{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,12]],"date-time":"2025-10-12T03:43:47Z","timestamp":1760240627269,"version":"build-2065373602"},"reference-count":58,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2019,8,15]],"date-time":"2019-08-15T00:00:00Z","timestamp":1565827200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"The potential benefits of the Internet of Things (IoT) are hampered by malicious interventions of attackers when the fundamental security requirements such as authentication and authorization are not sufficiently met and existing measures are unable to protect the IoT environment from data breaches. With the spectrum of IoT application domains increasing to include mobile health, smart homes and smart cities in everyday life, the consequences of an attack in the IoT network connecting billions of devices will become critical. Due to the challenges in applying existing cryptographic standards to resource constrained IoT devices, new security solutions being proposed come with a tradeoff between security and performance. While much research has focused on developing lightweight cryptographic solutions that predominantly adopt RSA (Rivest\u2013Shamir\u2013Adleman) authentication methods, there is a need to identify the limitations in the usage of such measures. This research paper discusses the importance of a better understanding of RSA-based lightweight cryptography and the associated vulnerabilities of the cryptographic keys that are generated using semi-primes. In this paper, we employ mathematical operations on the sum of four squares to obtain one of the prime factors of a semi-prime that could lead to the attack of the RSA keys. We consider the even sum of squares and show how a modified binary greatest common divisor (GCD) can be used to quickly recover one of the factors of a semi-prime. The method presented in this paper only uses binary arithmetic shifts that are more suitable for the resource-constrained IoT landscape. This is a further improvement on previous work based on Euler\u2019s method which is demonstrated using an illustration that allows for the faster testing of multiple sums of squares solutions more quickly.<\/jats:p>","DOI":"10.3390\/cryptography3030020","type":"journal-article","created":{"date-parts":[[2019,8,15]],"date-time":"2019-08-15T11:11:00Z","timestamp":1565867460000},"page":"20","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT"],"prefix":"10.3390","volume":"3","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2772-133X","authenticated-orcid":false,"given":"Sitalakshmi","family":"Venkatraman","sequence":"first","affiliation":[{"name":"School of Engineering, Construction & Design, Melbourne Polytechnic, Victoria 3181, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7021-4774","authenticated-orcid":false,"given":"Anthony","family":"Overmars","sequence":"additional","affiliation":[{"name":"School of Engineering, Construction & Design, Melbourne Polytechnic, Victoria 3181, Australia"}]}],"member":"1968","published-online":{"date-parts":[[2019,8,15]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Rajakumari, S., Azhagumeena, S., Devi, A.B., and Ananthi, M. (2017, January 23\u201324). Upgraded living think-IoT and big data. Proceedings of the 2017 2nd International Conference on Computing and Communications Technologies (ICCCT), Chennai, India.","DOI":"10.1109\/ICCCT2.2017.7972272"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Dineshkumar, P., SenthilKumar, R., Sujatha, K., Ponmagal, R., and Rajavarman, V. (2016, January 9\u201311). Big data analytics of IoT based Health care monitoring system. Proceedings of the 2016 IEEE Uttar Pradesh Section International Conference on Electrical, Computer and Electronics Engineering (UPCON), Varanasi, India.","DOI":"10.1109\/UPCON.2016.7894624"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"02034","DOI":"10.1051\/matecconf\/201710002034","article-title":"Internet of Things: Application and Prospect","volume":"Volume 100","author":"Zhao","year":"2017","journal-title":"MATEC Web of Conferences"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"74","DOI":"10.1109\/MIC.2018.011581520","article-title":"TRIFECTA: Security, Energy Efficiency, and Communication Capacity Comparison for Wireless IoT Devices","volume":"22","author":"Sen","year":"2018","journal-title":"IEEE Internet Comput."},{"key":"ref_5","unstructured":"McAfee (2017). McAfee Labs Threats Report, McAfee. Technical Report."},{"key":"ref_6","unstructured":"Wu, M., Lu, T.J., Ling, F.Y., Sun, J., and Du, H.Y. (2010, January 20\u201322). Research on the architecture of Internet of Things. Proceedings of the 2010 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE), Chengdu, China."