Securing the Industrial Edge: Performance of ChaCha20-Poly1305

Author: Denis Avetisyan

A new analysis demonstrates the viability of lightweight cryptography for real-time communication in critical infrastructure networks.

This review assesses the performance of the ChaCha20-Poly1305 cipher for securing Internet of Things and Industrial Control System devices, particularly within SCADA systems adhering to IEC 61850 standards.

Despite increasing connectivity, many Industrial Control Systems (ICS) and Internet of Things (IoT) devices still rely on unencrypted communication due to historical constraints and real-time performance demands. This paper, ‘Performance Testing of ChaCha20-Poly1305 for Internet of Things and Industrial Control System devices’, investigates the feasibility of implementing the ChaCha20-Poly1305 cipher on low-cost edge devices to address this security gap. Results demonstrate that encryption overhead remains well within the latency requirements of critical protocols like IEC 61850, consuming less than 7.1% of allowable delay on Raspberry Pi 4 and Intel N95 Mini PC platforms. Could widespread adoption of lightweight cryptography like ChaCha20-Poly1305 finally bridge the security gap in these increasingly vulnerable networks?

The Inevitable Cracks in the Machine

Supervisory Control and Data Acquisition (SCADA) systems and Programmable Logic Controllers (PLCs) form the essential nervous system of modern critical infrastructure, encompassing sectors like energy, water treatment, and transportation. Consequently, these systems are experiencing a dramatic surge in cyberattack attempts. Historically isolated, these operational technology (OT) environments are now increasingly connected to IT networks, expanding the attack surface and exposing vulnerabilities previously shielded by air gaps. The consequences of successful attacks range from localized disruptions – such as power outages or contaminated water supplies – to cascading failures with national security implications. This escalating threat landscape necessitates a fundamental shift toward proactive security measures, including robust intrusion detection, secure remote access protocols, and continuous vulnerability assessments, to safeguard these vital systems against malicious actors.

Industrial Control Systems (ICS), designed for reliability rather than inherent security, frequently operate with limited processing power, memory, and network bandwidth – characteristics that render conventional cybersecurity tools ineffective or impractical. These resource constraints create vulnerabilities exploited by adversaries through Man-in-the-Middle (MitM) attacks, where malicious actors intercept and potentially alter communications between critical components like Supervisory Control and Data Acquisition (SCADA) systems and Programmable Logic Controllers (PLCs). Unlike typical IT networks, ICS environments often lack the capacity to support computationally intensive encryption or intrusion detection systems, and the longevity of deployed equipment means many systems operate with outdated software lacking modern security patches. This creates a precarious situation where even relatively simple MitM attacks can compromise the integrity of industrial processes, potentially leading to physical damage, environmental disasters, or disruptions to essential services.

The unwavering reliability of industrial control systems hinges on the consistent confidentiality and integrity of the data they process, a demand increasingly difficult to meet in the face of evolving cyber threats. Compromised confidentiality can reveal sensitive operational parameters or even enable manipulation of the system, while a loss of data integrity – whether through malicious alteration or accidental corruption – can lead to incorrect control actions with potentially catastrophic consequences. Unlike typical IT systems where breaches often prioritize data theft, attacks on industrial environments frequently aim to disrupt physical processes, making the detection of subtle data manipulations incredibly challenging. Current security architectures often struggle to balance the need for robust protection with the real-time constraints and limited processing power characteristic of these critical infrastructures, necessitating innovative approaches that prioritize both data protection and operational efficiency.

A Lightweight Shield for a Fragile System

ChaCha20-Poly1305 is an authenticated encryption cipher combining the ChaCha20 stream cipher for confidentiality with the Poly1305 message authentication code for integrity. This combination provides both encryption and data authenticity verification, crucial for secure communication. It achieves a high level of security comparable to AES-GCM, but with a performance profile better suited for resource-constrained Industrial Control Systems (ICS) devices. Specifically, ChaCha20-Poly1305 requires less processing power and memory than AES-based solutions, enabling secure operation on devices with limited computational resources without significantly impacting performance or compromising security standards.

ChaCha20-Poly1305 distinguishes itself from certain cryptographic algorithms by forgoing the requirement of AES-NI (Advanced Encryption Standard New Instructions) instruction sets for operation. AES-NI, while accelerating AES-based encryption on compatible processors, is not universally available across all hardware architectures, particularly in embedded systems and older processors commonly found in Industrial Control Systems (ICS). The independence of ChaCha20-Poly1305 from AES-NI ensures functional compatibility and consistent performance on a wider range of devices, eliminating a potential dependency that could limit deployment in environments with heterogeneous hardware configurations or resource constraints. This broad hardware support simplifies integration and reduces the need for specialized processor features to achieve secure communication.

