Secured Novel Lightweight IoT End Device Architecture using Confidentiality, Integrity, Authenticity & Availability based tight security approach

IoT end devices essential security parameters are Confidentiality, Integrity, Authenticity and Availability(CIAA). Breach of any of these security parameters means compromise with security thus collapsing the device. Even partial breach in security refers to loop holes in security hence unsecure IoT end device. Due to wearable nature of IoT end devices implementing security and maintaining lightweight is a challenge. Conventional security algorithms incur memory and processing overheads in wearable IoT end devices therefore lightweight security algorithms is compulsory. The existing architectures merely consider security enhancement using conventional security algorithm without focusing on lightweight therefore this paper analyzes existing IoT end device architectures and concludes that all are overarchitectured. Due to over- architecture the components of existing architectures are more visible to the external world and invites more attacks hence unsecured. On the other hand lightweight IoT end device resources ensure less complexity hence less internal bugs, less attack surface area, less visibility to external world thus more secure. Mandatory security requirements in wearable IoT end devices are still an extensive research issue. Therefore this paper focuses on mandatory boot process security requirements, software security requirements and security requirements during communication. Our proposed architecture is implemented over ESP32 microcontroller with the application of Arduino IDE. Lightweight secured internet of things (SIT) algorithm was implemented for lightweight CIAA due to light security requirements in wearable devices. Finally this paper compares the latest lightweight and secure architecture with the proposed lightweight and secure architecture and concludes that proposed architecture is robust in terms of lightweight and security.

Secure and Efficient Authentication Scheme in IoT Environments

Optimization of resource consumption and decreasing the response time of authentication requests is an immense urgent requirement for supporting the scalability of resources in IoT environments. The existing research attempts to design lightweight authentication protocols to address these issues. However, the schemes proposed in the literature are lacking in the creation of a lightweight (i.e., low computing, communication, and storage cost) and secure architecture. IoT devices in existing approaches consume high electricity and computing power, despite the fact that IoT devices have limited power and computing capabilities. Furthermore, the existing approaches lead to an increase in the burden on storage memory and also create heavy traffic on a communication channel, increasing the response time of device authentication requests. To overcome these limitations, we propose a novel lightweight and secure architecture that uses crypto-modules, which optimize the usage of one-way hash functions, elliptic-curve cryptography, and an exclusive-or operation. We demonstrate the proposed scheme’s security strength using informal security analysis and verified it by considering the widely used automated validation of internet security protocol application (AVISPA) and the ProVerif tool. The result shows that the proposed scheme is effective against active and passive security attacks and satisfies secure design. Moreover, we calculate the proposed scheme’s working cost by implementing it using a widely accepted standard pairing-based cryptography (PBC) library on embedded devices. The implementation proves that the proposed scheme is lightweight and reduces computation time by 0.933 ms, communication cost by 1408 bits, and storage cost by 384 bits, and removes the existing gaps.