Next-Gen fortified health monitoring for cyber physical systems in internet of things using logistic maps based encryption

For the secured communication between wearable devices (like fitness trackers or medical-grade monitoring devices) and central healthcare systems. It ensures confidentiality, integrity, and authentication of health data transmitted over low-power and constrained environments, such as in the Internet of Medical Things (IoMT).

It can be used to encrypt and secure sensitive patient data, such as heart rate, blood pressure, or glucose levels, when transmitted from remote monitoring devices to healthcare providers, ensuring secure real-time monitoring and response.

In secure storage and transmission of Electronic Health Records, applied to safeguard sensitive patient information while maintaining system performance in embedded environments or constrained storage systems.

It can secure inter-device communication between medical equipment (e.g., infusion pumps, diagnostic devices, ventilators) within a hospital, ensuring the integrity and confidentiality of data exchanged without adding significant computational overhead.

Telemedicine applications, where doctors remotely diagnose or treat patients, can integrate this approach to protect the confidentiality of consultation data, medical advice, and real-time monitoring information.

Devices like pacemakers or insulin pumps can utilize this for secure wireless communication to prevent unauthorized access or control, ensuring the safety and privacy of the patient. The light weight, robust nature makes it highly effective for use in these healthcare applications, especially where devices have limited computational and power resources [3]. This paper is classified into various sections as follows section 2 presents the literature survey. Section 3 provides an introduction of the proposed work . Section 4 deals with the experimental setup involved in the methodology and section 5 deals with experimental results and discussions. Finally the conclusions are given as section 6.

Zoom In Zoom Out Reset image size

IoT systems make use of lightweight ciphers for constraints like size and power. ASCON provides security due to the implementation-based attack. As this focuses on fault analysis, therefore, it offers resistance against classical cryptanalysis. However, vulnerabilities in its key whitening operation and S-box demand a totally different attack, like Preliminary and Subset fault analysis. Countermeasures, including one comprising a resilient S-box mapping, have been proposed [1]. A new cryptographic algorithm using two-dimensional chaotic maps based on the confusion-diffusion model was presented. Image encryption was in terms of the shuffling of images by the logistic map and chaotic sequence generation with subsequent masking of images [2].

Zoom In Zoom Out Reset image size

With the growing aging population, monitoring elderly health has become increasingly important. Thus a real-time health monitoring system was designed. It collected and analyzes physiological data, which can be accessed by medical staff through a mobile application. Experimental results confirm the system's reliability in accurately detecting and tracking key health indicators. Healthcare is a highly data-intensive industry, generating large volumes of sensitive patient information. Protecting this data is crucial, as breaches affect over 40 million patient records annually in the U.S. Hospitals and insurers often rank low in customer satisfaction due to poor service and transparency. Data encryption plays a vital role in securing healthcare data and preventing breaches, making it a key focus in healthcare security practices [4]. Thus , for ensuring data integrity and security as it is paramount for effective patient treatment, secure data routing in IoT-based healthcare, employing algorithms to ensure confidentiality and hashing techniques to maintain data integrity was proposed [5]. With the surge in mobile users, secure access to e-health data via wearable sensors is imperative. Authentication, utilizing SHA-512, precedes sensor data transmission to the cloud. Encryption involving Substitution-Caesar cipher and enhanced Elliptical Curve Cryptography (IECC), bolstered by an additional secret key for heightened security was presented [6]. Further more in numerous countries, the Internet of Medical Things (IoMT) has been deployed alongside other strategies to combat COVID-19, enhance the safety of healthcare workers, and reduce the impact of the virus on human lives, leading to lower mortality rates. Substantial progress has been made in IoMT applications, technology, and security, fueled by its rapid global adoption. Thus research works indicating security for IoMT applications can be achieved by integrating advanced security measures. Additionally, emerging IoMT technologies combined with Artificial Intelligence, Big Data, and Blockchain offer promising solutions in this field [7].

