Timestamp Based OTP and Enhanced RSA Key Exchange Scheme with SIT Encryption to Secure IoT Devices

Authors

  • V. N. Hemanth Kollipara School of Computer Science and Engineering, Vellore Institute of Technology, Vellore 632 014, Tamil Nadu, India
  • Sai Koushik Kalakota School of Computer Science and Engineering, Vellore Institute of Technology, Vellore 632 014, Tamil Nadu, India
  • Sujith Chamarthi School of Computer Science and Engineering, Vellore Institute of Technology, Vellore 632 014, Tamil Nadu, India
  • S. Ramani School of Computer Science and Engineering, Vellore Institute of Technology, Vellore 632 014, Tamil Nadu, India
  • Preeti Malik Department of Computer Science and Engineering, Graphic Era Deemed to be University, Dehradun, India
  • Marimuthu Karuppiah Department of Computer Science and Engineering & Information Science, Presidency University, Bengaluru 560064, Karnataka, India

DOI:

https://doi.org/10.13052/jcsm2245-1439.1214

Keywords:

Device Encryption, Lightweight RSA, Time-based Authentication,, IoT, Security

Abstract

The Internet of Things (IoT) has become an emerging technology and is expected to connect billions of more devices to the internet in the near future. With time, more and more devices like wearables, intelligent home systems, and industrial automation devices are getting connected to the internet. IoT devices primarily transfer data using wireless communication networks, introducing more vulnerabilities like man-in-the-middle-attacks and eavesdropping. These security concerns are customary for any device communicating over the internet because of its intrinsic open nature. These problems are usually subdued by conventional cryptographic algorithms used in typical systems that are power-hungry and computationally intensive, making them infeasible to be used in IoT devices since they run on low-powered chips, limiting performance, memory, and bandwidth. Hence, there is a requirement to adopt lightweight cryptographic algorithms that can abate the security issues while using low computational resources, which is the constraint in the given scenario. Hence, we propose an end-to-end secured IoT system that ensures the system’s integrity is never compromised using lightweight cryptographic algorithms. We propose a three-module system, where the first module handles user authentication using a time-based one-time password, the second secures communication using lightweight enhanced RSA, and the third performs data encryption using Feistel-based enhanced SIT. This kind of system is designed to deal with security challenges in IoT devices, ensuring adequate data security while reducing the computational footprint using lightweight cryptography.

Downloads

Download data is not yet available.

Author Biographies

V. N. Hemanth Kollipara, School of Computer Science and Engineering, Vellore Institute of Technology, Vellore 632 014, Tamil Nadu, India

V. N. Hemanth Kollipara is a senior year student pursuing his Bachelor’s in Computer Science at Vellore Institute of Technology, Vellore. He is passionate about working with emerging technologies, research, and building beneficial applications. His research interests include IoT, Machine Learning, Deep Learning, Computer Vision, and Intelligent systems.

Sai Koushik Kalakota, School of Computer Science and Engineering, Vellore Institute of Technology, Vellore 632 014, Tamil Nadu, India

Sai Koushik Kalakota is a senior year student pursuing his Bachelor’s in Computer Science at Vellore Institute of Technology, Vellore. His research interests include Machine Learning, Deep Learning, IoT, and Natural Language Processing.

Sujith Chamarthi, School of Computer Science and Engineering, Vellore Institute of Technology, Vellore 632 014, Tamil Nadu, India

Sujith Chamarthi is a senior year student pursuing his Bachelor’s in Computer Science at Vellore Institute of Technology, Vellore. His research interests include IoT, Embedded Systems, and Cyber security.

S. Ramani, School of Computer Science and Engineering, Vellore Institute of Technology, Vellore 632 014, Tamil Nadu, India

S. Ramani is an Assistant Professor (Senior) in the School of Computing Science and Engineering at Vellore Institute of Technology (VIT), Vellore, India. He received his B.E in Computer Science and Engineering from MNM Jain Engineering College, Madras University and M. Tech Computer Science and Engineering from Bharathidasan University, and Ph.D. in Computer Science and Engineering from Vellore Institute of Technology (VIT), Vellore. He has 13+ years of experience in teaching and 2 years of experience in the Consultancy and Software Industry. He has published about 40 research papers in International Journals on Machine Learning, Nature-Inspired Algorithms, Cyber Security and Health Care. His research interest includes Data Mining, Machine learning, Database Systems, Optimization Techniques, and Cyber Security. He is a life member of the Computer Society of India (CSI), IEEE, and other technical societies.

