A Secure Lightweight Cryptographic Algorithm for the Internet of Things (IoT) Based on Deoxyribonucleic Acid (DNA) Sequences ^†

Abstract

The widespread adoption of the Internet of Things (IoT) across various domains has ushered numerous applications into our daily lives. Ensuring the security of sensitive data, including wirelessly transmitted private information and images generated by IoT devices is paramount. However, IoT devices are often termed “constraint devices” due to their limited computational resources like CPU power or memory capacity. Also, ensuring the integrity of IoT devices and networks is imperative in fostering trust in the capabilities and benefits of IoT technology. Addressing data tampering, device vulnerabilities, and network weaknesses through proactive security measures is essential in realizing the full potential of the IoT while safeguarding against potential risks and disruptions. Traditional encryption approaches prove inadequate, as they demand excessive computational power; this is a challenge for IoT devices. To address this, a novel and less intrusive encryption method has been proposed, leveraging the inherent unpredictability of DNA nucleotide sequences. This approach is tailored to accommodate the resource constraints of IoT devices. By harnessing the intrinsic randomness of DNA sequences, a robust secret key is generated, significantly bolstering resilience against attackers. The key is crafted through uncomplicated substitution techniques and transposition operations. Upon satisfying the computational requisites of IoT devices and safeguarding image security, a DNA-based key comes into play for photo encryption. Rigorous testing has demonstrated its effectiveness, showcasing its superior attributes in terms of key size, encryption speed, and distortion minimization when compared to alternative encryption techniques. This innovative encryption paradigm not only upholds the integrity of IoT-generated data but does so without overwhelming the devices’ limited computing capabilities.

1. Introduction

The advent of the Internet of Things (IoT) has revolutionized numerous domains, infusing a plethora of applications into our daily routines. As our lives become increasingly intertwined with these interconnected devices, the security of the data they generate and transmit has taken center stage. Sensitive information, encompassing private data and images, demands robust safeguarding to thwart potential breaches and misuse. However, IoT devices, characterized by their constrained computational resources, such as limited CPU power and memory capacity, pose unique challenges when attempting to ensure this security. Beyond data protection, maintaining the integrity of both IoT devices and the intricate networks they form is pivotal for engendering trust in the potential of IoT technologies. Overcoming obstacles such as data tampering, device vulnerabilities, and network susceptibilities is essential in harnessing the full scope of the benefits of the IoT while safeguarding against risks and potential disruptions [1].

The inadequacy of traditional encryption methods is conspicuous, exacerbated by their excessive computational demands—an aspect that proves particularly challenging for IoT devices with limited processing capabilities. In response to this conundrum, a novel encryption approach has been proposed—one that leverages the inherent unpredictability residing within DNA nucleotide sequences. Tailored to accommodate the stringent resource limitations of IoT devices, this approach harnesses the intrinsic randomness embedded in DNA sequences to yield a robust secret key. This key, a critical component, significantly fortifies the encryption’s resilience against malicious attackers. The construction of this key relies on uncomplicated substitution techniques and transposition operations, ensuring compatibility with the computational requisites of IoT devices. Once these conditions are met, the DNA-based key takes center stage, facilitating the encryption of photos while concurrently addressing the computational and security requirements of IoT-generated images.

Rigorous testing has corroborated the efficacy of this innovative approach, underscoring its superiority in terms of key size, encryption speed, and distortion minimization. In direct comparison to alternative encryption techniques, the DNA-based encryption paradigm emerges as a trailblazing solution that safeguards the integrity of IoT-generated data without subjecting the devices to overwhelming computational burdens.

2. Related Work

The rapid proliferation of the Internet of Things (IoT) has led to its ubiquitous presence across diverse domains, thereby introducing a myriad of applications into our daily lives. The consequential generation and wireless transmission of sensitive data, including private information and images, emphasizes the paramount importance of security measures being taken in IoT ecosystems. Nevertheless, the practical limitations of IoT devices, often referred to as “constraint devices”, underscored by their restricted computational resources such as CPU power and memory capacity, present unique challenges in achieving robust data protection.

Maram et al. (2019) [1] proposed an intelligent security algorithm for data security in the IoT. They addressed the challenge of securing UNICODE data by introducing an algorithm that enhances data privacy in IoT environments. Barman and Saha (2019) [2] focused on developing an elliptic-curve-cryptography-based framework to aid in ensuring authentication and privacy. The authors introduced a system that combines DNA computing with elliptic curve cryptography to enhance the security of IoT communications. Rajesh et al. (2019) [3] presented a secure and efficient lightweight symmetric encryption framework for secured data transmission in IoT devices. The scheme aimed to provide data confidentiality and integrity while considering the constrained resources of IoT devices. Aly et al. (2019) [4] conducted a systematic literature review to explore security enforcement in IoT frameworks. Their review aimed to identify challenges, trends, and potential solutions for enhancing security in the rapidly evolving IoT landscape.