Zoom In Zoom Out Reset image size

The Internet of Things (IoT) has revolutionized healthcare with connected devices like smartwatches that monitor health metrics. However, data security remains a major concern. Chaotic maps offer advantages in cryptography due to their complexity, unpredictability, and sensitivity to initial conditions. However, many chaos-based systems face issues like low efficiency and limited security. There are works introducing an enhanced logistic map (ELM), which improves randomness, data distribution, and security. A novel pseudorandom number generator (PRNG) based on ELM is also proposed, demonstrating strong statistical security for cryptographic use [8]. As it is well known that cryptography plays a vital role in safeguarding information, especially in the health sector, where data security is a major concern. Advances in biomedical research and technology have improved data protection, focusing on the AES algorithm for secure information handling. Additionally, a double hashing algorithm enhances the protection of sensitive health data was presented [9]. Discrete logarithmic pseudorandom number generators (CSPRNGs) often face a tradeoff between security and performance due to their security parameter. The research works introducing a modification to Gennaro's generator, using bitwise logical operations instead of word-wise arithmetic operations was given. By leveraging these logical operations at the register level, the security-performance tradeoff is minimized, improving efficiency without compromising security, as verified by NIST SP 800–22 randomness tests [10]. The DNA cryptography technique using dynamic mechanisms, specifically a 'dynamic sequence table' and 'dynamic DNA encoding.' ASCII characters are mapped to DNA bases, and positions are dynamically rearranged. The ciphertext is encrypted in chunks using an asymmetric cryptosystem and merged via dynamic DNA encoding. This approach enhanced data security. The technique was evaluated through comparative studies, security analyses, and NIST randomness tests [11]. Many more secure methods were presented, ALICA, a new lightweight block cipher proposed, addressed security challenges in resource-constrained sensor nodes. It features a generalized Feistel structure and optimized S-box design for efficient software and hardware implementation in IoT environments [12]. RECO-ASCON, a reconfigurable security processor backing up cryptographic Hash and Hasha ASCON algorithms was introduced. Implemented in Chisel, it demonstrated high performance across various hardware platforms, offering energy efficiency and compactness. Evaluation in 28 nm and 45 nm technologies showcases its versatility and suitability for IoT systems [13]. While ASCON is a highly regarded design for authenticated encryption with associated data (AEAD), known for its selection as the top choice for lightweight applications in the CAESAR competition and its submission to the NIST lightweight cryptography standardization process. Despite its widespread recognition, no other AEAD has yet surpassed ASCON in terms of security and lightweight design. The creation of Sycon, a new lightweight AEAD. On comprehensive security analysis it shows that Sycon matches ASCON's security level. Sycon, therefore, sets a new benchmark as the lightest AEAD in the ASCON family [14]. Another method utilizing a 3D-LFS chaotic map and NFSR, a novel encryption method ensured security and efficiency. Compatible with diverse data formats and resistance to various attacks. Comparative assessments demonstrated its competitiveness and suitability for embedded systems and IoT devices [15]. Lightweight cryptography (LWC) secures IoT devices with limited resources. There are studies exploring various S-boxes, proposing a novel 5-bit S-box using chaotic mapping for improved cost, performance, and security [16]. There are many such works as shoen in table 1 which highlights the rising need for security in resource constratined devices [17, 18].

Zoom In Zoom Out Reset image size

• 1.  
  ASCON Encryption Efficiency: ASCON is a lightweight authenticated encryption algorithm, known for its minimal computational and memory overhead, making it ideal for resource-constrained environments such as IoT devices.
• 2.  
  This work : The combination of ASCON's lightweight structure with chaotic map-based randomness ensures both high security and efficiency. The ASCON core handles the encryption, while chaotic maps increase the cryptographic strength by adding a layer of unpredictability to the key generation process. This enhances the unpredictability of the encryption process, making the system resistant to brute-force and cryptanalytic attacks.
• 3.  
  Scalability for IoT: Both ASCON and chaotic maps are computationally lightweight and can be easily scaled for various IoT devices, maintaining real-time performance without excessive energy consumption.

• 1.  
  Low Power Consumption: The hybrid approach using ASCON and chaotic maps is computationally efficient, minimizing power consumption, which is critical for IoT healthcare devices running on limited battery life.
• 2.  
  High Security: Chaotic maps provide enhanced security through dynamic key generation, which ensures patient data remains protected against modern cryptographic attacks, including those targeting IoT devices in healthcare.
• 3.  
  Lightweight Implementation: ASCON's design specifically targets lightweight applications, making it ideal for healthcare IoT systems where both security and efficiency are paramount.
• 4.  
  Real-Time Data Protection: This approach ensures that sensitive healthcare data can be securely encrypted and transmitted in real time, facilitating secure communication between IoT devices and healthcare providers without compromising on speed or power efficiency.

