Cryptography model to secure IoT device endpoints, based on polymorphic cipher OTP

Abstract

The security of data exchange between IoT components is of vital importance to avoid integrity breaches in M2M relationships.The main reason for incorporating complex encryption strategies is the processing and memory limitations of embedded systems. This paper proposes an efficient alternative for encrypting messages between two IoT components with processes that make use of keys that change with each new communication making it difficult for brute force attacks to gain access to the exchanged content. Additionally, the method adds a mutation of the encryption functions that adds another additional difficulty to decrypt the message since it depends not only on the key but also on the sequence of application of the decryption functions. The algorithm can be scaled up to end nodes with larger resources, so that the number of bits of the keys and the complexity of the encryption functions can be further increased, and since it is applied directly on the payload, it is independent of any other security method used in higher layers.