New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT

Abstract

The potential benefits of the Internet of Things (IoT) are hampered by malicious interventions of attackers when the fundamental security requirements such as authentication and authorization are not sufficiently met and existing measures are unable to protect the IoT environment from data breaches. With the spectrum of IoT application domains increasing to include mobile health, smart homes and smart cities in everyday life, the consequences of an attack in the IoT network connecting billions of devices will become critical. Due to the challenges in applying existing cryptographic standards to resource constrained IoT devices, new security solutions being proposed come with a tradeoff between security and performance. While much research has focused on developing lightweight cryptographic solutions that predominantly adopt RSA (Rivest–Shamir–Adleman) authentication methods, there is a need to identify the limitations in the usage of such measures. This research paper discusses the importance of a better understanding of RSA-based lightweight cryptography and the associated vulnerabilities of the cryptographic keys that are generated using semi-primes. In this paper, we employ mathematical operations on the sum of four squares to obtain one of the prime factors of a semi-prime that could lead to the attack of the RSA keys. We consider the even sum of squares and show how a modified binary greatest common divisor (GCD) can be used to quickly recover one of the factors of a semi-prime. The method presented in this paper only uses binary arithmetic shifts that are more suitable for the resource-constrained IoT landscape. This is a further improvement on previous work based on Euler’s method which is demonstrated using an illustration that allows for the faster testing of multiple sums of squares solutions more quickly.

1. Introduction

With the development of a variety of technologies such as sensors, actuators, controllers, mobile devices and cloud computing, the Internet of Things (IoT) is evolving to be a large network of networks connecting smart devices that are exponentially growing in the physical world [1]. By seamlessly interconnecting humans with such an intelligent physical world, the IoT brings about benefits in various domains such as public health, transportation, agriculture, energy management, and waste management that can lead to smart cities and homes [2,3]. While such smart devices have capabilities to collect and analyze huge data for decision-making, security is a major concern, as IoT attacks by perpetuators with malicious interventions are on the rise. Hence, secure authentication and authorization form a supreme requirement in an IoT system, as a malicious unauthenticated device could lead to severe damages to individuals and organisations [4,5]. More than the connectivity challenges for billions of devices to interact with humans and communicate with each other, with the IoT being exploited to become an attack tool, security challenges are becoming top priority in the recent research agenda [6,7]. In addition, due to the inherent resource limitations of IoT devices, traditional communication protocols and security schemes are either infeasible or ineffective. Recently, a security weakness discovered in a pacemaker device became a threat for a patient using it because the hacker of the device could take control of the patient’s heart-beat. The impact of such a security breach can be life-threatening, and, hence, the US Food and Drug Administration (FDA) has recalled 500,000 pacemakers with identified security gaps [8].

The success of IoT-enabled technologies in the development of smart cities, smart homes and intelligent mobile-health systems depends on the robustness in IoT authentication and secure data transmission between the IoT nodes and servers [9,10]. The aim of IoT security solutions is to prevent the leakage of private information and harmful actuating activities. However, IoT devices suffer from security limitations due to their resource constrained attributes [11] such as:

• Power and energy consumption.
• Communication bandwidth.
• Memory capacity (e.g., RAM (Random-access memory), Flash).
• Size and complexity (e.g., display, storage, gate count, I/O (Input/output) pin count).
• Lack of user interface.
• Short device lifetime.

Due to the inherent limitations of the IoT devices, they are susceptible to be captured by an adversary, since traditional authentication schemes are infeasible and cannot be practically deployed in resource constrained IoT environment. Existing solutions such as public-key-based authentication, identity-based authentication, encryption, and digital signature require suitable adaptation depending on the security needs of the IoT device application [12,13]. The RSA (Rivest–Shamir–Adleman), named after its inventors, is well known among all the public key algorithms due the difficulty in finding its public and private keys that consist of prime factors of a large number (semi-prime) [14,15]. However, due to the specific requirements of IoT devices, such traditional authentication schemes that are designed for high processing and large memory devices cannot be easily re-designed to suit the resource constrained IoT nodes. Hence, the need for lightweight security solutions has been realized for ensuring the security requirements of an IoT network. In particular, authentication is considered as a key requirement, since trusted access to the IoT device is crucial for the well-functioning of the network. Further, many existing solutions for IoT security are cloud-based and are susceptible to internet prone vulnerabilities [16]. The entire IoT network could be brought down by a malicious attack or even a single compromised node [17,18]. While the emergence of lightweight authentication schemes or cryptography is on the rise, researchers are still at the first step of evaluating the proposed authentication protocols in terms of their strengths and weaknesses [19]. Overall, the main challenges identified are heterogeneity, scalability, and inter-operability as new IoT devices and network protocols are introduced in open environments.

