Deterministic Systems for Cryptographic Primitives Used in Security Models in Particular IoT Configurations

Abstract

Computing systems grouped in subnets use distributed security models, in general, by creating session keys based on the Diffie–Hellman model, and calculating the necessary parameters for this, on each of the systems. In the particular case of a network of devices heterogeneous in terms of computing power, such as IoT, the modeling of a security system of the entire structure will have to take into account the fact that some devices have a very low computing power. In this sense, starting from the study of some general models, used in structures of this type, an integrated structure was developed to secure communications and test certain vulnerable components, to calculate a degree of risk that they are maliciously intended. The system was developed with a customized mathematical model, a scheme for propagation and management of cryptographic parameters and a test in a real environment by creating the algorithmic model and implementing it within a structure of a beneficiary.

1. Introduction

The Internet of Things (IoT) encompasses an extensive and diverse range of devices, collectively designed to enable seamless communication and autonomous operations in various fields, including healthcare, industrial automation, smart cities, environmental monitoring and intelligent transportation. These devices range from low-power, single-purpose sensors that collect specific types of data, such as temperature or humidity, to multi-purpose gateways and high-performance servers that process and transmit this information within architectures of the wider network. In these applications, maintaining secure and reliable communication is imperative, as the information managed by IoT networks often involves sensitive, high-stakes data. The interconnected nature of IoT ecosystems amplifies the need for robust security, as any vulnerability in the network could lead to far-reaching implications, including data breaches, privacy breaches and even potential physical security risks.

However, implementing strong security measures in IoT ecosystems presents unique challenges. Traditional security frameworks and cryptographic protocols-established through extensive research and practical applications in conventional network environments-are often ill-suited to the resource constraints of IoT devices. Many IoT components have limited computing capabilities, memory capacities, and power resources, making them inherently less able to support the high processing demands of standard cryptographic algorithms. In the case of low-power embedded IoT devices, for example, these constraints are particularly pronounced, as the devices must operate with minimal power consumption to ensure long-term functionality in the field, sometimes for years without maintenance or battery replacement. As a result, simply applying standard encryption and authentication protocols can overload these devices, leading to rapid energy depletion, reduced computing efficiency, and potentially impaired functionality, thus impacting the entire IoT system.

To navigate these limitations, the IoT security architecture is based on cryptographic primitives adapted for constrained environments. Cryptographic primitives—such as encryption algorithms, hash functions, digital signatures and key exchange protocols—are the fundamental elements that ensure the confidentiality, integrity and authenticity of data in communication processes. However, to ensure their applicability in IoT, these primitives must be optimized to maintain a balance between security robustness and resource efficiency. For example, key exchange protocols based on the Diffie–Hellman model are commonly used to establish secure communication channels, but they often require computing power that is difficult for many IoT devices. Similarly, encryption algorithms designed for larger, high-powered systems may not meet the power, memory, or speed requirements of lightweight IoT systems.

In this context, deterministic systems offer an innovative approach, potentially transforming the way cryptographic operations are managed in IoT environments. A deterministic system, by definition, produces a predictable result given a specific input. In cryptographic implementations, this predictability can lead to substantial benefits: deterministic cryptographic processes enable a level of consistency and reliability that increases efficiency, especially on resource-constrained devices. Based on deterministic methods, IoT systems can reduce the computational complexity and processing time required for secure data manipulation, thus saving energy and extending the life of devices without compromising security.

In addition, deterministic cryptographic models can be configured to meet the specific security needs of IoT systems through optimized parameter selection and algorithmic adjustments that take into account the different capabilities of IoT devices. For example, deterministic systems facilitate the design of lightweight cryptographic algorithms adapted to handle the predictable data flows common in sensor networks, which further minimizes processing requirements. Deterministic systems can also simplify key management and update processes, as the predictable nature of cryptographic calculations can be optimized in terms of memory and computational demand, allowing even the most constrained IoT devices to securely participate to communication, in the network.

In short, deterministic systems represent a paradigm shift for IoT security architecture. By leveraging predictable cryptographic processes, IoT networks can implement robust security measures that respect the unique operational limitations of each device in the ecosystem. This approach not only mitigates the risks associated with resource constraints, but also supports scalable security frameworks that can be adapted as IoT networks expand in size and complexity. As IoT continues to proliferate in critical areas, deterministic systems are poised to become an integral part of sustainable and secure IoT deployments, balancing high security standards with the need for efficiency across a diverse range of devices.

The primary objective of this article is to address the pressing challenges associated with securing communications in networks composed of subnetted computing systems, with a particular focus on heterogeneous IoT environments. These networks often comprise devices with vastly differing computational capabilities, ranging from low-power sensors to high-performance gateways and servers. The proposed work contributes to the state-of-the-art by presenting an integrated security framework specifically designed to address the unique constraints and vulnerabilities of IoT systems.

At the core of this framework lies a novel and optimized cryptographic model based on elliptic curve cryptography (ECC), which has been meticulously adapted to balance security, resource efficiency, and computational performance. This article introduces several key contributions:

• An Optimized ECC-Based Key Exchange Protocol: The work proposes a highly efficient key exchange protocol that leverages the inherent strengths of ECC. The protocol is designed to minimize computational overhead and energy consumption, making it suitable for resource-constrained devices without compromising the security of the communication channel.
• Parameter Management Scheme for Heterogeneous IoT Devices: The study introduces an innovative parameterization and propagation scheme that ensures secure synchronization across a network of heterogeneous devices. This scheme addresses the challenges of key synchronization and secure key management, which are critical for maintaining consistent security policies in IoT environments.
• Validation in Real-World Scenarios: Unlike many theoretical studies, the proposed model was implemented and rigorously validated in a real-world IoT environment. Experimental results demonstrated the model’s effectiveness in enhancing communication security, reducing vulnerabilities, and maintaining synchronization across devices with varying computational capabilities. This practical validation underscores the applicability and reliability of the proposed approach.
• Quantifiable Improvements in Security and Efficiency: The article provides a comprehensive analysis of the proposed framework’s performance, highlighting significant reductions in key exchange time and energy consumption compared to traditional cryptographic methods like RSA and Diffie–Hellman. The results showcase the ability of the ECC-based framework to achieve a high level of security while adhering to the resource constraints typical of IoT devices.
• Impact on IoT Network Scalability and Resilience: The proposed framework is designed to support scalable IoT deployments by ensuring robust security mechanisms that adapt to the increasing complexity and size of IoT networks. The key propagation scheme not only enhances synchronization but also mitigates vulnerabilities related to desynchronization and computational heterogeneity.

In addition to addressing these technical challenges, the work also provides a roadmap for future research, including the integration of quantum-resistant cryptographic methods and lightweight cryptographic protocols to further enhance the resilience and applicability of the framework. The proposed model is particularly relevant for critical IoT applications, such as smart city infrastructures, healthcare monitoring systems, and industrial IoT deployments, where secure and efficient communication is paramount.

By combining theoretical advancements with practical validation, this article significantly contributes to the field of IoT security, offering a comprehensive, scalable, and resource-efficient solution to some of the most critical challenges in securing heterogeneous IoT networks.

Organization of the Manuscript

The remainder of this paper is organized as follows: Section 2 provides an overview of existing security models and cryptographic solutions for IoT authentication, discussing their advantages and limitations. Section 3 details the proposed ECC-based security framework, including the key exchange protocol and parameter management scheme. Section 4 presents the experimental setup and performance evaluation of the proposed model in various IoT scenarios, where Section 4.2 conducts a formal security assessment, including theoretical analysis and automated verification using AVISPA v1.6 and ProVerif v2.05 tools; next, there is Section 4.4.4 which discusses the implications of our findings, including scalability, energy efficiency, and potential integration with post-quantum cryptographic methods. Section 5 discusses the limits within which the proposed solution is optimal and mitigations for limitations. Finally, Section 6 concludes the paper and outlines future research directions and a section with abbreviations used in the article is also provided.

