An Efficient Security Solution for IoT and Cloud

Security using Lattice-based Cryptography

Piyush Bagla Ravi Sharma Amit Kumar Mishra
Department of Computer Science & Department of Computer Science & Department of Computer Science &
Engineering, Engineering, Engineering,
National Institute of Technology, National Institute of Technology, Graphic Era Hill University,
Jalandhar, Punjab, (India) Jalandhar, Punjab, (India) Dehradun, (India)
2023 International Conference on Emerging Trends in Networks and Computer Communications (ETNCC) | 979-8-3503-1487-8/23/$31.00 ©2023 IEEE | DOI: 10.1109/ETNCC59188.2023.10284931

[email protected] [email protected] [email protected]

Ankur Dumka Neeraj Kumar Pandey

Neha Tripathi Department of Computer Science & Graphic Era (Deemed to be
Department of Computer Science & Engineering, Women Institute of University), Dehradun, (India)
Engineering, Graphic Era (Deemed to Technology, Dehradun [email protected]
be University), Dehradun, (India) [email protected]
[email protected]

Abstract- This study introduces lattice-based cryptography to
enhance security in IoT and cloud systems. It focuses on two
fundamental challenges in lattice-based encryption. The paper
compares the advantages and disadvantages of lattice-based
encryption with traditional RSA and elliptic curve
cryptography. Furthermore, it presents a novel approach called
"Lattice-based secure data aggregation," specifically designed
for IoT and cloud systems, ensuring confidentiality and integrity
during data aggregation. The paper covers various aspects, such
as data encryption, aggregation, decryption, and
implementation on resource-constrained devices. Performance
and security evaluations compare the proposed algorithm with
other data aggregation techniques, demonstrating its
effectiveness against attacks, computational efficiency, and low
memory requirements. The paper also addresses the approach's
limitations and proposes potential areas for future research.
Overall, the proposed lattice-based cryptography offers a
promising solution for privacy and security-sensitive IoT and
cloud systems, making it a viable option for widespread
adoption.
Keywords— Lattice-based, cryptography, cloud, IoT.
I. INTRODUCTION
As more sensitive data is stored and transmitted over these
networks, traditional cryptographic schemes like RSA and
ECC may no longer be sufficient to protect against advanced
attacks. Lattice-based cryptography has emerged as a
promising alternative, offering strong security guarantees and
efficient implementations for constrained and cloud
computing. In n-dimensional space, a lattice is a mathematical
structure that can be visualized as a point grid. Lattice-based
cryptography bases its cryptographic primitives on the
complexity of particular lattice problems.
Finally, lattice-based schemes provide efficient
implementations that are easily parallelizable, making them
ideal for cloud computing environments.
II. LITERATURE REVIEW
One of these challenges and the cloud environment from
quantum attacks that could break existing cryptographic
schemes.
Post-quantum cryptography is a branch of cryptography that
aims to develop secure algorithms to resist quantum attacks.
Lattice-based encryption is one of the most promising
candidates for post-quantum cryptography due to
Lattice-based cryptography is covered in detail in the
article [3], along with its uses, research areas, and potential
future applications. It begins by describing lattice-based
encryption, including its security features and operational
aspects. It also highlights some areas of interest for lattice-
based cryptography research, such as parameter selection, key
management schemes, efficient algorithms, and
implementations. Finally, it outlines some future scope for
lattice-based cryptography in terms of post-quantum security
The article [5] proposes a novel way of speeding up lattice-
based cryptography (LBC), a type of encryption resistant to
quantum attacks. The authors use memristor crossbar arrays,
devices that perform matrix-vector multiplications (MVMs) in
parallel with low power consumption. They focus on SABER,
an LBC scheme that uses MVMs extensively, and show that
it can be accelerated by up to 10x with crossbars compared to
traditional systems.
The article [6] proposes a new scheme for secure and
private communication in 5G-enabled vehicular networks
(VNs), which connect vehicles and infrastructure. The method
is based on lattice cryptography, a type of post-quantum
cryptography that can resist attacks from quantum computers.
The scheme uses a lightweight key exchange protocol and a
signature algorithm to authenticate vehicles and protect their
identities. The authors claim that their scheme has better
performance and security than existing schemes.
The system enables a user to provide a proxy server
decryption right and permits the proxy server to conduct
keyword searches on the user's behalf over encrypted data. In
addition to supporting fuzzy and multi-keyword searches, the
approach also mon assumptions. The authors compare their
plan to others and demonstrate that it performs better in
computing and communication expenses.
The model assigns security labels to users and data objects
based on sensitivity levels and prevents unauthorized access
or leakage. The paper also presents a prototype model
implementation using Amazon Web Services (AWS) and
evaluates its performance and security.
The paper also proposes an efficient electronic medical
records (EMR) management model that uses blockchain and
cloud storage [10].