Step 1: Data acquisition

Patient's data is collected by using STM32BL475E A2 IoT node which runs at 868MHz and equipped with ARM M4 Cortex , harnessing low-power communication, direct connection with cloud and multiway sensing. It facilitates a broad range of applications with diverse functionalities [3]. Along with this we have used STM CUBE IDE and Blue NRG application to collect data. Using the BlueNRG application to simulate patient data inputs and the encryption technique performs under varying loads, emulating practical healthcare IoT environments. This will help ensuring that the encryption process is efficient and not overly taxing for real-time applications and data is sent to the cloud in a faster and efficient way as required by IoT environments.

Step 2: Data encryption

• (a)  
  Secret key generation: a secret key is generated by using logistic map function and linear congruential generator (LCG ) is used.LCG provides speed and simplicity there by reducing memory overhead making them suitable for resource constrained devices. They offer periodicity i.e. long non repeatable sequences are obtained [19].

  $$\begin{eqnarray}&&Xn+1=({aX}n+C)\mathrm{mod}m.\,\end{eqnarray} \tag{ 1 }$$

  Where X_n is the current number.X_n+1 is the next number.a is the multiplier.c is the increment and m is the modulus.Secondly, logistic map function is employed which depicts chaotic behavior, computationally efficient making them suitable for light weight random number generation [20].Here we have ${X}n+1=A\unicode{x00387}{X}{n}(1-Xn)$ where A is a constant parameter. (2)Then the user input data is XORed by the random number generated by the two above mentioned techniques and then encrypted.
• (b)  
  Encryption: The XORed data obtained from above method is finally encrypted by ASCON cryptographic algorithm. ASCON is a lightweight authenticated encryption algorithm, ideal for IoT devices and resource-constrained environments. Selected as the top choice in the CAESAR competition, it provides confidentiality, integrity, and authenticity. ASCON's permutation-based design ensures efficiency and security, defending against cryptographic attacks effectively [21].

Step 3: Decryption : finally the obtained cipher text is decrypted in a similar manner and plaintext is obtained. It can be summarized as given below:

To provide the encryption and decryption:

3.2.1. Encryption Process

3.2.1.1. Initialization

• 1.  
  Initialize State:

  $$\begin{eqnarray*}&&{state}.\,x0=0,{state}.\,x1=0,{state}.\,\end{eqnarray*}$$

  $$\begin{eqnarray*}&&x2=0,{state}.\,x3=0\,{and\; state}.\,x4=0.\,\end{eqnarray*}$$

  $$\begin{eqnarray*}&&{memcpy}({state}.\,x0,{key},8)\,\end{eqnarray*}$$

  $$\begin{eqnarray*}&&{memcpy}({state}.\,x3,{nonce},8)\,\end{eqnarray*}$$

  XOR with Random Number
• 2.  
  Generate Random Number:

  $$\begin{eqnarray*}&&{random}{\rm{\_}}{number}=\left(\frac{({lcg}{\rm{\_}}{random}({lcg}{\rm{\_}}{seed})}{{MODULUS}}\right)+{logistic}{\rm{\_}}{map}\,(x)\end{eqnarray*}$$
• 3.  
  XOR input string with random number:

  $$\begin{eqnarray*}&&{plaintext}[i]\leftarrow {plaintext}[i]\oplus ({random}{\rm{\_}}{number}\,x\,255){for}\,i=0\,{to\; len}-1\end{eqnarray*}$$

  Encryption
• 4.  
  Encrypt function:

$$\begin{eqnarray*}&&{state}.\,x4\leftarrow {state}.\,x4\,\oplus \,{plaintext}[i]\,{for}\,i=0\,{to\; length\; \mbox{--}}1\end{eqnarray*}$$

$$\begin{eqnarray*}&&{ciphertext}[i]={state}.\,x4\end{eqnarray*}$$

Decryption Process

• 1.  
  Decrypt function

  $$\begin{eqnarray*}&&{permutation}({state})\,{for}i=0\,{to\; length}-1\end{eqnarray*}$$

  $$\begin{eqnarray*}&&{plaintext}[i]={state}.\,x4\oplus {ciphertext}[i]\end{eqnarray*}$$

  $$\begin{eqnarray*}&&{state}.\,x4={state}.\,x4\oplus {plaintext}[i]\end{eqnarray*}$$
• 2.  
  XOR with Random Number Again:

$$\begin{eqnarray*}&&{plaintext}\}[i]={plaintext}\,[i]\,\oplus \,{random}{\rm{\_}}{number}\}\,x\,255)\,{for\; i}=\,0\,{to\; len}-\,1\end{eqnarray*}$$

