Analyzing power consumption of TLS ciphers on an ESP32.

More and more devices will be connected to the internet [3]. Many devices are part of the so-called Internet of Things (IoT) which contains many low-power devices often powered by a battery. These devices mainly communicate with the manufacturers back-end and deliver personal data and secrets like passwords. With regard to security the developer of these devices are faced with the trade-off between power consumption vs. cryptography: Heavy cryptography costs computational resources which in turn decreases the time the device runs on a single battery charge. Since the latter is a feature any consumer can observe, most of the time cryptography loses. The problem is that the power consumption of different cipher suites of a given security protocol in most real word scenarios is unknown. Miranda et al. [5] analyzed the power consumption of various Secure Sockets Layer (SSL) 3.0 and Transport Layer Security (TLS) 1.0 implementations on mobile devices. In contrast to our measurements their work focused on different implementations and not on different cipher suites of a single implementation. Furthermore the results are outdated because SSL 3.0 and TLS 1.0 are considered insecure nowadays. Gerez et al. [4] analyze the power consumption of TLS on a IoT device for a small subset of cryptographic functions. This paper introduced the analyses for a much lager set of cryptographic functions and additionally compared different versions of TLS with respect to power consumption. There are a few other papers [6, 1] that analyze the power consumption of TLS on low-power devices. Those only use a small subset of the supported cryptography and non of them used the new TLS version 1.3. We employ the widespread low-cost, low-power System on a Chip (SoC) ESP32 [2] as our target device. To establish a communication channel, we used the common TLS protocol, because it is available for many platforms and analyzed by many security experts. We focused on the TLS versions 1.2 [8] and 1.3 [7]. Both versions support a plethora of cryptographic algorithms. We choose a subset of these algorithms with comparable security levels and performed a thorough power-consumption analysis. The measurement setup consisted of a two core 240 MHz ESP32 Pico Dev Kit without voltage regulator and UART converter. WolfSSL [9] was used as the TLS client library and a laptop with an OpenSSL server served as remote