Rarhi and Saha (2020) [5] proposed an image encryption technique for IoT devices using DNA and a hyperchaotic neural network. The encryption scheme aimed to enhance the security of images transmitted by IoT devices. Malik et al. (2020) [6] introduced an encryption model based on hyper-chaos and DNA computing. The algorithm aimed to secure color images using DNA sequences and chaotic dynamics. Al-Husainy and Al-Shargabi (2020) [7] presented a secure and lightweight encryption model for IoT surveillance cameras. The proposed model aimed to enhance the security of surveillance data while considering the resource limitations of IoT devices. Fernández-Caramès and Fraga-Lamas (2020) [8] explored the potential impact of quantum computing on blockchain cryptography. The authors discussed post-quantum cryptography to ensure the security of blockchain in the face of quantum computing attacks.

Pasupuleti and Varma (2020) [9] proposed a lightweight ciphertext–policy attribute-based encryption framework to enhance authentication in the IoT. The scheme aimed to provide fine-grained access control to IoT data stored in the cloud. In [10] authors have explored contemporary approaches and potential future strategies for enhancing the security of Internet of Things (IoT) data. The work covers emerging trends, challenges, and prospective directions in the realm of securing data generated and transmitted by IoT devices. The authors of [11] present their efforts in securing IoT environments; their approach involved addressing several fundamental aspects. The inherent randomness of DNA sequences provides an unconventional yet potent foundation for encryption. The construction of a DNA-based encryption key relies on uncomplicated substitution techniques and transposition operations, thus lending itself well to the constrained computational environments of IoT devices [12]. Revanna and Al-Nakash (2022) [13] focused on the vehicle routing problem with time window constraints using KMeans clustering to optimize customer routes. The authors aimed to improve the efficiency of delivery services. FasilaKasfa Ali and Sheena Mathew (2022) [14] presented an efficient lightweight key exchange algorithm for IoT applications. The algorithm aimed to enhance the security of IoT communications while minimizing computational overheads. Revanna and Veerabhadrappa (2022) [15] analyzed an optimal design model for the vehicle routing problem based on a hybrid optimization algorithm. The study aimed to optimize route planning in logistics and transportation scenarios.

Somaiya et al. (2023) [16] implemented and evaluated EMAES, a hybrid encryption algorithm for sharing multimedia files securely and efficiently. The algorithm aimed to enhance the security and speed of multimedia file sharing. Revanna and Arikan (2023) [17] investigated how to improve customer feedback analysis using learning algorithms in business intelligence systems. The authors wanted to use machine learning techniques to enhance business insights. Revanna and Al-Nakash (2023) [18] improved Google Maps navigation by using an ant colony optimization with simulated annealing technique. The study aimed to optimize route planning and navigation using a metaheuristic approach. Silivery et al. (2023) [19] focused on deep-learning-based multi-class classification of DoS and DDoS attack detection.

The work presented in [20] explains the way in which conventional encryption methodologies, while effective, are marred by their demand for excessive computational power—a hurdle amplified by the limited resources inherent in IoT devices. The authors of [21] present a promising avenue for circumventing these limitations: the utilization of novel encryption techniques, uniquely adapted to the constraints of IoT devices, and rooted in the inherent unpredictability of DNA nucleotide sequences. The authors aimed to enhance the accuracy of detecting network attacks using deep learning techniques [22]. The authors of [23] presented a pivotal application of this DNA-based key in the realm of photo encryption; here, it plays a crucial role in both satisfying computational requirements and enhancing image security [24].

3. Methodology

3.1. Encryption

This paper proposes an encryption technique based on a contemporary DNA-based block cipher which is suited for the Internet of Things environment. A DNA sequence is used to create a secret encryption key which is referred to as Skey in the paper. The key is completely randomized and is applied for encryption using two significant substitution and transposition techniques to satisfy the constrained computational capabilities of devices with negotiable resources in the Internet of Things environment. The proposed DNA-based encryption technique’s primary steps are listed below, and they are shown in Figure 1.

3.2. Key Generation

No matter how long a DNA sequence is, each of the four letters carries a collection of bits arranged in random order. These letters are used to create keys for the suggested algorithms. As seen in

Table 1. DNA sequences substitution table.