Preeti Malik, Department of Computer Science and Engineering, Graphic Era Deemed to be University, Dehradun, India

Preeti Malik is working as an Assistant Professor in Department of Computer Science and Engineering in Graphic Era (Deemed to be University), Dehradun. She received her doctorate from Gurukul Kangri University in 2017 and Master of Computer Applications in 2011. She has more than 5 years of research and teaching experience. She has authored the book entitled “Algorithms” and edited books. She has published more than 15 research papers in National and International Journals/conferences. Her research interests include Mobile Agents, Cyber security, Software Testing and Reliability.

Marimuthu Karuppiah, Department of Computer Science and Engineering & Information Science, Presidency University, Bengaluru 560064, Karnataka, India

Marimuthu Karuppiah received the B.E. degree in computer science and engineering from Madurai Kamaraj University, Madurai, India, in 2003, the M.E. degree in computer science and engineering from Anna University, Chennai, India, in 2005, and the Ph.D. degree in computer science and engineering from VIT University, Vellore, India, in 2015. He was an Associate Professor with VIT University, Vellore, India. He is currently a Professor with the Department of Computing Science and Engineering, SRM Institute of Science and Technology, Delhi-NCR Campus, India. He has published more than 50 research articles in SCI indexed journals. Also, he has published more than 30 research articles in SCOPUS indexed journals and international conferences. His current research interests include cryptography and wireless network security, in particular, authentication and encryption schemes. He is a Life Member of the Cryptology Research Society of India (CRSI) and the Computer Society of India (CSI), and a member of ACM.

References

H. Suo, J. Wan, C. Zou and J. Liu. Security in the internet of things: a review. In Proceedings of the International conference on computer science and electronics engineering, IEEE, 3: 648–651, 2012.

A. M. Mohamad Al-Aboosi, S. Kamil, S. N. H. Sheikh Abdullah and K. A. Zainol Ariffin. Lightweight Cryptography for Resource Constraint Devices: Challenges and Recommendation. In Proceedings of the 3rd International Cyber Resilience Conference(CRC), IEEE, 1–6, 2021.

S. Misra, M. Maheswaran, S. Hashmi. Security challenges and approaches in internet of things. Cham: Springer International Publishing, 2017.

I. K. Dutta, B. Ghosh and M. Bayoumi. Lightweight cryptography for internet of insecure things: A survey. In Proceedings of the 9th Annual Computing and Communication Workshop and Conference(CCWC), IEEE, 0475–0481, 2019.

P. Shah, M. Arora and K. Adhvaryu. Lightweight Cryptography Algorithms in IoT-A Study. In Proceedings of the Fourth International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC), IEEE, 332–336, 2020.

S. A. Kumar, T. Vealey and H. Srivastava. Security in internet of things: Challenges, solutions and future directions. In Proceedings of the 49th Hawaii International Conference on System Sciences (HICSS), IEEE, 5772–5781, 2016.

N. A. Gunathilake, A. Al-Dubai and W. J. Buchana. Recent Advances and Trends in Lightweight Cryptography for IoT Security. In Proceedings of the 16th International Conference on Network and Service Management(CNSM), IEEE, 1–5, 2020.

M. Katagi and S. Moriai. “Lightweight cryptography for the internet of things.” Sony Corporation, 7–10, 2008.

T. Eisenbarth, S. Kumar, C. Paar, A. Poschmann and L. Uhsadel. A survey of lightweight-cryptography implementations. IEEE Design & Test of Computers, 24(6):522–-533, 2007.

D. M’Raihi, David, S. Machani, M. Pei, and J. Rydell. Totp: Time-based one-time password algorithm, Internet Engineering Task Force, RFC: 6238, 2011.

M’Raihi, David, M. Bellare, F. Hoornaert, D. Naccache, and O. Ranen. Hotp: An hmac-based one-time password algorithm. In The Internet Society, Network Working Group. RFC4226, 2005.

M. L. T. Uymatiao and W. E. S. Yu. Time-based OTP authentication via secure tunnel (TOAST): A mobile TOTP scheme using TLS seed exchange and encrypted offline keystore. In Proceedings of the 4th IEEE International Conference on Information Science and Technology, IEEE, 225–229, 2014.

D. Kumar, A. Agrawal and P. Goyal. Efficiently improving the security of OTP. In Proceedings of the International Conference on Advances in Computer Engineering and Applications, IEEE, 912–915, 2015.

