Page 1 of 8
The Security Trade-Offs in Resource Constrained
Nodes for IoT Application
Sultan Alharby, Nick Harris, Alex Weddell, Jeff Reeve
Abstract—The concept of the Internet of Things (IoT) has
received much attention over the last five years. It is predicted
that the IoT will influence every aspect of our lifestyles in the
near future. Wireless Sensor Networks are one of the key enablers
of the operation of IoTs, allowing data to be collected from the
surrounding environment. However, due to limited resources, nature
of deployment and unattended operation, a WSN is vulnerable to
various types of attack. Security is paramount for reliable and safe
communication between IoT embedded devices, but it does, however,
come at a cost to resources. Nodes are usually equipped with small
batteries, which makes energy conservation crucial to IoT devices.
Nevertheless, security cost in terms of energy consumption has
not been studied sufficiently. Previous research has used a security
specification of 802.15.4 for IoT applications, but the energy cost
of each security level and the impact on quality of services (QoS)
parameters remain unknown. This research focuses on the cost of
security at the IoT media access control (MAC) layer. It begins
by studying the energy consumption of IEEE 802.15.4 security
levels, which is followed by an evaluation for the impact of security
on data latency and throughput, and then presents the impact of
transmission power on security overhead, and finally shows the effects
of security on memory footprint. The results show that security
overhead in terms of energy consumption with a payload of 24 bytes
fluctuates between 31.5% at minimum level over non-secure packets
and 60.4% at the top security level of 802.15.4 security specification.
Also, it shows that security cost has less impact at longer packet
lengths, and more with smaller packet size. In addition, the results
depicts a significant impact on data latency and throughput. Overall,
maximum authentication length decreases throughput by almost 53%,
and encryption and authentication together by almost 62%.
Keywords—Internet of Things, IEEE 802.15.4, security cost
evaluation, wireless sensor network, energy consumption.
I. INTRODUCTION
T HE concept of IoT has recently grabbed the attention
of the academic and industrial communities [1]. The
IoT is not associated with a particular technology, and can
be used in different applications. However, the Wireless
Sensor Network (WSN) is a foundational technology for IoT
[2], [3]. Sensors are the main tools for reporting events
in things such as cars, home appliances, and any object
to which a sensor can be attached. However, IoT devices
do suffer from major issues involving limited resources
[4], particularly energy, and a vulnerability to various
types of attack. Protecting the communication between IoT
devices with limited resources is a complex task. Nodes are
usually equipped with small batteries, which makes energy
S. Alharby is with the Department of Electronics and Computer
Science, University of Southampton, UK (corresponding author, e-mail:
sa1c15,@soton.ac.uk).
N. Harris, A. Weddell and J. Reeve are with the Department of
Electronics and Computer Science, University of Southampton, UK (e-mail:
[email protected], [email protected], [email protected]).
conservation crucial to WSNs. Every bit consumes energy
[5], so conventional security mechanisms which introduce
more overheads for both computation and communication
are unsuitable for such limited devices [6]–[9]. It is clear
that security and power consumption are opposite parameters.
One of the main obstacles facing security solutions for
IoT devices is energy consumption. Batteries are the main
source of power in these devices, and the indicator of IoT
device lifetime. Usually these devices are implemented in
remote area or harsh environment which make changing a
battery difficult. Thus, the energy limitation of these small
devices necessitates a trade-off between security mechanism
and energy consumption. Security has become essential to
many IoT applications [10], [11], especially when dealing with
sensitive data such as medical and military applications, but
it does, however, come at a cost to resources. Nevertheless,
security cost has not been studied sufficiently. Many research
have used security specification of 802.15.4 for IoT MAC
layer, but the cost of each security level is unknown.
Basic security services include encryption to guarantee
confidentiality, authentication to ensure packets are sent from
a legitimate party, integrity to guarantee packets have not
changed through transmission, and freshness of data to ensure
that packet is recent and old packets are not being re-played.
