Article Preview
Top1. Introduction
The expression “Internet of Things” was used for the first time by Kevin Ashton in 1990 during his work on Radio Frequency Identification (RFID) infrastructure at the Auto-ID Centre of Massachusetts Institute of Technology (MIT). The word “objects” in this expression refers to objects using radio frequency identification (RFID) chips to be electronically identifiable and susceptible to interact with other objects on the Internet (Benjamin et al., 2016). Typical “things” include anything/everything from human beings to every day's objects. This means that, all kinds of connected devices are expected to be available and accessible. Actually, IoT is the outcome of the significant development in many fields such as wireless sensor networking, artificial intelligence, data processing, industrial, electromechanical systems control and many other technologies underlying it. It founds application in various fields such as healthcare centres to provide high quality, convenient and pervasive healthcare services (Yang et al., 2019), household, smart city, environmental monitoring and control, agriculture, traffic monitoring, fleet management.
The highly heterogeneous, distributed and dynamic nature of IoT introduces new and unexpected threats exploiting vulnerabilities induced by careless programs and protocols design. According to (Banday, 2019), the attacks and threats facing the IoT target physical objects, protocols, data at rest, and software. More details on these threats can be found in (Abdul-Ghani et al., 2018).
In the IoT, security should not concentrate on the known security services only, but should also concentrate on how the security functionalities are deploying (Nagesh, 2017). In addition, limitations of associated IoT hardware, software, mobility and dynamic network topology must be considered before developing any security mechanisms. Most of the security measures cannot be implemented because deployed devices are typically characterized by limited resources (power, memory and storage capacity) and low processing capability. Research and development efforts in the field of IoT security have provided a considerable number of tools and mechanisms to ensure security and privacy. Cryptography has established itself as a very scalable and flexible solution to guarantee considerable performance in terms of authentication and encryption in an IoT context.
The main goal of cryptography is to transmit messages between two entities (sender and receiver) over an untrusted medium in such a manner that the transmitted message should be non-intelligible by third party. The sender converts the message to be sent, referred to as plaintext, to one encrypted message, called ciphertext, using a fixed key and encryption algorithm. In order to recover an encrypted message back to its original format, the receiver applies a decryption process on the ciphertext. Formerly, plaintext and ciphertext are linked according equations (1) and (2):
(1)(2) where
P denotes the plaintext,
C the ciphertext,
E the encryption algorithm,
D the decryption algorithm, and
k the key. Figure 1 illustrates the process of encryption and decryption.
Figure 1. A Encryption/Decryption process