Codon A	ATA, ATC, ATT, ATG, ACA, ACC, ACG, ACT, AGC, AGT, AAC, AAT, AAA, AAG, AGA, AGG
Codon C	CTA, CTC, CTG, CTT, CCA, CCC, CCG, CCT, CAA, CAG, CAC, CAT, CGA, CGC, CGG, CGT
Codon G	GTA, GTC, GTG, GTT, GCA, GCC, GCG, GCT, GGA, GGC, GGG, GGT, GAA, GAG, GAC, GAT
Codon T	TTA, TTG, TTC, TTT, TGC, TGT, TCA, TCC, TCG, TCT, TAC, TAT, TGG

, each letter corresponds to a group of sequences. These sequences are combinations of adenine, cytosine, guanine, and thymine (A, C, G, and T, respectively). In Figure 1, the key generation process is explained. The 64-bit key will be split into four 16-bit blocks, each of which will then be separated into four bits. These four-bit sequences, which are made up of the four-letter DNA sequences—A, C, G, and T—are formed as presented in the table and are used to represent the secret key (SK).

Every DNA sequence is made up of a specific set of four letters, no matter how long or short it is. Each of these four letters is composed of a collection of bits that have been assembled at random. These letters are used to create keys for the suggested algorithms. Each codon in a DNA letter might be one of a variety of amino acid sequences. According to Table 1, each letter corresponds to a certain set of supplied sequences. When a sequence has more than 15 amino acid combinations, the binary number for the subsequent sixteenth sequence will begin at 0 once again, and so on. The amino acid combinations are considered in order and tallied as binary equivalents from 0 to 15.

The entries of the 4-bit data are transformed, and the associated sequences are then determined. The letters from the recognized sequence A, C, T, and G are all substituted, as will be described.

Table 2. Substitution for DNA molecule.

Molecule	Substitution
A	C
C	G
T	A
G	T

relates to the relevant table for the specific sequence, and its corresponding binary value will be the key’s 4-bit replacement value.

As shown in Figure 2, the process of codon substitution, previously explained, will be executed. For instance, if the initial 4-bit data is 0011, denoting decimal 3, the first 4-bit will be linked to codon A sequences. Simultaneously, the remaining three 4-bits will undergo replacement with combinations of codons ‘C’, ‘G’, and ‘T’. To be specific, in the case of the 4-bit data 0011, the replacement entails choosing the third entry from the codon ‘A’, with the first entry designated as 0, the second as 1, and so on, cyclically up to 15. Consequently, the third entry corresponds to ‘ATG’.

As seen in Table 2, the substitutions for ATG are made, and we obtain CAT. Now, in the C codon table, CAT is found, enabling identification of its corresponding decimal equivalent, which is 11. So, the binary value corresponding to 11, i.e., 1011, will be randomized key bits corresponding to the first 4-bit. Similarly, the other bits will also be randomized, and the subsequent 4-bits are combined to form the 8-bit key used for the encryption.

Encryption: The suggested method replaces and transposes the bytes of the Source Image using DNA-based block ciphering. The procedures for substitution and transposition are described next.

The encryption technique is presented in Figure 2.

Step 1: Source input will be converted to 8-bit blocks.

Step 2: Each of the 8-bit from the input data will undergo substitution along with the randomized key generated based on the DNA sequence. The substitution algorithm is as follows in Section 3.3.

Step 3: The substituted data are the partially encrypted information, which will be again subjected to transposition to obtain the encrypted information. The transposition technique is explained in Section 3.4.

3.3. Substitutions Technique

• The SImage needs to be divided into N no. of segments, with every segment having a size of 1-byte, before the substitution phase is applied to B1, B2, …, Bn.
• Apply the XOR operation of the DNA segments and the Sk designated as k1, k2, …, kn and the designated l byte B1, B2, …, Bn of the source image segments.
• As a result of the XOR operation, which is carried out, a new byte—A1, A2, …, An—will be formed; hence, this process will be repeated N times.
• The final result obtained out from the entire process will be the new encrypted Ai bytes.

3.4. Substitutions Technique

• The resultant Ai bytes’ bits are switched during the transposition process.
• For instance, if A1 has the first two bits as 00 as in

  Table 3. Binary equivalent for DNA Molecule.

  Data Sequence	Binary Equivalent
  A	0 0
  T	0 1
  C	1 0
  G	1 1

  , i.e., the letter A forms the DNA sequence, and if the ending two bits are 01, i.e., the letter T of the DNA sequence, then do not swap them.
• The DNA-sequences used and the set of rules applied are described in

  Table 4. Swapping rule.

  Letter	Letter	Swapping
  A	T	Do not Swap
  C	G	Do not Swap
  T	T	Swap
  T	G	Swap
  G	G	Swap
  A	T	Do not Swap

  ; these are utilized to create the Sk bytes, which serve as the basis for swapping the bits’ operations, as performed on A (A1, A2, and An).
• However, if A1 contains 01 and 11 as the third bit and the fourth bit, respectively, then swap them, as shown below. Here, A1 is a one-byte representation after the substitution operation and AT1 is the result obtained after the transposition.
• This above step is repeated till the entire source image has been encrypted.