This paper investigates the overhead introduced by IEEE
802.15.4 security levels at MAC layer and their effect on
the QoS parameters. To obtain accurate results, the effects of
MAC and Radio Duty Cycle(RDC) protocols on the security
cost has been excluded, since the purpose of this evaluation
is only to get the extra overhead of security on sensor
networks. However, the mechanism used ContikiMAC and
the methods employed to avoid its effects are discussed, as
it is the RDC protocol employed in this emulation. The
obtained results assume a perfect communication environment,
therefore packet delivery is 100% successful as long as the
two nodes involved are within the same transmission coverage
area. The results represent the minimum security overhead,
and the actual overhead could be greater, depending on the
mechanism employed for the Radio Duty Cycle. For example,
re-transmitting packets increases security services’ impact on
performance. The overhead considered in this scenario is
that introduced by the transmission mode of each security
level. The evaluation focuses on the following performance
parameters:
1) Per-packet energy Consumption E: The total energy
needed for delivering one packet from source to
destination at each security level. This includes the
World Academy of Science, Engineering and Technology
International Journal of Electronics and Communication Engineering
Vol:12, No:1, 2018
International Scholarly and Scientific Research & Innovation 12(1) 2018 52 scholar.waset.org/1307-6892/10008451
International Science Index, Electronics and Communication Engineering Vol:12, No:1, 2018 waset.org/Publication/10008451
Page 2 of 8
energy consumed by transmission mode Etx and
receiving mode Erx, and the energy required by a
relay nodes to forward a packet Efwd. Hence, the total
energy consumption of transmitting one packet E can
be represented as follows:
E = Etx + Erx + n ∗ Efwd (1)
2) Latency (L): This measures the time needed for a node
to transmit a packet until it received by the destination.
3) Throughput (Thr): This is the number of packets
received at the destination per unit time (one second
in this research).
At the end of this paper, the most significant security levels
will be identified based on their impact on sensor network
performance, particularly in terms of energy consumption.
II. RELATED WORK
Several studies have evaluated the cost of security at the
IoT MAC layer, but the cost of each security level in IEEE
802.15.4 is unknown. For instance, [12] have analysed the
energy consumption of AES, RC5 and RC6. They have
evaluated the energy cost and memory requirements of these
cipher algorithms.
Similar study [13] has evaluated the cost of AES,
RC5 and RC6. This study also investigates the impact
of key size on energy cost and concludes that RC5
is the most energy-efficient for limited resource devices.
Also, [14] provides a method of optimising encryption
hardware implementation. The study investigates the energy
consumption and performance of AES in both software and
hardware implementations. The results indicate that hardware
is more efficient than software implementation. However,
none of these studies discuss authentication cost, which
is crucial to security services in WSNs. In addition, a
network engineer cannot identify the cost of security over
non-secure transmission, as these studies present only the cost
of encryption.
Reference [15] have analysed the cost of using different
encryption block ciphers such as AES and RC5 on two
popular hardware platforms: MicaZ, and TelosB. The study
evaluates the effects of different key sizes on energy cost,
and also presents the energy cost of different MAC protocols.
However, the study does not evaluate IEEE 802.15.4 and
its implications on communication cost. Also, the cost of
security over non-secure transmissions is undefined, as the
study focuses on the comparison of cipher algorithms rather
than security over non-secure transmission.
In contrast, the present study focuses on the security levels
of IEEE 802.15.4. It identifies the impact of different security
levels on energy consumption and QoS parameters such as
latency and throughput, and illustrates how transmission power
affects the security cost. In addition, the study clarifies the
relationship between security cost and the packet data length.
Furthermore, it covers aspects which have been neglected
by previous studies, such as how security affects energy
consumption indirectly by causing multiple transmissions.
Finally, this study provides a methodology for evaluating the
security overhead of the IoT MAC layer.
III. SIMULATION SETUP AND PARAMETERS
There are many lightweight operating systems (OSs) which
could be used in wireless sensor nodes. These operating
systems provide similar services, but certain characteristics
of these operating systems might affect the choice of the
developers. Examples of these operating systems are Contiki,
RIOT and TinyOS. However, Contiki operating system was
selected in this experiment for its suitable features. The Cooja
simulator, which comes with Contiki OS, is used to obtain
the results in this paper. Also, Powertrace tool [16], which is
supported in Contiki, is used to provide detailed information
about where the energy is consumed (transmission, receiving,
etc). It calculates the time each component takes in particular
mode. This tool is claimed to be 94% accurate in measuring
the energy consumed by a real device [16]. Table I shows the
parameters which used in the simulator.
TABLE I
SIMULATION PARAMETERS
Parameter Value
Platform Tmote Sky
MAC protocol CSMA
Radio Duty Cycle ContikiMAC
Payload 24 and 80 byte
Transmission range 50 Meters
TX/RX success ratio 100%
Radio CC2420
Microcontroller unit (MCU) MSP430
The simulation uses single hop communication to deliver
packets from source to destination.
IV. IEEE 802.15.4 SECURITY SPECIFICATIONS
This experiment uses a MAC layer security protocol which
supports eight levels, as defined by the IEEE 802.15.4 security
specifications (as shown in Table II). The minimum security
level is 0, whereby no security mechanism is used, and the
highest level is 7, which includes encryption,replay protection,
integrity and authentication with AES-128.