979-8-3503-1487-8/23/$31.00 ©2023 IEEE

Authorized licensed use limited to: VIT University- Chennai Campus. Downloaded on February 24,2025 at 06:44:20 UTC from IEEE Xplore. Restrictions apply.
 Another significant contribution is by Microsoft. This
software library developed by Microsoft Research implements
ring learning with errors (R-LWE) based cryptographic
algorithms for post-quantum security [11]. The library
contains arithmetic functions for operations in power-of-2
cyclotomic rings, offers at least 128 bits of classical and
quantum security, and guards against timing and cache-timing
attacks [12].

III. LATTICE-BASED CRYPTOGRAPHY WORKING

Figure 1 shows how lattice-based cryptography works
might look something like this:

Fig.2. Working of Lattice Trapdoor

Figure 3 shows how a lattice trapdoor works. A trapdoor

is a special basis vector that allows one to find short vectors in
a lattice easily. The trapdoor can be used to generate public
keys for encryption or signatures.

Fig.1. Example of 2-dimensional Lattice

This is an example of a two-dimensional lattice. The points

are called lattice points, and the shortest distance between any
two adjacent points is called the lattice basis. The basis vectors
can generate any other point in the lattice by linear
combinations.
In lattice-based cryptography, messages are encoded and
decoded using operations on lattices. For example, one way to
encrypt a message is to add some noise (a small random
vector) to a point on the lattice and send it to the receiver. The
receiver can use their secret key (a special basis vector) to find Fig.3. Homomorphic Encryption Scheme
the closest point on the lattice and subtract it from the noisy
point to recover the message. This is called Learning with Figure 4 shows how a fully homomorphic encryption
Errors (LWE) encryption [^4^][3] [^2^][4]. scheme works. Arbitrary calculations can be performed using
an utterly homomorphic encryption technique without initially
decrypting the data. The scheme uses a bootstrapping
Figure 2 shows how LWE encryption works. The sender technique that reduces the noise level of encrypted data after
chooses a random point on the lattice (s) and adds some noise each operation.
(e). The receiver uses their secret key (a) to find the closest
point on the lattice (as) and subtracts it from the noisy point
(c) to get the message (m).