Recently, IoT devices are being embedded with several lightweight block ciphers, which has resulted in the need to ensure the security of the secret/sensitive cryptographic keys within the device throughout its life cycle [20,21]. Today, RSA is adopted for several purposes such as key exchange, digital signatures, or even the encryption of small blocks of data (block ciphers) [12]. The key-pair of RSA that uses a variable size encryption block and a variable size key is derived from a very large number (a semi-prime). If this large number is known, determining the two prime factors is computationally difficult. This property can be used as a secure communications channel in the IoT to openly publish the “public” key to anyone wishing to send a secure message, since someone who knows the prime factors can only decrypt the message. Such a secure communication channel can be used to share keys for lightweight cryptographic algorithms that are still very robust but require less computing power than the public key cryptosystems [22]. Hence, many algorithms to factor large numbers for attacking schemes such as RSA are gaining attention [23,24,25]. This motivates our research to identify the limitations of RSA-based lightweight block ciphers for IoT authentication requirements. A device could be active for several years since it is manufactured, and, during its life span, it is important to identify its safety zone before it can be physically accessible by attackers. To address this problem, we analyze the level of resistance of RSA against malicious attacks by proposing a new method of factorization of semi-primes and determining its practical implementation feasibility.

In this paper, we first present a review of RSA-based IoT authentication schemes. Next, we discuss the attacking techniques adopted in the four layers of IoT architecture and how our research fits in. Finally, we propose a new method to perform resource-efficient semi-prime factorization that could lead to RSA attacks using practical illustrations. Then, we provide mathematical proof of its improvement over previous work before concluding the paper with future research directions.

2. RSA-Based Authentication Schemes for the IoT

The aim of a cryptosystem is to encrypt a message before it is transmitted so that only the authenticated user who has the right key to decrypt would be able to read the message while preserving its confidentiality and integrity throughout the transmission process. Several cryptosystems are widely used in computer networks with a common goal to protect private communications. A number of ciphers have been developed, such as the Data Encryption Standard (DES), Ron Rivest, Adi Shamir and Leonard Adleman (RSA) [26]. RSA is one of the widely used public-key cryptosystems, and it is based on the practical difficulty of finding the factors of a semiprime number. In general, a key pair consisting of the public key and the private key can be easily generated for encryption and decryption. While the public key is publicly made available, the private key is maintained as a secret. The public key is generally used for two main purposes: (i) For the public-key encryption of a message into a cipher text that can be decrypted only with the corresponding private key, and (ii) for exchanging digital signatures, wherein a cipher text generated with the private key can be decrypted by anyone who has access to the public key. Therefore, RSA-based security schemes are popularly used to protect confidential information and communications while also authenticating the senders and receivers of the information to be securely shared. However, the security strength of RSA depends on the difficulty to determine a private key from its public key, and, therefore, deciding on the length of the private key plays an important factor for securing the system from attacks that can decode the message [27]. A large key size of RSA increases the level of security but slows down the algorithm due to expensive computation costs. RSA encryption is an expensive operation; in the IoT, however, it is commonly used to pass encrypted shared keys for symmetric key cryptography,

It has become a clear requirement in the IoT landscape that calls for a lightweight key distribution method using the public key to securely communicate between nodes and the IoT infrastructure in order to reduce computational costs. Encryption algorithms such as the Advanced Encryption Standard (AES) established by the U.S. National Institute of Standards and Technology (NIST), RSA, and elliptical curve cryptography (ECC) cannot be deployed to an IoT device. Due to these limitations, the internet engineering task force (IETF) has considered the application of a Transport Layer Security (TLS), a Datagram Transport Layer Security (DTLS) and internet protocol security (IPSec) in IP-based networks [28]. The use of a DTLS to constrained application protocol (CoAP) is considered to be the key protocol in the IoT [29].

