On-sensor Stream Cipher Encryption for Protecting Smart City Sensor Data directly on Resource-Constrained IoT-Sensors

Abstract. This paper presents a comparative analysis of the DRACO stream cipher implemented in both C++ and Rust across three microcontroller platforms: ESP32, ESP8266, and Raspberry Pi Pico. DRACO, a lightweight cipher designed for constrained environments, was evaluated in terms of performance, memory efficiency, and initialization behavior. To ensure reliable and repeatable results, a standardized benchmarking framework was developed, including automated testing, key/IV configuration variants, and statistical analysis of execution times. In addition to synthetic benchmarks, the evaluation incorporated representative smart city data sets, simulating real-world sensor inputs to reflect practical encryption workloads. Performance metrics—including keystream generation, encryption, and algorithm initialization—were collected via serial output and processed using Python and visualization tools.

Results show that both implementations perform consistently across varying keystream lengths, with Rust demonstrating faster execution at very short lengths, and C++ slightly outperforming Rust at longer lengths. The study also discusses the implementation challenges and trade-offs between security, compiler support, and platform compatibility. Findings highlight that both languages are suitable for embedded cryptographic applications, with Rust offering stronger language safety guarantees and C++ providing broader microcontroller support. This work further emphasizes the importance of lightweight encryption in smart city sensor networks, where securing real-time, sensitive data is critical to privacy, reliability, and urban infrastructure resilience.