Sergey Nivens - Fotolia

Which encryption tools can secure data on IoT devices?

Protecting the data that moves through the internet of things can be a challenge for enterprises. Expert Judith Myerson offers several encryption tools for the task.

My company plans to integrate IoT-based devices into an enterprise system. What are the best IoT encryption tools to secure data passing through these devices?

Internet of things (IoT) devices are resource-constrained. Proprietary protocols are embedded in the firmware. Memory sizes are small. Bandwidths are limited. Execution time is brief. Power is short lived. Batteries often (and inconveniently) need to be recharged. In some cases, there is no internal power, as in passive radio frequency ID (RFID) tags that draw power from nearby readers fitted with batteries. These constraints place limits on how the devices can be encrypted.

Your best options are lightweight encryption tools that can handle resource constraints. It is not possible to implement full encryption tools on IoT devices because these tools require larger memory size, larger program code size, uninterrupted power and longer execution time on laptops, client workstations and servers.

Which lightweight encryption tools your company should use depends on the specific type of IoT device. A tool well suited for one device type may not work properly for another device type.

Device-specific lightweight cryptography standards take a different approach than the NIST's general purpose cryptography standards that work on any laptops and desktops.

Several lightweight cryptography standards are described in ISO/IEC 29192. These include block ciphers, like PRESENT and CLEFIA, which are the lightweight versions of the Advanced Encryption Standard. There are also hardware-oriented stream ciphers, like Enocoro, that focus on chip size and energy consumption; hash functions, such as PHOTON, which concentrate on data integrity; and message authentication codes for validating and authenticating communications between devices.

Another example of a lightweight cryptography mechanism for IoT data is an elliptic curve-based authentication scheme, which has been implemented on RFID readers to authenticate passive RFID tags.

When evaluating lightweight encryption tools, your company should consider the tradeoffs between security and resource utilization. This includes the maximum number of cycles an encryption tool can undergo during an execution versus how low latency can be achieved.

Next Steps

Learn about how symmetric and asymmetric encryption algorithms differ

Find out if destroying encryption keys is a security best practice

Read more on the best email encryption products for enterprises

Dig Deeper on Data security and privacy