Cryptography Algorithms For Enhancing Io T

Internet of Things 22 (2023) 100759
Contents lists available at ScienceDirect
Internet of Things
journal homepage: www.sciencedirect.com/journal/internet-of-things
Research article
Cryptography Algorithms for Enhancing IoT Security✰

Fursan Thabit a, b, *, Ozgu Can c, *, Asia Othman Aljahdali d, Ghaleb H. Al-Gaphari e,
Hoda A. Alkhzaimi f
a
Assistant Professor Faculty of Computer and Information Technology Sana’a University, Yemen
b
Postdoctoral Researcher, Department of Computer Engineering, Faculty of Engineering, Ege University, Turkey
c
Assoc. Prof Dr., Department of Computer Engineering, Faculty of Engineering Ege University, Turkey
d
Assoc. Prof, Cybersecurity Development, University of Jeddah, Saudi Arabia
e
Professor, Faculty of Computer and Information Technology, Sana’a University, Yemen
f
Ass. Prof, Cybersecurity Development, New York University, Abu Dhabi, UAE
A R T I C L E I N F O A B S T R A C T
Keywords: In today’s fast-paced world, a new technology paradigm known as the Internet of Things (IoT) is
IoT advancing every business. It provides communication between the digital and physical worlds,
Privacy transforming the way people do business quickly. The IoT is a network of physical objects (things)
preservation
equipped with sensors, intelligent networking, radio-frequency identification (RFID), and other
Algorithm
technologies that communicate and exchange data with other systems and devices online. IoT
Ciphers
Lightweight cryptography security applications are now significantly more prevalent worldwide. IoT is driving the real world to
requirement, Threats, Attack, Mitigation become more intelligent in several industries, including smart grids for electricity, intelligent
techniques traffic, and smart homes and buildings. As a result, predictions and research point to over 50
billion connected devices by 2020. It will be required to safeguard this growing volume of data
during exchange because the amount of data being transmitted will be quite enormous. Data
security is represented by cryptography, an essential tool (algorithms) in security, which is why
many researchers are developing cryptographic algorithms to improve the Security of IoT. This
survey paper introduced an overview of IoT technology, architecture, and applications and a
detailed analysis comparing all cryptographic algorithms and their use in day-to-day life activ
ities. This paper discusses lightweight block ciphers, stream ciphers, and hybrid ciphers. The
report evaluates security algorithms, comparing performance and robustness with the computa
tional complexity of these techniques. Finally, the survey presents IoT security challenges,
threats, and attacks with their mitigation techniques.
1. Introduction
In recent years, important technologies have been widespread, including mobile computing, wireless sensor networks, and
advertising networks. Generally, the emerging developments based on the internet and embedded technologies have made it possible
to connect the things around us everywhere. A ubiquitous concern has been given to IoT, considering it opens up some fantastic
prospects for many state-of-the-art applications. Through the integration of numerous sensors and items, the (IoT) enables direct
✰
Category: IoT Security.
* Corresponding author.
E-mail addresses: [email protected] (F. Thabit), [email protected] (O. Can).
https://doi.org/10.1016/j.iot.2023.100759
Available online 23 March 2023

2542-6605/© 2023 Elsevier B.V. All rights reserved.
F. Thabit et al. Internet of Things 22 (2023) 100759
human-free communication between them.

The "things" in (IoT) are tangible objects like sensors that track and collect data on all technological systems and human social
behavior. The IoT is the next modern approach because it provides access to billions of intelligent devices and exchanges data, sur
veilling, and control for services such as home automation systems, connected health care, security surveillance, agriculture, power
grid, business process management, critical infrastructure control, maintenance and remote monitoring, and so on. Because of ad
vancements in IoT, the current environment allows us to save a lot of money in business. [1]. Currently, IoT technologies are widely
deployed in the healthcare sector [2]as well as in smart cities [3,4], and intelligent homes [5]. However, the expanding number of
consumers and their increasing processing demands cannot be satisfied by IoT technology alone. Offloading IoT calculations to the
cloud have therefore become crucial. The IoT world’s success necessitates the merging of several communication infrastructures. As a
result, intelligent gateways have been developed to connect IoT devices to the systematic Internet [6]. A study showed that, in 2022,
the expected number of connected machines to the internet might reach 28.5 billion; this number is greater than the number obtained
in 2017, when it was 18 billion connected devices. It is also expectant that by 2022, the average number of connections and devices
used by users will increase by up to 51% [7]. The rising computational resources in diverse application domains and the disruptive use
of IoT devices have resulted in a wide range of aggressive vulnerabilities or attacks. Such attacks can result in fatal failures and data loss
across multiple domains.
The core challenges in an IoT context are confidence-related concerns like privacy, verification, configuration system, access
control, authorization, information storage, and administration [8,9] Applications of IoT, such as those for smartphones and embedded
devices, For example, assist with the development a digital environment for international connection that enhances people’s lives by
being perceptive to, adaptable to, and responsive to human requirements.
Data security is represented by cryptography, which is an essential tool (algorithms) in security. The primary function of cryp
tography algorithms is to make secure communication possible in the face of adversaries or harmful outside parties. Encryption turns
an input (i.e., plain-text) into an encrypted output using an algorithm and a key (i.e., cipher-text). The type of cryptography includes
symmetric key encryption methods with two forms (a) Block cipher and (b) Stream cipher
• A block cipher uses a single data block. The plain text or message is broken down into blocks; each is operated separately using a key
and a cryptographic mechanism.
• The stream cipher enables algorithms to perform encryption an-d decryption of shared data using a symmetric key mechanism.
• Requirement of Security: The essential requirement of confidentiality, availability, and integrity is defined as follows:
1 Confidentiality: The term "confidentiality" measures prevent sensitive information from unconstitutional access attempts. It
needs to preserve the sensitive database and information from unauthorised data access.
2 Availability: It ensures that data is consistently and readily accessible for authorized parties and properly maintains connected
components, including hardware and technical infrastructure, model, and systems to keep data and show the information.
3 Integrity: It defines the way to maintain the consistency, accuracy, and trustworthiness of data
This study thoroughly summarizes the encryption techniques by analyzing all cryptographic algorithms and their use in day-to-day
activities. This paper discusses lightweight block ciphers, stream ciphers, and hybrid ciphers. The report evaluates security algorithms,
comparing performance and robustness with the computational complexity of these techniques. The following research question we
address through our study is in line with the research objective.
1) What is the need for the IoT?

2) Are there any restrictions to IoT integration?
3) What are the IoT security issues and strategies?
4) What is the role of cryptography techniques in IoT security?
5) What are the Challenges of cryptography techniques when applied to IoT security?
6) Are there any standards to design stable cryptography techniques for IoT?
a How can lightweight cryptography be used to protect an IoT structure?
b What significance will the findings have on the future of IoT research?
1.1. Motivation
In an IoT context, security challenges, including privacy, secure storage, authorization, communication, access control, and
administration, are fundamental and complex problems.
The widespread stabilization of IoT devices and services leaves the nodes vulnerable to attacks. Standard security models suffer
from several drawbacks and frequently fail to identify the physical dangers in the network because of the restricted computing power.
Since only the authorized user should have access to the data and update it often for intelligent applications, IoT security should be
improved with ensured connectivity. The finest algorithms for IoT Security resources are cryptography algorithms. In this context,
traditional encryption algorithms provide data processing and security. These algorithms need large mathematical operations and
need large memory and power. They are, therefore, not suitable for encryption on IoT devices. However, these devices are currently
widely utilized in the Internet of Things, which balances performance and security using lightweight encryption.
2
1.2. Major contributions
Since the IoT is a complex, dispersed and heterogeneous system, privacy and security are some of the issues it must deal with. Data
security and privacy preservation are essential for IoT applications. RFID systems and wireless sensor networks both come with
password encryption technology to safeguard the integrity and confidentiality of data [10]
Asymmetric and symmetric encryptions are employed in this context for these goals. Identity authentication and access control are
used to establish the link between two things in a specific network in order to ensure that only genuine and legitimate data is sent and
to identify the real identities of both parties while preventing disguised attacks [11,12]
The IoT Security device is becoming more significant with the growing number of users and services in IoT networks. The effec
tiveness of smart objects is increased by the fusion of IoT devices and intelligent environments. However, in crucial smart environ
ments employed in sectors like intelligent irrigation and industrial, the effects of IoT security flaws are quite catastrophic. Services and
Applications in IoT-based intelligent environments will be threatened if security weaker information security in IoT applications
necessitates additional study to address these problems since availability, integrity, and secrecy are three fundamental security
principles of services and applications based IoT- in intelligent environments.
Data encryption ensures that transactions cannot be revoked and enables the delivery of integrated, secret messages to genuine end
users or systems. Here, authentication aids both parties in the communication process in determining each other’s genuine identities
and identifying their intended recipients. When a message is delivered confidentially, its contents are kept private. Integration ensures
that message content is preserved in the form in which the original user sent it [13]. Both sides of the contract appear to feel responsible
for fulfilling their obligations of supporting and helping one another. The discussion of cryptographic algorithms will continue in this
article. The following is a brief summary of our contribution:
• The most advanced asymmetric and symmetric cryptography algorithms for data security in IoT are reviewed and analyzed in this
literature study.
• A comparative examination of cryptographic algorithms has been undertaken regarding availability, integrity, confidentiality,
authentication, authorization, non-repudiation, anonymity, accountability, and type of attacks.
• This study investigates IoT vulnerabilities using cryptographic techniques that enhance IoT adoption.
• Analyses of similar research that focus on using cryptography techniques to prevent attacks.
Finally, a statistical analysis of published publications on security IoT aspects based on cryptographic algorithms and an analysis of
the attack type and IoT security challenges was provided. Academics will benefit from this study’s help in better comprehending the
potential of published research in a particular area of interest.
1.3. Organization of the paper
The breakdown of the paper’s structure is as follows: The background is described in Section 1, and the literature review is offered
in Section 2. Section 3 concentrates on the research methodology. Section 4 focuses on the introduction, architecture, and applications
of IoT in depth. Section 5 contained IoT Cyber security Challenges. Section 6 addresses IoT threats and vulnerabilities. Section 7
introduces IoT security, while Section 8 evaluates Existing Security Techniques for IoT environments. Section 9 examines cryptography
techniques for IoT security. Finally, there is a discussion in Section 10 and a conclusion and recommendation in Section 11.
2. Related work
The ecosystem of IoT consists of a huge network of tangible things, actuators, and sensors that are linked together to create an
intelligent entity that is able to communicate with end users and the outside world. Everyday items, appliances, and equipment are
networked together and may be remotely handled via smartphones in IoT environments. IoT devices are created to use less electricity
while reasonably priced because they have limited resources. IoT solutions are still in their infancy, and many problems must be
solved. As a result, businesses and organizations using IoT technology must carefully consider the Security of IoT infrastructures.
Furthermore, a new trend has emerged in analyzing real-time threats based on machine learning techniques. Novel algorithms are
proposed based on machine learning to monitor the behaviors of users or software over the network; even if the correct password is
provided but the behavior is an anomaly, accessing a service in an IoT network is not permitted.
According to a Gartner report [14–16], By 2022, the IoT will produce more than $300 billion in income, excluding PCs, tablets,
and smartphones. Furthermore, by 2020, the total number of tablets and smartphones sold will have risen to 7.3 billion units. The
devices will represent a significant network complex via massive amounts of data transmitted. As the IoT grows in popularity, it
confronts new hazards and concerns, such as managing enormous volumes of data, processing capacity, dealing with power con
sumption, resolving security threats, and encrypting/decrypting massive amounts of data. In an IoT environment where several
intelligent devices are connected, there is a growing necessity for using appropriate cryptographic solutions in embedded applications
to handle these problems, based on the study by [17]. According to the study by [18,19], Numerous things may now be connected to
the IoT using various smartphone sensors thanks to advancements in smartphone technology. But as the IoT is deployed widely, the
need for doing so is quickly growing, which raises serious security issues.
In the study by [20], IoT devices generally run both IoT and device functions and are resource constrained, making it difficult to
embed security policies on IoT devices. To protect physical devices from unauthorised access by malicious users, the authors proposed
3
an agent-based security mechanism that separated the IoT function from the device function. The fundamental purpose of this research
is to isolate IoT functions from devices and implement them in a cloud environment. The authors in this article also proposed an
architectural framework for IoT agents in which virtual clones of IoT devices run in a cloud environment.
A brief classification of existing security vulnerabilities in IoT architecture, communication, and cloud-based IoT applications, has
been provided [1]. The fundamental purpose of this research is to provide an in-depth discussion of the several security mechanisms
proposed and the common security challenges in the varied environments of cloud-based IoT, as well as to improve the Security of IoT
-based cloud. The authors [21] identified, classified, and explored many security concerns and cutting-edge techniques to address these
challenges. Similar to [21], the authors [6] obtainable an advanced review of IoT security and related problems by legal and technical
solutions that organizations can use, private and governmental entities.
A systematic way to understand IoT systems’ security needs to create future safe IoT systems was highlighted [7]. Various scenarios
were offered, as well as an explanation of potential risks and attacks within the IoT. Such attacks and threats were categorized into five
groups: communications, users, device/services, resource integration, and mobility. In general, a secure IoT system can be created by
combining the advantages of usability, flexibility, scalability, and connectivity comprehensively and practically. The authors [22]
examined IoT security concerns, requirements, limitations, and present and future solutions in depth. The study was created based on a
taxonomy that uses the three-layer IoT architecture to define each layer’s security challenges and needs. The author [23,24] proposed
a middleware concept in this work to provide end-to-end fog-cloud communication and security. High-level security is desirable, but it
is not always required. Based on this concept, the authors proposed middleware that includes two concepts: session resumption and
flexible security. When a recently disconnected device wants to reconnect, session resumption provides intermittent security by
reusing encrypted sessions from recent past sessions. Another feature, flexible security, allows users to configure their security re
quirements flexibly to meet their needs rather than blindly following rigid security requirements. This feature enables the user to
choose wisely between security and data transfer speed. The authors [25] presented a review that compares IoT devices’ operating
systems in terms of their programming models, architecture, networking technologies, scheduling methods, power and memory
management techniques, and other factors needed for IoT applications. Furthermore, a review was conducted to discuss several ap
plications, issues, and case studies in IoT environments.
The author [26] proposed a device-based security mechanism for protecting IoT devices from the attacks-based network while
maintaining high availability in this work. Direct interaction with a real IoT device is restricted by this mechanism, which uses a virtual
mirror device of the real IoT device. This virtual device is built using cloud infrastructure. As a result, all external users who want to
interact with an IoT device can only do so through its mirror machine. As a result, no direct communication exists between an external
entity and a genuine IoT device. The mirror device and the real IoT device communicate with each other via special synchronization
protocols, and all other IoT device interfaces are turned off. Through an investigation of edge computing, a comprehensive review was
undertaken to improve the performance of IoT networks [27]. Edge computing was divided into various groups depending on the
architecture, and each performance was evaluated by comparing bandwidth usage, network latency, overhead, and energy
consumption.
Furthermore, security challenges in edge computing were addressed, with each group’s security strategies being evaluated for
integrity, availability, and confidentiality. Besides, a security evaluation model for IoT networks was proposed based on edge
computing.
Finally, the performance of numerous IoT applications was tested using standard cloud computing against conventional cloud
computing. On the other describe, the authors [28] presented a study that focuses on techniques of the key establishment process at the
application layer, specifically the evaluated ephemeral Diffie_Hellman over COSE (EDHOC) protocol, which serves as the de facto key
setup mechanism for the OSCORE protocol (Object Security for Constrained_REST_ Environments). Moreover, Compact EDHOC was
proposed based on EDHOC, which is a lightweight alternative that uses the core protocol to collect the security parameters. Extensive
testing has been carried out with simulation tools and IoT devices to achieve end-to-end security properties.
The authors [29–32] proposed an encryption mechanism based on the ABE scheme and the fog computing concept in this work. In
addition to ABE, they used the attribute-based signature (ABS) scheme for authorization in the fog node. Most of the computational
parts of encryption, decryption, and authorization are performed at the fog node, significantly reducing the workload of the IoT node.
In the proposed scheme, the user first encrypts their data with an updated ABE scheme before sending it to a cloud server. Only
authorized users can access and update decrypted data, as well as outsource it again, under this scheme. In addition, the author
provided a mechanism for offloading the computational workload to a fog node rather than doing it on an end IoT device [33,34]. The
authors developed a lightweight authentication mechanism and protocol To increase IoT Security. The author provided the BAN logic
model and the AVISPA protocol tool to demonstrate security quality. The communication protocol is 2816 bits long, whereas the
identity (user, server), password, a random nonce, and the message digest are each 128 bits long. The recommended algorithm’s
security is evaluated using several measures. Evaluation criteria include user identification, key sensitivity, session length, one-way
hash function, and logging. This study has certain shortcomings. The Authors [35–39] proposed secure communication architec
ture for a resource-constrained IoT device and a standard Internet host in this work. The proposed architecture includes
DTLS-protected secure CoAP protocol for IoT devices and cloud-based hosts.
The Authors [40–42] Address the issue of wearable device communication and authentication. Because they are smaller, wearable
technology does not have adequate storage. For securing wearable devices, the authors advised symmetric and asymmetric encryption
algorithms. The author demonstrated initialization, authentication, and paring experiments. Which gives you more security? The
author analyzed the time costs associated with communication, cryptography, keys, session keys, wearable technology, cloud
computing, and smartphones. Wearable without displays could not have been used using the proposed strategy. [43] The authors
emphasized the significance of specialized approaches and architecture in designing secure IoT networks. Besides, the security,
4
current, and future development requirements were addressed. A comprehensive study based on IoT security architecture was con
ducted by [44], as well as the significant challenges and technologies that involve (WSN) wireless sensor networks and (RFID) radio
frequency identification were analyzed and discussed. Moreover, some protocols, open-source tools, and platforms suitable for the IoT
environment were presented.
In [45], IoT-Keeper proposed a sophisticated system capable of safeguarding the network in real-time against malicious threats
using semi-supervised machine learning techniques. IoT-Keeper. The proposed approach employs a lightweight intrusion detection
system to protect both device-to-infrastructure and device-to-device connections when utilizing the gateway’s limited resources. A
review showing the IoT security requirements was presented, focusing on sensor-related challenges [46]. On the other hand, the
authors introduced a detailed literature review covering IoT architecture [47].
The authors proposed an architecture based on pluggable and reprogrammable (PLAR) software to secure IoT devices in an
environment [48]. They also reported an initial feasibility study focused on avoiding authentication attacks by reconfiguring the
proposed architecture to achieve an improved authentication module. In [49], the authors utilized Trusted Execution Environment
(TEE), a software used to protect cryptographic keys in the IoT perimeter and supported by various embedded systems. First, the
authors reviewed existing block chain-based IoT solutions to create an effective framework for integrating blockchain and IoT [50].
Then, a new distributed IoT remote accessing system based on block chain was proposed, which can protect IoT devices from zero-day
attacks without the need to use a trusted third party. Three data encryption strategies were suggested by the authors of this article [51]
to protect data being shared online. AES, DES, and RSA were the three encryption methods employed by the writers. The implemented
approaches are contrasted based on several criteria, including packet size, encryption, and decryption times.
The authors explored the history of IoT systems and security indicators [52] to study various security and privacy issues, current
security solutions, securing IoT components in an environment based on new approaches, and appropriate privacy models for each IoT
layer. They presented a novel, general, and flexible IoT layered model supported by privacy, security, and identification components;
namely, a cloud/edge was implemented and evaluated. The lower layer was generated by Amazon Web Service (AWS), while the
middle one (edge) was built as a Raspberry Pi 4 hardware kit based on the Green grass Edge AWS environment. Moreover, the top layer
was implemented using AWS’s cloud-enabled IoT environment. They also used security certificates to securely transmit data between
the suggested cloud/edge-based IoT layers.
The Authors [53–56] discuss the usage of elliptic curve cryptography (ECC) in low computational devices such as Internet of Things
(IoT) devices owing to its efficacy in producing tiny keys while retaining a robust encryption mechanism. This researcher [57–59]
addresses the necessity for lightweight cryptography and how it differs from traditional block ciphers in design—an overview of some
lightweight-cryptography methods. In [60], a web service was developed to monitor the IoT devices’ status to improve the security of
such devices. The proposed system continuously analyses the internal logs; when anomalous evidence is detected, such as unau
thorised requests from external IPs, several responses will be issued to block such requests or to inform the manager of IoT devices. The
authors in [61] reviewed different authentication and encryption methods with proposed IoT algorithms to prevent various attacks.
3. The research methodology
Scientists have created various security advances in IoT, such as encryption, trust, and access control, but they are scattered and
require more excellent rationale. To analyze IoT security insurance holistically, it is necessary to carefully summarize, review, and
answer recent research development in various sectors. This study will talk about IoT Security concerns and the kinds of IoT attacks, as
well as talk about IoT security techniques .to outline Security in IoT based on cryptography algorithms and do the four stages that
accompany it:
• Search: Search by IEEE Xplore Digital Library, Springer, and ScienceDirect by Keyword and Boolean "+" Operator. " Cryptography
Algorithms " + "Issues " + "Threats "+" on IoT environment" selecting paper titles by decision and assessment:
• Selection and assessment are identified with Cryptography Algorithms for Improving the IoT Security, the last 54 articles.
• Analysis: Analysis: Of the 54 publications, 23 articles fully disclose the types of cryptographic algorithms for strengthening IoT
security. Based on each article, that point discovered many kinds of threats, assaults, and security algorithms from one paper.
• Summarize the outcomes: The types of risks identified in step 4 correspond to the types of IoT service resources that can be harmful
due to threats or cyber-attacks. The findings examine IoT security Algorithms and suggest a comprehensive security protection
system based on cryptography algorithms.
4. The Internet of Things (IoT)
Several things in the IoT environment employ precise addressing mechanisms to communicate with one another and accomplish
predetermined goals, including mobile phones, RFID, sensors, actuators, and other intelligent devices. Wireless networks have recently
made these things even more pervasive [62–65]. IoT is a new technology that has become very popular recently. IoT is a network of
physical objects, gadgets, buildings, automobiles, and other items with sensors, electronics, software, and network communication
capabilities incorporated into them to gather and exchange data [66–68]. The IoT has led to a continuous universal connection be
tween people and things. As a result, the IoT is extensively used in various applications and is the next important link in the new
technology field. Due to the resource restrictions of IoT devices, however, high-complexity tasks and huge volumes of data storage are
always handled by the resource-rich cloud paradigm in the IoT context, which significantly improves their efficiency. IoT devices, for
example, create massive volumes of data, putting enormous demand on the IoT.
5
Fig. 1. Depicts a five-layer IoT infrastructure [7].
4.1. IoT architecture
Kevin Ashton of the Massachusetts Institute of Technology suggested the (IoT) as a novel concept based on RFID in 1999 [69]. RFID
technology allows all network elements to be networked, easily identified, and monitored. The internet now connects various sensing
devices, including Zig Bee, RFID, IR (Infrared), GPS, WIFI, and UMTS. These devices interconnect and exchange information via a
variety of protocols. Objects allow for the communication of information in remote places. IoT has a huge number of sensing devices
that communicate a vast amount of data that must be securely distributed [70–72]. Any sensing device in the Internet of Things has its
unique identification and identifier (an IP address or URI). IoT devices are connected to an information network to exchange data with
other devices. In order to communicate information, these devices may recognize and identify by other comparable machines on the
web. Because specific devices are integrated and function efficiently with the infrastructure system, the IoT system becomes even more
intelligent. Data from various networked devices is gathered and analyzed in this manner. For example, data from various IoT weather
monitoring equipment is collected and used for forecasting. Simply stated, the IoT architecture comprises hierarchical layers that make
up an IoT system. The application, network, and perception layers are the three most significant layers. Each layer can have its specific
technology, and even devices inside the same layer may use a separate one. This is done to provide the network with as many services
as possible, each with its requirements and constraints.
For IoT contexts, various architectures have been presented in the literature. Many advocated a three- architecture layer that
contains the perception, network, and application layers [22]. At the same time, other researchers offer a four-layer design that in
cludes a sensing layer, an application-interface layer, a network layer, and a service layer [7]. However, no generic IoT architecture has
evolved into a widely accepted reference model [7,22]. Moreover, a discussion on the support of a five-layer design for IoT applications
and services has been presented, as shown in Fig. 1, as opposed to the three and four-layer architectures [22]. User interface, service
composition, application, network management, and device sensing layers are five-layer architecture [22].
Furthermore, additional basic security requirements are presented, such as authorization, authentication, trust management, and
identity management, as shown in Fig. 1.
There are two dimensions to develop the level of security in the system: the vertical and horizontal dimensions. The horizontal
dimension provides the required level of security that should be implemented at each level, while the vertical level shows the required
6
Fig. 2. IoT classification.
system functions. The components, significant functionalities, and well-known security matters are depicted for each layer.
4.1.1. User interface layer