In recent years, NIST- approved cryptography algorithms have been adapted to fit into the limited resources of constrained IoT environments. However, their performance may not be acceptable, and NIST has described plans for the standardization of lightweight cryptographic algorithms [30]. Hence, the performance and security challenges in the IoT, such as storage cost and key management, form the prime motivation for recent research studies. Several lightweight authentication protocols as well as methods to include a one-time signature for multicast authentication have been proposed for smart grids [31,32,33]. Two-way IoT authentication schemes based on RSA with the use of the Trusted Platform Module (TPM) have been enhanced using the Datagram Transport Layer Security (DTLS) protocol with the exchange of certificates based on RSA [34]. A mutual authentication scheme was also proposed [35,36]. It consists of two stages: In the enrollment stage, every node is identified within the system; in the authentication stage, a number of handshake messages are exchanged between the end device and the server, resulting in a session key used for the secure communication. Recent research studies have proposed different protocols for different purposes: Diffie–Hellman for key agreement protocol, RSA and Advanced Encryption Standard (AES) for achieving message confidentiality, and hash-based message authentication code (HMAC) for maintaining message integrity. Even though traditional public key infrastructure (PKI) is not considered suitable for the IoT due to computation and communication costs, recent studies have proposed a lightweight PKI within IoT use cases, including efficient message transmission to ensure privacy and security [37,38]. Such novel schemes using customized data encapsulation could reduce both computation and communication overhead, thereby making RSA encryption viable for the IoT.

3. IoT Authentication Issues and Attacks

There are several IoT authentication challenges and issues that need to be understood before employing the right security solution that can dynamically vary with the situation [21,35]. Based on certain critical situations such as IoT health applications, frequent authorization and authentication are necessary and could dynamically vary, potentially resulting in changes to the authorization of IoT devices [2]. To address these issues, automated mutual authentication without user intervention is required in supporting users from remembering passwords for a large number of devices [39]. Additionally, due to the dynamic changes to the network environment under which the devices operate, unstable connectivity warrants adding and removing mobile devices from authentication/authorization systems which should be trusted and manageable in the IoT network. Various considerations for resource-constrained devices and scalability in IoT network architecture are essential [40,41]. In certain critical situations, the availability of IoT devices is as important as information protection and privacy. Hence, the availability of IoT authentication and authorization services should not be hampered by network attacks or internet disruptions. IoT security solutions should be easily deployable and manageable in local networks without having to depend too much on remote systems so that scalability within heterogeneous IoT networks could be achieved while protecting from various security risks.

Today, organisations are required to defend against cloud, mobile and IoT security attacks, in addition to risks caused by third-party users [42]. They need to identify and monitor the IoT devices connected to their networks as well as the IoT activities that require business information access and storage. Hence, there are serious security and privacy challenges that need to be addressed in order to make the IoT environment secure in an organisation. It is important to consciously understand that IoT devices are also required to be treated as entities similar to the users for operating within the organisation’s network. The level of authorization/authentication should be determined for every IoT device so that customized security solutions are applied. Many attacks take place after launching the IoT authentication schemes without understanding what data are collected or shared by the devices, how sensitive they are, and who are authorized to share them while determining the device storage, access and decommissioning requirements. Some attacks are due to incomplete firmware updates [43,44]. Hence, it is also important to understand the attack techniques employed in the IoT environment in order to employ suitable IoT security measures.

The main types of IoT attacks are: (i) denial of service (DoS) attacks that can block the availability of IoT system or services so that the resources are completely exhausted; (ii) physical attacks that can tamper the device components bringing risks to the IoT systems; (iii) eavesdropping that can compromise confidentiality when there is unauthorized access of IoT end-nodes due to impersonation or man-in-the-middle (MITM) of a malicious entity in the IoT network [24]. In an MITM attack, the malicious user replaces the exchanged keys in the public key cryptosystem with its own key to establish a secure channel to gain access to private messages; (iv) access attacks that allow unauthorized entities to gain access to IoT systems or devices; and (v) other attacks, such as channel side attacks, firmware attacks, RAM attacks and ransomware. A knowledge of these attacks helps IoT system developers to employ security primitives, schemes and protocols to be customized to lightweight cryptography. Probabilistic key sharing mechanisms should include the pre-distribution of keys, shared-key discovery of its neighbours, and assigning them with path-keys [45]. Various policies should also be established for node-to-node authentication, key revocation and disabling of sensors when node-capture is detected.