2. Related Works

Security in the Internet of Things (IoT) is a major concern, given the decentralized nature and vulnerabilities of networks made up of devices with limited resources. From this point of view, cryptography plays a crucial role in ensuring the confidentiality and integrity of data, and numerous studies have proposed innovative solutions that meet the specific requirements of IoT. But these solutions must be not only safe, but also efficient in terms of resources, considering the processing and storage constraints of IoT devices.

A central concept in IoT cryptography is the development of effective encryption mechanisms that do not compromise the performance of devices with limited resources. In this direction, Agrawal et al. (2018) propose a deterministic authenticated encryption mechanism that minimizes resource consumption, using elliptic curve cryptography (ECC) to ensure a balance between security and efficiency. While this mechanism significantly reduces memory requirements and processing power, it has limitations in addressing scenarios with extreme resource constraints, such as low-power IoT devices that operate with minimal computational capacity and energy budgets. Moreover, their study does not provide a detailed analysis of synchronization challenges or scalability in large IoT networks, which are critical aspects in heterogeneous environments [1].

Similarly, Munshi and Alshawi (2024) contributed to the development of a hybrid encryption model, combining several techniques to strengthen data protection in IoT authentication protocols, with an emphasis on reducing processing costs and increasing performance. However, their model primarily focuses on improving performance in moderately resource-constrained environments and lacks the fine-tuning required for ultra-low-power devices. Additionally, the increased complexity of the hybrid model may introduce latency in real-time IoT applications, a limitation not addressed in their study [2].

In contrast, the proposed model in this paper seeks to address these challenges by optimizing ECC-based encryption for devices with highly constrained resources, ensuring both scalability and low-latency communication in diverse IoT networks.

Another important aspect of IoT security is the efficient management of cryptographic keys. Raghunathan et al. (2013) introduced an innovative approach for deterministic public-key cryptography that can withstand adaptive plaintext attacks. Their study demonstrated that this method allows a much more efficient management of cryptographic keys, significantly reducing the risk of compromise in IoT networks. The experimental results showed that, despite the limited resources of the devices, encryption with deterministic public keys is feasible and offers a high level of security [3]. Similarly, Hsiao et al. (2019) proposed a hierarchical key management system, based on elliptic curve cryptography, which guarantees robust data protection in the context of IoT sensors. Their results confirmed the effectiveness of this system in reducing the risks of compromising cryptographic keys and in ensuring their easier management, which is essential for large-scale IoT networks [4], but at the price of a more laborious energy system.

In addition, the analysis of authentication protocols has become an essential topic, considering the specific vulnerabilities of IoT networks. Tiwari and Kim (2018) introduced an innovative method based on elliptic curve cryptography to improve the security of authentication protocols. Experimental results have demonstrated that this solution is effective in protecting IoT networks against man-in-the-middle attacks and other cyber threats, without compromising the performance of the devices [5]. Similarly, Zhao et al. (2022) proposed a three-factor authentication protocol based on elliptic curve cryptography, which integrates a multifactor security system. The results of their study showed that this protocol is much more secure than traditional protocols, and the integration of additional authentication factors significantly reduced the attack success rates [6], but taking into account the price paid through the complexity of the proposed model and the primitive management model for cryptographic keys.

Moreover, an extremely important topic in IoT security is the risks associated with data management and storage. Furtak (2020) proposes a cryptographic key generation and renewal system for IoT nodes, focusing on protecting data in a distributed network, where cryptographic keys are constantly updated to prevent their compromise. His studies have shown that the constant updating of cryptographic keys significantly reduces the risks of attacks on stored data, thus improving the overall security of IoT networks [7]. This approach is essential to ensure the integrity and confidentiality of data in large IoT networks, where the volume of data and the number of devices involved are extremely large.

Also, the modeling and analysis of IoT vulnerabilities is a fundamental part of recent research in the field. Ankle et al. (2019) examined the requirements and recommendations for IoT and IIoT models intended for the automation of security assurance, by using penetration tests and threat analysis. The results of their studies confirmed that the use of a robust test model allows early identification of vulnerabilities, so that protection measures can be implemented more effectively [8]. In this line, Nshenko et al. (2019) conducted an exhaustive review of IoT vulnerabilities, providing a guide for assessing their exploitation on a global scale. Their results demonstrated that the constant analysis of vulnerabilities is crucial for the protection of data and IoT networks, having a significant impact in preventing attacks [9].

The security of IoT networks significantly depends on advanced encryption and authentication technologies. Liu and Ning (2008) developed TinyECC, a configurable elliptic curve cryptography library that is optimized for wireless sensor networks. Their results showed that this solution significantly improved data protection in large IoT networks, being widely adopted due to its high performance and ease of implementation [10]. This solution has been successfully used in multiple IoT implementations, demonstrating its effectiveness in ensuring a high level of security, even in conditions of limited resources.

Therefore, recent research reflects significant progress in IoT security, emphasizing the importance of effective cryptographic solutions and key management strategies adapted to the limited resources of IoT devices. Each of the mentioned studies contributes to the consolidation of a more robust security framework, oriented towards improving performance and data protection in IoT networks. Their results validate the proposed solutions and demonstrate their applicability in real IoT scenarios.

3. Proposed Model and Methodology

3.1. IoT System Architecture

In the context in which the Internet of Things (IoT) is becoming more and more ubiquitous in various fields, ensuring the effective protection of data transmitted between IoT devices has become a major priority. To meet the security challenges imposed by the limited resources of devices and the complexity of distributed networks, we propose a layered architecture, which includes three distinct levels of security. Each level is adapted to the technical specificities of the nodes in the network and their role, so that the entire system benefits from robust, scalable and efficient protection.

At the base of the IoT architecture are the sensor nodes, which have the role of collecting raw data from the environment, such as temperature, humidity, pressure or even air pollution. These devices are usually extremely small and have limited resources, both in terms of memory, processing power and battery life. Therefore, securing the communications of these devices is a considerable challenge.

Considering the limitations of the hardware, the encryption algorithms used to protect the data are built on the basis of elliptic curve cryptography (ECC). This is a very efficient encryption method that offers a high level of security using keys significantly smaller than traditional RSA-based cryptography. Thus, ECC allows a compromise between security and resource consumption, which makes it ideal for IoT environments, where every bit of energy and every memory unit counts. Regarding key management, IoT nodes use deterministic pseudo-random number generators, which allow the creation of private keys in an efficient way, without requiring expensive additional hardware. This aspect significantly contributes to reducing the costs of implementing and maintaining IoT networks, making these solutions more accessible and scalable.

At the intermediate level of the architecture are the gateways, which play an essential role in centralizing and processing the data received from the sensory nodes. These devices have a higher processing and storage capacity compared to the sensor nodes, which is why they are able to implement more complex encryption algorithms and exchange cryptographic keys between the nodes and the central server. The gateways filter and pre-process the data collected from the sensors, ensuring that only the relevant information is transmitted further, thus reducing the required bandwidth and improving the efficiency of the system.

