The widespread use of Internet of Things (IoT) devices, such as smart appliances, phones, and watches, has brought about concerns regarding security and privacy. With the increasing prevalence of cyberattacks from both malicious and non-malicious sources, security has become a critical factor in the design of IoT systems. In particular, data security poses a significant challenge due to the growing amount of data stored in IoT systems. Inadequate security measures can allow hackers to take over IoT devices remotely, resulting in significant damage. To address these concerns and improve the security of IoT-based smart door lock systems, this research proposes utilizing the Cuckoo Search Algorithm (CS), the SHA-256 algorithm, and the Elliptic Curve Cryptography (ECC). The proposed design employs CS to generate the ECC private key, which can enhance data storage security in IoT systems. The study evaluates the proposed design in terms of encoding and decoding times and compares it with other encoding techniques such as (ECC-GA-SHA-256) and (ECC-FA-SHA-256). The results show that the proposed design achieves better encoding times with 125 iterations and better decoding times with 175 iterations. Furthermore, the proposed design has encoding and decoding times faster than other encoding techniques by more than 15.17%. These findings suggest that the proposed design can significantly enhance the security and performance of IoT-based smart door lock systems. The utilization of CS, SHA-256, and ECC can serve as promising methods to address the security challenges associated with IoT-based smart door lock systems.

The IoT is a technological innovation that has brought about a significant transformation in communication and information industries. The technology operates through the interaction of intelligent servers, workstations, and sensor equipment, enabling the integration of various detecting objects [

One of the critical applications of IoT is the smart door lock system. It is essential to ensure the security of the data in such systems, and security measures such as data integrity and anti-tampering must be put in place to safeguard communications [

To enhance IoT data security, a hybrid model has been proposed, which suggests a combined approach using SHA-256, ECC, and CS algorithms [

ECC is a type of public key and asymmetric cryptography algorithm that ensures confidentiality, integrity, and authentication of data transmitted over the Internet [

Ensuring the security of IoT data from unauthorized access is imperative, and this can be achieved through the use of robust encoding algorithms during data storage and transmission. Breaching data security could pose significant challenges in maintaining confidentiality and accuracy of user data in IoT. Consequently, encoding of data before transmission becomes crucial. This study proposes an effective approach to data security by utilizing the CS algorithm to generate a private key for ECC and also integrating the SHA-256 algorithm.

This research presents four primary outcomes. First, it proposes a novel approach to secure IoT data, which involves the utilization of ECC, CS algorithm, and SHA-256. Second, it devises an efficient private key for ECC with the use of the CS algorithm. Third, it enhances data security by encrypting the ciphertext based on ECC-CS with SHA-256. Finally, the effectiveness of the proposed method is demonstrated by comparing it with other existing models through empirical evaluation.

The paper is structured as follows: Related works are reviewed in

This section provides a comprehensive review of previous research relevant to information security in the context of the IoT. One study, documented in [

This section presents an overview of the CS and ECC algorithms.

The Obligate Interspecific Brood Parasites are a group of bird species, including the cuckoo, which have evolved a parasitic behavior due to the cuckoo’s rapid egg-laying process. This behavior involves laying their eggs in the nests of other birds and leaving them to hatch and grow without any parental care. As a result, the host’s breeding success is negatively affected by decreasing their nesting success, which can occur in various ways, such as the female parasites potentially removing or damaging host eggs, or young parasites evicting or killing host young after hatching. In order to address optimization problems inspired by nature, Cuckoo Search [

The term “Lévy flights” was first introduced by the French mathematician Paul Pierre Lévy in the 1930s. Lévy flights refer to a type of random walk where movement lengths follow a probability distribution with a power law tail. This allows for rare but significant movements to occur, a pattern observed in a wide range of natural systems, including the foraging behavior of spider monkeys and the flight patterns of certain mammals. The power law distribution reflects the fact that occasional long-distance movements can be more beneficial than many short ones. Despite being a seemingly random process, Lévy flights have been found to be the best solution for optimizing certain search algorithms, leading to their application in various fields, including finance and biology [

Lévy [^{−α}, where α is between 1 and 2, leads to a stable and balanced distribution. Mantegna [

The standard deviation of the variable σ_{x} can be determined by applying _{y} is 1.

