Enhancing IoT Healthcare Security: A Lightweight Multi-Layer Cryptographic Approach with AES-256, Grain and HMAC-SHA256

IoT Healthcare equipment usually encounters variety of hardware constraints, which can influence the encryption techniques used. Several of these IoT Healthcare gadgets use low-power microcontrollers or System-on-Chip (SoC) architectures with limited computing capacity. The devices sometimes have insufficient RAM and flash memory accessible, which can influence the selection of encryption methods. Cryptographic algorithms that are computationally costly or need frequent memory access can quickly deplete the device's battery. This is where a decent encryption method comes into play, because lightweight symmetric-key ciphers like Grain is typically better suited to IoT devices with limited processing power and memory. This study suggested a solution that uses AES 256, Grain and HMAC SHA256 to encrypt and hash IoT healthcare data at the physical layer. AES-256 is typically the quickest of the three, particularly with hardware acceleration. The Grain is the most lightweight and efficient option for tiny data sets and resource-constrained contexts, but HMAC-SHA-256 strikes a reasonable compromise between performance and security, making it a popular choice for message authentication. The combination of these three components results in a comprehensive encryption solution, with AES-256 ensuring strong confidentiality by encrypting the data. Grain offers an extra layer of encryption, increasing total security, while HMAC-SHA256 provides integrity and authenticity, ensuring that the encrypted data has not been tampered with. Using this combination, the encryption result becomes extremely resistant to a variety of assaults, including brute-force, cryptanalysis, and tampering. The system was created using the Python programming language. The results show that combining AES-256, Grain and HMAC-SHA256 speeds up encryption and decryption while using less power.

HMAC-SHA-256, IoT data security, Cryptographic algorithms, Grain and AES-256

1. Benhani, E. M., Lopez, C. M., & Bossuet, L. (2019). Secure internal communication of a TrustZone-enabled heterogeneous SoC lightweight encryption, In 2019 International Conference on Field-Programmable Technology (ICFPT), 239-242, IEEE. [Google Scholar] [Crossref]

2. Bhaumik, R., Dutta, A., Inoue, A., Iwata, T., Jha, A., Minematsu, K., ... & Tessaro, S. (2025). Cryptographic Treatment of Key Control Security: In Light of NIST SP 800-108, In Annual International Cryptology Conference, 371-403, Cham: Springer Nature Switzerland. [Google Scholar] [Crossref]

3. Chitra, S. R. & Chelliah S. (2025). Enhanced Cloud Data Security by Employing HMAC for Advanced Cryptographic Protection, Innovations in Intelligent Systems and Advanced Engineering, Vol. 1(1), 1-10. [Google Scholar] [Crossref]

4. Du, L., & Xie, T. (2024). Towards Secure Internet of Things-Enabled Healthcare: Integrating Elliptic Curve Digital Signatures and Rivest Cipher Encryption, International Journal of Advanced Computer Science & Applications, 15(8), 581-589. [Google Scholar] [Crossref]

5. Faith, O. (2023). A Systematic Review of Attribute-Based Encryption for Secure Data Sharing in Iot Environment, Degree project at the master level to Computer and Systems Sciences Department, Stockholm University. [Google Scholar] [Crossref]

6. Goel, A., Baliyan, H., Tyagi, S., & Bansal, N. (2024). End to end encryption of chat using advanced encryption standard-256, International Journal of Science and Research Archive, 12(01), 2018–2025. [Google Scholar] [Crossref]

7. Goldberger, A., Amaral, L., Glass, L., Hausdorff, J., Ivanov, P. C., Mark, R., ... & Stanley, H. E. (2000). PhysioBank, PhysioToolkit, and PhysioNet: Components of a new research resource for complex physiologic signals. Circulation [Online]. 101 (23), pp. e215–e220. [Google Scholar] [Crossref]