Permutation Function

$$\begin{eqnarray*}&&{And\; for}\,i=0\,{to}\,{NUM}{\rm{\_}}{ROUNDS}-1\end{eqnarray*}$$

$$\begin{eqnarray*}&&{state}.\,x0\leftarrow {state}.\,x0\,\oplus {state}.\,x4\,{and\; so\; on\; in}a{similar\; manner}.\end{eqnarray*}$$

Thus, the time complexity equations

Permutation Function

Each call to the permutation function runs for 'NUM_ROUNDS' iterations:

$$\begin{eqnarray*}&&T{\rm{\_}}{permutation}=O\,({NUM}{\rm{\_}}{ROUNDS})\end{eqnarray*}$$

Encryption Function

The encryption function calls the permutation function once for each byte in the plaintext. If the length of the plaintext is ( n ), the total time complexity is:

$$\begin{eqnarray*}&&T{\rm{\_}}{encrypt}=O\,(n)\,x\,O({NUM}{\rm{\_}}{ROUNDS})\end{eqnarray*}$$

$$\begin{eqnarray*}&&T{\rm{\_}}{encrypt}=O\,(n\,x\,{NUM}{\rm{\_}}{ROUNDS})\end{eqnarray*}$$

Decryption Function

The decryption function also calls the permutation function once for each byte in the ciphertext. If the length of the ciphertext is ( n ), the total time complexity is:

$$\begin{eqnarray*}&&T{\rm{\_}}{decrypt}=\,O\,(n)\,x\,O\,({NUM}{\rm{\_}}{ROUNDS})\end{eqnarray*}$$

$$\begin{eqnarray*}&&T{\rm{\_}}{encrypt}=\,O\,(n\,x\,{NUM}{\rm{\_}}{ROUNDS})\end{eqnarray*}$$

The flow of the proposed work can be seen from the flowchart given below.

The encryption key is a combination of a random seed and a logistic map-based random number. The complexity of the logistic map and the key space of ASCON, high entropy and strong randomization prevent statistical attacks, brute force attack and chosen plaintext attacks. This combination provides resistance against linear cryptanalysis, as these operations introduce non-linearity in the encryption process. The proposed work posses capability of quantum attack safety due to its flexible approach in key generation which can be extended as Grover's algorithm can reduce the complexity of brute-force attacks from (O(2^n)) to (O(2^{n/2})). Thus , as a symmetric-key algorithm, it uses sufficiently large keys to remain secure against quantum attacks.

This test aims to ascertain if a sequence contains an equal proportion of ones and zeros, resembling randomness. It evaluates the immediacy of the one's fraction to half, indicating a balanced distribution where the count of ones matches that of zeros, aligning with the expected outcome of a random sequence [3]. It is calculated using the formula given below

For a frequency (n), where: n is the dimension of the string.

ε is the sequence of input bits under test such that ε_n = ε₁, ε₂, ε₃, ε₄ , ε₅...... ε_n .

s_obs it is the absolute sum of values (X_i) in a sequence, where each X_i equals either 1 or −1. This sum is then divided by the square root of the sequence of it's length.

$$\begin{eqnarray}&&Xi=2\varepsilon i-1=\pm 1\end{eqnarray} \tag{ 3 }$$

The process involves transforming the input sequence (ε) of zeros and ones into values of −1 and +1. These values are then summed to generate

$$\begin{eqnarray}&&Sn=X1+X2\,+\,...\,+\,{Xn},{\rm{where\; Xi}}=2{\varepsilon }{\rm{i}}{\rm{-}}1.\end{eqnarray} \tag{ 4 }$$

Thus the test statistics is computed as

$$\begin{eqnarray}&&s{obs}=\frac{{\rm{|}}Sn{\rm{|}}}{\sqrt{n}}\,{\rm{and}}\end{eqnarray} \tag{ 5 }$$

$$\begin{eqnarray}&&P-{value}={\boldsymbol{erfc}}\,\left(\frac{s{obs}}{\sqrt{2}}\right),{\rm{in\; this}}{\bf{erfc}}\,{\rm{is\; complementary\; error\; function}}.\,\end{eqnarray} \tag{ 6 }$$

If the computed P value < 0.01 then the sequence is non random.