According to a recommendation made in reference [

The proposed data security model incorporates multiple algorithms, such as the CS, ECC, and SHA-256. The CS algorithm generates private keys for ECC, while SHA-256 ensures privacy and security. This comprehensive solution ensures the confidentiality, integrity, and authenticity of data, which makes it suitable for a variety of applications requiring high-level security, such as online banking, e-commerce, and government systems.

ECC is a cryptographic technique that employs mathematical operations on small fields to provide security. It is faster than other encoding techniques because of its short key length. The security of ECC is maintained due to the complex exponential discrete logarithm problem [

The process of encrypting data using ECC involves selecting a random number x from the Fp set, between 1 and n−1, as a private key. The plaintext is first converted into bits and then mapped onto an elliptic curve as (x, y) points. These points are subsequently encrypted and converted back into bits. The process of encrypting an elliptic curve involves the following steps:

Initialization: The encoding algorithm is initialized by selecting appropriate parameters and initializing necessary data structures, such as E, Q, and p. In some cases, this step may require generating random numbers or other initial values.

Public Key Generation: A cryptographic key pair consisting of a public key and a private key is created. The public key is used for data encoding, while the private key is used for decoding. The keys are generated in a way that makes it computationally infeasible to derive the private key from the public key. The private key, x, is used to determine the public key (H), which is determined by the equation H = x.Q.

Encoding: Once the public key is generated, the plaintext data is encrypted using the public key. Encoding involves transforming the original data into an unreadable form without the corresponding private key, as depicted in

Decoding: The encrypted data is decoded using the private key, as shown in

In order to ensure the secure encoding and decoding of data using ECC, it is necessary to generate a random private key. To address this requirement, a proposed approach utilizes CS optimization to generate such a key. The quality of the encoding for sensitive data in ECC is significantly impacted by the randomness of the key used in the encoding process. CS is a mathematical technique that searches for solutions in the search space, which is analogous to the discrete nests or eggs of host birds. In this context, the objective of the CS algorithm is to identify the optimal private key (Pr) for ECC, which can allow for accurate and secure decoding of the ciphertext to the original plaintext. The fitness of a solution, i.e., a private key, is determined by comparing the decrypted plaintext with the original plaintext, and evaluating a fitness value based on the accuracy and security of the decoding. The objective function for the CS algorithm in this context can be formulated as follows:

In this case, the negative sign is used to convert the fitness function into a minimization problem, where the goal is to minimize the distance between the decrypted plaintext and the original plaintext.

The following steps are involved in the proposed model:

The Cuckoo Search method starts by setting certain values: the number of nests (n), the size of each nest (m), the chance of finding foreign eggs (pa), the step size (α = 0.01), and the maximum number of iterations.

The host bird’s eggs are set up by picking a random sequence of numbers with the same length as the private key. For ECC, the private key is 256 bits long.

New eggs are created using

Bad nests are removed by finding alien eggs through a process of generating a random number and comparing it to the chance of discovering alien eggs (pa). If the random number is less than pa, a new solution is created. If it is better than the current nests, it replaces them by taking small steps from their current positions.

The creation of new nests and the finding of alien eggs are repeated until either the maximum number of attempts is reached, or the best nest reaches the desired quality level. The values of n, pa, and α are determined through experimentation.

The new method saves time by automatically assigning strings without user input. It uses the CS algorithm to find the private keys for users 1 and 2, while the public key is based on Q and the private key. The algorithm runs for a maximum of 175 iterations.

