Abstract
This chapter explores the encryption techniques used for the internet of things (IoT). The security algorithm used for IoT should follow many constraints of an embedded system. Hence, lightweight cryptography is an optimum security solution for IoT devices. This chapter mainly describes the need for security in IoT, the concept of lightweight cryptography, and various cryptographic algorithms along with their shortcomings given IoT. This chapter also describes the principle of operation of all the above algorithms along with their security analysis. Moreover, based on the algorithm size (i.e., the required number of gate equivalent, block size, key size, throughput, and execution speed of the algorithm), the chapter reports the comparative analysis of their performance. The chapter discusses the merits and demerits of these algorithms along with their use in the IoT system.
TopBackground
Encryption is a method of concealing the sensitive information and substituting it by other numbers, letters or symbols which can hide its meaning and readability. The cipher formed by encryption is used to protect the original word or plaintext from any possible third-party attacks. Cipher is of two subtypes, namely classical and modern. A classical cipher, in turn is of two types namely substitution and transposition ciphers. Substitution cipher may be monoalphabetic or polyalphabetic. Presently, modern ciphers are in practice. Symmetric and asymmetric key are the two types of modern ciphers. Symmetric ciphers are further classified into block and stream ciphers. Various modern cipher encryption algorithms and standards that are prominent include AES, DES, 3DES, RC4, SEAL, RSA, DSA and DH. A partial classification of ciphers is shown in Figure 1.
Figure 1. Classification of ciphers
In the Internet of Things, physical devices embedded with sensors, software and connectivity enable data exchange and communication between devices. To secure communication in such environments, i.e., constrained physical devices, the implementation of new lightweight encryption algorithms which can replace the existing modern unconstrained encryption algorithms becomes highly essential.
TopLightweight Cryptography
Internet of things (IoT), mostly employed in embedded systems are highly constrained regarding power, size, speed, security, complexity, and cost. The IoT based embedded devices handle storing, processing and transmission of sensitive, private and critical information many times and therefore, the security of data against any possible attack due to some vulnerability is a great challenge. One of the best ways to ensure security is through encryption. However, these methods are not straightforwardly applicable in situations of resource constrained and portable embedded system environments. In such systems, lightweight cryptographic algorithms, which are operable in tight memory and resource constraints are best possible options to use. Embedded systems preferably use Application Specific Integrated Circuit (ASIC) design which resists reprogramming after manufacturing of an IoT device. A hard-embedded system based IoT device can operate in hostile and time-critical environments. In this case, even a slight delay or speed-up can lead to severe damage to life or assets. LWC is an encryption method with a small footprint and low computational complexity. Lightweight cryptography is mainly a trade-off between security and light weight (computational burden) and as such for different IoT applications different implementations of LWC algorithm may be beneficial that target particular embedded hardware or target platform. For example, healthcare devices, sensors, and RFID tags may all use different variations of the same LWC algorithms. This is done to achieve maximum security for given RAM size, energy and software requirements, etc. On low resource hardware and software platforms, LWC is efficient and well suited with high performance compared to standard cryptographic techniques (Manifavas et al., 2014). Some of the essential attributes of LWC are as follows:
Key Terms in this Chapter
DES: Data encryption standard.
Improved Linear Hull Attack: This attack is mainly proposed to improve the differential attack.
RSA: Rivest–Shamir–Adleman.
AEs: Advanced encryption standard.
3DES: Triple data encryption standard.
Reduced-Round Variety Attack: Number of rounds susceptible to theoretical attack can be determined by this attack.
Theoretical Attack: The strategy of this attack is designed through theory or calculation.
Differential Attacks or Differential Cryptanalysis: This attack compares the variations in the input with variations in the encrypted output to find the desired key or plaintext message.
Algebraic Side-Channel Attack: This attack represents the physical information leakages and target algorithms in the form of equations to determine the plaintext and key.
RC4: Rivest cipher 4.
Slide Attack: It increases the number of rounds in a ciphertext or makes them irrelevant to the cryptographic algorithm to find the plaintext or key.
Dynamic Key-Guessing Technique: This technique exploits the property of and operation to get the desired key.
Meet-in-the-Middle Attack: This attack targets the cryptographic function and brute force technique is applied to both plaintext and ciphertext block. Then various keys are applied to achieve intermediate ciphertext simultaneously; keys are used to decrypt the ciphertext. If a match of intermediate ciphertext occurs, it is concluded that key used for encryption of plaintext and decryption of ciphertext is derived.
SEAL: Software-optimized encryption algorithm or simple encryption algorithm.
DH: Diffie Hellman.
Linear Cryptanalysis Attack: It finds an affine approximation to the action of a cipher to reveal the key or plaintext message.