The internet of things (IoT) is a network of interconnected hardware, software, and many infrastructures that require cryptography solutions to provide security. IoT security is a critical concern, and it can be settled by using cryptographic algorithms such as advanced encryption standard (AES) for encryption and authentication. A fundamental component within the AES algorithm is the substitution box (S-box), which generates confusion and nonlinearity between plaintext and ciphertext, strengthening the process of security. This paper introduces a comparative analysis to offer valuable knowledge of the factors related to different S-box modifications, which will ultimately affect the design of cryptographic systems that use the AES algorithm. Then, a tailored AES algorithm is proposed for resource-constrained IoT devices by changing the standard S-box with another S-box. The new S-box reduces the rounds number and the time needed for the AES algorithm’s encryption, decryption, and key expansion. The performance of the proposed AES is assessed through various experiments. Therefore, our tailored AES with the new S-box is more secure and efficient than AES with a standard S-box.

AES algorithm; Cryptography; ESP32; IoT security; Substitution-box