8. Guy-Cedric, T. B., & Suchithra, R. (2018). A Comparative Study on AES 128 BIT AND AES 256 BIT, International Journal of Scientific Research in Computer Science and Engineering, Vol. 6(4), 30-33, E-ISSN: 2320-7639. [Google Scholar] [Crossref]

9. Hashim, M. M., Salim, T. A., & Kalid, H. N. (2020). Secure Patient Data Transmission Using Information Hiding System and Medical IoT, Technology Reports of Kansai University, Vol. 62(8), 4572- 4585, ISSN: 04532198. [Google Scholar] [Crossref]

10. Kak, A. (2015). Lecture notes on computer and network security, Purdue University, 1-94. [Google Scholar] [Crossref]

11. Luc, N. Q., Tran, T. N., Ngo, C. K., Tran, H, D., Nguyen, V. C., & Tran, T. A. (2022). Implementation Of Authenticated Encryption with Associated Data Grain-128aead Algorithm on Stm32f400 Processor Family, Transport and Communications Science Journal, Vol. 73(4), 427-438. [Google Scholar] [Crossref]

12. Madhumathi, C. S., & Vishnu K. K. (2025). Enhancing privacy in IoT-based healthcare using provable partitioned secure blockchain principle and encryption, Scientific Reports, 15(1), 29682. [Google Scholar] [Crossref]

13. Marcus, D. R., Georgios, M., & Jonathan, R. (2023). Grain-128PLE: Generic Physical-Layer Encryption for IoT Networks, arXiv:2309.15569v1 [cs.CR]. [Google Scholar] [Crossref]

14. Muhamad, R. R., Agung, T., & Gatot, S. (2024). Combination of AES (Advanced Encryption Standard) and SHA256 Algorithms for Data Security in Bill Payment Applications, SAGA: Journal of Technology and Information Systems, Vol 2(1), 175-189, ISSN: 2985-8933. [Google Scholar] [Crossref]

15. Musthafa, M. M., Thangavel, P., & Anand P. (2025). Quantum Cryptography with Espresso Ciphers and Grain for Enhanced Security in Optical Communication Networks, ICTACT Journal on Communication Technology, Vol. 16(1), 3432-3436. [Google Scholar] [Crossref]

16. Naman, H., Hussien, N., Al-dabag, M., & Alrikabi, H. (2021). Encryption system for hiding information based on internet of things, 172-183. [Google Scholar] [Crossref]

17. Nasera, N. M., & Naifa, J. R. (2022). A systematic review of ultra-lightweight encryption Algorithms, Int. J. Nonlinear Anal. Appl., 13(1), 3825-3851, ISSN: 2008-6822 (electronic). [Google Scholar] [Crossref]

18. Nikhil, A. (2020). Using AES Algorithm Encryption and Decryption of Text File, Image and Audio in Openssl and Time Calculation for Execution, IOSR Journal of Computer Engineering (IOSR-JCE), Vol. 22(6), 39-44, e-ISSN: 2278-0661, p-ISSN: 2278-8727. DOI: 10.9790/0661-2206013944. [Google Scholar] [Crossref]

19. Nirwan, S., Hamidin, D., & Azzalea, S. E. (2024). Implementation of AES-256 Algorithm for Encryption on Chatting Platforms, Iota, ISSN 2774-4353, Vol. 4(4), 617-624. https://doi.org/10.31763/iota.v4i4.80. [Google Scholar] [Crossref]

20. Nizamuddin, A. K. & Dolly, V. S. Y. (2024). Implementasi Kriptografi Berbasis Web dengan Algoritma Advanced Encryption Standard (AES) 256 dan Kompresi Huffman untuk Pengamanan File di SMK Satria, Jurnal TICOM: Technology of Information and Communication, Vol. 12(2), 50-55. [Google Scholar] [Crossref]

21. Nureni, A. A., & Onyema, J. C. (2018). Achieving Data Authentication with Hmac-Sha256 Algorithm, GESJ: Computer Science and Telecommunications, 2(54), ISSN 1512-1232, 35-43. [Google Scholar] [Crossref]

22. Okpu, E. O., Taylor, O. E., Nwiabu, N. D., & Matthias, D. (2024). A hybrid machine learning approach for intrusion detection and mitigation on IoT smart healthcare, International Journal, 13(7), 82-90. [Google Scholar] [Crossref]

23. Okpu, E. O., Taylor, O. E., Nwiabu, N. D., & Matthias, D. (2024). Comparative Performance Analysis of Cryptographic Techniques for Securing the Physical Layer in Internet of Medical Things (IoMT) Systems, International Journal of Computer Science and Mathematical Theory (IJCSMT), 157-170. [Google Scholar] [Crossref]

24. Okpu, E., & Taylor, O. (2025). Analysing the Integration of AES-256 Encryption and HMAC Hashing in IoT Smart Healthcare Systems, Ci-STEM Journal of Digital Technologies and Expert Systems, 2(1), 18-24. [Google Scholar] [Crossref]

25. Pasaribu, H., Sitanggang, D., Damanik, R. R., & Sitompul, A. C. R. (2018). Combination of advanced encryption standard 256 bits with md5 to secure documents on android smartphone, In Journal of Physics: Conference Series, Vol. 1007(1), 1-9, IOP Publishing. [Google Scholar] [Crossref]

26. Sabri, O., Al-Shargabi, B., Abuarqoub, A., & Hakami, T. A. (2025). A Lightweight Encryption Method for IoT-Based Healthcare Applications: A Review and Future Prospects, IoT, 6(2), 23. [Google Scholar] [Crossref]

27. Shuwandy, M. L., Salih, A. K., Khaleel, F. L., & Habbal, A. M. M. (2010). Switching between the AES-128 and AES-256 Using Ks * & Two Keys, IJCSNS International Journal of Computer Science and Network Security, Vol.10(8), 136-139. [Google Scholar] [Crossref]

28. Syabdan, D., Emansa, H. P., & Muhammad, A. F. (2023). Restful Api Security Using Json Web Token (Jwt) With Hmac-Sha512 Algorithm in Session Management, IT Journal Research and Development (ITJRD), Vol. 8(1), E-ISSN: 2528-4053, P-ISSN: 2528-4061. [Google Scholar] [Crossref]

29. Taofik, I., Hura, I. A., Aziz, M. F. A., Pardamean, J., & Napitupulu, I. A. (2023). Implementasi JSON Web Token (JWT) untuk Authentication Data pada Aplikasi Bayeue Dengan Algoritma HMAC SHA-256, 1-8. [Google Scholar] [Crossref]

30. Vera Novak, Kun Hu, Laura Desrochers, Peter Novak, Louis Caplan, Lewis Lipsitz, and Magdy Selim (2010). Cerebral flow velocities during daily activities depend on blood pressure in patients with chronic ischemic infarctions. Stroke; a Journal of Cerebral Circulation, 41(1), 61–66. http://doi.org/10.1161/STROKEAHA.109.565556. [Google Scholar] [Crossref]

31. Vishwasrao, S., Abhishek, T., Chandrasekhara, M., Punit, Goel., & Anshika, A. (2024). Advanced Encryption Techniques in Healthcare IoT: Securing Patient Data in Connected Medical Devices, Modern Dynamics: Mathematical Progressions, Vol. 1(2), 224-247, ISSN: 3048-6661. [Google Scholar] [Crossref]

• “Next-Generation Cybersecurity Through Blockchain and AI Synergy: A Paradigm Shift in Intelligent Threat Mitigation and Decentralised Security”
• Forensic Payroll Analytics for IPPIS: A Hybrid Anomaly-Detection Framework to Expose Payroll Fraud, Improve Data Governance, and Protect Employee Rights
• Factors Influencing Data Protection on Global Trade
• Development Of Artificial Intelligence-Based Model for Forensic Analysis of Cross-Platform Deepfakes
• Cyber Threats and Nigeria’s National Security: Assessing the Role of Regional Cooperation in West Africa