IoT security risk analysis
Abstract
Internet of things (IoT) has become a buzzword in today’s world to describe billions of devices, interconnected via the web. It includes a diverse range of devices, starting from wearable ultra low-powered gadgets like fitness bands to medical instruments and to home appliances to automobiles. There may be so many devices harnessing the power of IoT, however, security is still an issue for these devices as these are constrained with limited power supply, processing cycles and memory usage. The IoT sector is not impeccable, security is still a threat for the IoT devices as these devices are meant for low power usage for small scale setups. Security algorithms are not abrupt, but many of them don’t fit the IoT systems as their compatibility can only rely on products with larger form factor (Which usually means better performance, storage etc.). In such context, working with security of IoT devices has become an interesting area in computer science. Though, researchers and security professionals have developed advanced algorithms for ensuring digital security, but many of them are not suitable for the IoT world because of the restrictions we have. In our work, we tried to contribute to the matter of security in IoT devices. In this work, the main concern has been to investigate the performance of different security algorithms and compare them in terms of processing cycle and execution time in Raspberry Pi. We have worked with FLECC_IN_C and Crypto++, two different libraries with number of algorithms where we can find ecdh, ecdsa, ciphers, message authentication codes, one-way hash functions, public-key cryptosystems, key agreement schemes, and deflate compression. and measured their performance in a constrained environment. It is the first of its kind, to this work’s knowledge, to use raspberry pi which is established as black box device and implemented security algorithms on it. We implemented these libraries in different IoT platforms, showing comparisons of how these algorithms may affect a system in terms of resource utilization. The work in the end shows a summarised view of several key algorithms and decides which is better in the terms of IoT constraints.