Mechanisms for cryptographic code authentication control in sensor nodes with limited computing resources
Abstract
The article presents a mechanism for cryptographic authentication control of program code in sensor nodes with limited computational resources, targeting microcontrollers such as STM32 and ESP32. The limitations of existing code authentication approaches are identified, including high energy consumption, memory footprint, and verification delays when using conventional algorithms like SHA-2 and RSA. A lightweight Secure Boot architecture is proposed, based on the SPONGENT hash function and ECDSA digital signature with shortened keys, which enables code protection without exceeding the hardware constraints of sensor devices. A comparative analysis of two configurations of the mechanism demonstrates significant reductions in verification time, energy consumption, and memory usage in the lightweight version while maintaining an acceptable level of cryptographic resistance. The integration features of the solution into STM32CubeIDE and ESP-IDF environments are described, along with the implementation of firmware update procedures with authenticity verification and secure storage of reference hashes and public keys in protected memory regions. The proposed mechanism allows for the adaptation of authenticity control to the specific needs of distributed cyber-physical systems and lays the foundation for building an energy-efficient and attack-resilient secure software infrastructure in embedded devices
References
2. Laktionov I., Diachenko G., Moroz D., Getman I. A Comprehensive Review of Cybersecurity Threats to Wireless Infocommunications in the Quantum-Age Cryptography. IoT. 2025. Vol. 6, No. 4. P. 61.
1. Homaei M., Mogollón-Gutiérrez Ó., Sancho J. C., Ávila M., Caro A. A review of digital twins and their application in cybersecurity based on artificial intelligence. Artificial Intelligence Review. 2024. Vol. 57, No. 8. P. 201.
2. Розломій І. О., Фауре Е. В., Науменко С. В. Методи аутентифікації у вбудованих системах з обмеженими обчислювальними ресурсами. Вимірювальна та обчислювальна техніка в технологічних процесах. 2025. № 1. С. 29–35. DOI: https://doi.org/10.31891/2219-9365-2025-81-4
3. Bhasin S., De Santis F. (Eds.). Constructive Side-Channel Analysis and Secure Design: 12th International Workshop, COSADE 2021, Lugano, Switzerland, October 25–27, 2021, Proceedings. Vol. 12910. Springer Nature, 2021.
4. Phong N. D., Tuyen U. Q., Osinski P. Risk Warning Systems for Underground Mining Using IoT Solutions: A Case Study. GEOMATE Journal. 2024. Vol. 27, No. 119. P. 100–111.
5. Chakraborty R., Mondal U. K., Debnath A., Ghosh U., Roy B. B. Lightweight micro-architecture for IoT & FPGA security. International Journal of Information Technology. 2023. Vol. 15, No. 7. P. 3899–3905.