This layer is responsible for delivering the functionalities of the application layer (activities or services) to the end-users interfaces
using standard web services for service composition and protocol [73]. Data confidentiality, illegal data access, user authentication,
authorization, and service availability are common security challenges in this layer.
4.1.2. Application layer

It is the IoT architecture’s visible outer layer that aims to satisfy both commercial and academic needs. In diverse contexts, the
application layer is in charge of several tasks. It obtains data from the middleware layer, which it processes to the end user’s top-notch
services. The application_layer issue primarily affects how sensitive data is used, including illegal data access, malicious data recti
fication, and permission lifespan. Therefore, hackers can access and change crucial data. Based on the authors [70], The application
layer provides a set of services in the network. As mentioned earlier, it processes data from the middleware layer. As part of this
process, devices and services are monitored, events are identified, communications are managed, rules are administered, input and
output are managed, information is logged, and remote administration is carried out. The perception layer is directly related to each of
these services. The middleware layer serves as a liaison between the application and perceptual levels to facilitate data processing and
information transmission.
4.1.3. Middleware layer

This layer handles the network layer’s data exchange, processing, and storage in the cloud database. Additionally, it provides the
necessary APIs to the application layer. Increased cloud computing and IoT growth determine the storage and processing power of the
middleware layer. The cloud’s and database’s security also influence service quality in the application_layer [70]. Authentication and
processing are the two halves of the processing procedure. The Authentication Center (AC), Devices Services Monitoring Agent
(DSMA), and Information Logging build up data authentication. On the other side, data processing involves preserving policies,
managing communication, identifying events, and remote management. Following validation, the acquired data is transferred to the
application layer and preserved with a signature in the information logging.
4.1.4. The network layer

The network layer manages IoT infrastructure connection. It gathers information from the perception layer and transmits it through
a wired or wireless connection to the middleware layer. Data transfer methods include Zig Bee, WIFI, Bluetooth, and 3 G. The layer
must avoid widespread attacks that weaken device cooperation and information exchange [74].
4.1.5. Perception layer

The perception layer is concerned with information gathering. There are two parts to this layer: the perception network and the
perception node (sensors, controllers, etc.), which connects the network, layer [75]. While the perception network layer carries out
control instructions for data transport and control, the perception node gathers and manages data. Examples of perception layer
technologies include ZigBee, RFID, sensor gateways, and sensor nodes [76].
4.1.6. Applications of cloud computing and IoT integration

Integration of two rapidly expanding technology domains offers a sense for a wide range of applications [32], distinguished by
characteristics, unresolved issues, and challenges. Some Cloud IoT applications are discussed below (Fig. 2).
• Agriculture
7
IoT’ potential contribution to agriculture is that it can help farmers choose more lucrative crops with lower production costs [77,
78]. Monitoring plants, soil, and animals, as well as controlling greenhouse settings, are just a few of the benefits of IoT in agriculture.
The quantity and quality needs for water, soil, herbicides, fertilizers, and other agricultural inputs are managed. The purpose of cloud
computing is to: Farmers in rural locations cannot regulate their administrative providers individually. They want vendors that can
provide comprehensive financial management together with a range of administrations. With IoT, a farmer may send crops directly to
clients over a greater region and just a small local one. This improvement will result in improved crop yields, more effective food
product sales, and production that are valuable to the real world.
• Healthcare
Several hospitals employ sensor networks to monitor a patient’s physiological data [79,80]. The healthcare industry’s first
contribution is the Internet of Things and multimedia services.
Cloud services and efficient smart devices support healthcare’s continual and systematic innovation by enabling affordable, high-
quality, ubiquitous medical services. Patients, health insurance pharmaceutical companies, Laboratories, hospital and physician
networks, and other organizations are just a few of the applications needed in this industry. The healthcare application produces huge
amounts of data (sensor data), and these data need to be correctly saved for further processing and analysis. In this sector, common
challenges include quality of service (QoS), security interoperability, and storage dynamicity.
• Intelligent Home and Smart Metering
The (IoT) has several uses for the home environment, including the usage of embedded devices to enable the automation of routine
in-home activities. Cloud computing is the most significant way to manage large amounts of data and construct universal apps with
fewer code lines. The following conditions must be satisfied for a single-family smart home to be accessed online and access reuse
services: Automation (each intelligent digital component of the house should communicate with each other), internal network con
nectivity (each home-based application should be linked to a service provider [81,82].
• Surveillance through Video
One of the essential intelligent things in a security-related issue is video surveillance, which serves as a monitoring and self-
management system. To meet the storage and processing requirements of complicated video analysis, cloud-based solutions are
required. Video surveillance aids in detecting, storing, and organizing video data from a camera through load balancing, fault-
tolerance algorithms, and data transfer to a large number of users quickly over the internet.
5. IoT cyber security challenges
According to [83,84] security is a significant hurdle that must be addressed before IoT can be deployed in the real world. IoT
security concerns are matched with the conventional (IS) Information Systems (SO) security objectives of confidentiality, integrity, and
data availability. Furthermore, there appear to be other security problems that are IoT-specific. For instance, when cloud computing
and IoT are combined, IoT platforms are susceptible to cloud-induced vulnerabilities like those outlined in the [85,86]. Another
significant risk vector is the use of substandard IoT products and services. These might put the long-term survival of IoT services in
danger. For instance, substandard things in terms of design, construction, date of manufacture or authenticity present severe risks to
IoT-enabled devices. [87].
Assume that organizations worldwide waste countless hours of money and time that could be used for more critical tasks related to
unanticipated devices and system failures brought on by poor or incorrect maintenance, as well as harmful and inaccurate instruction
from unreserved service personnel. Furthermore, according to the researcher, inadequate contractual performance, false information
from a business partner, and maybe IoT devices may be accepted for information processing and crucial business choices. Additionally,
the system’s intrinsic weaknesses, which expose the infrastructure set up to a range of attacks, are the root of most IoT cyber security
issues. Potential sources include data, network interfaces or ports, system programs, hardware (device), firmware, and system pro
grams. Furthermore, the system is vulnerable to network-related attacks and protocol errors because of the bidirectional communi
cation linkages between the objects. As instances of similar attacks, eavesdropping considers wireless scrambling, man-in-the-middle
attacks, message manipulation and injection attacks, and more. Despite the fact that security is frequently taken into consideration
when building IoT systems, security configuration errors can happen at any layer of the IoT communication architecture or in any
portion of the system application [88–90].
Additionally, semiconductor transient power variations result in signal loss and system failure. Component incompatibility and
attacks using physical devices, such as natural disasters, illegal device usage (like pilferage), and impersonation, are additional security
concerns with IoT devices. Novel research and entire system solutions focusing on the design of system architecture, firmware and
hardware reconfiguration, network hardening, and dynamic system application would be necessary to address these challenges.
5.1. IoT cyber attack
The IoT security architecture states that all three IoT levels are significant for IoT security issues. For instance, the absence of
8
Table 1
Vulnerability–threat matrix.
Vulnerabilities (V) Cyber-attack vectors (AV) Attack vectors Vulnerabilities
(IM) IP misconfiguration (DA) Device attack DA IP, MC, CE, D