The right IoT authentication schemes in each of the four layers of the IoT architecture, which is based on the Open Systems Interconnection (OSI) model, are selected depending on the security requirements for each of the four layers [10]. The users communicate with the IoT devices through an interface that is present within the application layer [7]. The security in this application layer depends on the application requirements and data sharing issues related to access control, data privacy and integrity are some of the important challenges to be addressed. In this layer, the security solution should take care of IoT authentication and key agreement, as well as policies around user password management and awareness training. The next layer, namely the network layer, is responsible for the secure data transmission in the IoT network via various wireless technologies such as Bluetooth, infrared, internet, and Wi-Fi as well as a wired connection to a local area network (LAN). Common security problems due to DoS, MITM, eavesdropping, etc., are applicable in this network layer, and due to the mobility of the nodes in an IoT network, this layer is more vulnerable to attacks. Illegal nodes joining and leaving the network without prior authentication could contribute to the major security problem in the network layer. The support layer works with both the application layer and the network layer, and it makes use of cloud computing and smart grids for various computation intensive processing and intelligence. This layer supports with massive data processing and hence can be used for generating keys for IoT authentication methods such as RSA. However, this layer is also susceptible to RSA and other authentication scheme attacks. The final layer, namely the perception/recognition layer uses wireless data communication to automatically identify physical devices using technologies such as radio frequency identification (RFID), Global Positioning System (GPS), Zigbee, Smart card and sensor networks [22]. The data transmitted through wireless sensor networks are also vulnerable to sensor attacks such as node-capture, DoS and fake nodes. Due to the limitations of memory, power and bandwidth, this layer requires lightweight security measures for practical implementations.

Overall, all the four layers of an IoT architecture are faced with IoT authentication issues, and the attack surface of the modern enterprise is expanding requiring a layer-based approach for ensuring message authentication and integrity in the IoT environment. The security scheme should be enforced during the entire life cycle of the device, including secure boot and access control. In the secure boot process, the cryptography allows an electronic device to start executing authenticated and trusted schemes of public-key-based signature verification such as lightweight RSA to operate [46,47]. However, the nodes still need protection from various run-time threats and attacks that require appropriate access control schemes. Different forms of resources and roles in the IoT should be authorized using public key cryptography schemes to verify the integrity and authenticity of data. The digital signature ensures message integrity and authenticity. While message integrity is guaranteed by message digest or a secure hash algorithm, the authenticity is guaranteed by the public-key-based signature scheme consisting of key pairs (with a private key stored secretly and one public key available publicly to anyone). These keys are semi-primes and for RSA-based lightweight cryptography, the security strength depends on how quickly the factorization of semi-primes can be computed. Popular methods using the sum of four squares can generate many correct solutions; however, only one of these leads to the factorization of semi-primes. The aim of this paper is to propose a new correct factorisation method that could be employed for breaking RSA-based lightweight keys. Hence, to determine the limitations of RSA authentication in the IoT, in the next section, we propose a semi-prime factorization method using illustrations of breaking the lightweight cryptographic keys and also mathematically prove its efficiency.

4. Proposed Semi-Prime Factorisation Method Using Illustrations

Lightweight cryptography, a subfield of cryptography, aims to provide security solutions tailored to resource-constrained devices. A significant amount of work has been done by the academic community to introduce new lightweight algorithms and protocols. These complex cryptographic algorithms involve a great deal of mathematics at the core that can even be buried inside the electronic devices within the IoT. While mathematics is used to create difficult-to-break cryptographic functions, it has been proven that mathematics could also be used to break cryptographic keys, provided we can determine the two prime factors computationally fast enough. This forms the prime motivation to propose a fast semi-prime factorisation method using mathematical operations [48,49,50]. Currently, the RSA encryption algorithm is one of the most secure methods to transmit messages over the internet. The RSA cryptosystem uses a public key and a private key, and these keys are semi-primes. For RSA-based lightweight cryptography, these key lengths have limitations and are vulnerable to factorisation attacks. Existing literature shows that a semi-prime can be expressed as a sum of four squares and that fast factorisation methods exist [51,52]. We identify the limitations of the four squares method using illustrations in Case 1 and 2.