Besides this data centralization functionality, gateways play an active role in monitoring local network security. They are equipped with specialized software that allows the detection of behavioral anomalies, such as attack attempts or unusual behaviors that may signal a security breach. The detection and signaling of these anomalies are essential for the prevention and rapid response to possible attacks. Also, gateways are often able to analyze data flows in a more detailed way, using machine learning or artificial intelligence techniques to improve the identification of attacks and other malicious behavior.

The last level of the architecture is constituted by the central server or the cloud infrastructure, which plays the main role in the coordination of the entire network and in the implementation of advanced security measures. These servers are able to run high-performance encryption algorithms and store data long-term. They are equipped to manage large volumes of data and to perform complex analyzes on them, to determine the risks associated with each node in the network and to update security policies in real time.

An important aspect of central servers is that they are responsible for large-scale cryptographic key management. They generate, revoke and synchronize the cryptographic keys used by IoT nodes and gateways, ensuring that all devices on the network benefit from real-time protection. Moreover, the central servers implement advanced anomaly detection protocols, which analyze network behavior and identify potential security risks. These analyzes can include long-term behavioral studies, which help identify abnormal trends or potential security breaches, even before they become a significant problem. In this way, the central server not only protects data, but also ensures proactive security management, preventing attacks and reducing their impact.

3.2. Key Generation Protocol

The following will be used in the subsequent parts of this paper:

• k The private key of the system, which is composed by a set of cryptographic primitives from elliptic curves subspaces.
• P The public part of the generated combined key.
• G The curve generator point is a fixed point on the elliptic curve used to generate public keys. It is defined for and known to all devices on the network.
• K The shared session key, calculated by multiplying one device’s private key by another device’s public key. This is used to encrypt communication sessions.
• $\lambda$ It is used to calculate the sum or doubling of points on an elliptic curve. The formula for it depends on the nature of the points (identical or different).
• $F_p$ and $F_a$, $F_p$ is the finite field defined by the prime number p, and $F_a$ is a subsp. ace derived using a contraction parameter a.
• Parameter contraction $(x|\alpha ,\beta |$ and $y|\alpha ,\beta |)$. The parameters $\alpha$ and $\beta$ define the limits of contraction in the calculation of points on the elliptic curve, reducing computational complexity.
• $k^{-1}$ Represents the modular inverse of a number k in the finite field $F_p$ and it is calculated as $k^{-1}\equiv k^{p-2}modp$.

In this proposed model, the key exchange is based on an optimized version of the Elliptic Curve Diffie–Hellman (ECDH) algorithm. This method offers advantages for IoT networks because it consumes fewer resources than other forms of asymmetric encryption.

• Private Key Generation (k): Each IoT device generates a private key k using a deterministic algorithm to minimize computational requirements. In this context, a pseudo-random number generator based on a linear congruential algorithm is sufficient, ensuring a compromise between complexity and security.
• Key Exchange: The public key is generated by multiplying the private key k with a generator point of the elliptic curve, according to the formula:

  $$P=k·G$$
  This operation allows the efficient exchange of public keys between nodes and gateways.
• Calculation of the Common Key (K): Once the public keys are exchanged between nodes, each device calculates the common key K:

  $$K=k_{private}·P_{public}$$

This result is identical for both participating nodes, being used as a session key for message encryption.

3.3. Description of the Key Exchange Algorithm and Protocol

3.3.1. Description of the Algorithm

Due to the specific resource constraints of IoT networks, the proposed model uses a cryptographic algorithm based on elliptic curves (ECC—elliptic curve cryptography). ECC is preferred due to its efficiency compared to classic cryptographic algorithms, allowing a high level of security even when using smaller keys, which significantly reduces resource consumption.

The key exchange algorithm is designed to allow the creation of secure communication sessions between IoT devices with variable capabilities, such as low-power sensors, but also more powerful devices.

In order to ensure a secure exchange of keys and to enable efficient data encryption, the proposed algorithm includes the following main steps:

• Key generation: Each device $D_i$ generates a pair of keys (public and private) for the initial communication, using an elliptic curve defined by the elliptic curve equation on a finite field

  $$y^2=x^3+ax+b\mathrm{mod}p$$

  (1)

  where p is a large prime number, and a and b are coefficients that define the curve and are known by all devices in the network. They are stored in a secure area on the device.
• Calculation of points on the curve: Device $D_i$ generates its private key $k_i$, a unique random number, and calculates its public key $P_i$ by multiplying $k_i$ by a generating point G on the curve:

  $$P_i=k_i·G$$

  (2)

  where G is a well-defined point on the curve and known by all devices in the network.
• Distribution of public keys: Each device $D_i$ transmits the public key to the devices it wants to communicate with. This does not reveal the private key and therefore does not compromise security.
• Calculation of the shared session key: Device $D_i$ can calculate the shared session key $K_{ij}$ to communicate with another device $D_j$ using its public key $P_j$ and its private key $k_i$:

  $$K_{ij}=k_i·P_j$$

  (3)
  Device $D_j$ can, in turn, calculate the same value using its private key $k_j$ and public key $P_i$:

  $$K_{ij}=k_j·P_i$$

  (4)
  Due to the property of elliptic curves, the values obtained by $D_i$ and $D_j$ will be identical and will constitute the session key used to encrypt the messages exchanged between the two devices.

Figure 1 visually represents the contraction process, providing a clearer understanding of its application in secure key exchange within IoT environments. The figure represents the mathematical process of parameter contraction over an elliptic curve and its implications for secure key exchange in IoT devices. The elliptic curve is defined by the general equation, which is a commonly used form in cryptographic applications due to its advantageous properties in terms of computational efficiency and security.

• The Elliptic Curve (Blue Contour): The blue curve illustrates the set of all points $(x,y)(x,y)$ that satisfy the elliptic curve equation. This set forms a group under point addition, a fundamental operation in elliptic curve cryptography (ECC). The elliptic curve provides the mathematical foundation for secure key generation and exchange.
• Original Points on the Curve (Red Markers): The red points represent specific coordinates on the elliptic curve prior to the contraction process. These points are typically used as public keys in the ECC key exchange protocol. Their positions are chosen based on the properties of the elliptic curve and the initial parameters.
• Contracted Points on the Curve (Green Markers): The green points are the result of applying a contraction operation to the original points. The contraction process scales the coordinates of the points (e.g., by a factor of 0.5 in this figure), effectively reducing their spatial distribution on the curve. This operation corresponds to a simplification or optimization step, often used in constrained environments like IoT, to reduce computational overhead while maintaining the essential cryptographic properties.
• Arrows Indicating Contraction (Gray Arrows): The gray arrows illustrate the transformation of the original points into their contracted counterparts. Each arrow represents the magnitude and direction of the contraction, providing a visual interpretation of the mathematical operation.

Implications for IoT Devices:

• Efficiency Gains: By contracting the parameters, the computational requirements for key generation and exchange are reduced. This is particularly critical for IoT devices with limited resources, such as memory, processing power, and energy supply.
• Secure Communication: Despite the contraction, the mathematical structure of the elliptic curve ensures that the cryptographic strength of the key exchange remains intact. This balance between efficiency and security is essential for enabling lightweight cryptographic protocols in IoT networks.
• Scalability: The contraction process also supports scalability in large IoT networks by allowing devices with varying resource capacities to participate in secure communication without significant performance bottlenecks.

The Figure 2 highlights a numerical representation of such a model, which meets the requirements of the algorithm.

