Modern Internet of Things (IoT) systems have to be able to provide high-security levels, but it is difficult to accommodate computationally-intensive cryptographic algorithms on the resource-constrained hardware used to deploy IoT end nodes. Although this scenario brings the opportunity for using advanced security mechanisms such as Transport Layer Security (TLS), several configuration factors impact both the performance and the energy consumption of IoT systems. In this study, two of the most used TLS authentication algorithms (ECDSA and RSA) were compared when executed on a resource-constrained IoT node based on the ESP32 System-on-Chip (SoC), which was tested at different clock frequencies (80, 160 and 240 MHz) when providing different security levels (from 80 to 192 bits). With every tested configuration, energy consumption and average time per transaction were measured. The results show that ECDSA outperforms RSA in all performed tests and that certain software implementations may lead to scenarios where higher security-level alternatives outperform cryptosystems that are theoretically simpler and lighter in terms of energy consumption and data throughput. Moreover, the performed experiments allow for concluding that higher clock frequencies provide better performance in terms of throughput and, in contrast to what may be expected, less energy consumption.
Keywords: ECC; ECDSA; IoT; IoT security; RSA; TLS; energy efficiency; power consumption.