This test is performed to find out the ratio of ones within M-bit blocks. Its aim is to ascertain if the occurrence of ones in an M-bit block approximates M/2, as it is in a random sequence [22]. Thus, for a block frequency(M,n), where:

M = length of each block.

n = length of the bit string.

ε is the input sequence of bits under test such that ε_n = ε₁, ε₂, ε₃, ε₄ , ε₅...... ε_n .

χ² (obs): it is used to find the degree of conformity between the observed ratio of ones within a specified M-bit block and the anticipated ratio of 1/2. The input sequence is divided into N non- overlapping blocks.

$N=\unicode{x0230A}\frac{n}{M}\unicode{x0230B}\,$ where π_i is the ratio of ones in each M-bit block using the equation

$$\begin{eqnarray}&&\pi i=\frac{\displaystyle \sum _{j=1}^{M}{\varepsilon }_{\left(i-1\right)M+j}}{M}\,{\rm{for}}\,1\leqslant {\rm{i}}\leqslant {\rm{N}}.\,\end{eqnarray} \tag{ 7 }$$

$$\begin{eqnarray}&&\chi 2\,({obs})=4\,M\,\displaystyle \sum _{i=1}^{N}{\left(\pi i-1/2\right)}^{2}.\end{eqnarray} \tag{ 8 }$$

$$\begin{eqnarray*}&&P-{value}={\boldsymbol{igamc}}\left(\frac{{\boldsymbol{N}}}{{\bf{2}}}{\boldsymbol{,}}\chi 2\frac{{obs}}{2}\right){\boldsymbol{,}}\end{eqnarray*}$$

$$\begin{eqnarray}&&{\rm{here}}\,{\bf{igamc}}\,{\rm{is\; incomplete\; gamma\; function}}.\end{eqnarray} \tag{ 9 }$$

This test concentrates on the peak heights within the Discrete Fourier Transform of a sequence. It aims to identify periodic characteristics, such as closely located repetitive patterns, suggesting a departure from randomness in the analyzed sequence [22]. It can be computed as:

n is the dimension of the string.

ε is the input sequence of bits under test such that ε_n = ε₁, ε₂, ε₃, ε₄ , ε₅...... ε_n .

$$\begin{eqnarray}&&T=\sqrt{\left(\mathrm{log}1/0.05\right)n},{\rm{the}}\,95 \% \,{\rm{peak}}\,{\rm{height}}\,{\rm{threshold}}\,{\rm{value}}.\end{eqnarray} \tag{ 10 }$$

$$\begin{eqnarray*}&&d=\frac{\left({N}_{1-\,}\,{N}_{0\,}\right)}{\sqrt{n\left(.95\right)\left(.05\right)/4}},{\rm{where}}\,\end{eqnarray*}$$

$$\begin{eqnarray}&&N0\,=\frac{.95n}{2}\,{\rm{N}}0\,{\rm{is}}\,{\rm{the}}\,{\rm{anticipated}}\,{\rm{theoretical}}\,(95 \% )\,{\rm{number}}\,{\rm{of}}\,{\rm{peaks}}\,{\rm{less}}\,{\rm{than}}\,{\rm{T}}.\end{eqnarray} \tag{ 11 }$$

$$\begin{eqnarray*}&&{N}_{1}={the\; real\; observed\; number\; of\; peaks\; in}\,M.\,{Thus},\end{eqnarray*}$$

$$\begin{eqnarray}&&P\,{Value}={\boldsymbol{erfc}}\,\Space{0ex}{0.25ex}{0ex}(\frac{\left|d\right|}{2}\Space{0ex}{0.25ex}{0ex}).\,{where}\,P\geqslant 0.01.\end{eqnarray} \tag{ 12 }$$

This test is used to focus on the greatest deviation from zero in a random walk generated by the cumulative sum of adjusted (−1, +1) digits [22]. It aims to ascertain if these cumulative sums in the sequence deviate excessively from the expected behavior observed in random sequences, where excursions from zero should typically be minimal.

The concept of entropy was introduced by Shanon in the year 1948. The uncertainty in the expected output bits is defined as the ambiguity in the ciphertext's decrypted form. It centers on the plaintext bits recoverable from the encrypted message to restore the original content so as to maintain its data integrity [19]. Mathematically the entropy can be calculated as

$$\begin{eqnarray}&&H(\,x)=-\displaystyle \sum _{x{\unicode{x00404}}X}(\Pr \left[x\right]{\mathrm{log}}_{2\,}(\Pr [x]))\end{eqnarray} \tag{ 13 }$$

And H(x) = [ P(0)log₂(P(0)) + P(1)log₂(P(1))] and maximum value of H(x) is equal to 1.