The algorithm includes a series of optimizations adapted to the constraints of IoT devices:

• Reducing the size of the keys: To limit the consumption of resources, a reduced size of the public key is used, for example 160–256 bits, depending on the capabilities of each device. This offers a level of security equivalent to classic algorithms, but with a more efficient use of resources.
• Pre-calculation of points: In order to minimize the computation time during key exchange, IoT devices can pre-calculate and store the common points of the curve, frequently used in key exchange operations, so that the session key generation process to be as fast as possible.
• Data compression methods: In some cases, the public key can be transmitted in a compressed form, thus saving bandwidth, an essential resource in IoT communications.

3.3.2. Key Exchange Protocol

The protocol defined in this model ensures a secure communication between IoT devices, integrating the previously described ECC algorithm in a structured process that can be applied in a varied range of scenarios. The protocol steps are as follows:

• Session initiation: The initiating device $D_i$ begins the secure connection process, selecting the point G that it will use in the key calculation.
• Generation and transmission of public keys: Each device calculates its public key and transmits it to the recipient through a secure communication channel.
• Calculation of session keys: After receiving the public key, each device uses its private key to calculate the common session key.
• Authentication confirmation: After establishing the common key, each device sends a confirmation message encrypted with the session key, thus verifying the correctness of the exchange and the authenticity of the other device.

Starting from a contraction parameter a and defining two values, $\alpha$ and $\beta$, as the contraction limits depending on a, we will have a reconstruction of the cryptographic parameter determination model which are defined over a finite field ${\mathbb{F}}_p$, where p is a prime number, and a subspace ${\mathbb{F}}_p^a$ is a contraction of ${\mathbb{F}}_p$, defined by a parameter a. The elliptic curve equation over ${\mathbb{F}}_p^a$ is

$$y^2\equiv {(x^{|\alpha ,\beta |})}^3+a{x}^{|\alpha ,\beta |}+b(\mathrm{mod}{p}^a),$$

where the arithmetic is constrained to the subspace ${\mathbb{F}}_p^a$.

The addition of two points $P_{|\alpha ,\beta |}=(x_1^{|\alpha ,\beta |},y_1^{|\alpha ,\beta |})$ and $Q=(x_2^{|\alpha ,\beta |},y_2^{|\alpha ,\beta |})$ on the elliptic curve within the subspace follows similar rules, but all computations are reduced by modulo $p^a$:

$$\begin{array}{c}\hfill x_3\equiv {\lambda }^2-x_1^{|\alpha ,\beta |}-x_2^{|\alpha ,\beta |}(\mathrm{mod}{p}^a),\\ \hfill y_3\equiv \lambda (x_1^{|\alpha ,\beta |}-x_3^{|\alpha ,\beta |})-y_1^{|\alpha ,\beta |}(\mathrm{mod}{p}^a),\end{array}$$

where $\lambda$ (the slope of the line) depends on the relationship between the points P and Q:

• If $P\ne Q$, then

  $$\lambda \equiv {\displaystyle \frac{y_2^{|\alpha ,\beta |}-y_1^{|\alpha ,\beta |}}{x_2-x_1}}(\mathrm{mod}{p}^a).$$
• If $P=Q$ (point doubling), then

  $$\lambda \equiv {\displaystyle \frac{3x_1^2+a}{2y_1^{|\alpha ,\beta |}}}(\mathrm{mod}{p}^a).$$

The contraction parameter a effectively reduces the dimensionality of the field from ${\mathbb{F}}_p$ to a smaller subspace ${\mathbb{F}}_p^a$. This contraction modifies the modular arithmetic as all calculations are performed using modulo $p^a$.

3.4. Scalar Multiplication

Scalar multiplication over ${\mathbb{F}}_p^a$, for a scalar k and a point P, is defined similarly to the standard case. Using the addition operation

$$k·P=P^{|\alpha ,\beta |}+P^{|\alpha ,\beta |}+\cdots +P^{|\alpha ,\beta |}(\mathrm{repeated}k\mathrm{times}),$$

all computations are performed modulo $p^a$. Efficient algorithms such as the double-and-add method can be applied here as well.

3.5. Modular Inverses in ${\mathbb{F}}_p^a$

To compute the modular inverse of a number k in ${\mathbb{F}}_p^a$, the following formula is used:

$$k^{-1}\equiv k^{p^a-2}(\mathrm{mod}{p}^a).$$

The functional technical diagram of the model is described in Figure 3.

4. Experimental Results and Analysis

To evaluate the performance of the adapted ECC algorithm, three categories of representative IoT devices were created, used in the following scenarios:

• Low Power Devices (LPD): environmental sensors and monitoring devices with severe computing and memory limitations (for example, sensors based on ARM Cortex-M0 type microcontrollers), limited to 128 KB memory and operating at 48 MHz.
• Medium Power Devices (MPDs): intermediate devices such as gateways with more advanced microcontrollers (eg ARM Cortex-M4) with moderate processing capabilities, featuring 1 MB memory and a clock speed of 120 MHz.
• High Power Devices (HPD): servers and advanced computing equipment, such as ARM Cortex-A53 processors, with 4 GB memory and a clock speed of 1.5 GHz.

The algorithm was tested in a simulated network environment, with 100 nodes distributed proportionally between the three categories, all being interconnected and the communications encrypted through the session keys generated according to the previously described ECC protocol.

In the evaluation of the performance and viability of the algorithm implementation, several essential metrics were monitored. One of the main aspects evaluated was the key generation time, which represents the time required for each device to produce a pair of keys (private and public). This measures the efficiency of the algorithm in generating cryptographic keys, an essential process in establishing the security of a system.

The key exchange time was also measured, which indicates the total interval required for two devices to complete the key exchange process and calculate the common session key. This is a crucial parameter in evaluating the efficiency of the algorithm in IoT communication scenarios, where latency can affect overall performance.

Another important factor monitored was energy consumption, measured in milliwatts (mW), which reflects the amount of energy used by devices during key generation and exchange. Considering the resource restrictions of many IoT devices, this parameter is essential to ensure the long-term sustainability of the implemented cryptographic solutions.

The energy consumption calculation model followed the formula $E_{total}=E_{com}+E_{comp}$, where $E_{com}$ is the energy consumed for communication (e.g., transmitting and receiving data packets) and $E_{com}$ is the energy consumed for computational operations (e.g., key generation and encryption). Energy consumption was simulated using a hardware-specific energy model derived from the datasheets of the devices used. The total energy consumption was calculated as the sum of communication energy ($E_{com}$) and computational energy ($E_{comp}$). For communication, the simulation accounted for the transmission power and packet size, while for computation, it considered the clock speed and number of cryptographic operations performed. In the simulations, the $NS3$ version $3.43$ software was used and in the practical applications, an instrument was used to measure the accumulator values at the start and end of the operation.

The memory occupied by each device during the execution of the algorithm was also evaluated, i.e., the space required to store the keys and to operate its own cryptographic process. This was an important measure, considering the hardware limitations of IoT devices, which can have reduced storage and processing capacities.

The obtained results are presented in

Table 1. Experimental results.

Device	Key Generation (ms)	Key Exchange Time (ms)	Power Consumption Time (mW)	Memory Occupied (kB)
LPD	45	120	5	2
MPD	30	80	10	5
HPD	15	40	20	10

and show how each category of devices performs with the proposed ECC algorithm.

As shown in

Table 2. Comparative results.

	Key	Power			IoT
Method	Exchange	Consumption	Security	Scalability	Applicability
	(ms)	(mW)
1024b RSA	517	26	Medium	Low	Very Low
1024b DH	280	17	Medium	Medium	Moderate
ECC proposed	96	11	High	High	Excellent
model

, the experimental results demonstrate a balanced trade-off between resource consumption and security performance across different IoT device categories. Specifically, while LPD devices exhibit a longer key exchange time (120 ms) and lower energy consumption (5 mW), they still comply with the security requirements of the proposed protocol. In contrast, MPD and HPD devices show improved efficiency in key exchange, with lower latency and higher scalability, further validating the applicability of the proposed ECC-based model for IoT security.