V. L. Shivraj, M. A. Rajan, M. Singh and P. Balamuralidhar. One time password authentication scheme based on elliptic curves for Internet of Things (IoT). In Proceedings of the 5th National Symposium on Information Technology: Towards New Smart World, IEEE, 1–6, 2015.

K. S. Roy and H. K. Kalita. A survey on authentication schemes in IoT. In Proceedings of the International Conference on Information Technology(ICIT), IEEE, 202–207, 2017.

M. Abd Zaid, Mustafa, and S. Hassan. Lightweight RSA Algorithm Using Three Prime Numbers. Journal of Engineering and Applied Sciences, 14(5): 9032–9035, 2019.

J. Sahu, V. Singh, V. Sahu, and A. Chopra. An enhanced version of RSA to increase the security. Journal of Network Communication and Emerging Technologies, 7(4), 1–4, 2017.

T. K. Goyal and V. Sahula. Lightweight security algorithm for low power IoT devices. In Proceedings of the International Conference on Advances in Computing, Communications and Informatics (ICACCI), IEEE, 1725–1729, 2016.

V.G. Kumar Kiran, S.J. Mascarenhas, S. Kumar, J. Pais Viven Rakesh. Design and implementation of Tiny encryption algorithm. International Journal of Engineering Research and Applications, 5(6): 94–97, 2015.

R. Beaulieu, D. Shors, J. Smith, S. Treatman-Clark, B. Weeks, and L. Wingers. SIMON and SPECK: Block Ciphers for the Internet of Things. NIST Lightweight Cryptography Workshop., 1–15, 2015.

M. Usman, I. Ahmed, M.I. Aslam, S. Khan, and U.A. Shah. SIT: a lightweight encryption algorithm for secure internet of things. International Journal of Advanced Computer Science and Applications, 8(1): 1–10, 2017.

F. Thabit, S. Alhomdy, A. H. Al-Ahdal and S. Jagtap. A new lightweight cryptographic algorithm for enhancing data security in cloud computing. Global Transitions Proceedings, 2(1):91–99, 2021.

C. A. Lara-Nino, A. Diaz-Perez and M. Morales-Sandoval. Elliptic Curve Lightweight Cryptography: A Survey. IEEE Access, 6: 72514–72550, 2018.

S. Kumari, M. Karuppiah, A. K. Das, X. Li, F. Wu & N. Kumar. A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers. The Journal of Supercomputing, 74(12), 6428–6453, 2018.

A. Karati, S. H. Islam & M. Karuppiah. Provably secure and lightweight certificateless signature scheme for IIoT environments. IEEE Transactions on Industrial Informatics, 14(8), 3701–3711, 2018.

S. Basu, M. Karuppiah, K. Selvakumar, K. C. Li, S. H. Islam, M. M. Hassan & M. Z. A. Bhuiyan. An intelligent/cognitive model of task scheduling for IoT applications in cloud computing environment. Future Generation Computer Systems, 88, 254–261, 2018.

P. Punithavathi, S. Geetha, M. Karuppiah, S. H. Islam, M. M. Hassan & K. K. R. Choo. A lightweight machine learning-based authentication framework for smart IoT devices. Information Sciences, 484, 255–268, 2019.

M. Naeem, S. A. Chaudhry, K. Mahmood, M. Karuppiah & S. Kumari. A scalable and secure RFID mutual authentication protocol using ECC for Internet of Things. International Journal of Communication Systems, 33(13), e3906, 2020.

M. Karuppiah, A. K. Das, X. Li, S. Kumari, F. Wu, S. A. Chaudhry & R. Niranchana. Secure remote user mutual authentication scheme with key agreement for cloud environment. Mobile Networks and Applications, 24(3), 1046–1062, 2019.

Downloads

Published

2023-03-07

How to Cite

1.
Kollipara VNH, Kalakota SK, Chamarthi S, Ramani S, Malik P, Karuppiah M. Timestamp Based OTP and Enhanced RSA Key Exchange Scheme with SIT Encryption to Secure IoT Devices. JCSANDM [Internet]. 2023 Mar. 7 [cited 2024 Apr. 19];12(01):77-102. Available from: https://journals.riverpublishers.com/index.php/JCSANDM/article/view/16029

Issue

2023: Vol 12 Iss 1

Section

Security and Privacy in IOT Applications

License

Copyright (c) 2023 Journal of Cyber Security and Mobility

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Most read articles by the same author(s)