IoT devices from various threats. Evaluation of the effectiveness of cryptographic solutions in IoT includes the analysis and comparison of various algorithms, as well as an assessment of their performance, resistance to attacks and resource intensity. The study identified several key criteria that should be taken into account when evaluating the effectiveness of cryptographic solutions in IoT. These include the computational complexity of algorithms, device power consumption, ease of implementation and compatibility with existing systems. As a result of the evaluation of power consumption, encryption speed, memory usage by symmetric encryption algorithms in IoT, the AES showed the best result.
[10] Shubhangi Handore, Pallavi Kolapkar, Pratibha Chavan, Pramod Chavan, “Enhancing security mechanisms for robot-fog computing networks”, Indonesian Journal of Electrical Engineering and Computer Science, vol. 33, no. 3, pp. 1660~1666. March 2024, doi:10.11591/ijeecs.v33.i3. [11] Singh R., Dwivedi A.D., Mukkamala R.R., Alnumay W.S. Privacy-preserving ledger for blockchain and internet of things-enabled cyber-physical systems Comput. Electr.
Eng., 103 (2022), Article 108290, 10.1016/j.compeleceng.2022.108290. [12] Singh R., Dwivedi A.D., Srivastava G., Chatterjee P., Lin J.C.-W. A privacy preserving internet of things smart healthcare financial system IEEE Internet Things J. (2022), p. 1, 10.1109/JIOT.2022.3233783. [13] Barker WC (2004). U.S. Department of Commerce, National Institute of Standards and Technology, Recommendation for the Triple Data Encryption Algorithm NIST Special Publication 800-67 version 1.1. National Institute of Standards and Technology. [14] Hafner, J. and K. McCurley (1989). “A rigorous subexponential algorithm for computation of class groups.” J. Amer. Math. Soc., 2 (4), 837– 850. [15] Nechaev, V.I. (1994). “On the complexity of a deterministic algorithm for a discrete logarithm.”
Math. Zametki, 55, 91–101. [16] Chowdhury, Rakibul Hasan. "AI-driven business analytics for operational efficiency." World
Journal of Advanced Engineering Technology and Sciences 12, no. 2(2024): 535-543. [17] Chowdhury, Rakibul Hasan. "Quantum-resistant cryptography: A new frontier infintechsecurity." World Journal of Advanced Engineering Technology and Sciences 12, no. 2(2024): 614-621.