The four squares method generates many solutions of four squares; however, only one solution exists that will provide a factorization. Therefore, a fast method for testing a sum of four squares to determine its suitability as the correct factorization solution should be done as efficiently (quickly) as possible. We propose an enhanced method in this work and demonstrate the implementation using illustrated examples and verify its efficiency mathematically. By comparing three cases, the efficiency of our proposed method is demonstrated using an illustration in Case 3.

Case 1. Consider a semi-prime, N = 169, which could be used to generate a lightweight cryptographic key in an RSA algorithm. This semi-prime can be expressed as the sum of four squares:

$$169={13}^2=\left(2^2+3^2\right)\left(2^2+3^2\right)=4^2+6^2+6^2+9^2=4^2+4^2+4^2+{11}^2$$

The Brahmagupta–Fibonacci identity expresses the product of two sums of two squares as a sum of two squares in two different ways as follows:

$$\begin{gathered} N=p_1{p}_2=\left(a^2+b^2\right)\left(c^2+d^2\right)={\left(ac-bd\right)}^2+{\left(ad+bc\right)}^2 \\ ={\left(ac+bd\right)}^2+{\left(ad-bc\right)}^2 \end{gathered}$$

Applying the Brahmagupta–Fibonacci identity from above, we get

$$4^2+6^2+6^2+9^2={\left(9-4\right)}^2+{\left(6+6\right)}^2=5^2+{12}^2={\left(9+4\right)}^2+{\left(6-6\right)}^2={13}^2+0^2={13}^2$$

$$4^2+4^2+4^2+{11}^2\ne {\left(11-4\right)}^2+{\left(4+4\right)}^2=7^2+8^2=113\ne 169$$

$$4^2+4^2+4^2+{11}^2\ne {\left(11+4\right)}^2+{\left(4-4\right)}^2=15+0^2=225\ne 169$$

Case 2. Consider a semi-prime, N = 377, which could be used to generate a lightweight cryptographic key in an RSA algorithm. This semi-prime can be expressed as the sum of four squares:

$$377=\left(13\right)\left(29\right)=\left(2^2+3^2\right)\left(2^2+5^2\right)=4^2+6^2+{10}^2+{15}^2$$

Applying the Brahmagupta–Fibonacci identity provides the two sums of squares.

$$377=4^2+6^2+{10}^2+{15}^2={\left(15-4\right)}^2+{\left(10+6\right)}^2={11}^2+{16}^2={\left(15+4\right)}^2+{\left(10-6\right)}^2={19}^2+4^2$$

$$377=4^2+{19}^2={11}^2+{16}^2$$

Once the two sums of two squares are known, the prime factors can be found using a modified Euler factorisation.

$$\Delta e=16-4=12,\Delta o=19-11=8,g=\gcd \left(8,12\right)=4,p_1={\left(\frac{8}{4}\right)}^2+{\left(\frac{12}{4}\right)}^2=13$$

However, in this case, there are nine sums of four squares.

$$\left(1,4,6,18\right),\left(1,6,12,14\right),\left(2,2,12,15\right),\left(2,6,9,16\right),\left(4,6,6,17\right),\left(4,6,10,15\right),\left(5,8,12,12\right),\left(6,6,7,16\right),\left(6,8,9,14\right)$$

Only one of these is applicable to the Brahmagupta–Fibonacci identity, providing the two sum of two squares.

A faster method, using a modified binary greatest common divisor, quickly validates a sum of four squares.

$$\left(4,6,10,15\right)=15,2\left(5,2,3\right)\Rightarrow \left(5,2\right),\left(2,3\right)\Rightarrow \left(2^2+5^2\right)\left(2^2+3^2\right)=\left(29\right)\left(13\right)=377$$

This requires sums of four squares to be found until the correct sum of four squares is factored.

Case 3. Consider a semi-prime used to generate a lightweight cryptographic key in an RSA algorithm: $N=1445897$.

