Search papers, labs, and topics across Lattice.
This paper evaluates the performance overhead of implementing ChaCha20-Poly1305 encryption on low-cost edge devices commonly found in IoT and ICS environments. The study measures the time cost of encryption within the communication cycle of devices like Raspberry Pi 4 and Intel N95 Mini PC. Results show that ChaCha20-Poly1305 encryption adds minimal latency, consuming less than 7.1% of the latency budget for GOOSE and 3% for IEC-60834-1, demonstrating its feasibility for securing these protocols.
Securing legacy industrial protocols with modern encryption like ChaCha20-Poly1305 is far more practical than previously thought, adding single-digit percentage overhead to latency-sensitive applications.
Industrial Control Systems (ICS), and many simple Internet of Things (IoT) devices, commonly communicate using unencrypted or unauthenticated protocols. For ICS this is an historical carryover since the introduction of these systems predated practical lightweight cryptography. As the processing power of small devices has grown exponentially at the same time as new, more efficient encryption algorithms have become available, end device encryption of communication protocols is becoming much more practical, but is still not widely used with ICS protocols such as Modbus and IEC61850 (GOOSE) which have tight requirements for both latency and variance. Newer micro-processors can also present challenges both to measurement and use, since features such as dynamic frequency scaling can significantly impact performance measurements. In this paper, we measured the time cost of adding encryption into the communication cycle of low-cost edge devices using ChaCha20-Poly1305, and show that in the worst case the encryption cycle took less than 7.1 percent of the latency requirements of Goose, and less than 3% for IEC-60834-1 on Raspberry PI 4, and an Intel N95 Mini PC, which is well within the specified latency requirements for these protocols.
