Enhancing Trust and Security in IoT Architecture for Low-Cost Microcontroller Devices using Elliptic Curve Cryptography

Abstract

Abstract—In the rapidly expanding universe of the Internet of Things (IoT), low-cost microcontroller devices, such as the NodeMCU, have become ubiquitous. While these devices have transformed how we interact with the physical world, they also introduce significant security vulnerabilities. Chief among these is susceptibility to man-in-the-middle (MITM) attacks, which pose a serious risk to the confidentiality and integrity of data transmitted across these networks. This study addresses this critical issue by proposing the adoption of Elliptic Curve Cryptography (ECC), a cryptographic method known for its efficiency and strong security, despite the computational limitations of low-cost IoT devices. We conducted an experiment demonstrating the ease with which an MITM attack can intercept data from a NodeMCU device. Following this, we implemented ECC to secure data transmission, showcasing its viability as a lightweight yet robust security solution. Our research not only highlights the pressing need for enhanced security measures in the IoT ecosystem but also provides a practical framework for securing low-cost microcontroller devices against sophisticated cyber threats. Through our findings, we contribute to the development of more secure, trustworthy IoT architectures, ensuring that these devices can continue to safely serve as integral components of our digital lives. Keywords—NodeMCU, ESP8266, Data theft, Elliptic Curve Cryptography, Man-in-the-middle attack