ChaCha20-Poly1305 achieves efficiency through design choices inherited from the Salsa20 stream cipher. Salsa20, and consequently ChaCha20, employs a bitwise addition-based structure that minimizes reliance on complex mathematical operations, facilitating faster execution on a variety of processors. Furthermore, the cipher’s internal state is structured to enable significant parallelization; multiple parts of the encryption process can be computed simultaneously, particularly benefiting multi-core architectures. This parallelizability, coupled with the simple operations, directly translates to reduced computational overhead and improved throughput, making it well-suited for devices with limited processing power or those requiring high-speed encryption.

Proof of Concept: Testing the Limits

Performance evaluations of the ChaCha20-Poly1305 cipher suite were conducted on both Raspberry Pi 4 and Intel N95 Mini PCs to characterize its behavior across differing hardware architectures. The Raspberry Pi 4 represents an ARM-based single-board computer commonly utilized in embedded applications, while the Intel N95 Mini PC provides a comparison point using an x86-64 architecture. This dual-platform testing approach allowed for assessment of performance portability and identification of potential architectural dependencies affecting encryption speeds and resource utilization. Results obtained from both platforms were then analyzed to determine suitability for deployment in a variety of constrained environments.

The Intel N95 Mini PC was configured with a Real-Time Kernel to minimize latency and ensure predictable execution times for cryptographic operations. This kernel prioritizes consistent performance over general-purpose task scheduling. Furthermore, Dynamic Frequency Scaling (DFS) was implemented to adjust the processor clock speed based on workload demands; when enabled, DFS allowed the processor to operate at lower frequencies during periods of low activity, reducing power consumption, and subsequently increase clock speed when required for improved performance. These optimizations were critical for achieving deterministic and efficient execution of the ChaCha20-Poly1305 algorithm, particularly in time-sensitive applications.

Implementation of ChaCha20-Poly1305 leveraged the WolfSSL library to facilitate rigorous and reproducible performance evaluation. WolfSSL provides a well-documented and actively maintained codebase, enabling precise control over cryptographic operations and allowing for consistent measurement of execution times and resource utilization. This library-based approach ensured that performance data accurately reflected the cryptographic algorithm itself, rather than being influenced by custom implementation details or potential errors. Furthermore, WolfSSL’s features facilitated the isolation of performance characteristics across different hardware platforms – Raspberry Pi 4 and Intel N95 Mini PC – and under varying optimization settings, such as Real-Time Kernel and Dynamic Frequency Scaling.

Performance evaluations of ChaCha20-Poly1305 using the WolfSSL library demonstrated functional encryption times of 155 to 163 microseconds on the Raspberry Pi 4. The Intel N95 Mini PC, operating with a frequency-locked processor, achieved functional encryption times ranging from 164 to 172 microseconds. Both platforms consistently met the latency requirements specified by communication protocols such as Goose and IEC 60834-1, indicating suitability for real-time applications where predictable performance is critical.

Functional encryption performance on the Intel N95 Mini PC was significantly improved by enabling Dynamic Frequency Scaling (DFS). Measurements indicated encryption times ranging from 57 to 60 microseconds with DFS active. This represents a substantial reduction in latency compared to the 164-172 µs observed with frequency locking, and demonstrates that the implementation successfully leverages DFS to optimize performance within acceptable protocol limits, including those defined by Goose and IEC 60834-1. The observed encryption times with DFS are consistently lower than those achieved on the Raspberry Pi 4, highlighting the benefits of the Mini PC’s hardware and optimization capabilities.

Evaluation of ChaCha20-Poly1305 performance included measurement of the 95th percentile functional encryption times to assess worst-case latency. Results indicated 224 µs on the Raspberry Pi 4, 207 µs on the Intel N95 Mini PC with frequency locking, and 64 µs on the Mini PC utilizing Dynamic Frequency Scaling. These values demonstrate that, even under high-load conditions represented by the 95th percentile, functional encryption times remain within the latency constraints of relevant protocols such as Goose and IEC 60834-1.

The ChaCha20-Poly1305 implementation exhibits a compact code footprint, measuring 19 KB for x86-64 architectures and 67 KB for AArch64. This minimal binary size is particularly advantageous for deployment in resource-constrained embedded systems where memory is limited and efficient code size is crucial. The small footprint reduces storage requirements and allows for easier integration into devices with limited flash memory capacity, without significantly impacting overall system performance.

