IAESR: IoT-oriented authenticated encryption based on iShadow round function.

IF 3.5 4区计算机科学 Q2 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

PeerJ Computer Science Pub Date : 2025-06-11 eCollection Date: 2025-01-01 DOI:10.7717/peerj-cs.2947

Yanshuo Zhang, Liqiu Li, Hengyu Bao, Xiaohong Qin, Zhiyuan Zhang, Xiaoyi Duan

{"title":"IAESR: IoT-oriented authenticated encryption based on iShadow round function.","authors":"Yanshuo Zhang, Liqiu Li, Hengyu Bao, Xiaohong Qin, Zhiyuan Zhang, Xiaoyi Duan","doi":"10.7717/peerj-cs.2947","DOIUrl":null,"url":null,"abstract":"With the growing popularity of the Internet of Things (IoT) devices and the widespread application of embedded systems, the demand for security and resource efficiency in these devices is also increasing. Traditional authenticated encryption (AE) algorithms are often unsuitable for lightweight devices due to their complexity and resource consumption, creating a need for lightweight AE algorithms. Lightweight devices typically have limited processing power, storage capacity, and energy resources, which necessitates the design of simple and efficient encryption algorithms that can function within these constraints. Despite these resource limitations, security remains of paramount importance. Therefore, lightweight AE algorithms must minimize resource consumption while ensuring adequate security. This article presents a theoretical lightweight AE scheme based on Shadow, a lightweight block encryption algorithm, to address the requirements for secure communication in resource-constrained environments. The scheme first enhances the Shadow algorithm by introducing the improved Shadow (iShadow) algorithm. It then combines this with the duplex sponge structure to propose the IoT-oriented authenticated encryption based on the iShadow round function (IAESR). The integration of iShadow with the duplex sponge structure achieves a balance between security and efficiency through three key mechanisms: (1) The sponge's capacity (64/128-b for IAESR-32/64) provides provable indistinguishability under chosen-plaintext attack (IND-CPA) and chosen-ciphertext attack (IND-CCA) security bounds, effectively resisting generic attacks with an adversarial advantage limited to O(q 2/2 c ); (2) the duplex mode's single-pass processing reduces memory overhead by reusing the permutation state; and (3) iShadow's ARX operations reduce energy consumption to 0.4-0.5 µJ/byte on 32-b microcontrollers, outperforming AES-GCM by 20-30%. Empirical tests on an Intel i5-1035G1 CPU demonstrate stable execution times. This design ensures the security and integrity of communication while balancing efficiency, and resource utilization. This design ensures IND-CCA secure confidentiality and integrity against plaintext (INT-PTXT), as demonstrated by the security bounds of the sponge construction. Specifically, IAESR guarantees both confidentiality and authenticity. Additionally, it is particularly well-suited for scenarios with lightweight requirements, such as those found in the IoT.","PeriodicalId":54224,"journal":{"name":"PeerJ Computer Science","volume":"11 ","pages":"e2947"},"PeriodicalIF":3.5000,"publicationDate":"2025-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC12193455/pdf/","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"PeerJ Computer Science","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.7717/peerj-cs.2947","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2025/1/1 0:00:00","PubModel":"eCollection","JCR":"Q2","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

With the growing popularity of the Internet of Things (IoT) devices and the widespread application of embedded systems, the demand for security and resource efficiency in these devices is also increasing. Traditional authenticated encryption (AE) algorithms are often unsuitable for lightweight devices due to their complexity and resource consumption, creating a need for lightweight AE algorithms. Lightweight devices typically have limited processing power, storage capacity, and energy resources, which necessitates the design of simple and efficient encryption algorithms that can function within these constraints. Despite these resource limitations, security remains of paramount importance. Therefore, lightweight AE algorithms must minimize resource consumption while ensuring adequate security. This article presents a theoretical lightweight AE scheme based on Shadow, a lightweight block encryption algorithm, to address the requirements for secure communication in resource-constrained environments. The scheme first enhances the Shadow algorithm by introducing the improved Shadow (iShadow) algorithm. It then combines this with the duplex sponge structure to propose the IoT-oriented authenticated encryption based on the iShadow round function (IAESR). The integration of iShadow with the duplex sponge structure achieves a balance between security and efficiency through three key mechanisms: (1) The sponge's capacity (64/128-b for IAESR-32/64) provides provable indistinguishability under chosen-plaintext attack (IND-CPA) and chosen-ciphertext attack (IND-CCA) security bounds, effectively resisting generic attacks with an adversarial advantage limited to O(q ²/2 ^c ); (2) the duplex mode's single-pass processing reduces memory overhead by reusing the permutation state; and (3) iShadow's ARX operations reduce energy consumption to 0.4-0.5 µJ/byte on 32-b microcontrollers, outperforming AES-GCM by 20-30%. Empirical tests on an Intel i5-1035G1 CPU demonstrate stable execution times. This design ensures the security and integrity of communication while balancing efficiency, and resource utilization. This design ensures IND-CCA secure confidentiality and integrity against plaintext (INT-PTXT), as demonstrated by the security bounds of the sponge construction. Specifically, IAESR guarantees both confidentiality and authenticity. Additionally, it is particularly well-suited for scenarios with lightweight requirements, such as those found in the IoT.

查看原文本刊更多论文

IAESR：基于ishadoround功能的面向物联网的认证加密。

随着物联网（IoT）设备的日益普及和嵌入式系统的广泛应用，这些设备对安全性和资源效率的要求也越来越高。由于其复杂性和资源消耗，传统的身份验证加密（AE）算法通常不适合轻量级设备，因此需要轻量级AE算法。轻量级设备通常具有有限的处理能力、存储容量和能源资源，这就需要设计能够在这些限制条件下运行的简单而有效的加密算法。尽管资源有限，安全仍然是最重要的。因此，轻量级AE算法必须在保证足够安全性的同时最小化资源消耗。本文提出了一种基于轻量级块加密算法Shadow的理论轻量级AE方案，以解决资源受限环境下的安全通信需求。该方案首先通过引入改进的阴影（isshadow）算法对阴影算法进行了改进。然后将其与双海绵结构相结合，提出了基于IAESR的面向物联网的身份验证加密。iShadow与双海绵结构的集成通过三个关键机制实现了安全性和效率之间的平衡：(1)海绵的容量（IAESR-32/64为64/128-b）在选择明文攻击（IND-CPA）和选择密文攻击（IND-CCA）安全边界下提供可证明的不可区分性，有效抵抗通用攻击，对抗性优势限制为0 (q 2/ 2c)；(2)双工模式的单遍处理通过重用排列状态减少了内存开销；(3)在32-b微控制器上，isshadow的ARX操作可将能耗降低至0.4-0.5µJ/byte，比AES-GCM高20-30%。在Intel i5-1035G1 CPU上的经验测试证明了稳定的执行时间。这种设计保证了通信的安全性和完整性，同时兼顾了效率和资源利用率。这种设计确保了IND-CCA对明文（INT-PTXT）的安全机密性和完整性，如海绵结构的安全界限所示。具体来说，IAESR保证了保密性和真实性。此外，它特别适合轻量级需求的场景，例如物联网中的场景。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

PeerJ Computer Science Computer Science-General Computer Science

CiteScore

6.10

自引率

5.30%

发文量

332

审稿时长

10 weeks

期刊介绍： PeerJ Computer Science is the new open access journal covering all subject areas in computer science, with the backing of a prestigious advisory board and more than 300 academic editors.