Faisal's Notebook

Recent Notes

Chaos-Based Encryption Techniques for Securing IoT Devices

13 min read

Sources

  1. A lightweight chaos-based encryption scheme for IoT healthcare systems
  2. A systematic review on lightweight security algorithms for a sustainable IoT infrastructure
  3. A review: Secure Internet of thing System for Smart Houses
  4. Review of Smart-Home Security Using the Internet of Things

Significance of the Study

  • A systematic review on lightweight security algorithms for a sustainable IoT infrastructure - Sarker, 2025
    • It is important to consider the performance and resource costs generated by cryptographic algorithms because IoT provides real-time services, and, as such, need constant active security measures in place. This gives rise to the need for lightweight security algorithms.
    • Challenges found in IoT infrastructures:
      • resource constraints - power, memory, and processor
      • hostile, dynamic, and heterogenous environment
      • big data handling demands
      • real time services
      • lightweight applications and security algorithms
      • special protocols
    • Barriers to IoT implementation
      • high investment
      • additional cyber threats
      • inadequate internet connectivity
      • lack of standardization
      • non-degradable resource utilization
    • The latest researches are trying to find an optimal solution, wherein both sustainability and security needs are achieved.
    • It is crucial to apply sustainable practices in IoT infrastructure because cryptographic algorithms are executed at IoT parts that demand a lot of energy. It is for this reason, Lightweight Cryptographic (LWC) algorithm dominates the other algorithms.
  • A review: Secure Internet of thing System for Smart Houses - Albany et al., 2022
    • IoT security is still a fairly new area of concern
    • The cost of operating and managing these Smart House IoT is high (therefore optimizing energy use can potentially reduce energy costs)
  • Securing IoT for smart home system - 2015
    • 2 key factors of IoT adoption for smart home applications: convenience and security
    • Smart home has high potential for IoT deployment
  • Review of Smart-Home Security Using the Internet of Things - Vardakis et al., 2024
    • The popularity of smart homes are skyrocketing, though new security challenges are introduced alongside it.
    • IoT devices connected to the home’s main network can allow hackers to collect sensitive information from the transmission of data between devices. For this reason, it is important to design a robust encryption method for both transmission and data storage to prevent unauthorized access and ensure privacy.
  • A lightweight chaos-based encryption scheme for IoT healthcare systems - Lopez et al., 2024
    • It can threaten personal and sensitive data.
    • It is crucial to develop a scheme that is fast and efficient since many IoT devices work in real-time and have limited computing power and storage capacity.
    • Chaos cryptography can prevent data from being intercepted and manipulated.

Current Solutions/Approaches

  • A lightweight chaos-based encryption scheme for IoT healthcare systems - Lopez et al., 2024
    • Lightweight encryption
      • Is used because they are fast and efficient, thereby being useful in real-time applications
      • Is useful for IoT with limited computing power and/or storage capacity
    • What is missing: This was only applied in healthcare systems—have not been tested or developed for other sectors
  • A systematic review on lightweight security algorithms for a sustainable IoT infrastructure - Sarker, 2025
    • IDS algorithm
      • security measure against malware/denial-of-service (DOS) data packets
      • there are two types: one that uses a database to protect from a known malware (ordinary IDS), and another one that is used against unknown malware (anomaly-based IDS)
      • Hardware implementation of IDS
        • Trending in the field of FGPA technology
        • Power saving is not its main concern, so it encounters energy consumption issues at host level implementation
        • Better for perimeter and deep learning algorithms
      • Software implementation of IDS
        • Also for deep learning algorithms
        • More energy efficient than the hardware implementation
    • Cryptographic algorithms
      • LWC is the most sustainable algorithm that works in a myriad of technologies.
        • Lightweight Block Cipher (LWBC): A symmetric cipher that is perfect for hardware with low average power and low memory usage. It is often used in RFID technology and sensor networking applications like parking management, object identification and goods tracking.
        • Lightweight Stream Cipher (LWSC): Developed for real-time communication applications, strikes the best balance of both performance and security.
        • Lightweight Hash Function (LWHF): Used in different technologies like IoT based blockchain.
        • Elliptic Curve Cryptography (ECC): An asymmetric cipher (therefore greater memory costs) that is used in blockchain technology and digital signatures. It uses a smaller key size but offer the same security level as RSA. Nonetheless, it is 100 to 1000 times slower than AES when using an 8-bit microprocessor.
      • LWC Algorithms - hardware-level
        • Energy efficient and also low power
      • LWC Algorithms - software-level
        • Energy efficient and uses efficient algorithms
        • Energy can be saved using ML APIs for performing web data collection
        • Nano data centers can also save energy in comparison to traditional approaches
        • Cryptography libraries suitable for IoT infrastructure:
          • WolfSS - for embedded systems, has small footprint size, and low runtime memory requirements
          • WiseLib - uses ECC, discourages assembly level optimization, for embedded networking devices
          • AvrCryptoLib - Stores keys in flash memory and is therefore optimizes SRAM consumption.
          • RelicToolKit - flexible, supports easy compilation, and can be suited for creating toolkits that ensures optimum performance of a desired platform
          • TinyECC - uses ECC and is mainly designed for TinyOS devices. It focuses on digital signatures, public key encryption, and key exchange protocols.