Bolstering the Foundation: Protocol Integration and Defense in Depth

ChaCha20-Poly1305 demonstrates notable efficacy in bolstering the security of critical industrial communication protocols. Traditionally vulnerable to eavesdropping and manipulation, systems utilizing Modbus and IEC 61850 (specifically, its Generic Object Oriented Substation Event, or GOOSE, messaging) benefit from the cipher’s authenticated encryption. This is achieved by establishing a confidential and integrity-protected channel for data exchange, ensuring that control commands and sensor readings remain both private and tamper-proof. Unlike some legacy cryptographic solutions, ChaCha20-Poly1305 operates efficiently on modern hardware, even in resource-constrained environments typical of industrial control systems, making it a practical choice for safeguarding operational technology (OT) networks.

Critical industrial control systems, particularly those adhering to the IEC 60834-1 standard, demand exceptionally low latency in communication-often measured in milliseconds-to ensure the reliable transmission of inter-tripping protection commands. These commands initiate rapid system shutdowns to prevent catastrophic failures, and any delay could have severe consequences. The ChaCha20-Poly1305 cipher demonstrates the necessary performance characteristics to meet these stringent requirements; its streamlined design minimizes computational overhead, allowing for swift encryption and decryption even on resource-constrained hardware. This capability is vital for maintaining the real-time responsiveness essential to safety-critical applications, ensuring that protection commands are delivered with the speed and reliability demanded by modern industrial infrastructure.

The implementation of ChaCha20-Poly1305 extends beyond basic encryption, notably enhancing network security when paired with Next-Generation Firewalls (NGFWs) and Intrusion Detection Systems (IDS). These systems leverage the cipher’s robust authentication capabilities to verify data integrity, moving past simple signature-based detection to analyze encrypted traffic without decryption. This integration allows for deep packet inspection of secure communications, identifying malicious patterns and anomalies that might otherwise bypass traditional security measures. Consequently, the combination offers a multi-layered defense, not only safeguarding data confidentiality but also providing crucial threat intelligence and bolstering an organization’s overall security posture against increasingly sophisticated cyberattacks.

The pursuit of lightweight cryptography for ICS devices, as demonstrated by this study of ChaCha20-Poly1305, inevitably courts future complications. This paper establishes a baseline for real-time security, yet any seemingly elegant solution will eventually succumb to the pressures of production environments and evolving threat landscapes. As Marvin Minsky observed, “The question isn’t ‘can a machine think?’ but ‘what kind of thinking will it be able to do?’” This research highlights what can be done today, but the very act of deployment invites a new set of challenges-unexpected interactions, unforeseen vulnerabilities, and the inevitable accumulation of technical debt. Documentation, in this context, feels less like foresight and more like a temporary reprieve before the system inevitably deviates from the idealized model.

What’s Next?

The demonstrated viability of ChaCha20-Poly1305 within constrained ICS environments merely postpones the inevitable. The assertion that a cipher ‘meets latency requirements’ is a snapshot in time, and production systems will invariably discover edge cases, scaling issues, and unanticipated interactions with legacy protocols. This isn’t a failing of the cryptography itself, but a predictable consequence of applying theoretical performance to complex, evolving industrial networks. The current work establishes a baseline; future efforts will inevitably involve optimizing for increasingly limited hardware, and mitigating the side-channel attacks that always materialize as implementations mature.

The focus should shift from chasing faster encryption to acknowledging the inherent trade-offs between security, performance, and maintainability. There is a persistent belief that the ‘right’ architecture will eliminate complexity. This study, while valuable, will eventually become another data point illustrating that every architectural solution introduces its own set of compromises. The pursuit of ‘lightweight’ cryptography often simply relocates the burden-trading computational cost for increased code complexity and the associated vulnerabilities.

Ultimately, the field needs fewer novel ciphers and more rigorous analysis of existing ones deployed in realistic, adversarial conditions. The real problem isn’t a lack of algorithms, but a surplus of illusions regarding the true cost of security in operational technology. The next generation of research will not be defined by innovation, but by the honest accounting of technical debt.

Original article: https://arxiv.org/pdf/2603.19150.pdf

Contact the author: https://www.linkedin.com/in/avetisyan/

The Inevitable Cracks in the Machine

A Lightweight Shield for a Fragile System

Proof of Concept: Testing the Limits

Bolstering the Foundation: Protocol Integration and Defense in Depth

What’s Next?

See also: