Interconnected and latency-sensitive systems require cryptographic designs that deliver authenticated confidentiality with predictable cost on constrained hardware. This work presents CryptoShield, a multilayer framework that composes Elliptic Curve Diffie-Hellman (ECDH) for key agreement, AES-GCM as the sole AEAD channel, and ECDSA for origin authentication under explicit key-separation and nonce-management policies. A PBKDF2-HMAC derivation path with entropy-enhanced salting increases effective key unpredictability, while optional XOR pre-processing serves as a statistical de-biasing filter and carries no independent confidentiality or authenticity claim. The elliptic-curve pipeline includes scalar-multiplication optimizations and structure-preserving mappings (e.g., endomorphisms, tensor/isogeny post-processing) to reduce computation and increase algebraic diversity without altering baseline assumptions. The contribution includes two elements: (i) A composition which divides primitives into separate sections to demonstrate their functions and connections and security specifications and (ii) Experimental evidence shows that authentication security and system performance improve when partitioning is used with entropy-based derivation and curve-level optimizations in performance-critical applications that need both high assurance and speed. The researchers tested CryptoShield through simulations that used KDD Cup 1999 and UNSW-NB15 and IoTID20 traffic profiles to generate realistic message sizes and batching scenarios. Across these profiles, the system attains encryption and decryption latencies under 10 ms, including 8.7 ms and 7.9 ms, respectively, on IoTID20, with throughput up to 5010 ops/s. Authentication strength is quantified via entropy measurements: MAC entropy reaches 243 bits and derived key entropy is 256 bits, exceeding comparable baselines reported for EGCM, ANAF, and ASMD on the same workloads.
Weam Gaoud Alghabban (Tue,) studied this question.