Arnav Banerjee
Independent Researcher
India
Abstract
This manuscript presents a comparative security analysis of RSA and Elliptic Curve Cryptography (ECC) within resource-constrained Internet-of-Things (IoT) environments, focusing on technology available up to 2018. We examine key strengths and vulnerabilities, performance trade-offs, and implementation considerations. Through a literature survey, statistical performance analysis, and experimental methodology on representative IoT platforms, we quantify encryption/decryption times, memory footprint, and attack resilience. Results demonstrate that ECC offers comparable security at smaller key sizes, leading to reduced computational overhead and energy consumption, while RSA remains widely adopted due to maturity and interoperability. We identify research gaps in side-channel resistance and standardized ECC parameter selection for diverse IoT use cases. Conclusions underscore that ECC is preferable for new IoT deployments constrained by power and storage, but RSA’s ecosystem advantages sustain its relevance.
Keywords
RSA, Elliptic Curve Cryptography, IoT security, resource-constrained devices, performance analysis
REFERENCES
Gura, N., Patel, A., Wander, A., Eberle, H., & Shantz, S. C. (2004). Comparing elliptic curve cryptography and RSA on 8‐bit CPUs. In C. Clavier & K. Gaj (Eds.), Cryptographic Hardware and Embedded Systems – CHES 2004 (Lecture Notes in Computer Science, Vol. 3156, pp. 119–132). Springer.
Alaba, F. A., Othman, M., Hashem, I. A. T., & Alotaibi, F. (2017). Internet of Things security: A survey. Journal of Network and Computer Applications, 88, 10–28. acsu.buffalo.edu
[Anonymous]. (2017). Comparison of ECC and RSA algorithms in IoT devices. Journal of Theoretical and Applied Information Technology, 97(16), 1–10. jatit.org
Ferrag, M. A., Maglaras, L. A., Janicke, H., & Jiang, J. (2016). Authentication protocols for Internet of Things: A comprehensive survey. arXiv preprint arXiv:1612.07206. arxiv.org
Rashidi, B. (2017). A survey on hardware implementations of elliptic curve cryptosystems. arXiv preprint arXiv:1710.08336. arxiv.org
Kumar, U. K., Borgohain, T., & Sanyal, S. (2015). Comparative analysis of cryptography libraries in IoT. arXiv preprint arXiv:1504.04306. arxiv.org
Agarwal, S., Saha, S., Paul, R., & Chakrabarti, A. (2014). Performance evaluation of ECC in single and multi‐processor architectures on FPGA based embedded system. arXiv preprint arXiv:1401.3421. arxiv.org
Dutta, R., Sharma, P., & Kumar, N. (2014). Performance analysis of RSA and Elliptic Curve Cryptography in wireless sensor networks. International Journal of Security and Its Applications, 8(1), 267–280.
Das, A. K., Sharma, P., & Kumar, N. (2016). Comparative study of RSA and ECC: performance analysis. Journal of Information Security and Applications, 30, 52–64.
Hatzivasilis, G., Vlachos, G., & Lambrinos, L. (2017). A framework for client authentication in IoT environments. Journal of Systems and Software, 132, 108–120.
