Clear Sky Science
Evidence-based, jargon-light explanations

Clear Sky Science · en

Securing internet of things devices using a hybrid approach

· Back to index

Why safer gadgets at home and work matter

From smart doorbells and cameras to factory sensors and farm equipment, billions of everyday objects now talk to the internet. This connected world, known as the Internet of Things (IoT), brings convenience and new services but also opens doors to hackers. Many of these small devices are cheap, run on batteries, and have little computing power, which makes it hard to protect them with traditional heavy-duty security. This paper presents a new way to shield such devices that aims to be both strong and light enough to fit inside tiny gadgets.

Figure 1
Figure 1.

The growing crowd of connected devices

The authors begin by explaining how quickly IoT is spreading. There are already tens of billions of connected devices worldwide, a number expected to rise sharply in the coming years. These devices collect sensitive information from homes, cities, farms, and factories and send it over the internet or into cloud services. Yet the hardware inside them is often minimal: limited memory, slow processors, and batteries that must last a long time. That combination makes it difficult to install complex security tools without slowing devices down or draining their power.

Why today’s locks are not enough

Existing security methods offer only partial answers. Strong techniques used on laptops and servers can be too heavy for tiny sensors, while lighter methods that fit better on small chips may not offer enough protection. Some tools are good at scrambling data so outsiders cannot read it, but they may not guarantee that the data has not been secretly changed. Others can check that data is genuine but do not hide its contents from prying eyes. On top of that, many solutions are hard to set up, expensive, or not standardized, which makes it difficult to secure millions of devices produced by different manufacturers.

A combined lock-and-seal for small devices

To bridge this gap, the researchers propose a “hybrid” security approach designed specifically for modest, low-power devices. Their idea is to blend two existing building blocks: a very compact scrambling method called the PRESENT cipher and a widely used checking method called SHA-512, used here in a form that can confirm both the origin and integrity of a message. In simple terms, the device’s unique identity is first scrambled into a secret code, and this code is then passed through a digital “fingerprint” step. The result is a short sequence that can be used to prove that a device is genuine and that its data has not been altered on the way to a central server.

Figure 2
Figure 2.

Putting the new method to the test

The team tested this hybrid design using cloud-based tools that mimic real IoT platforms. They measured how sensitive the method is to tiny changes in input, how often it correctly accepts real devices and rejects impostors, whether different messages ever end up with the same fingerprint, and how long each operation takes. When even a single bit of input was changed, about half of the output bits flipped, which is close to the ideal behavior for a secure fingerprint and makes guessing patterns extremely difficult for attackers. Across tens of thousands of trials, the method did not produce any duplicate fingerprints for different device identities, indicating a strong ability to keep each device’s digital tag unique.

Speed, scale, and real-world use

Just as important, the hybrid approach stayed fast and consistent. The average time to perform a full check was under a tenth of a second and varied only slightly from run to run, which is quick enough for everyday monitoring and control tasks. When compared with other security options, the method showed better data handling capacity and lower waiting times, while keeping memory use and energy needs low enough for small devices. Although it consumes slightly more power than some simpler approaches, it recovers much of that cost by allowing tasks to be shared or offloaded in larger systems, saving energy overall.

What this means for safer connected worlds

In plain terms, the study introduces a security “lock” that is tough for intruders to pick yet light enough to install on tiny gadgets scattered throughout homes, cities, and industries. By combining a compact scrambling step with a reliable digital fingerprint, the method helps ensure that only genuine devices can talk to a server and that their messages arrive unaltered. The tests suggest that this hybrid design can scale to large numbers of devices without slowing them down, making it a practical candidate for building safer networks of smart objects in the real world.

Citation: Jenny, R., Sugirtham, N., Thiyaneswaran, B. et al. Securing internet of things devices using a hybrid approach. Sci Rep 16, 9641 (2026). https://doi.org/10.1038/s41598-025-34766-x

Keywords: Internet of Things security, lightweight encryption, device authentication, hash-based protection, hybrid cryptography