TABLE II
SECURITY SUITES, REPRODUCED FROM [17]
Security Suites
SuiteID Description Services Replay
detection
MIC
size
(Byte)
0 No Security Null - 0
1 AES-CBC-MAC-32
Authentication
ON 4
2 AES-CBC-MAC-64 ON 8
3 AES-CBC-MAC-128 ON 16
4 AES-CTR Encryption only ON 0
5 AES-CCM-32 Authentication
and
encryption
ON 4
6 AES-CCM-64 ON 8
7 AES-CCM-128 ON 16
The security services added at each security level are
shown in Fig. 1. AES-CTR mode only provides encryption
for the payload, hence it supports confidentiality. The length
of the key used is 128 bits, as recommended by the IEEE
802.15.4 security specifications. This length will be fixed at
all levels which support confidentiality in this experiment.
Authentication can be achieved by appending a message
authentication code in every packet. Message authentication
World Academy of Science, Engineering and Technology
International Journal of Electronics and Communication Engineering
Vol:12, No:1, 2018
International Scholarly and Scientific Research & Innovation 12(1) 2018 53 scholar.waset.org/1307-6892/10008451
International Science Index, Electronics and Communication Engineering Vol:12, No:1, 2018 waset.org/Publication/10008451
Page 3 of 8
code is also named message integrity code (MIC). This
research will use MIC to indicate to message authentication
code, so we can differentiate between media access control
(MAC) and message authentication code. Authentication can
be of various lengths based on the required security strength
[4, 8 or 16 byte].
Fig. 1 Security services frame format
Auxiliary Security Header(ASH)(as shown in Table III)
consists of three fields: security control, frame counter, and
key identifier. ASH is added to the frame only when frame
control bit field is set to one [18]. Security control specifies
the security level employed for a frame, frame counter is used
to provide replay protection against replay attack, and key
identifier provides information about the key identifier mode.
TABLE III
AUXILIARY SECURITY HEADER
1 byte 4 byte 0 -9 byte
Security Control Frame Counter Key Identifier
V. ACCURACY OF THE SECURITY OVERHEAD RESULTS
There are many factors which affect the accuracy of the
results obtained from the emulator, such as the padding
mechanism and MAC protocol. The ContikiMAC protocol
is used as a RDC protocol. Energy consumption is
significantly affected by the employed RDC protocol. Under
the ContikiMAC protocol, the sender checks the medium
channel before transmitting, and if there is no radio activity,
it sends a full data packet and continues to transmit until the
receiver wakes up and acknowledges the message. This can
affect the result of assessing the overhead of security, as the
number of AES invocation varies. At the receiver side, a node
checks the medium channel periodically for any activity [19].
Fig. 2 shows the work mechanism of ContikiMAC through
unicast transmission. Node 2 represents the transmitter, and
node 1 represents the receiver. ContikiMAC requires a
minimum length packet size. This is to guarantee that the
packet doese not fall down between two Clear Channel
Assessment (CCA) [19]. This becomes more important in
broadcast communication, as there is no acknowledgement
returned to the sender. If the packet size is lower than the
minimum size, then a padding mechanism is used to increase
the packet size to the minimum. In order to avoid the impact of
the padding mechanism on the experiment results, the packet
size will always be larger than the minimum packet size.
Fig. 2 ContikiMAC mechanism
It can be observed that the radio is turned on and off on
regular basis to save power. This is determined by a parameter
known as Channel Check Rate. There is an optimisation phase
for ContikiMAC which reduces the number of re-transmissions
by keeping a track of the receiver wake up period. This could
help in making the sender transmit just before the receiver
wakes up. Retransmission can significantly affect the energy
consumption and assessment of security overhead. In order to
avoid the impact of re-transmitting the packet and obtain an
accurate result for transmitting one packet, the receiver node
is kept on at all times (as shown in Fig. 3). Node number 1
is the transmitter and node number 2 is the receiver.
Fig. 3 The radio state for both sender and receiver
Fig. 3 depicts the CCA mechanism, at every transmission
the radio checks the channel to make sure it is clear. To
eliminate the impact of CCA on the obtained results for
energy consumption, CCA is disabled before transmission (as
it shown in Fig. 4).