(SI) SQL injection (AA) Application attack AA SI, D, CE
(D) DoS (NA) Network attack NA SI, D, CE
(DE) Code execution (WiA)Web interface attack WiA SI, D, XC, IP
(XC) XSS and CSRF (DA) Data integrity attack DA SI, CE
(MC) Memory corruption
transport encryption results in unsafe communication between the device and the cloud, the device and mobile applications, and the
device and another device. A widespread vector for accessing IoT devices results from insufficient authentication and authorization
measures. IoT systems that use MQTT, DDS, Zigbee, and Zwave protocols may provide authentication. There is still a danger that
communication might be hacked, even if the developer provides the authentication mechanisms required for IoT connectivity, pairing,
and messaging. In order to study the many kinds of existing IoT security solutions, this section discusses relevant studies that
concentrate on IoT risks and vulnerabilities. The following efforts focused on threat and vulnerability security solutions in IoT ar
chitecture and applications.
Based on the preceding challenges, the taxonomy of cyber security attacks on object-to-object communications is presented based
on the initial problems by analyzing system vulnerabilities concerning probable threat actors. Six categories of vulnerabilities are
covered in this taxonomy. Examples include SQL injection, IP misconfiguration, DoS, memory corruption, code execution, and XSS and
CSRF. Physical (device) attacks, application (software) attacks, network attacks, web interface attacks, and data attacks are all threats.
Our suggested vulnerability-threat matrix is shown in Table 1. Threat vectors are paired with their relevant vulnerabilities in columns
3 and 4.
• Application Service Attack
This attack affects applications systems (web, mobile, etc.) used by different system components. Numerous sessions are active in a
typical Internet of Things application locally and on the server. Most of the time, apps are owned by (ASPs) application service
providers or other companies. As already said, these applications might likely put other associated systems in danger from cyber
attacks. Common flaws in this attack include SQL injection, denial-of-service attacks, and code execution. Most Internet of Things
(IoT)-enabled apps are created for the Raspberry Pi, based on the Linux kernel. Dependent apps are vulnerable to many application
assaults due to kernel vulnerabilities.
• Device Attack
IoT devices may become vulnerable to this kind of attack. Its main objective is to offer crucial system architecture functionalities
(dependent on the devices involved). A successful RFID-powered inventory control system attacker may be able to take down the entire
network (significantly if the underlying workstation is compromised) (e.g., the server is the target). A cyberattack on a device on a
Power Neighborhood Area Network (NAN) could weaken the network’s defenses, putting the system in the face of distributed denial of
service attacks. IP configuration errors, memory corruption, and poorly executed code in the middleware layer of a device’s operating
system are all potential sources of device attacks.
• Network Attack
This attack seeks to compromise device intercommunication by slowing message forwarding or causing message loss. Network
attacks can obliterate IoT configuration systems’ operating operations. This attack aims to render monitoring or connecting devices in
home area networks useless (HANs). Similar to how it might isolate or block linked devices in a neighborhood area network (NAN)
from receiving crucial information from nearby devices or responding to their message requests. Such attacks comprise code execution,
SQL injection, and denial of service.
• Web Interface Attack
The attacker exploits weak authentication procedures to gain access to the online interface (either by capturing plaintext cre
dentials or enumerating accounts).
This attack is supported by account enumeration, lack of account lockout, or insufficient account credentials. Web interface attacks
may arise from cross-site scripting (XSS), cross-site reference forgery (CSRF), IP misconfiguration, and SQL injection. Weak account
credentials and a poorly designed online interface are two other causes. The attack jeopardizes the security of the device and could
cause service interruption.
9
Fig. 3. Classification of attacks.
Table 2
Comparison of communication infrastructure and potential threats in the IoT application domain.
IoT devices Applications Network communication Type of threat
Privacy, Smart meters, and Smart Smart grid Wi-Fi, ZigBee, Z-Wave Physically attack, Eavesdropping, tampering
readers
buildings, people Smart environment Wi-Fi, ZigBee Ultra-wideband, Bluetooth, Authentication, Privacy, Eavesdropping,
LTE, LTE-A, Authorization
EFC, RSU, OBUs Intelligent DSRC 5.8 GHz Congestion, Jamming, security, and spectrum
transportation sharing
Smart wearable devices Health care system Bluetooth and ZigBee Sensors, Privacy, authentication authorization, DoS,
5.2. Vulnerabilities and threats of the IoT
This subheading describes related research that looks at IoT risks and vulnerabilities in order to examine the various IoT security
solutions that are currently available. The study focused on securing IoT applications and architecture against attacks and vulnera
bilities. Few specific IoT architecture and application solutions have been offered [91]. The researcher [92–95] proposed a protected
architecture of IoT for smart cities that address existing IoT system vulnerabilities. The architecture consists of darknets and a key
management system (KMS), ensuring privacy, integrity, confidentiality, and efficient key distribution. The goal was to provide security
services that reduce IoT network vulnerabilities at the communication and network layers, especially for mission-critical data.
The authors [96–98] Presented an SDN architecture for developing IoT applications in order to overcome traditional networks’
inflexible security. An SDN architecture was chosen as the foundation for designing a secure network OS that provides managers with a
global view of potential threats and attacks on the IoT network and the ability to control the network against the threats. Nonetheless,
some of the limitations of SDNs include security, scalability, and reliability. Separating an SDN’s control and data planes results in poor
packet processing performance, leading to severe issues such as packet delay or loss and distributed DoS (DDoS) attacks.
The authors proposed ground-breaking SDN-based security architecture for the Internet of Things, popularly referred to as the SDN
domain utilizing border controllers. The authors showed how each domain’s security could be enhanced using SDN [99]. However, the
authors could not address the critical limitations of deploying border controllers, which include securing both wanted and unwanted
traffic and business protection. Fig. 3 and Table 2 present the threats and communication channels in the IoT application domain.
5.3. IoT security requirements
Many security threats must be overcome to make IoT services accessible at a cheap cost and secure to be connected. Some diffi
culties include scalability, connectivity, authentication trust, identity management, end-to-end security, attack-resistant security so
lutions, confidentiality, integrity, availability, and authorization [7,100].
5.3.1. Scalability
Scalable security solutions are necessary to deal with a large number of IoT devices [100]. It can be seen as the ability of a system to
process rising workloads; it can be vertical, horizontal, or functional scalability [101]. Vertical scalability deals with a single IoT node
for removing or adding computing resources, whereas horizontal scalability denotes the removal or addition of IoT nodes. Functional
scalability refers to the number of services provided by IoT devices [101].
5.3.2. Authentication and trust

Authentication, identification, and capabilities are still young and face many vulnerabilities [100]. It avoids the creation of trust
connections between IoT components, which is required for IoT applications to establish a connection among other IoT components,
such as connecting to smart cities. Without authentication, it cannot be assured that the data used to be generated by the entity
contains correct data. Authentication ensured an excellent process in every computing environment and trusted parties’ access to
10
confidential data. On the other hand, out-of-date algorithms and authentication procedures can still provide security and credibility in
an IoT perimeter, but their infrastructure nature hinders them.
Two-factor authentication is now commonly used in various applications, mainly in terminal cloud services. Single sign-on (SSO) is
a method to authenticate users by signing into a particular account (Google or Facebook) and accessing other services using a similar
token generated during the authentication mechanism. In a recent production of its security and privacy regulations, the (NIST)
National Institute of Standards and Technology acknowledged the advantages of combining Multi-Factor Authentication (MFA) with
Single Sign-On (SSO) to boost system security [22]. In [22], other authors suggested an authentication architecture that functions in
two modes based on the users’ privilege. Besides, the cloud IoT provider was used to authenticate and authorize requests from
principal users who can only access the devices. On the other hand, Cancelable Biometric System (CBS) was suggested to be used as a
highly secure authentication mechanism, a biometric template protection technique based on frequent transformations or distortions
at the level of feature or signal [102]. On the other hand, the elliptical curve digital signature method (ECDSA) employs elliptic-curve
cryptography (ECC) to create a digital signature of data that can be validated without degrading overall performance [103].
5.3.3. End-to-end security

IoT security is extraordinarily complicated and multidimensional. Therefore, end-to-end security procedures are highly significant
for both IoT devices and Internet hosts [100]. It considers how to secure the complete system, including the infrastructure, all the
hardware, cloud, firmware, and software, and all the links that connect them.
5.3.4. Connectivity
Connectivity is regarded with securely linking numerous devices of different capabilities over various communication technologies,
such as long-range and short-range, low-power networks [100].
5.3.5. Identity management

Since weak security methods are used frequently, which makes identity management is not an easy job. For example, common
mistakes will be generated when clear text or Base64 is used to encode IDs/passwords with devices and machine-to-machine (M2M)
communication [100]. Therefore, to avoid this problem, managed tokens like JSON Web Tokens (JWT) should be implemented, which
are used for authorization and authentication procedures [100].
5.3.6. Attack-resistant security solutions