In this regard, Table 2 provides a comprehensive comparison of the performance metrics of the proposed ECC-based framework against conventional cryptographic methods such as RSA and Diffie–Hellman. The results clearly indicate that the ECC-based approach demonstrates superior efficiency and scalability, making it particularly suitable for IoT environments characterized by resource-constrained devices.

Traditional cryptographic techniques, such as RSA and Diffie–Hellman, have been widely employed in network security; however, their applicability in IoT networks is limited due to computational overhead and scalability challenges. Specifically, RSA relies on large key sizes to maintain security, which significantly increases computational complexity and energy consumption. These requirements are often impractical for low-power IoT devices with limited processing capabilities and battery life.

Similarly, while Diffie–Hellman offers a more lightweight alternative to RSA, it still encounters significant scalability challenges when implemented in heterogeneous IoT networks. The computational demands associated with secure key exchange using Diffie–Hellman increase as the number of connected devices grows, thereby posing a limitation for large-scale IoT deployments.

In contrast, the proposed ECC-based framework achieves a more efficient balance between security and resource utilization by leveraging the mathematical properties of elliptic curves. This enables the generation of cryptographic keys with significantly smaller sizes while maintaining robust security levels. As a result, ECC reduces energy consumption and processing time, thereby enhancing the feasibility of secure communication in diverse IoT architectures.

Table 3. Comparison of cryptographic parameters across device types.

Parameter	Low-Power Devices (LPD)	Medium-Power Devices (MPD)	High-Power Devices (HPD)
Public Key Size	160 bits	160 bits	160 bits
Private Key Size	160 bits	160 bits	160 bits
Key Generation Time	5 ms	2 ms	1 ms
Encryption Time	10 ms	5 ms	2 ms
Energy Consumption	2.5 mJ	1.2 mJ	0.8 mJ

provides a comparative overview of key cryptographic parameters for the three types of devices used in the experiments: low-power devices (LPD), medium-power devices (MPD), and high-power devices (HPD). Despite the differences in computational capabilities, the proposed ECC-based model ensures uniform public and private key sizes of 160 bits, which is sufficient to provide a high-security level equivalent to 2048-bit RSA. However, key generation and encryption times vary across devices due to differences in processing power, as reflected in the table. Similarly, energy consumption decreases significantly for higher-power devices, demonstrating the model’s adaptability and scalability.

As a limitation of the proposed solution, in its implementation, it is necessary to adapt the mathematical apparatus, in terms of the initial recalculation of the subspaces used, for each subclass of problems addressed, depending on the hardware class to which the used IoT systems belong.

4.1. Analysis of Results

We notice that devices with higher processing power (HPD) complete key generation and key exchange in a much shorter time compared to LPD. This difference demonstrates the need to optimize the algorithm for LPD devices, which are more often found in large IoT networks.

The ECC algorithm, due to the small size of the keys used, consumes minimal energy even for LPD. This feature is essential for maintaining the energy autonomy of IoT networks.

All devices can easily store the necessary cryptographic keys and data, confirming that the implemented optimizations are effective even for devices with limited memory, such as LPDs.

The following

Table 4. Comparative evaluation with NIST general algorithms.

Algorithm	Key Exchange Time (ms)	Power Consumption (mW)	Security Level
ASCON	512	25	medium
SPONGENT	272	12	medium
ECC-160	98	12	high

presents a comparison between the proposed ECC algorithm and traditional algorithms such according with NIST general used algorithms. The cryptographic algorithms listed in Table 4 are based on NIST IR 8454 recommendations for lightweight cryptography. References to the original specifications for ASCON and SPONGENT can be found in NIST—[11] and other variants of implementations [12,13,14,15] and low powered devices [16,17,18,19].

ASCON is a lightweight cryptographic algorithm that was selected as the standard for authenticated encryption and hashing in the NIST Lightweight Cryptography competition. It is designed for low-power and resource-constrained environments, offering efficient security against various cryptographic attacks while maintaining minimal computational overhead. SPONGENT is a lightweight hash function based on the sponge construction. It is optimized for constrained devices, ensuring low memory consumption and energy efficiency. SPONGENT is particularly suited for authentication and integrity verification in IoT applications. ECC-160 (elliptic curve cryptography with 160-bit keys) leverages the mathematical properties of elliptic curves to provide robust security with significantly smaller key sizes compared to traditional RSA and Diffie–Hellman approaches. Its efficiency in key exchange and encryption makes it well-suited for IoT devices with limited computational and power resources.

The results ilustrate that the ECC algorithm is superior in terms of energy efficiency and processing time, ensuring at the same time a high level of security. Classical algorithms, such as RSA and DH, are much more expensive in terms of resources and less suitable for IoT networks.

The experimental results confirm the viability of the proposed ECC model for securing communications in IoT networks. Compared to classic algorithms, ECC ensures a high level of security and high performance in environments with limited resources, characteristic of IoT.

4.2. Security Analysis

The ECC-based model ensures robust protection against replay attacks by utilizing unique session keys for each communication. Additionally, the use of authenticated key exchange protocols mitigates man-in-the-middle attacks by verifying the legitimacy of all participating devices. These features make the model particularly suitable for securing IoT networks where communication involves highly sensitive data, similar as in [20].

The construction method of the proposed model highlights its inherent resilience, specifically tailored for IoT applications where resource constraints and diverse device capabilities pose significant challenges. The robustness of the method stems not only from the efficiency of its design but also from the meticulous way in which the subspaces over which the elliptic curves are defined are constructed. These subspaces form the foundation for parameterization, which directly influences the security and performance of the cryptographic primitives employed. By carefully selecting these subspaces, the model ensures that the cryptographic operations, such as key generation and key exchange, are both computationally efficient and secure against common attack vectors.

A critical aspect of the model lies in the parameterization process. This involves defining the elliptic curves over finite fields, with specific constraints designed to optimize the balance between computational overhead and cryptographic strength. The choice of parameters, such as the curve coefficients and the size of the underlying field, ensures that the elliptic curve discrete logarithm problem (ECDLP) remains computationally infeasible for attackers, while still allowing efficient computation for resource-constrained IoT devices. This deliberate design choice is crucial in environments where devices range from low-power sensors to high-performance servers, as it guarantees uniform security across heterogeneous networks.

Furthermore, the construction of the cryptographic primitives leverages these parameterizations to create a resilient system that can withstand various types of attacks. For example, the use of deterministic pseudo-random number generators in key generation not only minimizes the need for external entropy sources but also ensures the reproducibility and consistency of the keys within the defined subspaces. This approach reduces the risk of weak keys, which are often a consequence of poorly implemented randomness in constrained environments. Additionally, the modular arithmetic operations performed on the elliptic curve points are optimized to minimize computational latency, thereby enhancing the energy efficiency of the model without compromising its security guarantees.

The resilience of the proposed model is further demonstrated by its ability to maintain synchronization across heterogeneous IoT devices. By employing a key propagation scheme, the model ensures that devices with varying computational capabilities can securely exchange keys without introducing significant delays or vulnerabilities. This synchronization mechanism is particularly important in large-scale IoT networks, where maintaining consistent security policies across devices is a significant challenge. The proposed approach mitigates potential vulnerabilities arising from desynchronization, such as unauthorized access or data breaches, by ensuring that all devices operate within a unified cryptographic framework.