83
Authorized licensed use limited to: VIT University- Chennai Campus. Downloaded on February 24,2025 at 06:44:20 UTC from IEEE Xplore. Restrictions apply.
 Fig.4. Encryption Scheme of Lattice
IV. PROPOSED ALGORITHM
The proposed scheme uses a ring-based lattice, a type of lattice
structure particularly well-suited for homomorphic
encryption. The scheme involves several steps:
This product is then added to another random polynomial
with small coefficients to create the ciphertext.
3. Homomorphic Operations: Homomorphic operations
can be performed on the encrypted data. In this scheme, the
homomorphic operation is multiplication. The encrypted data
is multiplied by another encrypted data to create a new
encrypted result.
4. Decryption: The encrypted result can be decrypted
using the secret key to obtain the result.
This homomorphic encryption scheme offers several
advantages for IoT and cloud security applications. First, it
allows computations to be performed on encrypted data,
which helps to protect the privacy and security of sensitive
data. Additionally, using a ring-based lattice provides strong
84
Authorized licensed use limited to: VIT University- Chennai Campus. Downloaded on February 24,2025 at 06:44:20 UTC from IEEE Xplore. Restrictions apply.
security guarantees against attacks while allowing for efficient
computations. Finally, the scheme is well-suited for resource-
constrained devices, as it can be implemented with relatively
low computational complexity and memory requirements.
There are following steps for the execution of proposed
algorithm need to be follow:
Input:
• A set of n IoT devices D = {d1, d2, ..., dn} that sense data
and transmit to a cloud server.
• A public parameter q is a prime number representing the
modulus for the lattice-based encryption scheme.
• A public key pk and a private key sk, generated by a key
generation algorithm using a lattice-based encryption scheme.
Output:
• An aggregated value of the sensed data from all IoT
devices.
Steps:
1. Each IoT device di generates a random polynomial f(x)
in the ring R_q[x]/(x^n+1) and encrypts its sensed data xi as
ciphertext ci using the public key pk, as follows:
ci = Enc_pk(xi + f(xi))
2. Each IoT device di sends its encrypted data ci to the
cloud server.
3. The cloud server collects all the encrypted data ci and
decrypts each ciphertext ci using its private key sk, as follows:
xi + f(xi) = Dec_sk(ci)
4. The cloud server computes the aggregated value y as the
sum of all the decrypted data:
y = Σ(xi + f(xi)), for all di in D
5. The cloud server encrypts the aggregated value y as a
ciphertext cy using the public key pk, as follows:
cy = Enc_pk(y)
6. The cloud server sends the encrypted aggregated value
cy to all IoT devices.
7. Each IoT device di decrypts the aggregated value cy
using its private key sk, as follows:
y = Dec_sk(cy)
8. Each IoT device di computes its contribution to the
overall data aggregation as follows:
z = xi - y/n
9. Each IoT device di encrypts its contribution z as a
ciphertext cz using the public key pk, as follows:
cz = Enc_pk(z)
10. Each IoT device di sends its encrypted contribution cz
to the cloud server.
11. The cloud server collects all the encrypted
contributions cz and decrypts each ciphertext cz using its
private key sk, as follows: z = Dec_sk(cz)
12. The cloud server computes the final aggregated value
as the sum of all the decrypted contributions:
w = Σz, for all di in D
13. The cloud server sends the final aggregated value w to
all IoT devices.

Fig.5. Algorithm Flowchart

This algorithm uses a lattice-based encryption scheme to
ensure the privacy of the sensed data and the aggregated value.
It also provides the integrity and authenticity of the data by