As discussed above the frequency monobit test is focused to determine the proportion of 0's and 1's in a given sequence and for a sequence to be random the value of P ≥0.01.This is shown by figure 7, the base method refers to the ASCON cryptographic algorithm while the proposed method refers to our proposed work.

Zoom In Zoom Out Reset image size

As mentioned above the P-value for this test is P ≥0.01for a random input string. The input string obtained by our proposed algorithm is tested for different key bit sizes and the values are obtained which lies in the range of values for a random string. So , we can say that the generated strings are random i.e. unpredictable. As given in figure 8.

Zoom In Zoom Out Reset image size

As discussed above this test is used to determine if the count of peaks surpassing the 95% threshold significantly differs from the expected 5% [22]. The generated sequences for different values are subjected to the given test and P-values are plotted against the varying key bit sizes as shown in figure 9.

Zoom In Zoom Out Reset image size

This test is used to calculate P-value , if less than 0.01, it suggests that the sequence is non-random. Conversely, if the P-value exceeds 0.01, the conclusion is that the sequence is random [22]. The P-value for various key bit size is shown in figure 10.

Zoom In Zoom Out Reset image size

Entropy test is used to determine unpredictability obtained in ciphertext along with keeping integrity of the original data. The value of entropy of as given in figure 11 and table 2 shows that information integrity and randomness is more in case of the proposed method.

Zoom In Zoom Out Reset image size

The given value of entropy in table 2 shows the high degree of integrity in the proposed method. These values are a bit equivalent to the ideal value of entropy i.e. 1 thus it eradicates vulnerability to differential attacks.

The graph shown are obtained by using STM32 CUBE IDE along with STM32BL475E IoT node. The trace shows the value of CPU cycles taken to execute the code in low power debug mode in IDE, using SWV (Serial Wire Viewer) the data is recorded using the console and plotted to obtain the graphs given figures 12 and 13. The current consumption profile of the proposed method is given by figure 14 i.e. the average current consumption of the proposed method is 1.06mA over low power debug mode of operation. This graph illustrates the current consumption profile of the system across different operational states: RUN, STOP2 , and VBAT.

• 1.  
  RUN Phase (0–0.1 ms) : The system operates at its peak current consumption of approximately 10 mA during this phase, indicating active processing or computation. Energy consumption can be estimated as

  $$\begin{eqnarray}&&E=V\times I\times t\end{eqnarray} \tag{ 14 }$$

  where I = 10 mA, V is the operating voltage (not given but typically 3.3 V for STM32 systems) , and t = 0.1 ms.Thus in the RUN phase (0–0.1 ms):Energy consumption during RUN: I = 10mA = 0.01 A

  $$\begin{eqnarray*}&&t=0.1\,{ms}=\,0.0001s\end{eqnarray*}$$

  $$\begin{eqnarray}&&E{RUN}=0.01\times 3.3\times 0.0001=3.3{\rm{\mu }}J\end{eqnarray} \tag{ 15 }$$
• 2.  
  STOP2 Phase (0.1–0.55 ms): The current sharply drops to a minimal value close to 2.5 μA. This phase represents a low-power state, where the system retains minimal functionality to conserve energy. The low current here shows the effectiveness of the STOP2 mode in drastically reducing energy consumption, a critical feature for energy-efficient IoT devices. $I=2.5\,\mu A=2.5\times {10}^{-6}{A}$

  $$\begin{eqnarray*}&&t=0.45\,{ms}=0.00045s\end{eqnarray*}$$

  $$\begin{eqnarray}&&E{STOP}2=2.5\times 10-6{\rm{\times }}3.3{\rm{\times }}0.00045=3.7125{nJ}\end{eqnarray} \tag{ 16 }$$
• 3.  
  VBAT Phase (0.55–1.05 ms): The system enters an even lower power mode, drawing less than 2 μA, suggesting the system is in a deep sleep or battery-powered backup mode. During this phase:

$$\begin{eqnarray*}&&I=2\mu A=2\times {10}^{-6}\,A\end{eqnarray*}$$

$$\begin{eqnarray*}&&t=0.5\,{ms}=0.0005\,s\end{eqnarray*}$$

$$\begin{eqnarray}&&E{VBAT}=2{\rm{\times }}10-6{\rm{\times }}3.3{\rm{\times }}0.0005=3.3{nJ}\end{eqnarray} \tag{ 17 }$$