This semi-prime can be expressed as the sum of four squares:

$$1445897={120}^2+{224}^2+{555}^2+{1036}^2\stackrel{\scriptscriptstyle\mathrm{def}}{=}\left(120,224,555,1036\right)$$

Consider the odd square and re-order the squares:

$$\left(120,224,555,1036\right)=\left(555,120,224,1036\right)$$

Divide the remaining even squares by two until an odd square results and factor this out.

$$\left(555,120,224,1036\right)=\left(555,4\left(30,56,259\right)\right)$$

Consider the odd square and re-order the squares:

$$\left(555,4\left(30,56,259\right)\right)=(555,4\left(259,30,56\right)$$

Divide the remaining even squares by two until an odd square results and factor this out.

$$\left(555,4\left(30,56,259\right)\right)=(555,4\left(259,2\left(15,28\right)\right)$$

This is considered to be the solution, and the remaining odd/even pair is a factor of the semi-prime.

$$1445897=(555,4\left(259,2\left(15,28\right)\right)\Rightarrow p_1={15}^2+{28}^2=1009$$

The solution can be tested by a division.

$$p_2=\frac{1445897}{1009}=1433$$

4.1. Proposed Factorisation Implementation Using Binary Greatest Common Divisor (GCD)

We adopted Stein’s binary greatest common divisor (GCD) algorithm that computes the greatest common divisor of two nonnegative integers using simpler arithmetic shifts, comparisons, and subtraction operations that provide much faster computations [53]. For the purpose of illustration, let us consider the semi-prime given below.

Consider the semi-prime, $N=1445897=(555,4\left(259,2\left(15,28\right)\right)$

The implementation of our proposed factorisation method using the GCD function is provided here.

1. Test least significant bit (LSB)
$\mathbf{555}$	${1000101011}_2$	$1000101001\mid 1$	$Delete$
2. Shift right until LSB set
$\mathbf{1036}$	${10000001100}_2$	$100000011\mid 00$	$Delete$
3. Shift right until LSB set
$\mathbf{224}$	${11100000}_2$	$11100\mid 000$	${11100}_2$	${28}_D$
$\mathbf{120}$	${1111000}_2$	$1111\mid 000$	${1111}_2$	${15}_D$
4. Sum squares
${28}^2$	${15}^2$	$p_1=1009$
5. Division
$\frac{1445897}{1009}$		$p_2=1433$

$$555={1000101011}_2=10001010\mid 0111036={10000001100}_2=10000001\mid 100$$

$$224={11100000}_2=11100\mid 000\Rightarrow {11100}_2={28}_D$$

$$120={1111000}_2=1111\mid 000\Rightarrow {1111}_2={15}_D$$

$${28}^2+{15}^2=1009,p_1=1009,p_2=\frac{1445897}{1009}=1433$$

The above example, whilst illustrating the basic principle, is a special case, as one of the factors of the two squares is a higher power of $2^n$ than the other, such that $1433=8^2+{37}^2$.

The factor $8={1000}_2=2^{3}and28={11100}_2=2^4+2^3+2^2$ is such that $2^2<2^3$, so the shift right leaves a unique factor.

Consider the semi-prime, $6401$.

This can be expressed as $6401=2^2+{12}^2+{13}^2+{78}^2=\left(2,12,13,78\right)=\left(13,2\left(1,6,39\right)\right).$

This cannot be reduced further and has three terms (not two). However, upon quick inspection $p_1=1^2+6^2=\left(1,6\right)=37$ and $p_2=157$.

Note that the $\mathrm{GCD}\left(1,6\right)=1\Rightarrow \left(\frac{1}{1},\frac{6}{1}\right)=\left(1,6\right)=37$ and $\gcd \left(6,39\right)=3\Rightarrow \left(\frac{6}{3},\frac{39}{3}\right)=\left(2,13\right)=173.$

Consider the semi-prime, $5809.$

$$5809=\left(6,11,36,66\right)=\left(11,2\left(3,18,33\right)\right).$$

$$\mathrm{GCD}\left(3,18\right)=3\Rightarrow \left(\frac{3}{3},\frac{18}{3}\right)=\left(1,6\right)\Rightarrow p_1=37, GCD=3\Rightarrow \left(\frac{18}{3},\frac{33}{3}\right)=\left(6,11\right)=157.$$

Note that, to factorize the semi-prime, only one of the GCD functions needs to be determined.

This, in essence demonstrated the working of our proposed semi-prime factorisation method using binary GCD.

