We witness massive implementations of the Internet of Things (IoT) in smart homes, smart buildings, smart vehicles, smart wearables as well as Industry 4.0 initiatives. Along with the massive adoption, IoT security has become more important and crucial in this case. Arduino, as IoT hardware platform, also requires enhancements on its security to ensure that data it transmits and receives is secured and has not been tampered in any way. Transmitting of IoT data and telecommand in plaintext is not secure. Securing transmission using traditional block cipher is computationally intensive for embedded-systems with low memory and computing power like Arduino. This research proposes a novel lightweight security communication protocol that is lightweight enough to run on the Arduino platform. The proposed protocol shall be utilizing a lightweight key agreement scheme, the SPECK lightweight block cipher, and BLAKE2s hash function. This protocol is designed to support telemetry and telecommand by using publisher-subscriber, which also is aimed to be extensible but straightforward for future enhancements. This research shows that a secure IoT communication protocol can be designed and implemented on Arduino devices and another IoT platform running Arduino core such as the ESP32. The performance evaluation of this protocol in Arduino Mega shows that the INIT phase's average execution time is 26.83 milliseconds. The key agreement is 13.50 milliseconds, and the encryption-decryption of telemetry and telecommand messages requires 25 milliseconds execution time. The protocol performance evaluation in ESP32 has an average execution time for INIT phase 44.63 milliseconds. The key agreement phase, 13.90 milliseconds, and the encryption and decryption of telemetry and telecommand messages requires an execution time of 17.10 milliseconds.
Read full abstract