Lightweight FAAE Framework Enhances IoT Security with Forward-Secrecy and Compact Authentication

The increasing prevalence of Internet of Things devices demands robust security solutions, yet many current systems struggle to balance protection with limited resources. Saif Eddine Nouma and Attila A. Yavuz, from the University of South Florida, alongside their colleagues, present a new framework that addresses critical vulnerabilities in existing authenticated encryption standards. Their research introduces a system designed specifically for low-end IoT infrastructures, offering forward-secrecy and aggregate authentication, features previously unavailable in comparable lightweight systems. This innovation combines key evolution strategies with efficient cryptographic processing and Universal Message Authentication Codes, guaranteeing resilience against key compromise, minimising online processing delays, and maintaining compact authentication tags, representing a significant step forward in securing the expanding network of connected devices.

Graphene’s lightweight design, forward security, and efficient processing make it well-suited for a wide range of applications, including industrial IoT, healthcare, and smart cities. The framework ensures that even if a key is compromised, past communications remain secure, and computation-intensive tasks are moved to idle periods, reducing latency during real-time communication.

Scientists engineered two distinct instantiations of Graphene, each balancing performance trade-offs and offering extensibility for diverse message authentication codes. Experiments demonstrate that Graphene-Poly, with offline-online processing, achieves a significant speed increase over existing FAAE methods when processing data on a 32-bit Cortex-M4 embedded processor, requiring minimal additional storage. This approach conserves battery life in wearable medical settings and improves flight safety in aerial drone applications. The system supports aggregation in various modes, each providing distinct properties. To ensure reproducibility and facilitate wider adoption, the team implemented Graphene on commodity hardware and a low-end microcontroller, releasing the implementation as open source.

Graphene, a Resilient IoT Encryption Framework

The research team developed Graphene, a novel symmetric Forward-secure and Aggregate Authenticated Encryption (FAAE) framework specifically designed for resource-constrained Internet of Things (IoT) devices. This work addresses limitations in existing lightweight AE standards by incorporating key compromise resiliency and compact authentication tags, while also enhancing performance through offline-online cryptography. The team implemented a technique called offline-online cryptography, shifting computationally intensive tasks to idle periods, thereby reducing online latency during data transmission.

Experiments demonstrate that Graphene-Poly, with offline-online processing, achieves a substantial speed increase over existing FAAE methods when processing data on a 32-bit Cortex-M4 processor, requiring minimal additional storage. This speed increase translates to substantial battery life savings in wearable medical devices during online operations, as new keys can be supplied during recharge while data is uploaded. In aerial drone applications, the reduced latency improves flight safety and real-time telemetry transmission. Graphene-AE operates faster than basic FAAE with a modest increase in storage requirements, while Graphene-Poly delivers even higher efficiency with medium security, running faster than Graphene-AE with the same storage requirement. The system supports aggregation in various modes, each providing distinct properties. To ensure reproducibility and facilitate wider adoption, the team implemented Graphene on commodity hardware and a low-end microcontroller, releasing the implementation as open source.

Graphene Secures Resource-Constrained IoT Communication

The research team has developed Graphene, a new framework for secure communication designed for resource-constrained Internet of Things (IoT) devices. This framework addresses critical security gaps in existing lightweight authenticated encryption standards, specifically a lack of resilience to key compromise and efficient authentication. Graphene achieves forward security and aggregate authenticated encryption, offering enhanced protection for sensitive data transmitted by low-end IoT infrastructures. Notably, the Graphene-Poly instantiation, utilizing offline-online processing, is substantially faster than standard FAAE when processing data on the Cortex-M4 processor, requiring minimal additional storage. This speed increase translates to substantial battery life savings in wearable medical devices during online operations, as new keys can be supplied during recharge while data is uploaded. In aerial drone applications, the reduced latency improves flight safety and real-time telemetry transmission.

Graphene offers adaptable performance choices through different instantiations. Graphene-AE provides standard security and operates faster than basic FAAE with a modest increase in storage. Graphene-Poly delivers high efficiency with medium security, running faster than Graphene-AE with the same storage requirement. The team implemented and comprehensively benchmarked Graphene on commodity hardware and low-end microcontrollers, releasing the implementation as open source for public testing and adaptation. The research confirms that Graphene’s design effectively balances security and performance, offering a viable solution for securing the growing number of resource-constrained IoT devices.

Graphene Secures Resource-Constrained Internet of Things

Researchers have developed Graphene, a new framework designed to enhance security in the Internet of Things, particularly for devices with limited resources. This system addresses critical shortcomings in existing methods for authenticated encryption, which often lack resilience to key compromises and efficient authentication. Researchers demonstrate that Graphene offers significant performance improvements over current solutions, particularly on commodity hardware and 32-bit ARM Cortex-M4 microcontrollers.

Importantly, the framework is also compatible with standard cryptographic implementations, easing potential adoption. Different instantiations of Graphene allow for flexibility, balancing performance trade-offs to suit diverse security and efficiency requirements, and the system can be extended with various message authentication codes to provide additional properties. To facilitate further research and real-world application, the team has released a complete open-source implementation of Graphene.