Strong resistance to attacks based on lightweight security solutions is of significant importance and can be worked with limited
resources of IoT components [100].
5.3.7. Confidentiality
In the context of computer systems, confidentiality means that only authorized users have access to sensitive and protected in
formation. Confidentiality is one of the most critical security tests since it protects data from unauthorised access [104]. The tech
nologies can handle a wide range of basic needs, architecture heterogeneity, and scarcity of embedded hardware resources, such as
power and computing limits in the Internet of Things [104].
5.3.8. Integrity
Data integrity refers to data’s completeness, accuracy, and assurance during transmission. During wireless communication in IoT
applications, however, signals can be incorrect for a variety of reasons, including attenuation, distortion, or noise addition.
5.3.9. Availability
Availability is a measure used to assess the repairable system’s performance, considering both the maintainability and reliability
characteristics of a component or system. Various definitions of availability and methods for calculating it exists [105].
5.3.10. Authorization
Authorization is a method for associating a particular device with specific permissions. In a study, the authors [106] demonstrated
how to apply the Internet Engineering Task Force (IETF) as an authentication and authorization process for IoT devices in situations
with limited resources.
5.3.11. Encryption
Encryption can be used to protect the integrity of data as it is being transmitted, so most IoT-enabled devices run on batteries [107].
6. Introduction to IoT security
IoT has numerous security problems, including system configuration, management, privacy protection, data storage, authentica
tion, and access control [108,109]. IoT devices adapt to human demands through sensitive services and responsive care, enhancing
communication and ease. Nonetheless, security can be jeopardized, especially once user data leaks or privacy is threatened. Users must
have their privacy and personal information protected. As a result, security is a critical problem for the IoT, particularly because its
typical mode of communication is the internet, which is vulnerable to attacks by both individual and public cybercriminals. Security
11
Table 3
The common security issues, functionalities, and components of each layer.
Layer Name Major Functionalities Security Issues Core Components
Device sensing data acquisition, data sensing Access control, authorization, and RFID tags, intelligent sensors, and actuators.
authentication.
Network Quality of service scheduling, data Changing of routing paths, unauthorised Big data Repositories, wired, wireless
management aggregation access. networks.
Service Data analysis and processing. Data confidentiality, service/group Heterogeneous objects, middleware
composition authentication. technology.
Application Specifies message-passing protocols Integrity, privacy Many applications, such as smart homes and
Leakage, unauthorised access. smart cities.
User interface End-user services are exported. Data confidentiality, authentication, and Users
authorization,
Table 4
Presents a summary of several IoT security mechanisms.
Reference Domain Technologies Objectives Limitations
[111,112] Smart Using the Aneka computer platform to To identify the IoT application trends In hybrid clouds, security and
environment construct the cloud. already in use and the need for combining personality protection are significant
various multidisciplinary technologies problems.
[32,113] Single- Lightweight elliptic curve To solve the IoT privacy and security insufficient scaleability Lack of
authority cryptography-based attribute-based issues to lessen the burden of adaptability when withdrawing an
applications encryption (ABE) scheme (ECC) communication and computation attribute
[114] Data mining Shamir’s secret-sharing plan has been To make data scaleable It produces extra computing work that
and analytics modified To simplify critical management-related might cause bottlenecks. Fault
complexity tolerance becomes a problem as a
compared to standard cryptography result of hardware failure.
methods
To provide a data-level dependability
feature
[17] Healthcare Fog computing for a resource estimate To provide a probabilistic customer Getting the minimum latency is
and management resource estimate model for fog challenging.
[115] Smart energy Lightweight scheme to construct a To control how much of the fine-grained It only has room for one security
meter secure channel sensor data is private scenario (i.e., sensitivity).
To preserve the security content through
safe information transmission
[116,117] Medical-Things Healthcare Applications Using the To decrease system latency and security Fault tolerance
Healthcare Internet of Medical Things and Edge risk by running workflow apps on other
Cloud-Based Networks: A Lightweight, nodes. Adaptive deadlines, sorting, and
Secure Adaptive Approach scheduling with neighborhood search
strategies are the elements of the met
heuristic LSEOS.
[118–120] Smart Grid In Smart Grid Data Sharing, Secure They propose an edge block chain- In a consortium block chain system,
Data Access Control with Fair enabled safe data access control system the processing burdens of end-user
Accountability: An Edge Blockchain with equitable accountability for the devices are delegated to the edge
Approach, Lightweight Sensor intelligent grid. nodes. To enable flexible data sharing,
Authentication Scheme we employ an on-chain/off-chain
strategy.
[78,121, Agriculture Green IoT-Based Agriculture Security To protect privacy in IoT applications and Block_chain Challenges
122] and Privacy, Block_chain Solutions, how they will be adjusted for sustainable
and Challenges IoT-based agriculture.
measures may include hardware and physical security in addition to infrastructure and system security [110]. As a result, as indicated
in Fig. 3, the security architecture at all IoT levels should be implemented as part of IoT security mitigation. An IoT network includes
WSN and RFID. As a result, potential attacks on these two systems are pre-presented in Table 3. As well as in Table 4 Summary of
different IoT security technologies.
Table 3 summarizes the common security issues based on the required functionalities of each layer of architecture [7]. Moreover,
the table is also mentioned the core components of each layer; for example, the core components of the device sensing layer include
actuators, intelligent sensors, RFID tags, etc.
6.1. Existing security techniques for IoT environment
The principal objective of security mitigation is to ensure the availability of internet of things services. As well as the privacy and
confidentiality of IoT users, infrastructures, data, and devices. As a result, mitigation and countermeasures are frequently carried out in
line with conventional threat vectors. Although authentication has always been the most widely used security method, trust
12
Table 5
Existing security techniques.
Issue Issue Solutions Affected layer(s)
Session Hijacking Applying lightweight encryption algorithms, a secret key for the long-time session Network
Middleware security Applying authentication with a secure communication channel, defining key management and Application, transport,
distribution, the security policies, using secure gateways and machine-to-machine components, and network
and applying lightweight encryption algorithms.
Replay Attack Specify a timestamp, an authentication parameter, and a checksum based on a hash value for Network
packet verification.
CoAP security Applying DTLS, resource directory, and application proxy. Application and network
Insecure interfaces Gateway firewalls, password strength, and secure coding Application
Insecure Firmware/OS Applying file signatures, constant secure software/firmware upgrades, and encryption with Application and network
validation.
Insecure nearest node discovery using authentication and encryption using elliptic-curve cryptography (ECC) based signatures. Network
Authentication and secure Implementation of a symmetric and asymmetric cipher system for encoding the values of the Network
communication packet payload using light weight ticket granting system,
Wormhole and Sinkhole attacks Applying trust level management, encrypted key management, IDS anomaly detection, Network
device communication analysis, Hash system verification, and signal strength
monitoring.
end-to-end security Using sophisticated encryption methods and IPSec. Network
Frequency Jamming Some measures must be calculated, such as packet delivery ratio, signal strength, Edge
adversaries frequency and location changes, and packet encoding with error-correction codes.
Insecure interface Using a hardware-based Trusted Platform Module (TPM) and avoiding the need for Edge
debugging/testing software, farewells
Buffer Overflow attack Using an Intrusion Detection System (IDS) Network
Sybil attacks Applying access control, interaction analysis of a user, and graph analysis Network
RPL routing attack Using a lightweight encryption scheme for authentication and monitoring connected Network
nodes.
Spoofing Attack Applying channel estimation and signal strength measurements. Edge
Insecure initialization and Using Access control, manufacturer usage description specification (MUDS) Edge
configuration
Sleep deprivation attack IDS based on multi-layer Network and Edge
management is becoming more and more popular because of its capacity to stop or identify misbehaving nodes. On the other side,
encryption research concentrates on lightweight and inexpensive encryption for constrained and low-power devices.
• Authentication
Authentication is the process of identifying legitimate individuals and unmodified devices on a network and granting access to
them. Authentication was one strategy for reducing attacks on IoT systems, such as the Man-in-the-Middle attack, the reply attack, the
impersonation attack, and the Sybil attack. Authentication remains the most popular approach for providing access to the user at the
application layer and the device in the IoT network. (60%) [123–125].
• Encryption
The nodes are encrypted to achieve end-to-end security. However, because IoT systems are heterogeneous, specific nodes might be
able to embed general-purpose microprocessors. On the other hand, low-resource and limited devices can only integrate application-
specific ICs [46]. As a result of low computing power, limited battery life, small size, short memory, and limited power supply,
traditional encryption alternatives are not suitable for low-resource intelligent devices. As a result, light encryption may be an effective
encryption method for these devices. IoT encryption aims to enable effective end-to-end communication while using the least amount
of power possible. Therefore, symmetric and asymmetric lightweight IoT algorithms are developed to fulfill the needs [126–131]. Most
of this research has been devoted to developing lightweight, affordable encryption for usage in the physical world and networks. To
facilitate user revocation, offer an attribute-based decryption mechanism.
• Trust management
The number of publications on device trust management has grown. Trust management aims to identify and remove rogue nodes
while providing secure access control. Sophisticated trust management research includes automated and dynamic trust calculations to
evaluate the trust values of nodes participating in the IoT. There have only been a few publications on trust-based access control
approaches. Even though most research has concentrated on identifying rogue nodes [132]. Because of globalization and the sub
stantial majority of intelligent devices carrying sensitive data, automated, transparent, and simple access control administration is
critical. This will allow various levels of access to multiple nodes and users [133–135].
13
Fig. 4. Typical IoT security architecture.
• Secure routing
Sensors and actuators are critical components of an IoT network. Despite their minimal power and limited resources, these sensors
are self-organized and communicate information. They also serve as data storage and execute some computations simultaneously. As a
result, scalability, autonomy, and energy efficiency are critical for any direction-finding solution. Specific sensor nodes serve as border
routers, connecting the LLN to the internet or a nearby Local Area Network (LAN) [136].
• New technology
Two types of new technologies have recently attracted people’s curiosity. SDN (software-defined network) and block chain are
popular emerging technologies connecting with IoT security solutions. SDN’s basic concept is to decouple network and data control.
Both centralized control and dynamic network management are options for dealing with challenges in the IoT ecosystem, such as
resource allocation in IoT devices. Furthermore, numerous current IoT challenges may be solved effectively, including reliability,
security, scalability, and QoS. Crypto currencies are built on the block chain. Secure and private transactions, as well as decentralized
communications and procedures, will benefit IoT-based apps.
This section discusses the existing IoT cloud solutions proposed in the literature. Several studies have been conducted in order to
find answers to the security challenges associated with the IoT paradigm [52,137–144]. Table 5 summarizes the solutions. The table
highlights the security element in each solution. In the next section of our research, we will focus on solutions based on data security
and cryptography techniques. And Table 6, evaluation of potential attacks posed by threats and vulnerabilities to the environment of
intelligent applications, network infrastructure, and IoT hardware.
7. Cryptography algorithms for IoT security
A multitude of never-before-seen difficulties, such as privacy interoperability and security, lifespan, support, technologies, and
many more, arise for the owners or users of billions of intelligent devices (connected devices), especially when moving from servers to
14
Fig. 5. IoT security challenges.
sensors [136,145]. IoT devices are an attractive target for attackers because They directly interact with the natural world in order to
obtain sensitive data or change physical aspects [146]. Additionally, they are easily accessible and susceptible to several security issues
due to the apparent necessity for confidentiality, integrity, availability, authentication & authorization, privacy & regulation stan
dards, and regular system upgrades; cyber security is a significant barrier for IoT devices [147]. IoT security requirements and con
straints are shown in Fig. 4. In this case, cryptography might be one of the most effective means of ensuring the privacy, integrity,
authentication, and authorization of data transfer via an IoT device [148]. It might also be a way to safeguard data that is being stored
or sent across a network. Conventional PC-based cryptography techniques, however, are too resource-intensive for IoT devices with
limited resources. Lightweight cryptography, a variation of these less sophisticated techniques that can secure communication in IoT
devices with low resources, can address these problems.
Cryptography is the art and science of encrypting data using encryption algorithms to make communications (such as emails, credit
card information, and so on) safe when they are transferred across a network. In network security, several encryption algorithms are
utilized. Cryptographic algorithms are classified into three types: symmetric algorithms, asymmetric algorithms, and cryptographic
protocols. They are classified into two categories based on the number of keys used for encryption and decryption: symmetric (secret
key cryptography) algorithms, which use a single key to encrypt and decode data, and asymmetric (public key) algorithms, which
utilize two keys, the private and public keys. The public key is used for encryption, whereas the private key is used for decryption.
(DES) Data_Encryption_Standard, (3DES) Triple_DES, (RSA) Rivest-Shamir-Adleman, (AES) Advanced Encryption_Standard,
Blowfish, RC2, and RC6 are amongst the most significant encryption algorithms on the market today. . Although these algorithms are
critical for information system security, they take a large number of computational resources such as CPU time, memory, and battery
power. The size of the key used determines the strength of symmetric key encryption; for example, RC2 and DES use a 64-bit key, Triple
DES (3DES) uses two 64-bit keys, RC6 and AES use any of 128, 192, or 256 bits keys, and Blowfish utilizes a key range of 32–448 bits
(default 128 bits) [149,150].
These ciphers have more gates and more considerable power dissipation. IoT-enabled devices cannot use these types of ciphers in
practice. Because small-scale embedded systems use 4-bit/8-bit processors with relatively limited memory sizes, they are unable to
support high power dissipation workloads. 8-bit microcontrollers are significant contributions to the global CPU market. These are
limited in RAM size, ROM/Flash size, arithmetic capability, code width, and clock speed. Because of these limits on IoT-enabled
devices, a new discipline, Lightweight Cryptography, has emerged. So in the next point, we present the challenges of traditional
cryptography in IoT Devices.
7.1. Key challenges while using traditional cryptographic techniques on IoT devices with limited resources
A significant proportion of IoT devices, including sensors and RFIDs, are small in size and have limited resources, such as limited
(RAM, ROM) memory to store and run applications, limited battery power (or none at all in the case of passive RFID tags), limited
computing power to process data, and limited physical space to fit the assembly [151–156]. Additionally, the majority of IoT devices
deal with real-time applications, where it might be difficult to respond quickly and accurately while maintaining important security
utilizing available resources [157–159]. If IoT devices (mostly RFIDs and sensors) are applied to conventional cryptography standards
under these conditions, their performance may not be satisfactory. By integrating lightweight properties like low processing power,
low energy consumption, small memory, and real-time response even with resource-constrained devices, lightweight cryptography, a
subdivision of conventional cryptography, effectively addresses the problems mentioned above. The following challenges need to be
addressed when implementing traditional cryptography in IoT devices (Fig. 5):
• Minimize processing power

• Small _space for assembly implementation
• Low battery power (or no battery)
• Real-time response
15
Fig. 6. Critical challenges with conventional cryptography.
• Limited memory (registers, RAM, ROM)
The fact that lightweight cryptography is easily applicable to other devices with abundant resources with which it interacts directly
or indirectly (such as PCs, servers, smartphones, tablets, etc.) rather than just being limited to resource-constrained ones (RFID tags,
sensors, etc.) is another crucial aspect of the technology. In the next section, the research presents lightweight cryptography for
resource-constrained IoT devices in detail (Fig. 6).
8. Lightweight cryptography for resource-constrained IoT devices
This research section goes into depth about lightweight cryptography for IoT devices, starting with its characteristics, hardware,
and software performance measurements, classification of LWC according to its structural makeup, and existing LWC algorithms in IoT
security.
8.1. Characteristics offered by lightweight cryptography
The three fundamental standards for lightweight cryptography techniques are listed in Table 7. Performance, Physical cost, and
security are the key factors to consider when adding cryptography to any resource-constrained IoT device, as shown in the table. For
each of these characteristics, the cost of implementation, memory demand, energy consumption, physical space occupied, processing
power in terms of latency and throughput (speed), block/key length, and various attack models such as side-channel and fault-injection
attacks are all evaluated further.
8.2. Lightweight cryptography classification based on structure
Symmetric and asymmetric key ciphers are the categories used to categorize cryptographic algorithms. Asymmetric ciphers employ
two separate keys to encode and decrypt data, whereas symmetric keys use a single key for both encryption and decryption [161,162].
Symmetric key cryptography is safe and relatively fast; the only disadvantage is that the communication parties must share the key
without compromising it [163]. However, this might be avoided by pre-sharing the key with a trustworthy third party.
As usual, asymmetric encryption uses two pairs of private and public keys. These keys maintain confidentiality and integrity by
encrypting the data with the public key. Authentication is by encrypting the data with the sender’s private key (as a digital signature).
The recipient decrypts it by first using the sender’s public key and then his private key [164]. The only drawback of asymmetric
encryption is its bulky key, which increases complexity and slows down the process.
A specified size block (64 bits or more) is encrypted and decrypted in a block cipher at the same time. However, stream cipher
continuously and bit by bit process the input components (or word by word) [160]. Claude Shannon developed two fundamental
aspects of all cryptography to strengthen the cipher: confusion and diffusion use of substitution (S-box) to make the relationship
between the cipher text and the key as complex as possible. In contrast, diffusion uses permutation to spread the statistical structure of
plaintext over the bulk of the cipher text [165–167]. Stream ciphers primarily exploit the confusion feature, whereas block ciphers
explicitly use both confusion and diffusion. After the encryption process is reversed, the original text is difficult to recover in the block
cipher.
In contrast,)stream cipher(uses XOR function(s) to encrypt data that can be readily reversed. Hash, however, is a one-way
mathematical operation that transforms undetermined length data into a short string of bits with a specified length that cannot be
inverted. In IoT devices with limited resources, blocking ciphers are preferred over streaming ciphers for the above reasons. This article
focuses on block ciphers, specifically symmetric lightweight block ciphers. Use one of the structures listed below:
16
• Feistel Network (FN)

• Substitution-Permutation Network (SPN)
• General Feistel Network (GFN)
• Non-Linear-Feedback Shift Register (LFSR)
• Add-Rotate-XOR (ARX)
• Hybrid
A Feistel network (FN) splits the input block in half and applies diffusion to just one-half every round. Furthermore, two half are
swapped at the start of each round. The substitution-permutation network (SPN) modifies the data using a collection of substitution
boxes and permutation tables and formulates it for the next cycle. The classical Feistel network is expanded upon by The Generalized
Feistel network (GFN). The input block is divided into smaller blocks, and then the Feistel functions are applied to each pair of smaller
blocks before a cyclic shift proportionate to the number of smaller blocks is carried out [168,169]
Nonlinear feedback shift register (NLFSR) uses stream cipher building blocks whose current state is created from their past state,
a nonlinear feedback value applicable to both stream and block ciphers [170]. ARX uses addition, rotation, and XOR functions to
perform encryption and decryption without utilizing S-box. ARX implementation is quick and small; however, it lacks security features
compared to SPN and Feistel ciphers. Based on the application needs, Hybrid Cipher To optimize specific features, a hybrid cipher
combines any three kinds (SPN, FN, GFN, ARX, NLFSR) or even blends block and stream attributes (for example, throughput, energy,
GE, etc.).
SPN and FN are the most famous structures among them because of their adaptability to application needs. Feistel structures are
infrequently utilized, despite being simple to implement in hardware with low average power (since one-half of the states don’t have a
round function). SPN structures require a more rounded function for security reasons. The SPN function may be preferable when
deciding between fewer Feistel function rounds and more SPN function rounds with the same level of security and equal energy ex
penditures [171,172].
8.3. Existing lightweight algorithms
Various universities, proprietaries, and government entities have developed over fifty symmetric LWC algorithms (simple
encryption) with a focus on cost reduction (processing power, memory, energy consumption physical area (GE)) and improved
software and hardware performance (throughput latency). On the other hand, many do not expressly focus on security vulnerabilities.
They are solely concerned with performance and/or implementation cost [173,174] Table 8 summarizes the structure-wise classifi
cation of various algorithms. The subsections that follow categorize these LWC algorithms.
8.3.1. Categorize these LWC algorithms
1 Substitution Permutation Network (SPN)

