SuPOR: A lightweight stream cipher for confidentiality and attack-resilient visual data security in IoT

The rapid growth of Internet of Things (IoT) technologies, particularly visual sensors such as cameras and drones, has resulted in increased transmission of sensitive visual data containing personally identifiable information (PII). Securing this data during storage and transmission (e.g., cloud or edge servers) is essential for maintaining privacy and security. However, existing encryption methods often face challenges due to computational overhead and vulnerability to attacks, especially on resource-limited IoT devices. To bridge this research gap, this paper presents SuPOR, a single-round lightweight cipher tailored for visual data protection in IoT environments. The SuPOR framework incorporates five fundamental cryptographic principles—Substitution, Permutation, XOR, right circular shift, and swap—which are executed in sequential steps. These include: (1) constructing a secure S-box using Möbius linear transformations and Galois fields for pixel-level substitution, (2) permuting the substituted pixels to improve diffusion, (3) applying a cryptographically secure pseudo-random number generator (CSPRNG) to generate a 64-bit one-time key for XORing, (4) performing right circular shifts on pixel byte arrays, and (5) executing element swaps to further obfuscate the data. Comprehensive security and statistical assessments demonstrate that SuPOR offers strong resistance against various attack vectors while maintaining minimal computational overhead, with a linear time complexity of O(nm+n(3×framesize)). Experimental comparisons indicate that SuPOR surpasses several state-of-the-art stream ciphers designed for IoT visual data, making it highly suitable for real-time, resource-constrained environments. The findings provide a practical and efficient solution to enhance the privacy and security of visual data in IoT systems, effectively safeguarding sensitive information from threats.