Strengths of Chaos-Based Encryption

  • A lightweight chaos-based encryption scheme for IoT healthcare systems - Lopez et al., 2024
    • Lightweight encryption
      • Chaos Cryptography
        • Their unpredictable and sensitive nature makes them perfect for ensuring security for data transmission between embedded devices
        • The encryption scheme used in this study is 2D 4-scroll chaotic attractor system.
        • Results demonstrate better healthcare IoT system security while also performing in real-time

To identify

  • Theories
  • Methods
  • Findings
  • Gaps (Optional)
  • Securing IoT for smart home system, Santoso & Vun, 2015
    • Methods
      • It uses elliptic curve cryptography
        • They used it because of its high security level per key size.
        • Elliptic Curve Diffie-Hellman1 is used to establish secure communication between the device and the gateway
      • It provides a way for the users to setup, access, and control the authentication system.
        • They suggest that ZigBee and Bluetooth can be alternatives, but they opted for using wifi because it is common among CE devices and it allows unlimited number of embedded devices to connect.
      • It is based on the AllJoyn framework and works on the conventional wifi network
        • AllJoyn is a software framework that facilitates the discovery and communication between devices and applications.
      • System setup
        • The IoT devices are all connected to the home gateway
        • The home gateway is connected to the internet and is where the authentication takes place. It restricts the devices to only communicate with it.
          • At the lower layer, translation between different IoT standards takes place
          • At the higher layer, a common security scheme is implemented
          • There is a pre-shared key between the gateway and a new device (public key mutual authentication protocol). The pre-shared key is used to avoid having to establish another public key infrastructure for the system.
        • The mobile device monitors and authenticates the communication between devices through the home gateway
          • The user can set it so that the gateway can send a response to another device after receiving a message from one device
      • Operation
        1. Initially its just a gateway in the home network
        2. A mobile device will then be connected to manage the gateway. Two rounds of authentication:
          1. Authenticate the mobile device with the IoT device to share home network credentials
          2. Authenticate and connect the IoT device with the home gateway to allow for following communication
        3. Communication follows the User Datagram Protocol (UDP). Message is encrypted using symmetric cryptography or AES, but uses the shared key generated by the ECDH process.
          1. The usage of only one shared key reduces the storage costs for the IoT device
        4. The user has access to the list of events and produce the appropriate response for each device (i.e. an automatic rule can be carried out whereby an event triggers the gateway to perform a certain sequence of actions).
      • Prototype Experiment
        • A wifi enabled IoT device - STM32F4 ARM Cortex-M4F microprocessor
        • Rasberry Pi Linux with Wifi transceiver for home gateway
        • An app for an android device to control the Rasberry pi
        • AllJolyn framework for operations such as adding new IoT device, encryption, etc.
    • Gaps
      • It is tedious for the user: they have to enter a device id, pre-shared secret key, and AP name by hand.
        • They suggest embedding relevant information of each device in a QR code on the device, allowing for easy information reading using Android
  • Lightweight Authentication and Data Encryption Scheme for IoT Applications, Rao & Prema, 2020
    • Comment
      • Background section of this paper can be used as an example for RRL foundational studies or intro
      • Highly recommend this study due to how thorough it is when it comes to explaining its implementation
    • Methods
      • It uses ECC based digital signature algorithm and encryption scheme to provide a lightweight crypto-solution to the vulnerability of IoT devices in terms of security and privacy.
        • It uses ECC because of it is suited for resource-constrained devices.
        • Unlike the traditional ECC based schemes, this one uses dynamic Weierstrass Curves instead of static curve parameters.
