JOURNAL OF CONTROL AND DECISION https://doi.org/10.1080/23307706.2022.2067253 Secure android IoT mobile and collaborative machine learning for controlling the management of enterprise Hamza Mohammed Ridha Al-Khafaji a and Refed Adnan Jaleel b a Biomedical Engineering Department, Al-Mustaqbal University College, Hillah, Iraq; b Information and Communication Engineering Department, Al-Nahrain University, Baghdad, Iraq ABSTRACT There is a need for increased security measures because of wide variety of android Internet of Thing (IoT) mobile devices that can communicate with each other via networks for controlling the management of enterprise. Elliptic Curve Deffie Hellman (ECDH) and Rivest Shamir Adle- man (RSA) are used to secure data in android IoT phones in efficient manner. Android mobile can store a lot of data, including sensitive data. Protecting data saved on mobile has become a critical problem. In android IoT, Collaborative Machine Learning describes a method for col- laboratively mining data, which makes it easier to manage and lowers cost of maintenance. To increase security in IoT phones, suggested system uses ECDH, RSA, and CML algorithms, which have been considered novelty of this method. RSA and ECDH are computed using time of decryp- tion, encryption, and key generation. Conclusions show ECDH beats other alternatives like RSA. Finally, all users of the network have been tested. ARTICLE HISTORY Received 28 January 2021 Accepted 12 April 2022 KEYWORDS IoT; ECDH; RSA; CML; android; encryption; decryption 1. Introduction Almost everyone in a developed country these days relies on devices of mobile-like tablets, computers, and IoT phones (Subramanian & Tamilselvan, 2020). Some of these devices store, handle, and transmit sensitive and private data as personal and work helpers. Many mobile apps now use cryptographic techniques or ofer security services (Stahl et al., 2010). It’s unfortunate that some of these programs are not designed to be safe, and others may not implement the cryptographic prim- itives appropriately. However well-implemented they are, cryptographic primitives may become obsolete in the following few years, which may have an impact on their usefulness. An example of a widely used cryp- tosystem that may soon run out of resources is the RSA cryptographic key exchange protocol. However, for some professional groups, such as lawyers, journalists, and law enforcement ofcers, the security challenges in the mobile computing environment may be of essen- tial importance (Dar et al., 2021; Jang-Jaccard & Nepal, 2014). As a result, it’s critical to handle these issues in a methodical manner. Engineering and implementa- tion of a security-focused mobile app is the emphasis of this master’s degree. The program was built from the ground up to be secure for the Windows Phone 8.1 Operating System (OS), which was, at the time of writ- ing this dissertation, the platform with the most discrete ofer in terms of such apps (Salem et al., 2017). The application allows users to securely share cryptographic secrets, encrypt and digitally sign messages and fles, manage contacts and encryption keys, and generate and store safe passwords. The discrete logarithm problem is regarded to be more difcult for the Elliptic Curve Cryptography (ECC) theory, whereas key handling is easier (Aggrawal et al., 2018; Zhou et al., 2015). One of the contributions of this study (He et al., 2016) is a library defning a set of curves and containing the pro- cedures and operations supporting the ECC primitives, which was created from scratch because none existed. The work progressed from a review of the current state of the art through an in-depth study of requirements and software engineering, culminating in the creation of a prototype. This involved the development of the trust model for the exchange of public keys and the design of a database to support it (Tewari & Gupta, 2017; Zhang et al., 2018). 2. Motivation and problem statement Because the operating systems mentioned in the previ- ous section are often operated on resource-constrained mobile devices, encryption techniques like RSA may not fnd a home there due to their intensive compu- tational nature. It is far more difcult in asymmetric encryption to exchange secret keys during the exchange of information between the two mobile phones than in symmetric encryption, where both the receiver and sender use a single secret key for both encryption and CONTACT Refed Adnan Jaleel refed.adnan@coie-nahrain.edu.iq © 2022 Northeastern University, China