Transposition comes after substitution and is the opposite of decryption. The decryption procedure reverses from the last byte of the obtained encrypted image to the beginning byte. Given that the swapping requirements in Table 4 must be met by both the picture’s transmitter and the receiver, the transposition phase returns the swapped bits to their original positions. The substitution phase, when the sender of the EImage stopped the replacement process, starts after the transposition steps by performing an XOR operation using the final bytes of the DNA sequence and the final bytes of the EImage. Up to the first byte of the encrypted picture, the replacement is repeated once it is completed.

4. Results and Discussion

We evaluated how effectively the IoT-connected devices can respond and presented here the basic DNA-based encryption technique. When it comes to the size of the key, the total encryption duration, and the distortion percentage, well-known conventional encryption algorithms like DES and AES are recognized as industry standards. We put the suggested approaches into practice and assessed how well they performed against these benchmarks. Figure 3 illustrates the photos we utilized, each with a distinct size and amount of information. The key used in the encryption technique must be larger in length and completely randomized in order to give enhanced security for the generated image. To overcome the constrained CPU capacity of these IoT-connected devices, the suggested encryption key size for DNA-based techniques is 8 bits, as indicated in the algorithm. The 8-bit key formed using four-letter DNA sequences is used in the XOR operation up to the final segment of the source image since the source image was split into small pieces during the encryption procedure (just one byte).

The Skey size largely depends on the actual size of the input source image and approximately resembles the storage capacity of IoT devices. The suggested method employs an 8-bit key size instead of the 256 and 56 bits used by AES and DES, respectively. Furthermore, since the DNA sequences are unpredictable, an attacker would have a difficult time breaking it. Figure 4 depicts the images obtained through encryption.

The duration of the encryption process often has a significant impact on different communication applications and the associated encryption techniques utilized, notably for various IoT devices with its usage. Using techniques like logical XOR-Substitution and transposition rules, the suggested DNA approach speeds up SImage encryption (time in milliseconds, ms). According to

Table 5. Encryption table.

Image	DES (ms)	AES (ms)	Proposed Algorithm
Balloon	2625	2609.375	201.215
AQUA	2093.75	2125	107.957

, the recommended DNA technique took, on average, significantly less time to encrypt the two photographs than the other algorithms, proving that it requires less computing power and memory (supporting IoT computing resources). The comparative analysis of the execution time with the existing algorithms is shown in Figure 4. When comparing EImage to SImage, the peak signal-to-noise ratio (PSNR) measurement was used to assess the degree of distortion. The PSNR value, which is reported in decibels and assesses the influence of diffusion and confusion between the input image and the generated encrypted image, is obtained using Equations (1) and (2).

SSize-1
NMAE = ∑ [S(K) − E(K)] × 100

(1)

Peak Signal to Noise ratio = 10 · log10 (MaxL/NMAE)

(2)

where: MaxI is the highest byte value that the data S can have. Additionally, db is a decibel.

Figure 5 in the document provides a comparative analysis of encryption durations among DES, AES, and a newly proposed method. Two images, named “Balloon” and “AQUA”, are evaluated. In the “Balloon” image, the encryption times for DES and AES are notably higher at 2625 ms and 2609.37 ms, respectively, while the new algorithm achieves a significantly lower time of 201.21 ms. A similar pattern is observed in the “AQUA” test, where DES and AES require over 2000 ms, but the new approach only needs 107.95 ms, demonstrating its superior efficiency in reducing encryption time in both scenarios.

The PSNR results demonstrate that the recommended technique—as shown in

Table 6. PSNR value.

Image	DES	AES	Proposed Algorithm
Balloon	8.369	8.355	8.601
AQUA	3.594	8.587	8.711

(the comparison with the existing algorithms is shown in Figure 6)—created a similar degree of distortion in the encrypted image when compared to the alternative approaches.

5. Conclusions

The study employs the inherent unpredictability of DNA sequences within its recommended lightweight encryption approach, utilizing transposition and a straightforward substitution as its core operations. The key generation and encryption techniques are tailored to accommodate the constrained processing and memory capabilities of IoT devices, ensuring their functionality. The achieved exceptional key size and unpredictability pose challenges for understanding among the researchers, fostering enhanced security. Additionally, the approach showcases an improved PSNR value. Future research will analyze the effects of DNA and data segmentation while considering IoT device computational resources. The proposed method surpasses comparable existing work in security and risk mitigation, making it suitable for e-health systems. This solution’s applicability extends beyond healthcare, serving various IoT applications needing secure end-to-end communication. Future research will center on evaluating the solution’s performance in terms of communication efficiency, latency, and memory usage.