• AES is a standard model of an SPN-based algorithm defined by NIST and operates on 128-bit blocks Cipher with key variations of
128/192,/256 bits [175].
• PRESENT is another approved ISO/IEC (291922P:2012), most hardware and software-efficient algorithm. It uses a 64-bit block
on two main variants: 80-bit and 128-bit keys, with GE requirements of 1570 and 1886, respectively [176].
• In CHES-2017, GIFT, an upgraded PRESENT version, was presented. It provides a lighter S-Box with less physical space. In
addition, the number of rounds is reduced, resulting in higher throughput and a more straightforward and faster key schedule.
GIFT comes in two flavors: GIFT-64 (28-round, 64-bit block size) and GIFT-128 (40-round, 128-bit block size). Both employ a
128-bit key [177].
• RECTANGLE is a lightweight block cipher that can be used in various applications. To suit the competitive climate, the rounds
are shortened to 25 (compared to 31 in PRESENT) with little changes in SPN structure [178].
• TWINE ranks highly as PRESENT and overcomes various implementation obstacles. It takes 64-bit input and comes in two key
variations: 80-bit and 128-bit [179].
• PUFFIN-2 is a scaled-down version of PUFFIN (2303GE). A serialized SPN structure uses an 80-bit key to iterate 34 times on 64-
bit data. Both encryption and decoding need only 1083 GEs. [180].
• PRINCE is a lightweight hardware and software algorithm that performs 64-bit input with 128-bit keys 12 times. The most basic
hardware solution necessitates 2953GE at a throughput of 533.3 Kb/s. It consumes a tiny amount of energy, 5.53 J/bit [181].
• PICARO is a unique cipher with an excellent balance of performance and security (by an adequate choice of S-box). It has four
different masking settings and faster hardware performance than AES. It employs a 128-bit key for 12 rounds and is highly
resistant to side-channel attacks.
• Zorro is an AES-based algorithm that is more efficient than PICARO and is ideal for embedded systems. It takes 24 rounds to get
through a similar size block and key (128-bit) [136].
2 Feistel Network (FN)
• The Tiny Encryption Algorithm (TE) Is appropriate for small, computationally weak, and low-cost hardware. It uses a 128-bit
key on a 64-bit input to accomplish 32 rounds with 3872 GE needs [87]. Its straightforward key scheduling makes it subject to
brute force attacks [182–185].
17
• Camellia is encryption recognized by ISO/IEC, IETF, NESSIE, and CRYP-TREC. Designed by Nippon Telegraph Telephone
Corporation and Mitsubishi Electric Corporation. Camellia offers a level of security similar to AES using the same key size and
block and comes in two round versions, 18 and 24. It is famous for fast software applications, although hardware implementation
requires 6511 GE [186–188].
• SIMON The National Security Agency (NSA) developed SIMON, which is noted for having a low effect on hardware. Over a 32-
bit, 48-bit, 64-bit, 96-bit, 128-bit block of 32, 36, 42, 44, 52, 54, 68, 69, 72 rounds, it provides various key sizes (64-bit, 72-bit,
96-bit, 128-bit, 144-bit, 192-bit, 256-bit). It runs on the smallest version (763 gg) [189,190].
• L Block is a lightweight cipher that uses 32 rounds on 64-bit input and 80-bit keys. The smallest hardware deployment needs
1320 GE for a throughput of 200 Kb/s, whereas the considerably efficient software version needs 3955 clock cycles to encrypt a
single block (on the 8-bit microcontroller) [191,192].
3 Generalized Feistel Network (GFN)
• CALIFIA, given by SONY and confirmed by NIST, is a 128-bit block with a choice of 128, 192, or 256 bits across 18, 22, or 26
cycles. It uses the most compact version, 2488 GE (encryption only), for a 128-bit key to demonstrate exemplary performance and
robust protection against different attacks at a reasonable cost. [193].
• Piccolo is another lightweight encryption technology suitable for limited devices (RFID, sensors, etc. It does two rounds, 25 and
31, using 80-bit and 128-bit key combinations, respectively, using 64-bit input. The most straightforward hardware imple
mentation (80-bit key) needs 432 GE and additional 60 GE for decoding. [194].
• TWIS evolution from CLEFIA, doing 10 iterations with identically sized blocks, and The key is a victim with probability one who
is a differential distinguisher. [195,196].
• TWINE, based on LBlock, does 36 iterations in the 64-bit and has two main options: 80-bit and 128-bit. The smallest hardware
app requires 1866 GE [179].
4 Add-Rotate-XOR (ARX)
• SPECK The NSA-designed sister of SIMON is a software-oriented cipher. It uses the same block and key sizes as SIMON to
accomplish 22, 23, 26, 27, 28, 29, 32, 33, and 34 iterations [197–199].
• IDEA, Created by Lai and Massey, performs 8.5 iterations with a 128-bit key on 64-bit input and is mostly used for high-speed
networks. It uses a 16-bit unsigned integer for data operations such as XOR, addition, and standard multiplication without
needing an S-box or P-box [200].
• HIGHT Ultra-lightweight algorithm processes 64-bit data 32 times with a 128-bit key. It uses simple arithmetic techniques to
perform a compact circular function (no S-squares). The smallest version acquires 2608 GE with a transfer rate of 188 kbps [201].
• LEA is a standard 32-bit software processor cipher proposed by ETRIK. It uses 128-bit input to do 24, 28, and 32 repetitions using
128-bit, 192-bit, and 256-bit keys.
5 Hybrid
• Hummingbird is a lightweight algorithm that implements hybrid (block and stream) architecture. Performing 20 iterations
requires a 16-bit input with a 256-bit key. She was subject to various attacks [202].
• Hummingbird-2, developed for low-end microcontrollers, accepts a 64-bit start-up bus and a 128-bit key. It works fine on both
systems (hardware and software). It also complies with the ISO 18,000–6C protocol.
• PRESENT-GRP performs 31 iterations on a 64-bit input with a 128-bit key. It uses PRESENT’s permutation and replacement
technology and the Group Process (GRP) to achieve additional fusion advantages in the permutation table replacement [165].
So far, a review of the literature indicates that researchers are interested in lightweight block ciphers. Some IoT designs employed
building blocks to optimize hardware implementations, making them unsuitable for software applications. Alternatively, several more
recent techniques concentrated on software implementation performance. Table 9 lists a few lightweight block ciphers for security in
IoT devices.
8.3.2. Comparative analysis of lightweight block ciphers

Following a comprehensive examination of some of the most recent and popular Lightweight Block Ciphers, a comparative analysis
of these ciphers is provided in Table 10. The comparison research is based on evaluation factors that are typically used for analyzing
Enc / Dec processes, such as Structure, Block Size, Key Size, Possible Key, time Complexity, CPU Clock Cycle (Cycles Per Block), Code
Size in byte, RAM Size in byte, Cipher Type and Security Power parameters and so on.
8.3.3. Application of LWC ciphers

The IoT applications can be enabled for low-level cryptographic solutions as follows:
1 Smart Home applications like smart Television, intelligent utensils, and smart electric bulbs also require less memory and pro
cessing. The cryptographic algorithms are SIMON, SPECK, PICCOLO, and TWINE.
2 RFID PICCOLO, SIMON, and SPECK are best for logistic applications when there is a shortage of physical space and no power
backup.
3 For Smart Agriculture, which needs neat implementation, fewer processing steps, minimal power consumption, and plenty of
sensors in remote locations, SIMON, SPECK, PRESENT, and TWINE can be up to their mark.
4 In Health Care Application, which needs security and privacy to transmit the curtailed data with low resources and quick response
for this, SIMON, SPECK, PICCOLO, PRESENT, and MIDORI are the best.
18
Table 6
Evaluation of potential attacks posed by threats and vulnerabilities to the environment of intelligent applications, network infrastructure, and IoT
hardware.
Devices Features Benefits Vulnerability Threats Attacks
Hardware rapid information transfer by Corruption and DoS, Tracking, Counterfeiting,
RFID Auto identification, and the wireless link between tags Deletion Alteration, Repudiation, Spoofing Eavesdropping
Unique identity, and readers
Low power consumption

ZigBee Radio, Microcontroller, Reliable, Low Cost, Hacking Packet manipulation KillerBee, and Scapy,
Key exchange
Small size
Bluetooth Frequency hopping and Enables wireless connection Blue snarfing Blue Eavesdropping, DoS Blue bugging, Car
Simple protocol between two devices, which jacking Whisperer,
is highly safe and practical.
Actuators and Spectrum Higher latency in
Sensors node Sensors communication and Flooding, Routing DoS, Exhaustion, Tampering, Jamming,
Flexibility, Protocols Unfairness, Sybil Collisions
Wired Network adapters, Enhanced security, Greater Network Manipulation of data, Malicious attacks,
Cable, and Router Reliability, and Ease of us Infrastructure Extortion hack Weak Link
Wireless Radio broadcasting and increased mobility and Signaling System No.7 Misconfiguration, War dialing, DoS,
receiving, as well as collaboration, easier network (SS7), Rogue access points man-in-the-middle
transmitters expansion, and improved protocol tunneling;
access controls
Smart City Water and Waste Better city planning, quicker Hacking, Signal loss, Manipulation of Mobile apps, Sensors
Management, E- service delivery, and Hijacking of information, Smart
governance, Street economic growth equipment City DoS
Lighting,
Smart Application
Smart grid Smart Energy, Smart Reliability, cost savings, and Physical security, End points on devices,
meters energy independence Customer security
enhances patient privacy and Fake seismic Internal attacks,
Healthcare Smart health cards security information detection, Theft and loss, Insider cyber-attack,
Malicious attacks
Ease-of-use fake flood detection misuse, Unintentional
Smart Traffic control, Parking, trust between actions Cyber-attacks
Transportation Public Transportation traditional power Smart City DoS
devices. Hacking
Security plagued
5 In Industry systems where sensors are placed on machines that are not easily accessible but transmit data wirelessly for this sit
uation, MIDORI and PRINCE are the best.
6 In the 5 G technology world, the Auto Mobile Industry needs vehicle and infrastructure communication (signals and road signs);
PRINCE, PRESENT, SIMON, and MIDORI are suitable choices.
7 keeloq is also the Latest LWC cipher for securing remote keyless entries in cars and buildings
9. Discussion
The IoT is a contemporary technology that connects all real-world objects/things around us and assigns them a unique ID to connect
to the Internet. Its ID allows the user to access data from artifacts in real time without having direct human-to-thing contact through a
web data connection. "IoT" refers to devices connected via the standard Internet protocol. The term is frequently referred to as the Web
of All. The success of this industry may be linked to the fact that this IoT device functions seamlessly within the Internet infrastructure.
The fundamental goal of this field is to gradually communicate the items around us independent of time, place, or person utilizing any
network or service. This includes environmental monitoring, network management, energy savings, home and workplace automation,
housing, medical and healthcare services, and a proactive, intelligent city program. Smart cities can connect all their gadgets into a
single network using national networking. The ground-breaking approach may now be used to implement daily activities in the
business, at home, and practically anywhere to get more significant outcomes with less effort. Like any other program, the IoT network
must be secured against adversaries such as spammers, hackers, and viruses [70]. This survey would highlight potential threats to
customer data stored on the IoT platform and essential security criteria. IoT networks are subject to the same risks as any traditional
network.
Nonetheless, attackers find attackers a handy and appealing target because of the massive volume of data stored on IoT servers.
These dangers and attacks may begin from adversary models from various entities. The following threats specific to IoT are Integrity,
Eavesdropping, Denial of Service, Denial attack, Impersonation, Replay, Stolen verifier, Man-in-the-middle, and Clone.
The Internet of Things is also expected to continue to be a target and vector of attack for many years. This is brought on by the
growth in IoT devices, the diversity of IoT protocols, and manufacturers implementing minimum or default security features in their
products. Cybersecurity (IT) methods such as authentication, encryption, and firewalls must be implemented as security measures in
19
Table 7
Characteristics of lightweight cryptography model and its advantages.
Characteristics Advantages of LWC Paradigm
Physical (Cost) Physical Area (Logic blocks) [1] Tiny key and required block
Memory requirement (General Purpose Registers(GPR), Random [2] Minimum number of round
Access Memory, ROM) [3] Simple computation
Battery (Energy consumption)
[4] Easy and unique key generation
System Computation Power (Latency, Throughput)
performance
Security Minimum bits required for security and unique key generation [1] Robust and resilient internal structures of the models
Theoretical attack models (Required keys and Multi-key generation) and frameworks.
Side-channel required attack [2] It provides a privacy and preservation mechanism
Fault injection attacks
Table 8
Structure lightweight algorithms.
Type Algorithms
SPN AES, PRESENT, SKINNY GIFT, MIDORI, RECTANGLE, MCRYPTON NOEKEON, PUFFIN-2, ICEBERG, PRINCE, PRIDE, KLEIN, PRINT, LED, 1-PRESENT,
PICARO ZORRO, EPCBC
FN CAMELLIA DESUDESXL, SIMON TEA/XTEAXXTEA… SEA, MIBS. KASUMI LBLOCK, FEW, ITUBEE GOST, ROBIN, FANTOMAS
GFN CALIFIA, TWIS. TWINE, PICCOLO, HISEC
ARX SPECK, HEIGHT, IDEA, BEST-I. LEA
NLFSR KEELOQ, KATAN/KIANTAN, HALKA
Hybrid PRESENT-GRP HUMMINGBIRD. HUMMINGBIRD-2.
the Internet of Things. The IoT differs from conventional networks because physical and virtual systems interact and are integrated.
Unprotected communication channels, hostile network activities, and unsecured physical devices present a new type of risk to IoT
networks. Unsecured communication routes, malicious network activity, and unsecured physical devices pose a unique hazard to IoT
networks. This also suggests that IoT devices are vulnerable to surface assaults due to inconsistent patching and updates: devices
frequently come with low or no authentication, if any at all. Furthermore, these devices are typically deployed in dangerous envi
ronments and are always accessible; hence, there may be little or no protection against unauthorised physical access.
Many attacks were explored in this study, along with security techniques based on numerous previous investigations, as indicated
in Tables 1, 4, 5, and 6. In the IoT, authentication and encryption can be adequate security measures. However, the development of
suitable authentication and encryption for low-power, computational, and resource-constrained devices is still in its infancy. It does
not guarantee the avoidance of hostile nodes in the network, such as defective or devices that are not working properly.
Furthermore, manufacturers typically use encrypted credentials or passwords for convenience, which results in considerable
authentication failure. There are two sorts of newly designed ciphers: symmetric and asymmetric. A symmetric algorithm is repre
sented by block cipher and stream cipher. Compared to the asymmetric procedure, symmetric ciphers use a shorter key length. As a
result of its less sophisticated nature, it is open to security assaults. Asymmetric ciphers use more complexity to secure IoT network
connections but are slower due to longer key lengths. These fundamental issues must be studied in order to develop an algorithm that
consumes less power, decreases complexity, takes less time, and adequately secures low-end IoT devices [157,164].
According to the results of this survey, current hardware security research has primarily concentrated on improving lightweight
authentication and encryption for low-power, resource-limited devices.Table 9 and 10 compares some of the most recent proposed
algorithms (2019–2022).
This paper examined over 50 algorithms, including LWHC, SAT Jo, PRESENT modulation, LCC, QRMA modifier, DLP, and MBCT.
They are block cipher algorithms designed for IoT devices with minimal resources. Both the modified PRESENT and the LWHC al
gorithms employed 25 cycles of the algorithm, requiring less processing power. They are not vulnerable to massive attacks, but they
are vulnerable to various types of attacks. MBCT, on the other hand, used 256-bit keys and 32 rounds of the algorithm, requiring little
memory but checking for differential and linear cryptanalysis threats. While modified ECC and IECC are appropriate for devices with
limited resources, IECC is only appropriate for documentation. One Round ORC is a statistically robust stream coding method with a
relatively significant delay. PRESENT and Salsa20 hybrid symmetric ciphers use less arithmetic power. However, calculating the
technique takes additional time (computation time). G-TBSA needs little power but is only appropriate for wireless sensor networks.
LSC and KDF are excellent for stream coding because they require less computing and algorithm-generating capacity, but they are more
susceptible to detection and resynchronization.
According to the results Table. 10 examine different lightweight ciphers that can be employed on devices with limited resources.
The essential factors of lightweight fundamentals are block size, key size, gate area, response time, and throughput. Several matrices
are used to calculate the performance of lightweight cryptographic fundamentals: key size, rounds, latency, throughput, and gate area.
The cipher’s strength is also determined by the strength of the swap box (S-box) and flip box (P-box). There have been numerous new
lightweight cipher algorithms proposed.
Nonetheless, advancements in security, latency reduction, energy consumption reduction, power consumption reduction, and chip
area reduction are required. As described in our study, different types of ciphers face various challenges.
20
Table 9
Analyze the existing lightweight block ciphers.
Year Cipher Technique Block Size Key Size No. of Rounds
(bits) (bits)
2022 MBRISI ARX 32 64 16-bit