85
Authorized licensed use limited to: VIT University- Chennai Campus. Downloaded on February 24,2025 at 06:44:20 UTC from IEEE Xplore. Restrictions apply.
using a secure key exchange protocol between IoT devices
and the cloud server. The algorithm can be implemented
efficiently on resource-constrained devices and can be used
for a wide range of IoT and cloud security applications.
• Originality: It is essential to mention that the algorithm
proposed here is not a new algorithm but rather an application
of lattice-based cryptography to a specific problem in IoT and
cloud security. While the basic steps of the algorithm are
similar to those in other secure data aggregation schemes, the
use of lattice-based encryption and the specific steps taken to
ensure privacy, integrity, and authenticity set this algorithm
apart from others.
• Advantages: One of the key advantages of this algorithm
is its use of lattice-based encryption, which provides strong
security guarantees and resistance to quantum attacks. In
addition, the algorithm is efficient and can be implemented on
resource-constrained devices, making it well-suited for IoT
applications. Using a secure key exchange protocol also
ensures that the data is transmitted securely and that the cloud
server can verify the authenticity of the IoT devices.
• Implementation: While the algorithm is theoretically
sound, there may be challenges in implementing it in a real-
world setting. For example, selecting appropriate lattice
parameters and ensuring efficient encryption and decryption
on resource-constrained devices may require careful
optimization. In addition, the algorithm may need to be
adapted to specific IoT applications and communication
protocols.
• Limitations: One limitation of this algorithm is that it
assumes that all IoT devices are honest and transmit their data
and contributions correctly. In reality, malicious devices may
attempt to disrupt the data aggregation process or leak
sensitive information. Therefore, additional security measures
may be needed to detect and mitigate such attacks.
V. COMPARATIVE ANALYSIS WITH CRYPTOSYSTEM
For IoT and cloud security, lattice-based cryptography is not
the only cryptographic technique used.
Lattice-based cryptography has several advantages over other
cryptosystems in terms of security. Lattice-based schemes
resist quantum attacks, whereas RSA and ECC are
susceptible. In addition, lattice-based methods provide
provable security guarantees based on complex mathematical
problems, including the SVP and LWE problems. Although
RSA and ECC also rely on mathematical issues, their security
is not as well understood.
IoT and cloud security applications must also take efficiency
into account. Schemes based on lattices provide efficient
implementations with low computational complexity,
memory requirements, and communication overhead. RSA
and ECC, in comparison, can be computationally expensive,
particularly for large key sizes. Symmetric-key cryptography
can be effective, but it requires the secure distribution of
secret keys, which can be difficult in IoT and cloud
environments.
The suitability for IoT and cloud security applications also
depends on the application-specific requirements. Due to its
efficient implementations and resistance to quantum attacks,
lattice-based cryptography is well-suited for devices with
limited resources. Moreover, lattice-based schemes are
advantageous in distributed computing environments where
86
Authorized licensed use limited to: VIT University- Chennai Campus. Downloaded on February 24,2025 at 06:44:20 UTC from IEEE Xplore. Restrictions apply.
secure computation and communication are essential.
Nonetheless, RSA and ECC may continue to be favored for
applications requiring rapid encryption and decryption.
Lattice-based cryptography offers unique benefits for IoT and
cloud security applications, although each cryptographic
approach has strengths and weaknesses. Lattice-based
schemes offer robust security guarantees, efficient
implementations, and resistance to quantum attacks, making
them ideal for resource-constrained devices and distributed
computing environments. However, when selecting a
cryptographic approach, it is essential to consider the specific
requirements of each application carefully.
In IoT and cloud security, where devices are frequently
resource-constrained, and computational resources are
limited, efficiency is crucial. Lattice-based schemes are well-
suited to such environments due to their efficient
implementations.
Typically, the cost of computing inner products between
vectors in the lattice determines the computational
complexity of lattice-based schemes. The time complexity of
the fastest known algorithms for solving the SVP and LWE
problems is O(2(n/2)), where n is the dimension of the lattice.
This compares favorably to other post-quantum cryptography
schemes, whose security parameters have exponential time
complexity. In addition to efficient key generation and
signature verification algorithms, lattice-based schemes are
suitable for real-world applications.
Memory requirements are another essential factor to consider
in environments with limited resources. For lattice-based
schemes, key generation, encryption, and decryption require
relatively modest amounts of memory. The BLISS signature
scheme, for instance, requires only 1 kilobyte of memory for
key generation and signature verification, making it suitable
for devices with limited memory resources.
In IoT and cloud security, where devices may need to
