An investigation of lightweight cryptography and using the key derivation function for a hybrid scheme for security in IoT

Abstract: Data security plays a central role in the design of Internet of Things (IoT). Since most of the "things" in IoT are embedded computing devices it is appropriate to talk about cryptography in embedded of systems. This kind of devices is based on microcontrollers, which have limited resources (processing power, memory, storage, and energy). Therefore, we can apply only lightweight cryptography. The goal of this work is to find the optimal cryptographic solution for IoT devices. It is expected that perception of this solution would be useful for implementation on “limited” devices. In this study, we investigate which lightweight algorithm is better to implement. Also, how we can combine two different algorithms in a hybrid scheme and modify this scheme due to data sending scenario. Compendex, Inspec, IEEE Xplore, ACM Digital Library, and Springer Link databases are used to conduct a comprehensive literature review. Experimental work adopted in this study involves implementations, measurements, and observations from the results. The experimental research covers implementations of different algorithms and experimental hybrid scheme, which includes additional function. Results show the performance of the considered algorithms and proposed hybrid scheme. According to our results, security solutions for IoT have to utilize algorithms, which have good performance. The combination of symmetric and asymmetric algorithms in the hybrid scheme can be a solution, which provides the main security requirements: confidentiality, integrity, and authenticity. Adaptation of this scheme to the possible IoT scenarios shows the results acceptable for implementation due to limited resources of hardware.