[203]
2022 Ultra-lightweight ARX 64/128 64/128 8

[204]
2022 NEHLC ARX/ SFN 64/128 64/128 7
[205]
2022 LWARX Feistel 128/256 64 8/14/24
[206]
2021 NLCA SPN/ SFN 64/128 64/128 5
(Thabit,et al., 2021)
2021 BRISI ARX/ Feistel 32 64 5
(Kumar V, 2021)
2021 M-XXTEA Feistel 64 128/198 –
[207]
2020 SLIM Feistel 32 32 32
[208]
2020 SINGLETON: ARX/ Feistel 64/128 64/128 –
(Hassani Karbasi & Shahpasand, 2020)
2020 PIPO NLFSR 64 128/256 11
[209]
2020 L-PRINCE
[181] SPN 64 64/128 12
2020 LiARX ARX 64/128 64/128 12
(S. Mishra, 2020)
2020 LWE
[210] SFN 64 64 3
SLEA
2019 [211] SFN 64 256 16
LCBC-XTEA
2019 (Anusha, 2019) Feistel 64 128 64
2019 Loong SPN 64 64/80/128 16/20/32
[212]
2019 DoT [213] SPN 64 80/128 31
JAC_Jo (Joshitta 2018)
2018 ARX 32 64 16
2018 NVLC (Al-Rahman et al., 2019) SPN 64 80/128 20
SAT_Jo (Shantha, 2019)
2018 SPN 64 80 31
2018 SFN [215] SFN 64 96 32
Improved Lilliput
2017 (George, 2017) EGFN 64 80 30
2017 GIFT [177] SPN 64/128 128 28/40
2017 SIT [216] SFN 64 64 5

DLBCA [217]
2017 Feistel 32 80 15
2017 LiCi [218] Feistel 64 128 31
SKINNY [219]
2016 SPN 64/128 64–384 32–56
MANTIS
2016 [219] SPN 64 128 10/12
SPARX SPN with ARX-based S- boxes
2016 [220] 64/128 128/256 24/40
LAX [221] SPN with ARX-based S- boxes
2016 64/128 128/256 24/40
RoadRunneR [222]
2015 Feistel 64 80/128 10/12
PICO
2015 [223] SPN 64 128 32
[178] [Zhang15a]
2015 SPN 64 80/128 25
SCREAM
2015 [224] SPN 128 128 10/12
Chaskey [225] SPN with ARX-based S- boxes
2014 128 128 8
(continued on next page)
21
Table 9 (continued )
Year Cipher Technique Block Size Key Size No. of Rounds
(bits) (bits)
HISEC [Al-
2014 Dabbagh14a] Feistel 64 80 15
2014 LAC [Zhang14] Feistel 64 80 16
OLBCA
2014 (Banik et al., 2015) SPN 64 80 22
ITUBee [226]
2013 Feistel 80 80 20
SIMON 64/72/96/ 32/36/42/
2013 (Beaulieu, et al., 2015) Feistel 32/48/64/9 128/144/ 44/52/54/
6/128 192/256 68/69/72
SPECK 64/72/96/ 22/23/26/
2013 (Beaulieu, et al., 2015) Feistel 128/144/ 32/64/72/ 27/28/29/
192/256 96/128 32/33/34
FeW (Kumar et al., 2014)
2014 Feistel-M 64 80/128 32
LEA [227] SPN with ARX-based S- boxes
2013 128 128/192/ 24/28/32
256
PRINCE
2012 [228] SPN 64 128 12
Hummingbird-2 [202]
2011 SFN 64 128 4
TWINE
2012 [202] GFN 64 80/128 36
2011 LED [229] SPN 64 64/128 32/48
2011 LBlock [191] SFN 64 80 32
PICCOLO
2011 [194] GFN 64 80/128 25/31
KLEIN [230]
2011 SPN 64 64/80/96 12/16/20
CLEFIA [195] 128/192/
2007 Feistel 128 256 18/22/26
PRESENT
2007 [176] SPN 64 80/128 31
SEA Block Size
2006 [231] Feistel (bits) 96 93
mCrypton [Lim05] SPN 64
2005 64/96/128 12
TDEA 64
2004 [232] Feistel 64 48
Camelia [233] 128 128/192/
2001 SFN 256 18/24/24
KHAZAD SPN 64
2000 [234][ 128 3
Feistel-M (Balanced GFN + SPN); Block Size, and Key Size is in number of bits; Generalized Feistel Network (EGFN).
10. Conclusion
The Internet of Things has evolved into an innovative and attractive technology that enables the collection of real-time knowledge
about all networked goods. Using sensor technology, these integrated physical devices provide unique identifiers as well as the ability
to communicate and transmit data over the network. The intelligence obtained also presents a wonderful opportunity for several
businesses to understand this data through practical data analytics. The IoT has highlighted a significant security vulnerability
covering authentication to trust management and a threat to its embedded hardware. We have provided a detailed evaluation of the
most recent security risks and vulnerabilities for the IoT in this research. We evaluated the IoT by analyzing existing security risks and
weaknesses in its applications, architecture, and communications [2].
This study discussed IoT security using cryptographic techniques. Security should be a priority in the architecture of the IoT
environment. Cryptography techniques are a powerful tool for securing the network’s physical layer and are essential for overall
network security.
Many lightweight cryptographic techniques have recently been utilized to secure resource-constrained IoT devices. Reduced
processing time and memory use are two critical considerations in IoT resources. This study examined current research on lightweight
cryptographic algorithms used in IoT networks to secure data communication. Each algorithm has advantages and disadvantages in
terms of ensuring security when sharing data in the IoT environment. Some algorithms require more significant storage space but less
processing power, and vice versa. Several algorithms are energy, processing power, and cost-effective, yet, they do not demonstrate
resilience to different threats. To secure resource-constrained IoT architecture, a lightweight cryptographic method must be created.
22
F. Thabit et al.
Table 10
Shows the Comparison in Terms of Software or Hardware, Platform, Key Size, Block Size, Design Pattern [Feistel (F)/SP, Network (SP)], Rounds CPU Clock Cycle (Cycles per Block).
S.No Software Or Block Key Rounds Design Pattern Logic CPU Clock Cycle RAM Code Size Throughput Throughput at 4
Algorithm Hardware Size Size [Feistel (F)/SP Process* (Cycles Per Area Size in in byte at 100KHz MHz (Kbps)
Platform Network (SP)] Block) (GE) byte (Kbps)
3600
1 S-AES both 128 128 10 SP 0.35 1032 GE 388 2606 12.4 77.1
5800
2 ICEBERG hardware 64 128 16 SP GE
1848
3 DES-L both 64 56 16 F 0.18 144 GE 468 1709 44.4 29.6
2168
4 DES-XL both 64 184 16 F 0.18 144 GE 468 1709 44.4 30.4
5 XTEA software 64 128 64 F 7408 2000GE 196 855 40.8
23
2709
6 mCrypton both 64 128 13 SP 0.13 13 GE 492.3
PRESENT hardware 64 80/1 32 SP 0.18 1886 200 23.7
7 28 32 GE 274 1738
128/ 355.5
8 CLEFIA both 128 192/ 18/2 F 0.09 36 2488GE NA NA 6 NA
256 2/26
9 HIGHT 3408 188.2 80.3
Hardware 64 128 32 F 0.25 34 GE 288 13,476
2100
10 TEA Software 64 128 64 F NA 6271 GE 196 648 40.8
11 SEA Software 96 96 NA F 0.13 NA 3758 NA 2132 103 39.7
12 LBlock both 64 80 32 F 0.18 3955 1320 NA NA NA NA
13 SLIM BOTH 32 80 32 F 0.13 553 NA NA NA NA
Internet of Things 22 (2023) 100759