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Nastase, L. (2017, January 29\u201331). Security in the Internet of Things: A Survey on Application Layer Protocols. Proceedings of the 21st International Conference on Control Systems and Computer Science (CSCS), Bucharest, Romania.","DOI":"10.1109\/CSCS.2017.101"},{"key":"ref_8","unstructured":"Hern, A. (2019, August 14). Hacking Risk Leads to Recall of 500,000 Pacemakers due to Patient Death Fears. The Guardian. Available online: https:\/\/www.google.com.hk\/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&ved=2ahUKEwjxjfnGs4TkAhWCfXAKHYvMAmIQFjACegQIARAB&url=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2017%2Faug%2F31%2Fhacking-risk-recall-pacemakers-patient-death-fears-fda-firmware-update&usg=AOvVaw1iTl1YppU9tgAM6Ex9rfHO."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Husamuddin, M., and Qayyum, M. (2017, January 26\u201327). Internet of Things: A study on security and privacy threats. Proceedings of the 2017 2nd International Conferenceon Anti-CyberCrimes (ICACC), Abha, Saudi Arabia.","DOI":"10.1109\/Anti-Cybercrime.2017.7905270"},{"key":"ref_10","first-page":"24","article-title":"Internet of Things Security: Layered classification of attacks and possible Countermeasures","volume":"9","author":"Lahmer","year":"2016","journal-title":"Electron. J. Inf. Technol."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"14","DOI":"10.1109\/MSP.2015.7","article-title":"Low-energy security: Limits and opportunities in the Internet of things","volume":"13","author":"Trappe","year":"2015","journal-title":"IEEE Secur. Privacy"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Su\u00e1rez-Albela, M., Fraga-Lamas, P., and Fern\u00e1ndez-Caram\u00e9s, T.M. (2018). A Practical Evaluation on RSA and ECC-Based Cipher Suites for IoT High-Security Energy-Efficient Fog and Mist Computing Devices. Sensors, 18.","DOI":"10.3390\/s18113868"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"7124","DOI":"10.1109\/TIE.2016.2585081","article-title":"A Realistic Lightweight Anonymous Authentication Protocol for Securing Real-Time Application Data Access in Wireless Sensor Networks","volume":"63","author":"Gope","year":"2016","journal-title":"IEEE Trans. Ind. Electron."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"120","DOI":"10.1145\/359340.359342","article-title":"A method for obtaining digital signatures and public-key cryptosystems","volume":"21","author":"Rivest","year":"1978","journal-title":"Commun. ACM"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"2922","DOI":"10.1109\/TIT.2007.901248","article-title":"Dual RSA and its Security Analysis","volume":"53","author":"Sun","year":"2007","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_16","first-page":"244","article-title":"Lightweight IoT-based authentication scheme in cloud computing circumstance. Future Gen","volume":"91","author":"Zhou","year":"2019","journal-title":"Comput. Syst."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Pammu, A.A., Chong, K.S., Ho, W.G., and Gwee, B.H. (2016, January 25\u201328). Interceptive side channel attack on AES-128 wireless communications for IoT applications. Proceedings of the 2016 IEEE Asia Pacific Conference on Circuits and Systems (APCCAS), Jeju, Korea.","DOI":"10.1109\/APCCAS.2016.7804081"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Choi, J., and Kim, Y. (2016, January 13\u201316). An improved LEA block encryption algorithm to prevent side-channel attack in the IoT system. Proceedings of the 2016 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA), Jeju, Korea.","DOI":"10.1109\/APSIPA.2016.7820845"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"El-hajj, M., Fadlallah, A., Chamoun, M., and Serhrouchni, A. (2019). A Survey of Internet of Things (IoT) Authentication Schemes. Sensors, 19.","DOI":"10.3390\/s19051141"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"65","DOI":"10.13052\/jcsm2245-1439.414","article-title":"Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks","volume":"4","author":"Abomhara","year":"2015","journal-title":"J. Cyber Secur. Mobil."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Wen, Q., Dong, X., and Zhang, R. (November, January 30). Application of dynamic variable cipher security certificate in Internet of Things. Proceedings of the 2012 IEEE 2nd International Conference on Cloud Computing and Intelligence Systems, Hangzhou, China.","DOI":"10.1109\/CCIS.2012.6664544"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"1617","DOI":"10.12785\/amis\/080416","article-title":"An Efficient Authentication and Access Control Scheme for Perception Layer of Internet of Things","volume":"8","author":"Ye","year":"2014","journal-title":"Appl. Math. Inf. Sci."