        • It is compared with normal BLAKE2b and cBLAKE2b (encryption hashing methods).
    • Design Overview
      • A system where the client node selects curve points from the database and generates a public and private key. The chosen elliptic curve identities are forwarded to the server during the public key exchange, which the server validates and uses to generate public and private keys.
      • The client produces signatures using ECDSA algorithm and the level-1 public and private keys, which will be helpful for encrypting the hash value of the message
      • Encryption will be done using the level-2 keys and the signature pair will be concatenated.
      • The server does the decryption and verifies the signature
    • Design
      • Phases. Note that at each phase different set of elliptic curve values are used for the public and private values.
        1. Registration phase - registering an IoT client to a server
        2. Key generation and exchange phase
        3. Message signing and encryption phase
        4. Message decryption and signature verification phase
    • Implementation
      • They used a data logging system that stores weather info of the surroundings as a real world example.
      • The monitoring system was designed using Rasberry Pi Model 3 and used sensors like DHT-11 and MQ-135
      • The server had higher storage and constant power supply
      • Data was collected at different intervals for experimental purposes
    • Result evaluation
      • They compare the time-of-execution of various phases under their proposed scheme and against LWDSA. However, since LWDSA is uninvolved with the encryption and decryption phases, they just compared mBLAKE2b and cBLAKE2b hashing functions.
        • Message signing time and iterations
        • Message verification time and iterations
        • Encryption time and iterations
        • Decryption time and iterations
      • Their comparison compared the efficiency of each scheme (LWDSA and their proposed scheme).
    • Gaps
      • Their work should be carried out on a larger scale for IoT applications
  • Review of Smart-Home Security Using the Internet of Things - Vardakis et al., 2024
    • Findings
      • Potential critical areas to explore
        • Better biometric security
        • decentralized security mechanisms for verifying identity and maintaining data integrity
        • privacy enhancing techniques for protecting personal data and local data processing
        • secure multi-user interactions for devices like smart tv and AR/VR equipment
        • energy-efficient security protocols - minimize energy consumptions particularly for smart locks and smart plugs
        • advance encryption methods
        • hybrid energy-efficient privacy preserving schemes
      • Risks included in IoT
        • unauthorized access
        • data interception
        • network vulnerabilities
        • and endangering user safety and privacy
  • A lightweight chaos-based encryption scheme for IoT healthcare systems - Lopez, 2024
    • Methods
      • It uses a 2d 4-scroll chaotic attractor
        • its good for constrained hardware and are not computationally intensive
      • Steps
        1. Mathematically characterize the system
        2. Produce a numerical simulation of said system
        3. Create an chaos-based PRNG
          1. Generate seeds for the symmetric keys to be generated
          2. Generate chaotic sequences
          3. The chaotic sequences will be used for producing a pseudo-random number sequence
        4. Real world implementation
          1. It is implemented using C programming language
          2. Emulation of application
            1. Collect data
            2. Encryption stage at ARM-based microcontroller wherein sensor data is encrypted by XORing it with the byte stream of the same length generated with their proposed PRNG
            3. Premutation—rearrangement of the order of the cryptogram—stage to prevent data loss
            4. Communication stage where data is transmitted using Ble protocol
            5. Decryption is performed using an ARM-based SoC and the repeating the XORing process. Decoding is done afterwrds.
      • Setup
        • ARM-based microcontroller
        • MAX30102 module - a sensor module
        • Ble HM-10 module - a module that incorporates Bluetooth low energy protocol