The increasing attack patterns of IoT networks necessitate research into lightweight ciphers. The aim of this study was met by
providing a comprehensive overview of research trends in IoT security between 2017 and 2022, as well as associated tools and
simulators. So, based on our survey of papers, we found that the significant issues of the Internet of Things are security and privacy.
Future research directions include creating a complete IoT threat modeling and devising a zero-trust method to combat known and
undiscovered cyber-attacks on an IoT system.
Authors’ contributions
Fursan Thabit wrote the manuscript. The final manuscript has been reviewed and approved by the guide.
Availability of data and materials
Data sharing does not apply to this research since no datasets were created during the current experiment.
Consent for publication
Not applicable.
Declaration of Competing Interest
The authors declare the following financial interests/personal relationships which may be considered as potential competing in
terests: FURSAN THABIT reports a relationship with Department of Computer Engineering, Faculty of Engineering Ege University,
Turkey that includes: funding grants and non-financial support.
Data availability
No data was used for the research described in the article.
Acknowledgments
This study was conducted by a researcher who was a part of a Postdoctoral Research Project at the Department of Computer
Engineering, Faculty of Engineering, Ege University, Izmir, Turkey. The researcher is grateful to the OWIS QARNI FOUNDATION
(Yemen Pioneers Program) for their valuable assistance during the research process. The researcher would like to express gratitude to
their supervisor, Assoc. Prof. Dr. Ozgu Can, for providing support throughout the research. Additionally, the researcher would also like
to thank Assoc. Prof. Dr. Asia Othman Aljahdali and Dr. Hoda A. Alkhzaimi for their support in carrying out this research.
References
[1] R. Kumar, P. Kumar, and V. Singhal, “A survey: review of cloud IoT security techniques, issues and challenges,” 2019.
[2] J. Ding, M. Nemati, C. Ranaweera, J. Choi, IoT connectivity technologies and applications: a survey, IEEE Access (2020), https://doi.org/10.1109/
ACCESS.2020.2985932.
[3] A.S. Syed, D. Sierra-Sosa, A. Kumar, A. Elmaghraby, Iot in smart cities: a survey of technologies, practices and challenges, Smart Cities (2021), https://doi.org/
10.3390/smartcities4020024.
[4] T. hoon Kim, C. Ramos, S. Mohammed, Smart City and IoT, Future Generation Comput. Syst. (2017), https://doi.org/10.1016/j.future.2017.03.034.
[5] D. Mocrii, Y. Chen, P. Musilek, IoT-based smart homes: a review of system architecture, software, communications, privacy and security, Internet of Things
(Netherlands) (2018), https://doi.org/10.1016/j.iot.2018.08.009.
[6] O.I. Abiodun, E.O. Abiodun, M. Alawida, R.S. Alkhawaldeh, H. Arshad, A review on the security of the Internet of Things: challenges and solutions, Wirel. Pers.
Commun. (2021) 1–35.
[7] S. Pal, M. Hitchens, T. Rabehaja, S. Mukhopadhyay, Security requirements for the Internet of Things: a systematic approach, Sensors 20 (20) (2020) 5897.
[8] A. Harit, A. Ezzati, and R. Elharti, “Internet of Things security: challenges and perspectives,” 2017. doi: 10.1145/3018896.3056784.
[9] N. Mishra, S. Pandya, Internet of Things applications, security challenges, attacks, intrusion detection, and future visions: a systematic review, IEEE Access
(2021), https://doi.org/10.1109/ACCESS.2021.3073408.
[10] M. Gheisari, G. Wang, S. Chen, An edge computing-enhanced internet of things framework for privacy-preserving in smart city, Comput. Electr. Eng. (2020),
https://doi.org/10.1016/j.compeleceng.2019.106504.
[11] Microsoft, Description of symmetric and asymmetric encryption, Microsoft (2018).
[12] G.J. Simmons, “Symmetric and asymmetric encryption,” in Secure Communications and Asymmetric Cryptosystems, 2019. doi: 10.36074/05.06.2020.v3.36.
[13] M.B. Yassein, S. Aljawarneh, E. Qawasmeh, W. Mardini, and Y. Khamayseh, “Comprehensive study of symmetric key and asymmetric key encryption
algorithms,” 2018. doi: 10.1109/ICEngTechnol.2017.8308215.
[14] O. Adepoju, “Internet of Things (IoT),” in Springer Tracts in Civil Engineering, 2022. doi: 10.1007/978-3-030-85973-2_8.
[15] S. Madakam, R. Ramaswamy, S. Tripathi, Internet of Things (IoT): a literature review, J. Comput. Commun. (2015), https://doi.org/10.4236/jcc.2015.35021.
[16] R.A. Radouan Ait Mouha, Internet of Things (IoT), J. Data Anal. Inf. Process. (2021), https://doi.org/10.4236/jdaip.2021.92006.
[17] M. Aazam, M. St-Hilaire, C.H. Lung, and I. Lambadaris, “PRE-Fog: ioT trace based probabilistic resource estimation at Fog,” 2016. doi: 10.1109/
CCNC.2016.7444724.
[18] L. Gu, J. Wang, B. Sun, Trust management mechanism for Internet of Things, China Commun (2014), https://doi.org/10.1109/CC.2014.6821746.
[19] X. Zhu, Y. Badr, Identity Management Systems for the Internet of Things: a survey towards Blockchain solutions, Sensors (Basel) (2018), https://doi.org/
10.3390/s18124215.
24
[20] I. Nakagawa and S. Shimojo, “IoT agent platform mechanism with transparent cloud computing framework for improving IoT security,” 2017. doi: 10.1109/
COMPSAC.2017.156.
[21] S. Hameed, F.I. Khan, B. Hameed, Understanding security requirements and challenges in Internet of Things (IoT): a review, J. Comput. Networks Commun.
2019 (2019).
[22] H. HaddadPajouh, A. Dehghantanha, R.M. Parizi, M. Aledhari, H. Karimipour, A survey on internet of things security: requirements, challenges, and solutions,
Internet of Things (2019), 100129.
[23] B. Mukherjee, R.L. Neupane, and P. Calyam, “End-to-end IoT security middleware for cloud-fog communication,” 2017. doi: 10.1109/CSCloud.2017.62.
[24] B. Mukherjee, et al., Flexible IoT security middleware for end-to-end cloud–fog communication, Futur. Gener. Comput. Syst. (2018), https://doi.org/10.1016/
j.future.2017.12.031.
[25] F. Javed, M.K. Afzal, M. Sharif, B.-.S. Kim, Internet of Things (IoT) operating systems support, networking technologies, applications, and challenges: a
comparative review, IEEE Commun. Surv. \& Tutorials 20 (3) (2018) 2062–2100.
[26] C. Gehrmann and M.A. Abdelraheem, “IoT protection through device to cloud synchronization,” 2016. doi: 10.1109/CloudCom.2016.0092.
[27] W. Yu, et al., A survey on the edge computing for the Internet of Things, IEEE access 6 (2017) 6900–6919.
[28] S. Pérez, J.L. Hernández-Ramos, S. Raza, A. Skarmeta, Application layer key establishment for end-to-end security in IoT, IEEE Internet Things J. 7 (3) (2019)
2117–2128.
[29] M. Ali, M.R. Sadeghi, X. Liu, Lightweight revocable hierarchical attribute-based encryption for internet of things, IEEE Access (2020), https://doi.org/
10.1109/ACCESS.2020.2969957.
[30] X. Qin, Y. Huang, Z. Yang, X. Li, LBAC: a lightweight blockchain-based access control scheme for the internet of things, Inf. Sci. (Ny). (2021), https://doi.org/
10.1016/j.ins.2020.12.035.
[31] K. Sowjanya, M. Dasgupta, S. Ray, A lightweight key management scheme for key-escrow-free ECC-based CP-ABE for IoT healthcare systems, J. Syst. Archit.
(2021), https://doi.org/10.1016/j.sysarc.2021.102108.
[32] X. Yao, Z. Chen, Y. Tian, A lightweight attribute-based encryption scheme for the Internet of Things, Futur. Gener. Comput. Syst. (2015), https://doi.org/
10.1016/j.future.2014.10.010.
[33] A. Abdaoui, A. Erbad, A.K. Al-Ali, A. Mohamed, M. Guizani, Fuzzy elliptic curve cryptography for authentication in Internet of Things, IEEE Internet Things J.
(2022), https://doi.org/10.1109/JIOT.2021.3121350.
[34] H. Hasan et al., “Secure lightweight ECC-based protocol for multi-agent IoT systems,” 2017. doi: 10.1109/WiMOB.2017.8115788.
[35] J. Ambareen, M. Prabhakar, T. Ara, LEES: a hybrid lightweight elliptic elgamal-schnorr-based cryptography for secure D2D communications, J. Telecommun.
Inf. Technol. (2021), https://doi.org/10.26636/jtit.2021.146020.
[36] R. Pothumarti, K. Jain, P. Krishnan, A lightweight authentication scheme for 5G mobile communications: a dynamic key approach, J. Ambient Intell. Humaniz.
Comput. (2021), https://doi.org/10.1007/s12652-020-02857-4.
[37] A.A. Alfa, J.K. Alhassan, O.M. Olaniyi, M. Olalere, Blockchain technology in IoT systems: current trends, methodology, problems, applications, and future
directions, J. Reliab. Intell. Environ. (2021), https://doi.org/10.1007/s40860-020-00116-z.
[38] J. Li, et al., A secured framework for SDN-based edge computing in IoT-enabled healthcare system, IEEE Access (2020), https://doi.org/10.1109/
ACCESS.2020.3011503.
[39] A. Yazdinejad, R.M. Parizi, A. Dehghantanha, Q. Zhang, K.K.R. Choo, An energy-efficient SDN controller architecture for IoT networks with blockchain-based
security, IEEE Trans. Serv. Comput. (2020), https://doi.org/10.1109/TSC.2020.2966970.
[40] D. Kumar, H.S. Grover, Adarsh, A secure authentication protocol for wearable devices environment using ECC, J. Inf. Secur. Appl. (2019), https://doi.org/
10.1016/j.jisa.2019.03.008.
[41] A. Barua, M.A. Al Alamin, M.S. Hossain, E. Hossain, Security and privacy threats for bluetooth low energy in IoT and wearable devices: a comprehensive
survey, IEEE Open J. Commun. Soc. (2022), https://doi.org/10.1109/OJCOMS.2022.3149732.
[42] R. Somasundaram, M. Thirugnanam, Review of security challenges in healthcare internet of things, Wirel. Networks (2021), https://doi.org/10.1007/s11276-
020-02340-0.
[43] S. Alam, S.T. Siddiqui, A. Ahmad, R. Ahmad, M. Shuaib, Internet of Things (IoT) enabling technologies, requirements, and security challenges. Advances in
Data and Information Sciences, Springer, 2020, pp. 119–126.
[44] B.B. Gupta, M. Quamara, An overview of Internet of Things (IoT): architectural aspects, challenges, and protocols, Concurr. Comput. Pract. Exp. 32 (21) (2020)
e4946.
[45] I. Hafeez, M. Antikainen, A.Y. Ding, and S. Tarkoma, “IoT-KEEPER: securing IoT communications in edge networks,” arXiv Prepr. arXiv1810.08415, 2018.
[46] H. Alqarni, W. Alnahari, M.T. Quasim, Internet of Things (IoT) security requirements: issues related to sensors, in: 2021 National Computing Colleges
Conference (NCCC), 2021, pp. 1–6.
[47] D. Aksu, M.A. Aydin, A survey of iot architectural reference models, in: 2019 16th International Multi-Conference on Systems, Signals \& Devices (SSD), 2019,
pp. 413–417.
[48] U. Maroof, A. Shaghaghi, S. Jha, PLAR: towards a pluggable software architecture for securing IoT devices, in: Proceedings of the 2nd International ACM
Workshop on Security and Privacy for the Internet-of-Things, 2019, pp. 50–57.
[49] D. Papp, M. Zsombor, L. Buttyán, TEE-based protection of cryptographic keys on embedded IoT devices, in: Annales Mathematicae et Informaticae 53, 2021,
pp. 245–256.
[50] C. Fu, Q. Zeng, and X. Du, “Towards efficient integration of blockchain for IoT security: the case study of IoT remote access,” arXiv Prepr. arXiv1912.00264,
2019.
[51] R.K. Endrayanto, A. Muttaqin, R.A. Setyawan, Advanced encryption standard (AES) pada Modul Internet of Things (IoT), TELKA - Telekomun. Elektron.
Komputasi dan Kontrol (2019), https://doi.org/10.15575/telka.v5n2.103-113.
[52] L. Tawalbeh, F. Muheidat, M. Tawalbeh, M. Quwaider, IoT privacy and security: challenges and solutions, Appl. Sci. 10 (12) (2020), https://doi.org/10.3390/
APP10124102.
[53] C. Guo, B. Gong, Efficient scalar multiplication of ECC using SMBR and fast septuple formula for IoT, Eurasip J. Wirel. Commun. Netw. (2021), https://doi.org/
10.1186/s13638-021-01967-7.
[54] I. Chatzigiannakis, A. Vitaletti, A. Pyrgelis, A privacy-preserving smart parking system using an IoT elliptic curve based security platform, Comput. Commun.
(2016), https://doi.org/10.1016/j.comcom.2016.03.014.
[55] B. Halak, S.S. Waizi, A. Islam, A survey of hardware implementations of elliptic curve cryptographic systems, IACR Cryptol. ePrint Arch. (2016).
[56] K.V. Patel, D.M.V. Shah, Analysis of efficient implementation of elliptic curve cryptography architecture for resource constraint application, Int. J. Innov.
Technol. Explor. Eng. (2021), https://doi.org/10.35940/ijitee.f8701.10101221.
[57] F. Thabit, A.P.S. Alhomdy, A.H.A. Al-Ahdal, P.D.S. Jagtap, A new lightweight cryptographic algorithm for enhancing data security in cloud computing, Glob.
Transitions Proc. (2021), https://doi.org/10.1016/j.gltp.2021.01.013.
[58] F. Thabit, S. Alhomdy, S. Jagtap, A new data security algorithm for the cloud computing based on genetics techniques and logical-mathematical functions, Int.
J. Intell. Networks 2 (2021), https://doi.org/10.1016/j.ijin.2021.03.001.
[59] F. Thabit, S. Alhomdy, S. Jagtap, Security analysis and performance evaluation of a new lightweight cryptographic algorithm for cloud computing, Glob.
Transitions Proc. (2021), https://doi.org/10.1016/j.gltp.2021.01.014.
[60] S.-.K. Choi, C.-.H. Yang, J. Kwak, System hardening and security monitoring for IoT devices to mitigate IoT security vulnerabilities and threats, KSII Trans.
Internet Inf. Syst. 12 (2) (2018) 906–918.
[61] A. Hameed, A. Alomary, Security issues in IoT: a survey, in: 2019 International Conference on Innovation and Intelligence for Informatics, Computing, and
Technologies (3ICT), 2019, pp. 1–5.
25
[62] B. Diène, J.J.P.C. Rodrigues, O. Diallo, E.H.M. Ndoye, V.V. Korotaev, Data management techniques for Internet of Things, Mech. Syst. Signal Process. (2020),
https://doi.org/10.1016/j.ymssp.2019.106564.
[63] R.F. Al-Mutawa, F.A. Eassa, A smart home system based on internet of things, Int. J. Adv. Comput. Sci. Appl. (2020), https://doi.org/10.14569/
ijacsa.2020.0110234.
[64] M. Haghi Kashani, M. Madanipour, M. Nikravan, P. Asghari, E. Mahdipour, A systematic review of IoT in healthcare: applications, techniques, and trends,
J. Network and Comput. App. (2021), https://doi.org/10.1016/j.jnca.2021.103164.
[65] F. Hussain, S.A. Hassan, R. Hussain, E. Hossain, Machine learning for resource management in cellular and IoT networks: potentials, current solutions, and
open challenges, IEEE Commun. Surv. Tutorials (2020), https://doi.org/10.1109/COMST.2020.2964534.
[66] R. Pirmagomedov, Y. Koucheryavy, IoT technologies for augmented human: a survey, Internet of Things (Netherlands) (2021), https://doi.org/10.1016/j.
iot.2019.100120.
[67] M. Yousif, C. Hewage, L. Nawaf, IOT technologies during and beyond COVID-19: a comprehensive review, Future Internet (2021), https://doi.org/10.3390/
fi13050105.
[68] S. Kuppam, S. Purushotham, Role of recent IoT technologies in agricultural applications: a review, Int. J. Internet Manuf. Serv. (2021), https://doi.org/
10.1504/IJIMS.2021.114541.
[69] P.P. Ray, A survey on Internet of Things architectures, J. King Saud University - Comput. Inf. Sci. (2018), https://doi.org/10.1016/j.jksuci.2016.10.003.
[70] F.A. Alaba, M. Othman, I.A.T. Hashem, F. Alotaibi, Internet of Things security: a survey, J. Network and Comput. App. (2017), https://doi.org/10.1016/j.
jnca.2017.04.002.
[71] S.A. Baker and A.S. Nori, “Internet of Things security: a survey,” 2021. doi: 10.1007/978-981-33-6835-4_7.
[72] D.E. Kouicem, A. Bouabdallah, H. Lakhlef, Internet of things security: a top-down survey, Comput. Networks (2018), https://doi.org/10.1016/j.
comnet.2018.03.012.
[73] S. Deep, X. Zheng, A. Jolfaei, D. Yu, P. Ostovari, A.Kashif Bashir, A survey of security and privacy issues in the Internet of Things from the layered context,
Trans. Emerg. Telecommun. Technol. (2020) e3935.
[74] S.K. Mousavi, A. Ghaffari, S. Besharat, H. Afshari, Security of Internet of Things Based On Cryptographic algorithms: a Survey, 27, Springer US, 2021, https://
doi.org/10.1007/s11276-020-02535-5.
[75] L. Xiong, D. Peng, T. Peng, H. Liang, An enhanced privacy-aware authentication scheme for distributed mobile cloud computing services, KSII Trans. Internet
Inf. Syst. 11 (12) (2017), https://doi.org/10.3837/tiis.2017.12.026.
[76] H.A. Khattak, M.A. Shah, S. Khan, I. Ali, M. Imran, Perception layer security in Internet of Things, Futur. Gener. Comput. Syst. (2019), https://doi.org/
10.1016/j.future.2019.04.038.
[77] M.S. Farooq, S. Riaz, A. Abid, K. Abid, M.A. Naeem, A survey on the role of IoT in agriculture for the implementation of smart farming, IEEE Access (2019),
https://doi.org/10.1109/ACCESS.2019.2949703.
[78] M.A. Ferrag, L. Shu, X. Yang, A. Derhab, L. Maglaras, Security and privacy for green IoT-based agriculture: review, blockchain solutions, and challenges, IEEE
Access (2020), https://doi.org/10.1109/ACCESS.2020.2973178.
[79] S.P. Dash, The impact of IoT in healthcare: global technological change & the roadmap to a networked architecture in India, J. Indian Institute of Sci. (2020),
https://doi.org/10.1007/s41745-020-00208-y.
[80] S. Selvaraj, S. Sundaravaradhan, Challenges and opportunities in IoT healthcare systems: a systematic review, SN Appl. Sci. (2020), https://doi.org/10.1007/
s42452-019-1925-y.
[81] R.B.A. Tonoy, Mahmudunnabi, H.M.Zilany, and R.M. Rahman, “A smart and intelligent home automation system,” 2021. doi: 10.1109/
UEMCON53757.2021.9666614.