Fig. 4 CCA is disabled before transmission
VI. SIMULATION RESULTS
A. Energy Consumption Evaluation
In order to obtain the total security related energy
consumption, all components which affects security cost
should be investigated. There are two factors that contribute to
the energy consumed by security processes: computation, and
communication overhead. Security computation related energy
consumption is caused by adding/removing security services
such as cryptography. Computation processes makes the MCU
run longer to compute complex algorithm. The communication
cost is can be obtained by the energy consumed by the radio
to transmit the extra byte for authentication. Hence, the total
security energy consumption for single packet transmission
can be represented as follows:
World Academy of Science, Engineering and Technology
International Journal of Electronics and Communication Engineering
Vol:12, No:1, 2018
International Scholarly and Scientific Research & Innovation 12(1) 2018 54 scholar.waset.org/1307-6892/10008451
International Science Index, Electronics and Communication Engineering Vol:12, No:1, 2018 waset.org/Publication/10008451
Page 4 of 8
Esec−total = n
k=1
(Esec−compu + Esec−comm) (2)
where, n indicates the number of nodes involved in the
transmission, Esec−total the total security energy consumption,
Esec−compu computes the energy required for computation
overhead, which includes processing the actual transmission
and cryptography algorithm, and Esec−comm the energy
required for transmitting a packet, which includes transmitting
the actual frame and the extra bytes needed for MIC
authentication. In the following sections, energy cost is
investigated for each security level of the IEEE 802.15.4
security standard. This will include both computation and
communication energy cost. The obtained result is an energy
cost for delivery of a single packet and expressed in μJoule
units. Cost per packet delivery includes the generation of the
packet by the MCU and transmission by the radio at the
source. This will be acquired for each security level. Required
security services are added/removed for each plaintext block
according to the security level. The cost of transmission
without security services will be taken as a baseline for
comparison, since security overhead increases by selecting
higher security level. In this evaluation, the powertrace tool is
used to measure energy consumption. Powertrace records the
time that a component (Radio or MCU) enters a specific mode,
hence, the time that the MCU and Radio spend in each mode
(active, low power mode, etc.) is recorded. The current drawn
by the MCU and Radio in different modes should be known
in order to estimate the energy consumption. Tmote sky uses
CC2420 as a radio driver and MSP430 as a microcontroller.
According to Sky mote datasheet [20], the current drawn by
the radio and the micro-controller is shown in Table IV
TABLE IV
TYPICAL CURRENT CONSUMPTION FOR TMOTE SKY
Component Current drawn
MCU- active state 2400μA
Radio - Transmitting mode 17.4mA
Radio - Receiving mode 19.7mA
The objectives of this experiment are as follows:
1) Measure the energy consumption in delivering a single
packet at each security level for transmit mode.
2) Investigate the impact of frame length on the security
cost.
3) Explore the most significant security level based on
energy and also according to security services.
4) Investigate the impact of the power of transmission on
performance in terms of energy consumption.
Scenario 1: Evaluation with a payload length of 24 byte
in transmit mode The two components of sensor node which
affected by security are the MCU and the radio. Hence, the
energy consumption associated with these components will be
studied. First, the energy consumption of transmitting single
packet with 24 byte without security is measured. This will
serve as a baseline for comparison with other levels which
include different security services. The following formula
is used to calculate the energy consumption of every node
components:
E = Energest V alue ∗ V oltage ∗ Current
/ RT IMER SECOND ∗ runtime
(3)
where, E is the energy consumption of a node’s component at
a specific mode, Energest V alue is the difference between
two interval times, and RT IMER SECOND is the number
of ticks per second, which in the current simulation is 32768
ticks/second.
Table V shows the energy consumed by the MCU and radio
transmitting a single packet with a 24 byte payload. As can
be seen from Table V, the radio is the main contributor to
energy consumption. MCU consumption at level 0 constitutes
11.5% of the total energy consumption, and it grows as the
code increases in complexity with higher security services.
However, at the top security level it constitutes only 22%
of the total cost of energy. This extra consumption by the
MCU at higher security levels is due to AES operation and
the processing of extra bytes added by progressive levels of
authentication. On the contrary, the radio is responsible for the
majority of energy consumption during transmission (as shown
in Fig. 5). It can be noticed that radio energy consumption
at all levels fluctuates between 73.7% and 88.5% of overall
packet consumption, which is a very high percentage. The
Radio is responsible for transmitting packets, and it remains
in use longer with a greater number of bits. This explains
the high energy consumption when enabling authentication,
as authentication adds more bytes to the packets.
Fig. 5 Radio consumption vs MCU consumption for level 0 and 7
Also, it can be noticed that, total energy consumption
increases gradually from security level 0 to level 3, and from
5 to level 7. This is due to the length of MIC, as every level
employs a different MIC length. Security level 4 employs
encryption only, therefore the radio consumes less energy
comparing to authentication security levels. There is a slight
difference in MCU energy consumption between security
levels 1, 2 and 3. This also applies for security levels 4,
5, 6 and 7, which see only minor changes in MCU energy
consumption. However, the increased energy consumption for
the MCU at levels 5, 6 and 7 is almost 4 times of the energy
consumed by level 0. According to Table V, the percentage
World Academy of Science, Engineering and Technology
International Journal of Electronics and Communication Engineering
Vol:12, No:1, 2018
International Scholarly and Scientific Research & Innovation 12(1) 2018 55 scholar.waset.org/1307-6892/10008451
International Science Index, Electronics and Communication Engineering Vol:12, No:1, 2018 waset.org/Publication/10008451