Open Access

ARTICLE

Hybrid Encryption Model for Secure Token Distribution Scheme

Michael Juma Ayuma^1,*, Shem Mbandu Angolo^1,*, Philemon Nthenge Kasyoka²

1 Department of Computer Science and Information Technology, School of Computing and Mathematics, The Co-operative University of Kenya, Nairobi, Kenya
2 School of Science and Computing, South Eastern Kenya University, Kitui, Kenya

* Corresponding Authors: Michael Juma Ayuma. Email: ; Shem Mbandu Angolo. Email:

Journal on Internet of Things 2026, 8, 31-65. https://doi.org/10.32604/jiot.2026.074919

Received 21 October 2025; Accepted 30 January 2026; Issue published 16 March 2026

Abstract

Encryption is essential for safeguarding sensitive data by transforming it into a secret code, which can only be decrypted by authorized parties. This ensures privacy and protects data from unauthorized access. While various encryption algorithms exist, relying on a single method may not provide sufficient security, particularly in the context of token transmission. Common threats such as brute force attacks, man-in-the-middle (MITM) attacks, token modification, and replay attacks are prevalent in adversarial attempts to breach the security of tokens during transmission. When these vulnerabilities are not addressed, they can compromise token integrity and the security of the entire authentication process. This study aims to design an efficient cryptographic protocol for the secure transmission of tokens by investigating existing encryption techniques and developing a hybrid cryptographic scheme. Unlike traditional encryption methods, hybrid cryptography combines multiple encryption algorithms to enhance security, making it more resilient against various types of attacks. Previous applications have shown that hybrid cryptography can effectively ensure confidentiality and prevent unauthorized access to highly sensitive information, such as user credentials and authentication tokens. The proposed model integrates Secure Hash Algorithm (SHA-2), ChaCha20, and Rivest-Shamir-Adleman (RSA). SHA-2 is used to ensure the integrity and confidentiality of the data, providing protection against brute force and relay attacks during token transmission. ChaCha20, a symmetric encryption algorithm, is employed to securely generate private keys for encrypting the tokens, while RSA, an asymmetric encryption method, facilitates secure key exchange within the hybrid system. The design is based on computational complexity theory, where the increased complexity of encryption operations significantly strengthens the system against adversarial attacks. This hybrid encryption model specifically addresses the security of token transmission, offering a robust solution for secure token distribution across diverse fields such as healthcare, education, agriculture, and commerce. By evaluating the impact of adversarial models on hybrid encryption schemes, the study provides insights into mitigating security risks and improving the resilience of token transmission systems.

---

Keywords

---