A Provable Secure Cybersecurity Mechanism Based on Combination of Lightweight Cryptography and Authentication for Internet of Things

Abstract

Internet of Things devices, platform programs, and network applications are all vulnerable to cyberattacks (digital attacks), which can be prevented at different levels by using cybersecurity protocol. In the Internet of Things (IoT), cyberattacks are specifically intended to retrieve or change/destroy sensitive information that may exceed the IoT’s advantages. Furthermore, the design of a lightweight cybersecurity mechanism experiences a critical challenge that would perfectly fit resource-constrained IoT devices. For instance, identifying the compromised devices and the users’ data and services protection are the general challenges of cybersecurity on an IoT system that should be considered. This paper proposes a secure cybersecurity system based on the integration of cryptography with authentication (ELCA) that utilizes elliptic curve Diffie–Hellman (ECDH) to undertake key distribution while the weak bits problem in the shared secret key is resolved. In this paper, three systems of integration are investigated, while ELCA proposes secure integration between authentication and encryption to facilitate confidentiality and authenticity transfer messages between IoT devices over an insecure communication channel. Furthermore, the security of ELCA is proven mathematically using the random oracle model and IoT adversary model. The findings of the emulation results show the effectiveness of ELCA performance in terms of a reduced CPU execution time by 50%, reduced storage cost by 32–19.6%, and reduced energy consumption by 41% compared to the baseline cryptographic algorithms.