Zachary Amos, Editor of ReHack Magazine shares the five best encryption methods for IoT devices to safeguard them against cyber threats
As the IoT grows, it becomes a larger target for hackers and botnets. Everyone from enterprises to the average end user must use encryption methods for IoT devices to defend against these threats. Which cryptography schemes should they use?
1. Module-Lattice-Based Digital Signature Algorithm
Quantum computers — machines that harness the laws of quantum mechanics to perform computations — are poised to hit markets within the next few decades. They are unbelievably fast, so experts are worried they’ll be used to crack cryptography standards. If this happens, encryption schemes relying on key size for security will become vulnerable.
The United Kingdom’s National Cyber Security Centre (NCSC) is looking into quantum-resistant cryptography to safeguard systems against these machines. It recommends algorithms published by the US National Institute of Standards and Technology (NIST).
In particular, the NCSC recommends the Module-Lattice-Based Digital Signature Algorithm (ML-DSA) — formerly known as CRYSTALS-Dilithium — for digital signatures. This NIST-developed algorithm is backed by thorough scrutiny from organisations like the Internet Engineering Task Force and the European Telecommunications Standards Institute.
Many IoT devices use digital signatures to verify the authenticity of firmware during the boot process. With ML-DSA, users can protect data integrity in the case of firmware-level attacks like malware or vulnerabilities.
2. Twofish Encryption Algorithm
Twofish is one of the best symmetrical encryption methods for IoT devices. It uses a single key to encrypt and decrypt. Since it is open source and optimised for 32-bit central processing units, it is ideal for midrange internet-capable technology. However, it does require a significant amount of storage — plaintext becomes sizable when converted to ciphertext.
3. Elliptic Curve Cryptography (ECC)
Despite the massive surge in IoT usage in recent years, many people don’t have safeguards for cyberthreats. In 2023, just 13% of the global population used some form of data protection. While encryption is one of the best defences against the fallout that accompanies data breaches, many don’t deploy it for IoT devices because it is resource-intensive.
ECC is the solution. It is among the most common encryption algorithms deployed for IoT because it generates short cryptographic keys just as strong as similar alternatives. While it’s slow to encrypt and decrypt information, it isn’t computationally intensive — meaning it won’t drain the battery, monopolise storage space or noticeably slow the device’s performance.
This encryption method is based on a discrete logarithm problem, which is inherently challenging to solve — even with a computer. It encrypts data by applying the mathematical properties of elliptic curves to plaintext, transforming it into a large, random number. This way, it can secure low-power IoT devices without drastically affecting resource usage.
4. Rivest, Shamir, Adelman (RSA) Encryption
RSA is an asymmetric algorithm, meaning it uses one public key and one private key. Its encryption-decryption process is similar to locking a safe with one key and unlocking it with another. Its strength lies in key size — it can be 1,024 or 2,048 bits long.
Like many encryption methods for IoT devices, RSA is based on the concept that factoring large numbers is incredibly difficult. Technically, quantum computers may soon be able to crack this kind of cryptography. However, it could take adversaries decades to get to that point. Until then, this will remain one of the best security solutions for end users.
5. Advanced Encryption Standard (AES)
AES replaced the outdated, vulnerable data encryption standard. While many have moved on to RSA, it remains an excellent option for low-power IoT technology. After all, it is up to 1,000 times faster than ECC, making it well-suited for applications where real-time data collection and transmission is taking place.
Securing devices with encryption algorithms for IoT
End users should be mindful of on-device storage capacity and computing power, especially if they have deployed nodes at the network’s edge. While encryption algorithms are incredibly effective against data-related attacks, they can require a lot of resources. Sometimes, the best algorithm isn’t the best-in-class choice — it’s the one that balances performance and security.
Zac Amos is a freelance tech writer who specialises in IoT, cybersecurity, and automation. He is also the Features Editor at ReHack Magazine and has bylines at VentureBeat, IoT For All, and DZone. Follow him on LinkedIn or X for more of his insights.
Author: Zachary Amos, Editor of ReHack Magazine
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.