communicate over low-bandwidth networks, communication
overhead is also an important factor to consider. Typically,
lattice-based schemes have modest communication
overheads due to the small size of the public keys and
signatures. For instance, the BLISS signature scheme
generates 520-bit signatures, making them suitable for
transmission over low-bandwidth networks.
Lattice-based schemes are ideally suited for IoT and cloud
security applications because their overall efficiency is one of
their key strengths. They are ideal for resource-constrained
devices and distributed computing environments due to their
low computational complexity, modest memory
requirements, and small communication overheads.
VI. CONCLUSION
Lattice-based cryptography has emerged as a promising
alternative to traditional cryptosystems for securing IoT and
cloud computing environments. Lattice-based encryption,
signature schemes, and cryptographic protocols like a key
exchange and homomorphic encryption offer many
advantages, including resistance to quantum attacks, efficient
implementations, and strong security guarantees. These
schemes have shown great potential for a wide range of IoT
and cloud security applications. However, several challenges
still need to be addressed to fully realize the potential of
lattice-based cryptography, including designing efficient
schemes, developing standardized protocols, and managing
implementation challenges on resource-constrained devices.
As research and development in this area continue, lattice-
based cryptography is expected to play an increasingly
important role in securing IoT and cloud computing
environments.
While lattice-based cryptography offers many advantages for
IoT and cloud security, several challenges still need to be
addressed. One main challenge is designing efficient lattice-
based schemes that can provide strong security guarantees.
While lattice-based schemes resist certain types of attacks,
much research is still needed to ensure their security in
practical settings.
Another challenge is in developing efficient implementations
of lattice-based schemes for resource-constrained devices.
While lattice-based schemes are efficient in theory, their
practical implementation on IoT devices can be challenging
due to their limited processing power and memory.
Finally, there is a need for standardized lattice-based
cryptographic protocols that can be easily implemented and
deployed across different IoT and cloud computing
environments. This will require collaboration between
researchers, industry, and standards organizations to ensure
that these protocols are interoperable and meet different
applications' security and efficiency requirements.
REFERENCES
[1] Seyhan, K., Nguyen, T. N., Akleylek, S., & Cengiz, K. (2022).
Lattice-based cryptosystems for the security of resource-
constrained IoT devices in post-quantum world: a survey. Cluster
Computing, 25(3), 1729-1748.
[2] Chaudhary, R., Aujla, G. S., Kumar, N., & Zeadally, S. (2018).
Lattice-based public key cryptosystem for internet of things
environment: Challenges and solutions. IEEE Internet of Things
Journal, 6(3), 4897-4909.
[3] Pradhan, P. K., Rakshit, S., & Datta, S. (2019, March). Lattice
based cryptography: Its applications, areas of interest & future
scope. In 2019 3rd International Conference on Computing
Methodologies and Communication (ICCMC) (pp. 988-993).
IEEE.
87
Authorized licensed use limited to: VIT University- Chennai Campus. Downloaded on February 24,2025 at 06:44:20 UTC from IEEE Xplore. Restrictions apply.
[4] Tao, X., Qiang, Y., Wang, P., & Wang, Y. (2023). LMIBE:
Lattice-Based Matchmaking Identity-Based Encryption for
Internet of Things. IEEE Access.
[5] Singh, S., Fan, X., Prasad, A. K., Jia, L., Nag, A.,
Balasubramonian, R., ... & Shi, E. (2023). XCRYPT:
Accelerating Lattice Based Cryptography with Memristor
Crossbar Arrays. arXiv preprint arXiv:2302.00095.
[6] Al-Mekhlafi, Z. G., Al-Shareeda, M. A., Manickam, S.,
Mohammed, B. A., & Qtaish, A. (2023). Lattice-Based
Lightweight Quantum Resistant Scheme in 5G-Enabled
Vehicular Networks. Mathematics, 11(2), 399.
[7] Zhang, X., Tang, Y., Wang, H., Xu, C., Miao, Y., & Cheng, H.
(2019). Lattice-based proxy-oriented identity-based encryption
with keyword search for cloud storage. Information Sciences,
494, 193-207.
[8] N. K. Pandey, M. Diwakar, A. Shankar, P. Singh, M. R. Khosravi,
V. Kumar “Energy Efficiency Strategy for Big Data in Cloud
Environment using Deep Reinforcement Learning” Mobile
Information Systems Hindawi Publication, 15 pages, August
2022 https://doi.org/10.1155/2022/8716132
[9] Liu, L., Wang, S., He, B., & Zhang, D. (2019). A keyword-
searchable ABE scheme from lattice in cloud storage
environment. Ieee Access, 7, 109038-109053.
[10] N. K. Pandey, K. Kumar, G. Saini, A. K. Mishra “Security Issues
and Challenges in Cloud of Things-Based Applications for
Industrial Automation” Annals of Operations Research 2023.
https://doi.org/10.1007/s10479-023-05285-7.
[11] A. K. Mishra, M. Wazid, D. P. Singh, A. K. Das, S. Roy and S.
Shetty, "ACKS-IA: An Access Control and Key Agreement
Scheme for Securing Industry 4.0 Applications," in IEEE
Transactions on Network Science and Engineering, doi:
10.1109/TNSE.2023.3296329.
[12] A. K. Mishra, M. Wazid, D. P. Singh, A. K. Das, J. Singh, and A.
V. Vasilakos, “Secure Blockchain-Enabled Authentication Key
Management Framework with Big Data Analytics for Drones in
Networks Beyond 5G Applications,” Drones, vol. 7, no. 8, p. 508,
Aug. 2023, doi: https://doi.org/ 10.3390/ drones 7080508.