4.2. Mathematical Proof for Efficiency

Revisiting the RSA algorithm, we have $N$ to be a product of two prime numbers ($N=p_1{p}_2$) and a semi-prime [54,55]. Previous research [52,56] showed that one of the primes $p_2$ can be derived as follows:

$$N=p_1{p}_2=\left(a^2+b^2\right)\left(c^2+d^2\right)$$

If this specific sum of four squares is known, then

$$N={\left(ac\right)}^2+{\left(bc\right)}^2+{\left(ad\right)}^2+{\left(bd\right)}^2={\left(ad\pm bc\right)}^2+{\left(bd\mp ac\right)}^2$$

Then by considering the parity

$$\begin{gathered} N={\left(ad+bc\right)}^2+{\left(bd-ac\right)}^2={\left(ad-bc\right)}^2+{\left(bd+ac\right)}^2=od{d}_1^2+eve{n}_1^2=od{d}_2^2+eve{n}_2^2 \\ \Delta o=od{d}_1-od{d}_2,\Delta e=eve{n}_1-eve{n}_2,g=\mathrm{GCD}\left(\Delta o,\Delta e\right) \end{gathered}$$

It can be shown that one of the primes, $p_2$ can be represented as:

$$p_2={\left(\frac{\Delta o}{g}\right)}^2+{\left(\frac{\Delta e}{g}\right)}^2,p_1=\frac{N}{p_2}.$$

If $N=\left(ac,bc,ad,bd\right)$ are known, this can be summarised by the following steps:

Definition: $od{d}_n\stackrel{\scriptscriptstyle\mathrm{def}}{=}{o}_n,eve{n}_n\stackrel{\scriptscriptstyle\mathrm{def}}{=}{e}_n$

• ${\left(ad+bc\right)}^2+{\left(bd-ac\right)}^2={\left(ad-bc\right)}^2+{\left(bd+ac\right)}^2=o_1^2+e_1^2=o_2^2+e_2^2$
• $\Delta o=o_1-o_2,\Delta e=e_1-e_2,g=\mathrm{GCD}\left(\Delta o,\Delta e\right)$
• $p_2={\left(\frac{\Delta o}{g}\right)}^2+{\left(\frac{\Delta e}{g}\right)}^2,p_1=\frac{N}{p_2}$

By performing a comparative analysis of Cases 2 and 3 described above, the new method can be summarised as follows:

• $N=\left(a,b,c,d\right)=\left(o_1,e_2,e_3,e_4\right)=\left(o_1,2^m\left(o_2,e_5,e_6\right)\right)$
• $g=\mathrm{GCD}\left(o_2,e_5\right)$
• $p_2={\left(\frac{o_2}{g}\right)}^2+{\left(\frac{e_5}{g}\right)}^2,p_1=\frac{N}{p_2}$

OR best case scenario

• $N=\left(a,b,c,d\right)=\left(o_1,e_2,e_3,e_4\right)=\left(o_1,2^m\left(o_2,2^n(o_3,e_5\right)\right)$
• $p_2={\left(o_3\right)}^2+{\left(e_5\right)}^2, p_1=\frac{N}{p_2}$

In general, the number of operations of a factorisation algorithm determines its computational complexity [57]. RSA encryption keys are developed and used in practical deployments, since existing algorithms are not able to solve the factorisation problem in polynomial time [58]. It is clear from the above mathematical proof that our new method is significantly faster by testing possible sum of squares as solutions to $N=p_1{p}_2,$ and this could lead to possible RSA key attacks in the IoT.

5. Conclusions and Future Work

This paper presented the importance of security requirements in the IoT and the applicability of RSA-based lightweight cryptography. A review of recent works related to RSA authentication in the IoT environment was provided. We identified the IoT authentication issues and attacks possible at the four layers of IoT architecture by identifying the associated vulnerabilities of the cryptographic keys that are generated using semi-primes. We proposed a semi-prime factorisation method of lightweight RSA keys by employing simple mathematical operations such as modified binary greatest common divisor and binary arithmetic shifts that are more suitable for the resource-constrained IoT context. We demonstrated the implementation steps using suitable semi-prime examples and proved its efficiency mathematically. This ongoing research provides scope for addressing the open issues and in identifying limitations of IoT authentication schemes for IoT networks and applications. Future work would involve further mathematical investigations by considering a hybrid factorization method using Lebesgue’s identity along with Fermat’s factorization in order to arrive at a reduction in the sum of four squares.