Table 5. Comparative evaluation with NIST general algorithms.

Attack Type	Resilience Provided by proposed ECC based Model
Replay Attack	Unique session keys for each communication
Man-in-the-Middle Attack	Authenticated key exchange prevents interception
Key Compromise Impersonation	Keys are derived from secure ECDLP calculations
Side-Channel Attack	potential use of tamper-resistant hardware

presents a comprehensive analysis of the security attributes of the proposed ECC-based model, emphasizing its effectiveness in mitigating critical cryptographic threats within IoT environments. Specifically, the table delineates the model’s resilience against replay attacks, man-in-the-middle attacks, and key compromise impersonation-threat vectors that are particularly relevant in distributed and resource-constrained networks.

The findings, derived from the implementation phase, substantiate the practical applicability and robustness of the proposed approach. Notably, the results demonstrate that the ECC-based framework surpasses conventional cryptographic schemes, such as RSA and Diffie–Hellman, by achieving superior energy efficiency, reduced computational complexity, and enhanced resistance to adversarial attacks. These attributes make the proposed model a viable and scalable security solution for IoT architectures characterized by heterogeneous device capabilities and stringent resource constraints.

In addition to its demonstrated resilience, the model’s flexibility and adaptability make it a viable solution for evolving IoT security challenges. By integrating optimized elliptic curve operations with tailored parameterizations, the proposed method provides a scalable and secure foundation for future enhancements. This includes potential integration with hybrid cryptographic systems that combine the strengths of ECC with quantum-resistant algorithms to address emerging threats posed by advancements in quantum computing. Such extensions would further solidify the model’s position as a cornerstone for secure and efficient communication in IoT networks.

In conclusion, the construction methodology of the proposed model exemplifies a deliberate and comprehensive approach to addressing the unique security and performance challenges of IoT environments. Its resilience is deeply rooted in the carefully defined subspaces of elliptic curves and the robust parameterization strategies employed. The results obtained during implementation not only validate the model’s theoretical underpinnings but also highlight its practical relevance in securing heterogeneous IoT networks against a wide array of cyber threats.

4.3. Extended Security Analysis and Formal Verification

4.3.1. Potential Vulnerabilities and Security Considerations

While the proposed ECC-based authentication scheme provides enhanced security for IoT networks, it is essential to analyze its resilience against potential attack vectors. Below, we examine key vulnerabilities and the corresponding security mechanisms implemented to mitigate them:

• Replay Attacks: The scheme prevents replay attacks by incorporating unique session keys for each authentication exchange. Additionally, timestamps and random nonces are utilized to ensure that previous communications cannot be reused by an adversary.
• Man-in-the-Middle (MitM) Attacks: The use of authenticated key exchange ensures that only legitimate devices can participate in secure communication, preventing unauthorized interception.
• Key Compromise Impersonation: Since the security of ECC is based on the hardness of solving the Elliptic Curve Discrete Logarithm Problem (ECDLP), compromising a single key does not enable an attacker to impersonate another entity in the system.
• Side-Channel Attacks: The proposed model can be strengthened by implementing countermeasures such as constant-time cryptographic computations, randomization techniques, and hardware-level protections like tamper-resistant modules.
• Desynchronization Attacks: Key synchronization is a significant challenge in IoT environments. The model employs periodic key updates and a key propagation mechanism to ensure synchronization across heterogeneous devices while preventing unauthorized access due to outdated keys.

The resilience of the proposed scheme is further supported by its ability to adapt to the computational constraints of IoT devices, ensuring robust protection without imposing excessive processing overhead.

4.3.2. Formal Security Verification

To formally validate the security of the proposed ECC-based authentication protocol, we rely on the Elliptic Curve Discrete Logarithm Problem (ECDLP), which serves as the cryptographic foundation of the scheme. The security proof is structured as follows:

Definition of Security Model

1.

Let $P=k\ast G$ be the public key generated from a private key k and the generator point G on the elliptic curve.

2.

The shared session key K is computed as: $K=k_A\ast P_B=k_B\ast P_A$ where $k_A$ and $k_B$ are the private keys of communicating devices A and B, respectively, where the keys are chosen from selected subspaces.

3.

The hardness of the Elliptic Curve Discrete Logarithm Problem (ECDLP) ensures that an adversary cannot derive k given P, making key recovery infeasible.

Security Proof of Key Exchange Protocol

Theorem 1.

The proposed ECC-based key exchange protocol is secure under the assumption that the ECDLP is computationally infeasible within polynomial time.

Proof. 

• The adversary $Adv$ attempting to break the key exchange must determine, k from the chosen subspace, given P (solving $k=P/G$).
• This requires computing the discrete logarithm on an elliptic curve, which is known to be computationally hard.
• Without knowledge of $k_A$ or $k_B$, an adversary cannot generate without solving the ECDLP.
• Given that no known polynomial-time algorithm exists to efficiently solve the ECDLP, the security of the proposed key exchange protocol is upheld.

Thus, the authentication mechanism remains secure against computational attacks targeting key recovery. □

Conclusion on Security Robustness

The formal security verification and comparative analysis reinforce the robustness of the proposed ECC-based authentication scheme. By leveraging the hardness of ECDLP, incorporating secure key exchange mechanisms, and mitigating potential cryptographic threats, the model ensures strong security guarantees suitable for scalable IoT applications.

4.4. Tool Formal Security Validation

To conduct a rigorous security assessment of our proposed elliptic curve cryptography (ECC)-based authentication scheme, we leveraged two well-established formal security verification tools: AVISPA (Automated Validation of Internet Security Protocols and Applications) and ProVerif. These tools facilitate an automated and exhaustive cryptographic protocol analysis against a diverse range of adversarial models, including active attackers capable of intercepting, modifying, and injecting messages into the communication channel.

Unlike conventional ECC-based authentication schemes, our approach integrates a parameterized contraction mechanism ($\alpha ,\beta$) alongside modular arithmetic and factorization techniques to enhance security and computational efficiency. The verification process within AVISPA and ProVerif was tailored to encapsulate these modifications, ensuring that our model accurately reflects the cryptographic operations employed in real-world deployment scenarios.

4.4.1. Formal Key Exchange Algorithm

Below (see Algorithm 1) is the pseudocode for our ECC-based authentication protocol, for each subspace, according to the definition of the mathematical model, based on the contractions given by the parameters $(\alpha$ and $\beta )$:

Algorithm 1 ECC-Based Key Exchange with Parameter Contractions

Require: $G_{\alpha }^{\beta }$, $k_A$, $k_B$, $P_A$, $P_B$, $K_{AB}$, $\alpha$, $\beta$, p Ensure: Secure shared session key $K_{AB}$  1: Step 1: Key Generation  ▹ Each device generates its private key with contractions  2: Device A generates private key $k_A$ and computes contracted public key $P_A=((k_A·G_{\alpha }^{\beta })modp)/\alpha$  3: Device B generates private key $k_B$ and computes contracted public key $P_B=((k_B·G_{\alpha }^{\beta })modp)/\beta$  4: Step 2: Exchange Public Keys ▹ Devices exchange public keys over an open channel  5: Device A sends $P_A$ to Device B  6: Device B sends $P_B$ to Device A  7: Step 3: Compute Shared Key with Factorization ▹ Each device computes the shared secret key  8: Device A computes $K_{AB}=((k_A·P_B)modp)/(\alpha +\beta )$  9: Device B computes $K_{AB}=((k_B·P_A)modp)/(\alpha +\beta )$ 10: Step 4: Secure Communication Established   ▹ Both devices now share the same symmetric key 11: Return $K_{AB}$

Explanation of Parameters

• $G_{\alpha }^{\beta }$: The generator point on the elliptic curve, based on $(\alpha$ and $\beta )$ contractions.
• $k_A,k_B$: The private keys generated by devices A and B, respectively.
• $P_A,P_B$: The public keys derived from the private keys and the generator point.
• $K_{AB}$: The shared session key computed by both devices.