Zoom In Zoom Out Reset image size

Zoom In Zoom Out Reset image size

Zoom In Zoom Out Reset image size

This mode is designed to maintain basic functionality, such as preserving essential data, while minimizing energy use. Thus , The average current remains low due to the extended duration in low-power states (STOP2 and VBAT), making this profile highly efficient for lightweight, battery-powered healthcare IoT systems.

$$\begin{eqnarray}&&E{total}=E{RUN}+E{STOP}2+E{VBAT}{\approx }3.307\mu J\end{eqnarray} \tag{ 18 }$$

Thus the energy range is:

${\rm{Maximum}}({\rm{during\; RUN}}):3.3{\rm{\mu }}{\rm{J}}$

${\rm{Minimum}}\left({\rm{during\; STOP}}2{\rm{or\; VBAT}}\right)\,{\rm{\sim }}3.3-3.7\,{\rm{nJ}}$

This analysis highlights the STM32's capability to switch efficiently between high-power active states and ultra-low-power modes, optimizing energy usage while supporting secure cryptographic operations in real-time. More over the memory consumption of proposed method is only 3.67% of the available RAM storage space.

The proposed encryption method demonstrates substantial improvements over the base method and other referenced methods across several key parameters as shown in table 3. It excels in randomization tests, achieving a monobit test P-value of 0.6066 and a frequency test within a block P-value of 0.607, significantly higher than the base method and other references. The method maintains strong performance in non-overlapping template matching (P-value 0.999) and cumulative sums tests (forward P-value 0.8, backward P-value 0.7). Additionally, it surpasses the base method in the discrete Fourier transform test with a P-value of 0.416. While the proposed method's average execution time of 0.502 microseconds, it remains considerably faster than the average execution time of other referenced methods . These values have been tabulated after multiple rounds of testing on the data collected using STM32BL475E IoT node. These results highlight the proposed method's enhanced data randomization, integrity, and security, making it highly suitable for real-time applications in digital healthcare. Thus eradicating multiple cryptanalytic threats which can be summarized as:

• 1.  
  Entropy quantifies the uncertainty or unpredictability in a cryptographic system and is directly related to the key size 'k'. The entropy H of the key space is:

  $$\begin{eqnarray}&&H=k\,{bits}={\mathrm{log}}_{2\,}(K)\,\end{eqnarray} \tag{ 19 }$$

  This represents the amount of information an attacker would need to guess the correct key.
• 2.  
  The value of non-overlapping template matching test indicates strong resistance to known patterns. This limits the feasibility of template attacks where attackers try to find repeated sequences that could reveal information about encryption scheme.
• 3.  
  The cumulative sums test (forward and backward) of the given proposed method has passed the threshold set up by NIST thus it shows random walk nature of bit sequences. It has outperformed it's contemporaries and provides security from linear cryptanalysis or a variant of time-memory tradeoff attacks to predict certain bit sequences.
• 4.  
  The proposed method indicates fewer periodicities in the bitstream as it can be seen from DFT Test. Thus, the chances of exploiting periodic pattern to reduce key search space is avoided; protecting from spectral attacks.
• 5.  
  The execution time is less than other so Side channel attacks, timing attacks and power attacks etc can be avoided. The current and power is low thus fluctuation in power consumption do not reveal secret about keys.
• 6.  
  The approach utilized here offer a flexibility to increase the key size as per the availability of resources and platform, we have tried to implement a light weight approach here. The proposed method has been subjected to NIST Test suite 800–22 to check the randomness of the generated ciphertext as shown in the table 3. The proposed method shows strong improvements in statistical randomness and resistance to classical attacks and its short execution time protects it from Side channel attacks (SCA). The mathematical analysis of the proposed method focusses on analyzing the key space, encryption strength and the randomness of the generated sequences, assuming that the key space size be 'n' is critical in determining the security of the encryption algorithm. If the key length is 'K' bits, the total number of possible keys 'k' is given by:-

$$\begin{eqnarray}&&K=2k\,\end{eqnarray} \tag{ 20 }$$

For a key size of 2^k as per Grovers algorithm the post quantum security strength is given by ${2}^{k/2}$ [23–27] thus the brute force attack can be eradicated successfully whether it is from quantum computer or classical computers. This makes it infeasible for attackers to exhaustively search the key space.