        • ARM-based SoC - used on the Raspberry pi 3B+
      • Evaluation
        • computational speed using throughput performance of the PRNG using related work. results reveal that it can handle more data without becoming a bottleneck (an encryption scheme can sometimes become computationally slow if the amount of data to be encrypted increases)
        • key space analysis - the max encryption scheme can generate for data encryption and decryption. it is an indicator for whether or not the encryption scheme can resist brute force attacks (it must be long enough to resist them). Results reveal that it is large enough to resist brute forcing)
        • Nist SP 800-22 test suit and TestU01
          • tools and tests for evaluating random number generator statistical properties
          • the results reveal that it has strong random statistical properties and is suitable for use in security applications
        • Histogram analysis for comparing data distribution of plaintext with the cryptogram. Results reveal that no useful pattern can be exploited to retrieve original plain data.
        • Data loss attacks test - a good encryption scheme can retrieve plaintext even if parts were corrupted. Results reveal that they pass the different cropping sizes test.
    • Contributions
      • Mathematical characterization of 2d 4-scrolls chaotic attractor system based on simple saturated non-linear functions (SSNLF)
      • A PRNG based on the 2D 4-scrolls chaotic attractor system
      • Application of lightweight encryption scheme for IoT healthcare systems
      • Experiments were conducted on ARM-based microcontroller that utilizes Bluetooth Low Energy (BLE) for M2M communication
    • Findings
      • AES is considered robust and reliable is not optimal for IoT devices because of the hardware-constrained nature of this devices, wherein complex encryption schemes are elusive
      • Lightweight encryption schemes are fast and efficient and works on resource-constrained devices while also maintaining effective performance
      • Chaotic systems are sensitive to initial conditions, are unpredictable, and demonstrate ergodicity, thereby being perfect for efficient encryption schemes.
        • Because they are good for pseudorandom number generators (PRNGs) applications, they can helpful for cryptography and secure communications
        • Challenges/concerns
          • implementing chaos encryption schemes are challenging to employ, especially because the devices are resource-constrained
          • improper implementation may lead to security vulnerabilities as a result of chaos degradation. Improper implementation is susceptible to statistical prediction, parameter identification that allows the system behavior and the output to be predicted.
          • performance depends on the complexity of the chaotic system
    • Relevant scope limitations and future direction
      • hardware implementation - explore broader range of hardware options (they used ARM-based microcontroller with high clock speed)
      • real-world testing - experiment was carried out in a controlled environment
      • scalability - additional metrics should be added to ensure that the scheme is scalable
  • A lightweight encryption algorithm for resource-constrained IoT devices using quantum and chaotic techniques with metaheuristic optimization - Aljaedi et al., 2025

Reading List

  1. https://ieeexplore.ieee.org/document/7177843
  2. https://ieeexplore.ieee.org/document/9278048
  3. https://www.mdpi.com/2079-9292/13/16/3343
  4. https://www-sciencedirect-com.dlsu.idm.oclc.org/science/article/pii/S2542660523003554?via%3Dihub
  5. https://www.nature.com/articles/s41598-025-97822-6
  6. https://www-sciencedirect-com.dlsu.idm.oclc.org/science/article/pii/S1877050922004707?via%3Dihub
  7. https://www.researchgate.net/publication/379061871_A_Lightweight_Multi-Chaos-based_Image_Encryption_Scheme_for_IoT_Networks
  8. https://pmc.ncbi.nlm.nih.gov/articles/PMC7712162/

Footnotes

  1. ECDH is an operation wherein two parties, both possesing an elliptic-curve public-private key pair, establishes a shared secret over an insecure channel (either to be used as a key or to make another key). In other words, it allows us to create a symmetric secret key that ensures secure communication between two parties. This is done by creating a shared key by using both the public and private variables but doing it in a hidden way.

Graph View