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Aboud, S.J. (2009, January 4\u20136). An efficient method for attack RSA scheme. Proceedings of the ICADIWT 2nd International Conference, London, UK.","DOI":"10.1109\/ICADIWT.2009.5273976"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"25","DOI":"10.12709\/fbim.05.05.02.03","article-title":"Man in the Middle Attacks and the Internet of Things\u2014Security and economic risks","volume":"5","author":"Cekerevac","year":"2017","journal-title":"FBIM Trans."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"193","DOI":"10.1016\/j.eij.2017.01.002","article-title":"Anonymous authentication and location privacy preserving schemes for LTE-A networks","volume":"18","author":"Haddad","year":"2017","journal-title":"Egypt. Inform. J."},{"key":"ref_26","unstructured":"Schneier, B. (1996). Applied Cryptography, John Wiley & Sons, Inc.. [2nd ed.]."},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Da Silva, J.C.L. (2010, January 17\u201320). Factoring Semi primes and Possible Implications. Proceedings of the 26th IEEE Convention in Israel, Eliat, Israel.","DOI":"10.1109\/EEEI.2010.5661953"},{"key":"ref_28","unstructured":"Raza, S., Voigt, T., and Jutvik, V. (2012, January 23). Lightweight ikev2: A key management solution for both the compressed IPsec and the IEEE 802.15. 4 security. Proceedings of the IETF Workshop on Smart Object Security, Paris, France."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"3711","DOI":"10.1109\/JSEN.2013.2277656","article-title":"Lithe: Lightweight secure CoAP for the internet of things","volume":"13","author":"Raza","year":"2013","journal-title":"IEEE Sens. J."},{"key":"ref_30","unstructured":"Barker, E. (2019, August 14). Recommendation for Key Management \u2014Part 1: General, NIST Special Publication 800-57: Part 1 (Revision 4), Available online: https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-57pt1r4.pdf."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"114","DOI":"10.1016\/j.compeleceng.2016.02.017","article-title":"A lightweight message authentication scheme for Smart Grid communications in power sector","volume":"52","author":"Mahmood","year":"2016","journal-title":"Comput. Electr. Eng."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"85","DOI":"10.1109\/TDSC.2014.2313861","article-title":"PRGA: Privacy-preserving recording & gateway-assisted authentication of power usage information for smart grid","volume":"12","author":"Chim","year":"2015","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"686","DOI":"10.1109\/TSG.2011.2138172","article-title":"Multicast Authentication in the Smart Grid with One-Time Signature","volume":"2","author":"Li","year":"2011","journal-title":"IEEE Trans. Smart Grid"},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"2710","DOI":"10.1016\/j.adhoc.2013.05.003","article-title":"DTLS based security and two-way authentication for the Internet of Things","volume":"11","author":"Kothmayr","year":"2013","journal-title":"Ad Hoc Netw."},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Huth, C., Zibuschka, J., Duplys, P., and Guneysu, T. (2015, January 13\u201316). Securing systems on the Internet of Things via physical properties of devices and communications. Proceedings of the 2015 Annual IEEE Systems Conference (SysCon) Proceedings, Vancouver, BC, Canada.","DOI":"10.1109\/SYSCON.2015.7116721"},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Schmitt, C., Noack, M., and Stiller, B. (2016). TinyTO: Two-way authentication for constrained devices in the Internet of Things. Internet of Things, Elsevier.","DOI":"10.1016\/B978-0-12-805395-9.00013-7"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"3223","DOI":"10.4028\/www.scientific.net\/AMR.671-674.3223","article-title":"A Security Framework for the Internet of Things Based on Public Key Infrastructure","volume":"671\u2013674","author":"Hong","year":"2013","journal-title":"Adv. Mater. Res."},{"key":"ref_38","first-page":"1752","article-title":"Research on Data Security Technology in Internet of Things","volume":"433\u2013435","author":"Zhao","year":"2013","journal-title":"Appl. Mech. Mater."},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Etessami, K., and Rajamani, S.K. (2005). The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. Computer Aided Verification, Springer.","DOI":"10.1007\/b138445"},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Tangade, S., and Manvi, S.S. (2016, January 6\u20139). Scalable and privacy-preserving authentication protocol for secure vehicular communications. Proceedings of the 2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), Bangalore, India.","DOI":"10.1109\/ANTS.2016.7947800"},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Chung, Y., Choi, S., Lee, Y., Park, N., and Won, D. (2016). An Enhanced Lightweight Anonymous Authentication Scheme for a Scalable Localization Roaming Service in Wireless Sensor Networks. Sensors, 16.","DOI":"10.3390\/s16101653"},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Ahmed, M.E., and Kim, H. (2017, January 6\u20139). DDoS Attack Mitigation in Internet of Things Using Software Defined Networking. Proceedings of the 2017 IEEE Third International Conference on Big Data Computing Service and Applications (BigDataService), San Francisco, CA, USA.","DOI":"10.1109\/BigDataService.2017.41"},{"key":"ref_43","unstructured":"Na, S., Hwang, D., Shin, W., and Kim, K.H. (2017, January 11\u201313). Scenario and countermeasure for replay attack using join request messages in LoRaWAN. Proceedings of the 2017 International Conference on Information Networking (ICOIN), Da Nang, Vietnam."