Lightweight Security Protocols for Securing IoT Devices in Smart Cities: Fid-Bau Portal

Lightweight Security Protocols for Securing IoT Devices in Smart Cities

Joshi, Mahesh / Mazumdar, Bodhisatwa / Dey, Somnath

We are amidst a digital world wherein the Internet and advanced technological advancements have ushered smart solutions to our every requirement, and have imparted an interconnected environment for a hassle-free life altogether. We have become so accustomed to a smart handheld device as if it controls, manages, and records even the simplest and most straightforward task of our daily routine. The miniaturization of hardware and Internet-powered consumer appliances and services have solved diverse problems not only for an individual but also related to the community. The smart city project is effectively governing a city which was a dream a decade ago. The healthcare services, clean city drives, power and water supply departments, traffic control, surveillance, and many similar initiatives within the region of a municipal corporation have become IoT-enabled. The smart city services we enjoy may be vulnerable to attacks such as data interception over the communication channel, hacking the devices, stealing database records and consumer credentials, and financial frauds, etc. A consumer is not always aware of such attempts but can be a probable victim of such criminal activities. For a smart device manufacturer and a service provider, it is challenging to claim that their products and services are robust enough to combat all existing attacks. Since the IoT environment consists of small battery-powered devices, the security mechanisms generally employed to secure conventional devices and data within a typical Internet environment are not suitable for IoT infrastructure. Hence we have lightweight solutions to limit the security overhead of data storage and data communication between IoT nodes. The lightweight security protocols targeted towards securing IoT infrastructure are strong enough to mitigate well-known attacks while consuming less memory and resource footprint on the device. This chapter introduces the lightweight security protocols specifying their need in different smart city services. We need these protocols to perform user authentication, access control, payment mechanisms, and encrypting data during transmission, inventory management, traffic control, etc. The chapter introduces Singapore as a smart city model and aims to provide insight into existing security schemes for IoT-enabled smart city services. Lightweight cryptographic initiatives contributed significantly to assure the integrity of data in a constrained environment. We discuss lightweight primitives under block cipher, stream cipher, and hash function category. However, there are incidences where some of these schemes proved susceptible to certain cryptanalysis attempts. The chapter further presents a glimpse of such lightweight ciphers and their respective vulnerabilities. The chapter's contents will benefit the readers in having a clear vision of the security schemes explicitly designed for IoT applications in smart city projects.