The implementation took into account a structuring of the subspaces defined by the mathematical model and the creation of cryptographic primitive structures based on the particularities of the devices in which they will be implemented.

Step 1: Key Generation with Parameter Contraction

Each device generates its private key and computes the corresponding public key. Unlike traditional ECC implementations, our method incorporates a contraction factor ($\alpha ,\beta$) that optimizes key representation while maintaining security properties:

$$P_A={\displaystyle \frac{(k_A·G)modp}{\alpha }},P_B={\displaystyle \frac{(k_B·G)modp}{\beta }}$$

(5)

This approach reduces computational overhead and ensures that key derivations remain secure against side-channel attacks.

Step 2: Secure Public Key Exchange

Public keys are exchanged between communicating parties over an open channel. Given the modular reduction applied to key computations, an adversary intercepting these values gains no advantage in reconstructing private keys.

Step 3: Shared Key Computation with Factorization

Both devices compute the shared session key using a combination of modular arithmetic and factorization techniques:

$$K_{AB}={\displaystyle \frac{(k_A·P_B)modp}{\alpha +\beta }}={\displaystyle \frac{(k_B·P_A)modp}{\alpha +\beta }}$$

(6)

This formulation ensures that even if partial information is leaked, it remains computationally infeasible for an attacker to reconstruct the session key due to the non-trivial inversion complexity introduced by the denominator.

Step 4: Establishment of Secure Communication

At the conclusion of the key exchange, both devices securely derive the same session key $K_{AB}$, which is then used for encrypted communication. The incorporation of modular reductions and parameter contractions guarantees that this key remains resistant to cryptanalysis techniques such as lattice-based attacks and man-in-the-middle intrusions.

4.4.2. AVISPA-Based Security Analysis

AVISPA is a model checker that verifies the security of cryptographic protocols using the Dolev-Yao attacker model. We modeled our ECC-based key exchange protocol using the High-Level Protocol Specification Language (HLPSL) and analyzed its security under the OFMC (On-the-Fly Model Checker) and CL-AtSe (Constraint Logic-based Attack Searcher) backends. It is designed to validate the security of cryptographic protocols within adversarial settings. It operates under the Dolev-Yao attacker model, which assumes that an attacker has complete control over the communication channel, being able to intercept, modify, and replay messages. Our work involved modeling the ECC-based key exchange protocol within AVISPA using the High-Level Protocol Specification Language (HLPSL), ensuring a comprehensive analysis of its security guarantees.

Given the advanced nature of our protocol, which includes parameter contraction techniques ($\alpha ,\beta$) alongside modular arithmetic and factorization, it was necessary to extend the traditional HLPSL model to accurately reflect these cryptographic operations. Our AVISPA model defines the role of each participant (device A and device B) and specifies the structured exchange of messages during key agreement. The security properties verified included:

• Secrecy of the Shared Key ($K_{AB}$)—Ensuring that no adversary can derive the final session key.
• Authentication—Confirming that only legitimate devices participate in the key exchange.
• Replay Attack Resistance—Validating that old messages cannot be used maliciously.
• Man-in-the-Middle Attack Resistance—Ensuring that attackers cannot alter the exchanged keys without detection.

It was used with OFMC (On-the-Fly Model Checker) and CL-AtSe (Constraint Logic-based Attack Searcher) backends parameterizations. The results confirmed that our ECC-based model remains secure against all known logical attacks, thereby validating its robustness in real-world IoT environments where computational constraints and adversarial threats coexist.

4.4.3. ProVerif-Based Security Analysis

Taking into consideration that ProVerif is a formal verification tool designed for symbolic cryptographic analysis, unlike AVISPA, which uses a model-checking approach and ProVerif relies on first-order logic reasoning to detect vulnerabilities in cryptographic protocols, we used both of these, with specific parameterizations, adapted to our specific case. Our ProVerif model encapsulates the parameterized ECC-based key exchange, integrating modular arithmetic operations and contraction transformations within the logical structure of the verification system.

Output of Query Execution in ProVerif

To rigorously assess the security assurances provided by our authentication protocol, we conducted an automated verification using the ProVerif tool. Below, we present the resulting output from the query execution within ProVerif, which substantiates the protocol’s resilience against specific potential threats.

$ proverif protocol.pv

Parsing...

Processing...

Resolution...

Query attacker: secret.

RESULT not attacker(secret[]) is true.

Query attacker: session_key.

RESULT not attacker(session_key[]) is true.

ProVerif confirms that the authentication protocol maintains the confidentiality of the session key and other sensitive data.

Execution trace:

1. Message M1 securely transmitted.

2. Protocol correctly verifies integrity and authenticity.

3. No vulnerabilities detected.

Analysis: The results indicate that the security mechanisms successfully prevent unauthorized access to both secret values and session keys. The protocol is resilient against potential attacks and maintains strong confidentiality guarantees.

The above output illustrates the security evaluation, where ProVerif confirms that all protocol components function securely and effectively.

The following properties were examined:

• Key Secrecy—Ensuring that an attacker cannot infer any part of the secret key $K_{AB}$.
• Message Integrity—Verifying that messages exchanged between devices are not tampered with.
• Resistance to Known Cryptographic Attacks—Validating that the protocol remains robust under active and passive adversary models.

The verification results from ProVerif aligned with those obtained via AVISPA, further reinforcing that the modular-enhanced ECC protocol with contractions remains a viable cryptographic solution for constrained IoT networks.

4.4.4. Discussion on Formal Verification

By employing both AVISPA and ProVerif, we have provided a dual-layer security validation, ensuring that our ECC-based key exchange protocol is mathematically sound and practically resistant to adversarial threats. The integration of parameterized contractions ($\alpha ,\beta$), modular reduction, and factorization techniques significantly enhances the security posture of the protocol while maintaining computational efficiency.

Our approach confirms that lightweight yet highly secure cryptographic solutions can be effectively deployed in IoT environments, bridging the gap between resource efficiency and cryptographic robustness.

Conclusion

The inclusion of AVISPA and ProVerif analysis in our security assessment demonstrates that the proposed ECC-based key exchange protocol is not only mathematically secure but also resilient to real-world cyber threats. By modeling and verifying the cryptographic interactions, we ensure that our approach can be trusted for secure IoT communication in heterogeneous device environments.

4.5. Expanded Discussion on Quantum Computing Threats

The rapid advancements in quantum computing pose a significant threat to widely used cryptographic schemes, including those based on elliptic curve cryptography (ECC). Specifically, Algorithm 1 provides a polynomial-time method for solving the discrete logarithm problem (DLP) on elliptic curves, thereby compromising the security of ECC-based key exchange mechanisms. Given that ECC relies on the computational intractability of DLP in classical environments, the emergence of large-scale quantum computers could render current ECC implementations insecure. Estimates suggest that breaking a 256-bit ECC key (equivalent in classical security to a 3072-bit RSA key) would require approximately 2330 logical qubits using Shor’s algorithm. While quantum computing hardware remains in its early stages, ongoing research suggests that scalable quantum processors could emerge within the next two decades, necessitating proactive cryptographic measures.

