Open Access Open Access  Restricted Access Subscription Access

Enhancement and Implementation of Encryption Key Protection Mechanisms in Smart Applications of IoT Systems

Chung-Wei Kuo,
Wei Wei,
Chun-Chang Lin,
Yu-Yi Hong,
Jia-Ruei Liu,

Abstract


The advent of fifth-generation mobile communication (5G) technology has facilitated the proliferation of Internet of Things (IoT) applications, which have become pervasive across diverse settings, enhancing efficiency and quality of life. However, in open and unprotected environment, these devices often carry sensitive personal data, rendering them susceptible to significant risks posed by side-channel attacks (SCA). It is possible that microcontrollers which are performing encryption operations may unintentionally emit characteristic electromagnetic signals. Should these signals be intercepted and analyzed by an unauthorized third party, the encryption keys they contain could be compromised, resulting in the leakage of sensitive information. To address this issue, we propose a lightweight AES-128 encryption key protection mechanism that can be effectively implemented on IoT microcontrollers, thereby enhancing their resistance to side-channel attacks. In this study, we developed a smart access control Radio Frequency Identification (RFID) management system equipped with wireless communication capabilities, utilizing a Wi-Fi module and Arduino UNO. This system simulates scenarios in which identity theft occurs during the RFID card sensing process. By designing a dynamic key-hopping mechanism, our solution enables the encryption key to be periodically updated, effectively resisting power analysis-based side-channel attacks and ensuring the security of the encryption key. The experimental results demonstrate that our mechanism significantly improves the security of IoT devices within smart application systems, thereby reducing the risk of potential data leakage.


Citation Format:
Chung-Wei Kuo, Wei Wei, Chun-Chang Lin, Yu-Yi Hong, Jia-Ruei Liu, "Enhancement and Implementation of Encryption Key Protection Mechanisms in Smart Applications of IoT Systems," Communications of the CCISA, vol. 30, no. 3 , pp. 20-40, Aug. 2024.

Full Text:

PDF

Refbacks

  • There are currently no refbacks.





Published by Chinese Cryptology and Information Security Association (CCISA), Taiwan, R.O.C
CCCISA Editorial Office, No.1, Sec. 1, Shennong Rd., Yilan City, Yilan County 260, Taiwan (R.O.C.)
E-mail: ccisa.editor@gmail.com