Algorithm 1 initializes variables and functions. It starts by defining the ECC curve equation and calculating point Q. During encoding, the function CS() finds the best discrete nests or eggs for the private key, and then SHA-256 is used to hash and encrypt texts. During decoding, the hash function is applied first, employing XOR, and, right-shift, and left-shift procedures, to modify the initial hash values. ECC decoding is then performed.

The proposed method offers many benefits: it automates the string assignment process, reduces time, and ensures secure communication. It also uses CS to optimize the solution and employs hash functions for extra security. Overall, this new model is an efficient and secure way to assign strings and transmit data between users.

To increase data confidentiality, the suggested approach follows ECC encoding with the XOR and shift-left operators. There are four ECC-based phases in these operators: Encoding (1), Encoding (2), Decoding (1), and Decoding (2). This strengthens the model’s core and ensures secure message transmission. During decoding, the encrypted text undergoes shift-left operations and XOR before using the ECC algorithm.

This section aims to evaluate the encoding and decoding throughput and speed of the proposed model. The experiments were executed on a Windows 10 Pro machine, utilizing C# programming language via Microsoft Visual Studio 2012. The computer was equipped with an AMD E-350 Processor, running at a frequency of 1.60 GHz, and 4 GB of RAM.

The initial population size, randomly chosen by the algorithm, was influenced by the key length. In this specific model, the key length was determined by selecting random integers between 0 and 127. The size of the initial population was therefore dependent on this key length. The performance evaluation of the encoding and decoding process was based on these experimental settings.

This section provides an assessment of the encoding and decoding speeds of the proposed model. The outcomes are depicted in

For example, when encoding a file with a size of 75,000 KB, the encoding time is 8,125 ms for 25 iterations, 7,635 ms for 75 iterations, and 7,930 ms for 175 iterations. The findings are supported by the data presented in the figures, which were obtained through a comprehensive experimental study conducted on the proposed model.

On the contrary,

According to the results depicted in

The findings of this assessment indicate that the suggested model is effective in terms of both encoding and decoding speed. The optimal number of iterations for minimizing encoding time is 75, while the optimal number for minimizing decoding time is 125. These results can guide the development of more efficient and effective encoding algorithms in the future, and contribute to the advancement of the field of cryptography. Furthermore, the proposed model’s improved execution time can provide practical benefits for various applications, especially those involving large file sizes.

In this section, a comparative analysis of the suggested model and AES-RSA [

File size (MB) | AES-RSA | Proposed model | ||
---|---|---|---|---|

Encoding | Decoding | Encoding | Decoding | |

1 | 1.73 | 18.92 | 0.87 | 0.75 |

3 | 2.01 | 19.72 | 1.11 | 1.01 |

7 | 2.05 | 18.49 | 1.35 | 1.22 |

10 | 3.01 | 21.08 | 1.92 | 1.89 |

17 | 3.61 | 21.91 | 2.04 | 1.99 |

21 | 3.72 | 29.01 | 2.21 | 2.11 |

25 | 3.73 | 32.28 | 2.41 | 2.23 |

28 | 4.57 | 32.01 | 2.79 | 2.43 |

32 | 4.42 | 31.08 | 2.31 | 2.37 |

35 | 5.29 | 28.1 | 3.12 | 2.79 |

39 | 4.97 | 27.93 | 3.24 | 2.87 |

42 | 5.52 | 27.88 | 3.53 | 3.12 |

46 | 5.62 | 29.73 | 3.91 | 3.51 |

50 | 6.53 | 31.59 | 4.62 | 3.29 |

While RSA is a well-known heavyweight cryptography system due to its large key size, the ECC offers a more efficient alternative with a smaller key size. This results in faster processing speeds and less memory usage [

According to the results presented in

The comparison of decoding time between the proposed model and AES-RSA is depicted in

In brief, the model suggested in this study surpasses AES-RSA in both encoding and decoding speed, thereby proving to be a more efficient and feasible alternative for cryptographic applications, particularly in situations with limited resources. The utilization of ECC in the suggested model curtails the computational burden, rendering it more rapid and well-suited for real-time scenarios. These advantages make the proposed model a promising solution for secure data communication.