To mitigate the risks associated with quantum attacks, several post-quantum cryptographic (PQC) schemes have been proposed. Among these, two notable candidates—HQC (Hamming Quasi-Cyclic) and BIKE (Bit-flipping Key Encapsulation)—have emerged as strong alternatives to ECC for resource-constrained IoT environments.

Table 6. Comparison of ECC-based model with post-quantum cryptographic alternatives from minimum key length perspective.

Attribute	Proposed ECC Model	HQC (Code-Based PQC)	BIKE (Lattice-Based PQC)
Quantum	Vulnerable	High	High
Resistance	(Shor’s Algorithm)	(Code-Based Hardness)	(Lattice-Based Hardness)
Key Size	320 bits/160 bits	3500 bytes/128 bytes	3000 bytes/128 bytes
(Public/Private)
Computational	Low	Moderate	Moderate
Overhead
Energy	High	Lower than ECC	Lower than ECC
Efficiency
IoT Feasibility	Excellent	Moderate	Moderate

presents a comparison of our ECC-based model with HQC and BIKE, considering key security attributes relevant to IoT applications and the neccesary key length.

Preliminary Considerations for a Hybrid Post-Quantum Approach

As a transitional measure toward quantum resistance, a hybrid cryptographic approach can be employed, where ECC is supplemented by post-quantum primitives. A promising strategy involves integrating ECC key exchange with lattice-based or code-based encryption schemes to provide forward security in a quantum-threatened landscape.

For instance, a hybrid ECC-HQC model would use ECC for current secure communication while embedding HQC-based key encapsulation to safeguard future key exchanges. This ensures that even if ECC is broken by quantum adversaries, the key encapsulation scheme remains resistant, thereby securing the overall system.

5. Model Limitations

One of the main limitations of the ECC algorithm, even optimized, is the need for higher computing power and energy consumption compared to the initial requirements of some low-power IoT devices (LPD). Devices with limited microcontrollers (for example, ARM Cortex-M0) may encounter difficulties in supporting cryptographic implementations that, although efficient, require complex mathematical processes.

Although the proposed ECC algorithm provides a balance between security and energy efficiency, key exchange on resource-constrained devices can still introduce latency in large device networks. In extended IoT scenarios, where devices need to communicate frequently for secure data exchange, this can cause delays and possible deadlocks.

Another limitation is related to the length of the keys and the hashing algorithms used. Shortening key lengths to reduce computational requirements can affect the security level of the system, making it vulnerable to more sophisticated attacks. In networks with mixed devices (low and high power), this limitation can become a problem, because the trade-off between security and efficiency must be managed to avoid weak points in the network.

In a complex IoT environment, key synchronization and management become a significant challenge. Key exchange between LPD and HPD devices requires a synchronization mechanism that can introduce additional vulnerabilities into the network. The ECC algorithm requires frequent updates of session keys to maintain secure communications, but this can become a risk factor if devices fail to synchronize keys at correct intervals.

ECC algorithm optimized for IoT can work well in smaller networks; however, as the number of devices increases, key management costs and processing requirements increase exponentially. This limits the scalability of the IoT network in an ECC-based configuration, suggesting that additional optimizations may be required to cope with network growth without compromising performance.

An important limitation of any cryptographic system in the IoT environment is the vulnerability of devices to physical attacks. IoT devices are often located in insecure environments and can be exposed to attacks by tampering with hardware or by extracting sensitive data through side-channel attacks. This vulnerability must be taken into account, because software protection can become ineffective if an attacker gains physical access to the device.

The integration of hardware acceleration for ECC computations, such as dedicated cryptographic coprocessors, could significantly enhance the performance of low-power IoT devices. Exploring these optimizations will be a priority for future work to address current limitations more effectively.

In conclusion, although the ECC algorithm optimized for IoT offers an increased level of security and is relatively energy efficient, there are challenges related to its application in large and diverse networks of devices. The need for additional optimization for low-power devices, efficient key management, and ensuring synchronization between IoT devices are some of the limitations that must be addressed to turn this model into a viable solution at scale.

One potential avenue to address the vulnerability to physical attacks is the incorporation of tamper-resistant hardware, which can detect or prevent unauthorized physical access to devices. This approach, combined with lightweight cryptographic protocols, could significantly enhance the resilience of IoT devices in resource-constrained environments. Future research will focus on designing tamper-resistant IoT hardware that can withstand side-channel and physical attacks. Initial approaches may include integrating sensors that detect physical tampering or employing hardware-based secure enclaves for cryptographic key storage.

6. Conclusions and Future Work

This study proposed and evaluated a method to secure communications in heterogeneous IoT networks by using a cryptographic algorithm based on elliptic curve cryptography (ECC), adapted to balance the security needs and performance requirements specific to IoT devices. The ECC algorithm, optimized for low-power devices (LPDs) and high power devices (HPDs), has demonstrated increased efficiency in key exchange and encryption. This study showed that, through specific optimizations, ECC can be used to ensure secure communications in IoT networks without significantly compromising energy consumption and hardware resources.

The experimental tests validated the performance of the algorithm in real IoT environments, where a significant reduction in processing time and a minimal impact on energy consumption was observed, compared to other traditional cryptographic security methods. At the same time, it was found that the use of a key propagation scheme allows synchronization to be maintained between heterogeneous devices, thus limiting the vulnerabilities generated by various computing powers within the same IoT network.

The energy efficiency and security of the ECC model make it particularly suited for IoT applications such as smart city infrastructure, where secure communication between distributed devices is critical, or wearable healthcare devices that require minimal power consumption while maintaining data confidentiality.

Following the promising results obtained, future research directions will focus on aspects and limitations identified in this study. One of the main objectives will be the optimization of the ECC algorithm for extended resources, with the aim of allowing its implementation in an extended IoT network, having a significantly larger number of devices. This involves adjusting the processing and synchronization requirements so that the algorithm can work efficiently in an environment characterized by distributed and variable computing resources.

Another important area of research will be the protection against side-channel attacks, which represent a major risk for the security of IoT devices. It is necessary to explore the integration of techniques to mitigate these attacks, to increase the resistance of devices to physical attacks that can compromise cryptographic keys. In this sense, testing these techniques in a real IoT environment will allow the identification of new and effective protection methods.

In parallel, it will be necessary to address scalability and key management in complex IoT structures. A critical point in this regard is the development of decentralized key management mechanisms, which facilitate the exchange of secure information between devices, at the same time eliminating the unique points of vulnerability that appear in centralized systems. These solutions will have to meet the requirements of scalability and security as IoT networks expand.

There will also be an emphasis on energy consumption analysis for hybrid deployments. They could combine the ECC algorithm with other energy-efficient cryptographic protocols, thus providing robust protection in a resource-constrained framework, ideal for low-power IoT devices. Such a study could offer solutions to achieve a balance between security and energy performance.

Another important research area will focus on the development of dynamic authentication mechanisms for IoT networks. These mechanisms will have the role of continuously evaluating the risk profile of each IoT device, taking into account factors such as its location and the type of communication used. By implementing such adaptive mechanisms, the authentication process will be able to respond more effectively to risk variables, thus increasing the security of IoT networks and protecting them against unauthorized access or attacks based on abnormal behavior.

Future simulations will focus on larger and more complex IoT networks to evaluate the scalability of the proposed ECC model. These tests will aim to analyze the performance and synchronization capabilities across heterogeneous devices in diverse real-world scenarios.

These future directions would contribute to improving the security of heterogeneous IoT systems, ensuring a scalable, efficient and robust protection against attacks and security vulnerabilities that continue to appear in the context of IoT networks.