},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Anirudh, M., Thileeban, S.A., and Nallathambi, D.J. (2017, January 10\u201311). Use of honeypots for mitigating DoS attacks targeted on IoT networks. Proceedings of the 2017 International Conference on Computer, Communication and Signal Processing (ICCCSP), Chennai, India.","DOI":"10.1109\/ICCCSP.2017.7944057"},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Bamasag, O.O., and Youcef-Toumi, K. (2015, January 4\u20139). Towards continuous authentication in Internet of things based on secret sharing scheme. Proceedings of the WESS\u201915: Workshop on Embedded Systems Security, Amsterdam, The Netherlands.","DOI":"10.1145\/2818362.2818363"},{"key":"ref_46","unstructured":"Neto, A.L.M., Souza, A.L.F., Cunha, I., Nogueira, M., Nunes, I.O., Cotta, L., Gentille, N., Loureiro, A.A.F., Aranha, D.F., and Patil, H.K. (2016, January 14\u201316). AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle. Proceedings of the 14th ACM Conference on Embedded Network Sensor Systems CD-ROM (ACM SenSys 2016), New York, NY, USA."},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"553","DOI":"10.1109\/18.54902","article-title":"Cryptanalysis of short RSA secret exponents","volume":"160","author":"Wiener","year":"1990","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_48","unstructured":"Weisstein, E.W. (2003). Semiprime, Wolfram Research, Inc."},{"key":"ref_49","unstructured":"Kaddoura, I., Abdul-Nabi, S., and Al-Akhrass, K. (2016). New Formulas for Semi-Primes. Testing, Counting and Identification of the nth and next Semi-Primes. arXiv."},{"key":"ref_50","first-page":"775081","article-title":"An Original Numerical Factorization Algorithm","volume":"2016","author":"Kostopoulos","year":"2016","journal-title":"J. Inf. Assur. Cyber Secur."},{"key":"ref_51","doi-asserted-by":"crossref","first-page":"521","DOI":"10.1017\/S0305004100049252","article-title":"Theorems on factorization and primality testing","volume":"76","author":"Pollard","year":"1974","journal-title":"Proc. Camb. Philos. Soc."},{"key":"ref_52","doi-asserted-by":"crossref","unstructured":"Overmars, A., and Venkatraman, S. (2019). A Fast Factorisation of Semi-Primes Using Sum of Squares. Math. Comput. Appl., 24.","DOI":"10.3390\/mca24020062"},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"397","DOI":"10.1016\/0021-9991(67)90047-2","article-title":"Computational problems associated with Racah algebra","volume":"1","author":"Stein","year":"1967","journal-title":"J. Comput. Phys."},{"key":"ref_54","first-page":"242","article-title":"A New Factorization Method to Factorize RSA Public Key Encryption","volume":"8","author":"Ambedkar","year":"2011","journal-title":"Int. J. Comput. Sci. Issues (IJCSI)"},{"key":"ref_55","doi-asserted-by":"crossref","unstructured":"Yan, S.Y. (2018). Factoring Based Cryptography. Cyber Cryptography: Applicable Cryptography for Cyberspace Security, Springer.","DOI":"10.1007\/978-3-319-72536-9"},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"242","DOI":"10.3934\/math.2019.2.242","article-title":"A new approach to generate all Pythagorean triples","volume":"4","author":"Overmars","year":"2019","journal-title":"AIMS Math."},{"key":"ref_57","first-page":"169","article-title":"The complexity of computations","volume":"211","author":"Karatsuba","year":"1995","journal-title":"Proc. Steklov Inst. Math."},{"key":"ref_58","doi-asserted-by":"crossref","first-page":"023107","DOI":"10.1063\/1.4975761","article-title":"Polynomial-time solution of prime factorization and NP-complete problems with digital memcomputing machines","volume":"27","author":"Traversa","year":"2017","journal-title":"Chaos Interdiscip. J. Nonlinear Sci."}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/3\/3\/20\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T13:11:28Z","timestamp":1760188288000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/3\/3\/20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,8,15]]},"references-count":58,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2019,9]]}},"alternative-id":["cryptography3030020"],"URL":"https:\/\/doi.org\/10.3390\/cryptography3030020","relation":{},"ISSN":["2410-387X"],"issn-type":[{"type":"electronic","value":"2410-387X"}],"subject":[],"published":{"date-parts":[[2019,8,15]]}}}