This section presents a comparative analysis of two metaheuristic algorithms, namely the Firefly Algorithm (FA) [

File size (KB) | ECC-FA-SHA-256 | ECC-GA-SHA-256 | Proposed model | |||
---|---|---|---|---|---|---|

Encoding | Decoding | Encoding | Decoding | Encoding | Decoding | |

1000 | 105 | 101 | 103 | 99 | 75 | 63 |

2000 | 172 | 164 | 198 | 183 | 141 | 121 |

3000 | 237 | 228 | 251 | 247 | 221 | 193 |

4000 | 313 | 310 | 317 | 307 | 290 | 253 |

5000 | 391 | 387 | 402 | 398 | 374 | 350 |

6000 | 447 | 438 | 501 | 489 | 467 | 429 |

7000 | 580 | 563 | 583 | 571 | 527 | 513 |

8000 | 607 | 599 | 623 | 617 | 593 | 529 |

9000 | 671 | 667 | 679 | 673 | 645 | 597 |

10000 | 701 | 694 | 713 | 708 | 678 | 678 |

55000 | 4224 | 4151 | 4370 | 4292 | 4011 | 3726 |

Throughput | 13.02083333 | 13.24981932 | 12.58581236 | 12.81453868 | 13.7122912 | 14.76113795 |

The results presented in

In this study, the proposed model was assessed in terms of its encoding and decoding capabilities, as measured by speed, which was determined using

The proposed model’s encoding and decoding throughputs were found to be approximately 5.31% and 11.41% better than those of the (ECC-FA-SHA-256) model, respectively. Similarly, the proposed model’s encoding and decoding throughputs were approximately 8.95% and 15.17% better than those of the (ECC-GA-SHA-256) model, respectively. These findings indicate that the proposed model is significantly more efficient and effective in encoding and decoding data quickly and securely than the other models.

In contemporary times, the IoT has become ubiquitous in various aspects of daily life. Nevertheless, ensuring security on IoT devices remains a significant challenge due to their constrained resources. IoT devices transmit diverse types of data, including messages, images, and sounds, and it is crucial to maintain the confidentiality and integrity of such data. In order to accomplish this goal, certain security algorithms exhibit superior efficiency compared to others. This study presents a novel approach to secure data transmitted by small IoT-based door locks utilizing ECC and SHA-256 with the CS algorithm. The proposed approach is efficient and ensures that the encoding and decoding of data require less time. The investigation indicates that utilizing 75 iterations for encoding and 125 iterations for decoding is optimal. When compared to other techniques, the proposed model is 15.17% more efficient and provides adequate protection against attacks, making it suitable for devices with limited resources. To verify the efficacy of the proposed method, the study conducted simulations, and future research will explore alternative ways to generate private keys.

Grateful thanks to the Department of Mathematics, Open Educational College, Kirkuk Branch, and Mutafaweqat High School for Girls, Kirkuk Branch, for their invaluable support.

The authors received no specific funding for this study.

The authors confirm their contributions to the paper as follows: study conception and design: Arkan Kh Shakr Sabonchi, Zainab Hashim Obaid; data collection: Zainab Hashim Obaid; analysis and interpretation of results: Arkan Kh Shakr Sabonchi, Zainab Hashim Obaid; draft manuscript preparation: Zainab Hashim Obaid. All authors reviewed the results and approved the final version of the manuscript.

The data and materials utilized in this study are available upon request from the corresponding author, in compliance with the relevant data protection and privacy regulations. Due to confidentiality and ethical considerations, certain data may not be made publicly accessible. However, efforts have been made to ensure transparency and reproducibility, and interested researchers can contact the corresponding author to discuss access to the data within the bounds of ethical and legal restrictions.

The authors declare that they have no conflicts of interest to report regarding the present study.