[82] A.-.M. Suduc, M. Bizoi, G. Gorghiu, A survey on IoT in education, Rev. Rom. pentru Educ. Multidimens. (2018), https://doi.org/10.18662/rrem/66.
[83] C. Patel and N. Doshi, “Security challenges in IoT cyber world,” 2019. doi: 10.1007/978-3-030-01560-2_8.
[84] C.D. Aboti, Survey on IoT: challenges and cyber risks in commercial aviation, Int. J. Res. Anal. Rev. (2019).
[85] H.S.H. Solomon, “Top 10 IoT vulnerabilities of 2018,” December 31st1. 2018.
[86] Fredric Paul, “Top 10 IoT vulnerabilities | Network World,” Network World, 2019.
[87] G.J. Touhill and C.J. Touhill, Cybersecurity for Executives. 2014. doi: 10.1002/9781118908785.
[88] I. Lee, Internet of Things (IoT) cybersecurity: literature review and iot cyber risk management, Future Internet (2020), https://doi.org/10.3390/FI12090157.
[89] M.G.T. Espinoza, J.R.N. Melendrez, L.A.N. Clemente, A survey and an IoT cybersecurity recommendation for public and private hospitals in Ecuador, Adv. Sci.
Technol. Eng. Syst. (2020), https://doi.org/10.25046/aj050364.
[90] J.P. Shim, “Cyber-physical systems and industrial IoT cybersecurity: issues and solutions,” 2019.
[91] J. Granjal, E. Monteiro, J.Sa Silva, Security for the internet of things: a survey of existing protocols and open research issues, IEEE Commun. Surv. Tutorials
(2015), https://doi.org/10.1109/COMST.2015.2388550.
[92] K.K. Karmakar, V. Varadharajan, S. Nepal, U. Tupakula, SDN-enabled secure IoT architecture, IEEE Internet Things J. (2021), https://doi.org/10.1109/
JIOT.2020.3043740.
[93] N. Almrezeq, L. Almadhoor, T. Alrasheed, A.A.A. El-Aziz, S. Nashwan, Design a secure IoT architecture using smart wireless networks, Int. J. Commun.
Networks Inf. Secur. (2020).
[94] M. Burhan, R.A. Rehman, B. Khan, B.S. Kim, IoT elements, layered architectures and security issues: a comprehensive survey, Sensors (Switzerland) (2018),
https://doi.org/10.3390/s18092796.
[95] T. Wang, G. Zhang, A. Liu, M.Z.A. Bhuiyan, Q. Jin, A secure IoT service architecture with an efficient balance dynamics based on cloud and edge computing,
IEEE Internet Things J. (2019), https://doi.org/10.1109/JIOT.2018.2870288.
[96] Y. Li, X. Su, J. Riekki, T. Kanter, and R. Rahmani, “A SDN-based architecture for horizontal Internet of Things services,” 2016. doi: 10.1109/
ICC.2016.7511053.
[97] D. Sinh, L.V. Le, B.S.P. Lin, and L.P. Tung, “SDN/NFV - A new approach of deploying network infrastructure for IoT,” 2018. doi: 10.1109/
WOCC.2018.8372689.
[98] S. Do, L.V. Le, B.S.P. Lin, and L.P. Tung, “SDN/NFV-based network infrastructure for enhancing iot gateways,” 2019. doi: 10.1109/iThings/GreenCom/
CPSCom/SmartData.2019.00192.
[99] O. Flauzac, C. Gonzalez, and F. Nolot, “New security architecture for IoT network,” 2015. doi: 10.1016/j.procs.2015.05.099.
[100] M. Gloukhovtsev, IOT security: challenges, solutions \& future prospects, Proc. Proven Prof. Knowl. Shar. Artic. (2018) 1–44.
[101] D. Arellanes, K.-.K. Lau, Evaluating IoT service composition mechanisms for the scalability of IoT systems, Futur. Gener. Comput. Syst. 108 (2020) 827–848.
[102] P. Punithavathi, S. Geetha, M. Karuppiah, S.K.H. Islam, M.M. Hassan, K.-K.R. Choo, A lightweight machine learning-based authentication framework for smart
IoT devices, Inf. Sci. (Ny). 484 (2019) 255–268.
[103] E.L.C. Macedo, et al., On the security aspects of Internet of Things: a systematic literature review, J. Commun. Networks 21 (5) (2019) 444–457.
[104] P.M. Chanal, M.S. Kakkasageri, Preserving data confidentiality in Internet of Things, SN Comput. Sci. 2 (1) (2021) 1–12.
[105] S.J. Pokorni, Reliability and availability of the Internet of Things, Vojnoteh. Glas. 67 (3) (2019) 588–600.
[106] S. Echeverria, G.A. Lewis, D. Klinedinst, and L. Seitz, “Authentication and authorization for IoT devices in disadvantaged environments,” in 2019 IEEE 5th
World Forum on Internet of Things (WF-IoT), 2019, pp. 368–373.
[107] S.U.R. Aqeel-ur-Rehman, I.U. Khan, M. Moiz, S. Hasan, Security and privacy issues in IoT, Int. J. Commun. Networks Inf. Secur. 8 (3) (2016) 147–157.
[108] F. Alshehri, G. Muhammad, A comprehensive survey of the Internet of Things (IoT) and AI-based smart healthcare, IEEE Access (2021), https://doi.org/
10.1109/ACCESS.2020.3047960.
[109] M.A. Ferrag, L.A. Maglaras, H. Janicke, J. Jiang, L. Shu, Authentication protocols for Internet of Things: a comprehensive survey, Security and Communication
Networks (2017), https://doi.org/10.1155/2017/6562953.
26
[110] M. binti Mohamad Noor, W.H. Hassan, Current research on Internet of Things (IoT) security: a survey, Comput. Networks (2019), https://doi.org/10.1016/j.
comnet.2018.11.025.
[111] J. Gubbi, R. Buyya, S. Marusic, M. Palaniswami, Internet of Things (IoT): a vision, architectural elements, and future directions, Futur. Gener. Comput. Syst.
(2013), https://doi.org/10.1016/j.future.2013.01.010.
[112] I. Lakshmi, A vision, architectural elements, and future direction of Internet of Things (IoT, Int. J. Sci. Res. Comput. Sci. Eng. Inf. Technol. (2018).
[113] S.Y. Tan, K.W. Yeow, S.O. Hwang, Enhancement of a lightweight attribute-based encryption scheme for the Internet of Things, IEEE Internet Things J (2019),
https://doi.org/10.1109/JIOT.2019.2900631.
[114] H. Jiang, F. Shen, S. Chen, K.C. Li, Y.S. Jeong, A secure and scalable storage system for aggregate data in IoT, Futur. Gener. Comput. Syst. (2015), https://doi.
org/10.1016/j.future.2014.11.009.
[115] T. Bose, S. Bandyopadhyay, A. Ukil, A. Bhattacharyya, and A. Pal, “Why not keep your personal data secure yet private in IoT?: our lightweight approach,”
2015. doi: 10.1109/ISSNIP.2015.7106942.
[116] A. Lakhan, A.H. Sodhro, A. Majumdar, P. Khuwuthyakorn, O. Thinnukool, A lightweight secure adaptive approach for Internet-of-Medical-Things healthcare
applications in edge-cloud-based networks, Sensors (2022), https://doi.org/10.3390/s22062379.
[117] J. Hassan, et al., A lightweight proxy re-encryption approach with certificate-based and incremental cryptography for fog-enabled E-healthcare, Secur.
Commun. Networks (2021), https://doi.org/10.1155/2021/9363824.
[118] W. Yang, Z. Guan, L. Wu, X. Du, M. Guizani, Secure data access control with fair accountability in smart grid data sharing: an edge blockchain approach, IEEE
Internet Things J (2021), https://doi.org/10.1109/JIOT.2020.3047640.
[119] A. Dorri, S.S. Kanhere, R. Jurdak, and P. Gauravaram, “Blockchain for IoT security and privacy: the case study of a smart home,” 2017. doi: 10.1109/
PERCOMW.2017.7917634.
[120] J. Lee, Y. Sung, J.H. Park, Lightweight sensor authentication scheme for energy efficiency in ubiquitous computing environments, Sensors (Switzerland)
(2016), https://doi.org/10.3390/s16122044.
[121] O. Alfandi, S. Khanji, L. Ahmad, A. Khattak, A survey on boosting IoT security and privacy through blockchain: exploration, requirements, and open issues,
Cluster Comput (2021), https://doi.org/10.1007/s10586-020-03137-8.
[122] M.A. Haque, S. Haque, D. Sonal, K. Kumar, E. Shakeb, Security enhancement for IoT enabled agriculture, Mater. Today Proc. (2021), https://doi.org/10.1016/
j.matpr.2020.12.452.
[123] M. El-Hajj, A. Fadlallah, M. Chamoun, A. Serhrouchni, A survey of internet of things (IoT) authentication schemes, Sensors (Switzerland) (2019), https://doi.
org/10.3390/s19051141.
[124] P. Gope, B. Sikdar, Lightweight and Privacy-preserving two-factor authentication scheme for IoT devices, IEEE Internet Things J. (2019), https://doi.org/
10.1109/JIOT.2018.2846299.
[125] L.A.R. Shantha Mary Joshitta, Authentication in IoT Environment: a Survey, International J. Adv. Res. Comput. Sci. Softw. Eng. (2016).
[126] X. Sun, et al., Substring-searchable attribute-based encryption and its application for IoT devices, Digit. Commun. Networks (2021), https://doi.org/10.1016/j.
dcan.2020.07.008.
[127] A. Manzoor, A. Braeken, S.S. Kanhere, M. Ylianttila, M. Liyanage, Proxy re-encryption enabled secure and anonymous IoT data sharing platform based on
blockchain, J. Netw. Comput. Appl. (2021), https://doi.org/10.1016/j.jnca.2020.102917.
[128] S. Rajesh, V. Paul, V.G. Menon, M.R. Khosravi, A secure and efficient lightweight symmetric encryption scheme for transfer of text files between embedded IoT
devices, Symmetry (Basel) (2019), https://doi.org/10.3390/sym11020293.
[129] S.W. Lee, K.B. Sim, Design and hardware implementation of a simplified dag-based blockchain and new aes-cbc algorithm for iot security, Electron. (2021),
https://doi.org/10.3390/electronics10091127.
[130] S. Roy, U. Rawat, J. Karjee, A lightweight cellular automata based encryption technique for IoT applications, IEEE Access (2019), https://doi.org/10.1109/
ACCESS.2019.2906326.
[131] G. Peralta, R.G. Cid-Fuentes, J. Bilbao, P.M. Crespo, Homomorphic encryption and network coding in IoT architectures: advantages and future challenges,
Electron. (2019), https://doi.org/10.3390/electronics8080827.
[132] Z. Yan, P. Zhang, A.V. Vasilakos, A survey on trust management for Internet of Things, J. Netw. Comput. Appl. (2014), https://doi.org/10.1016/j.
jnca.2014.01.014.
[133] R.T. Frahat, M.M. Monowar, and S.M. Buhari, “Secure and scalable trust management model for IoT P2P network,” 2019. doi: 10.1109/CAIS.2019.8769467.
[134] Y. Alghofaili, M.A. Rassam, A trust management model for IoT devices and services based on the multi-criteria decision-making approach and deep long short-
term memory technique, Sensors (2022), https://doi.org/10.3390/s22020634.
[135] I.R. Chen, J. Guo, D.C. Wang, J.J.P. Tsai, H. Al-Hamadi, I. You, Trust-based service management for mobile cloud IoT systems, IEEE Trans. Netw. Serv. Manag.
(2019), https://doi.org/10.1109/TNSM.2018.2886379.
[136] V.A. Thakor, M.A. Razzaque, M.R.A. Khandaker, Lightweight cryptography algorithms for resource-constrained IoT devices: a review, comparison and research
opportunities, IEEE Access (2021), https://doi.org/10.1109/ACCESS.2021.3052867.
[137] K. Kimani, V. Oduol, K. Langat, Cyber security challenges for IoT-based smart grid networks, Int. J. Crit. Infrastruct. Prot. (2019), https://doi.org/10.1016/j.
ijcip.2019.01.001.
[138] N.M. Kumar and P.K. Mallick, “Blockchain technology for security issues and challenges in IoT,” 2018. doi: 10.1016/j.procs.2018.05.140.
[139] N. Verma, S. Sangwan, S. Sangwan, D. Parsad, IoT security challenges and counters measures, Int. J. Recent Technol. Eng. (2019), https://doi.org/10.35940/
ijrte.C4212.098319.
[140] S.I. Al-sharekh, K.H.A. Al-shqeerat, Security challenges and limitations in IoT environments, IJCSNS Int. J. Comput. Sci. Netw. Secur. (2019).
[141] A. Karale, The Challenges of IoT addressing security, ethics, privacy, and laws, Internet of Things (Netherlands) (2021), https://doi.org/10.1016/j.
iot.2021.100420.
[142] Z.K. Zhang, M.C.Y. Cho, C.W. Wang, C.W. Hsu, C.K. Chen, and S. Shieh, “IoT security: ongoing challenges and research opportunities,” 2014. doi: 10.1109/
SOCA.2014.58.
[143] S. Dihulia, T. Farooqui, A literature survey on IoT security challenges, Int. J. Comput. Appl. (2017), https://doi.org/10.5120/ijca2017914616.
[144] D.E. Suresh Babu, V. Bhargav Raj, M. Manogna Devi, K. Kirthana, A review on security issues and challenges of IoT, Int. J. Eng. Technol. (2018), https://doi.
org/10.14419/ijet.v7i2.32.15708.
[145] A. Banafa, Three major challenges facing IoT, IEEE IoT Newsl (2017).
[146] M. Rana, Q. Mamun, R. Islam, Lightweight cryptography in IoT networks: a survey, Future Generation Computer Systems (2022), https://doi.org/10.1016/j.
future.2021.11.011.
[147] H. Mrabet, S. Belguith, A. Alhomoud, A. Jemai, A survey of IoT security based on a layered architecture of sensing and data analysis, Sensors (Switzerland)
(2020), https://doi.org/10.3390/s20133625.
[148] O.G. Abood, S.K. Guirguis, A survey on cryptography algorithms, Int. J. Sci. Res. Publ. (2018), https://doi.org/10.29322/ijsrp.8.7.2018.p7978.
[149] B. Stoyanov, G. Nedzhibov, Symmetric key encryption based on rotation-translation equation, Symmetry (Basel) (2020), https://doi.org/10.3390/
sym12010073.
[150] M. Ubaidullah, Q. Makki, A review on symmetric key encryption techniques in cryptography, Int. J. Comput. Appl. (2016), https://doi.org/10.5120/
ijca2016911203.
[151] K.A. McKay, L. Bassham, M.S. Turan, N. Mouha, Report on lightweight cryptography, Natl. Inst. Stand. Technol. (2017).
[152] NIST, “Report on lightweight cryptography March 2017 • Final Publication : https://doi.org/10.6028/NIST.IR.8114 (which links to • Information on other
NIST cybersecurity publications a,” Nist, 2017.
[153] S. Deb, B. Bhuyan, Performance analysis of current lightweight stream ciphers for constrained environments, Sadhana - Acad. Proc. Eng. Sci. (2020), https://
doi.org/10.1007/s12046-020-01489-w.
27
[154] I.R. Chiadighikaobi, N. Katuk, A scoping study on lightweight cryptography reviews in IoT, Baghdad Sci. J. (2021), https://doi.org/10.21123/bsj.2021.18.2
(Suppl.).0989.
[155] M. Masud, G.S. Gaba, K. Choudhary, M.S. Hossain, M.F. Alhamid, G. Muhammad, Lightweight and anonymity-preserving user authentication scheme for IoT-
based healthcare, IEEE Internet Things J (2022), https://doi.org/10.1109/JIOT.2021.3080461.
[156] M.S. Christo, V.E. Jesi, U. Priyadarsini, V. Anbarasu, H. Venugopal, M. Karuppiah, Ensuring improved security in medical data using ECC and blockchain
technology with edge devices, Secur. Commun. Networks (2021), https://doi.org/10.1155/2021/6966206.
[157] O. Toshihiko, Lightweight cryptography applicable to various IoT devices, NEC Tech. J. (2017).
[158] A. Poojari and H.R. Nagesh, “A comparative analysis of symmetric lightweight block ciphers,” 2019. doi: 10.1007/978-981-13-1951-8_63.
[159] D.H. Lee, I.Y. Lee, A lightweight authentication and key agreement schemes for IoT environments, Sensors (Switzerland) (2020), https://doi.org/10.3390/
s20185350.
[160] G. Hatzivasilis, K. Fysarakis, I. Papaefstathiou, C. Manifavas, A review of lightweight block ciphers, J. Cryptographic Eng. (2018), https://doi.org/10.1007/
s13389-017-0160-y.
[161] R.E. Klima, “Introduction to cryptology,” in Cryptology, 2020. doi: 10.1201/b12269-3.
[162] A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone, “Overview of cryptography,” in Handbook of Applied Cryptography, 2018. doi: 10.1201/9781439821916-1.
[163] T.A. Patil, P.D.M.K.V. Kulhalli, Symmetric key cryptography algorithm for data security, Int. J. Trend Sci. Res. Dev. (2018), https://doi.org/10.31142/
ijtsrd9444.
[164] P. Fitzpatrick, Asymmetric cryptography, Irish Math. Soc. Bull. (2021), https://doi.org/10.33232/bims.0020.21.31.
[165] G. Bansod, N. Raval, N. Pisharoty, Implementation of a new lightweight encryption design for embedded security, IEEE Trans. Inf. Forensics Secur. (2015),
https://doi.org/10.1109/TIFS.2014.2365734.
[166] O.A. Dawood, Fast lightweight block cipher design with involution substitution permutation network (SPN) structure, Indones. J. Electr. Eng. Comput. Sci.
(2020), https://doi.org/10.11591/ijeecs.v20.i1.pp361-369.
[167] X. Liu, W.Y. Zhang, X.Z. Liu, F. Liu, Eight-sided fortress: a lightweight block cipher, J. China Univ. Posts Telecommun. (2014), https://doi.org/10.1016/S1005-
8885(14)60275-2.
[168] T. Suzaki and K. Minematsu, “Improving the generalized Feistel,” 2010. doi: 10.1007/978-3-642-13858-4_2.
[169] K. Shibutani, T. Iwata, On the (im)possibility of improving the round diffusion of generalized Feistel structures, Inf. Process. Lett. (2022), https://doi.org/
10.1016/j.ipl.2021.106197.
[170] A. Bogdanov, Cryptanalysis of the KeeLoq block cipher, IACR Cryptol. ePrint Arch. (2007).
[171] S. Banik, et al., Midori : a block cipher for low energy (Extended Version), Int. Conf. Theory Appl. Cryptol. Inf. Secur. (2015).
[172] S. Banik, et al., Towards low energy stream ciphers, IACR Trans. Symmetric Cryptol. (2018), https://doi.org/10.13154/tosc.v2018.i2.1-19.
[173] H. Brekke, State of the art in lightweight symmetric cryptography, Iahr 2012 (2012).
[174] Computer and Network Security. 2019. doi: 10.5772/intechopen.78497.
[175] J. Nechvatal, et al., Report on the development of the advanced encryption standard (AES), J. Res. Natl. Inst. Stand. Technol. (2001), https://doi.org/10.6028/
jres.106.023.
[176] A. Bogdanov et al., “PRESENT: an ultra-lightweight block cipher,” 2007. doi: 10.1007/978-3-540-74735-2_31.
[177] S. Banik, S.K. Pandey, T. Peyrin, Y. Sasaki, S.M. Sim, and Y. Todo, “GIFT: a small present: towards reaching the limit of lightweight encryption,” 2017. doi:
10.1007/978-3-319-66787-4_16.
[178] W. Zhang, Z. Bao, D. Lin, V. Rijmen, B. Yang, I. Verbauwhede, RECTANGLE: a bit-slice lightweight block cipher suitable for multiple platforms, Sci. China Inf.
Sci. (2015), https://doi.org/10.1007/s11432-015-5459-7.
[179] T. Suzaki, K. Minematsu, S. Morioka, E. Kobayashi, Twine: a lightweight, versatile block cipher, ECRYPT Work. pn Light. Cryptogr. LC11 (2011).
[180] H. Cheng, H.M. Heys, and C. Wang, “PUFFIN: a novel compact block cipher targeted to embedded digital systems,” 2008. doi: 10.1109/DSD.2008.34.
[181] B. Rashidi, Low-cost and two-cycle hardware structures of PRINCE lightweight block cipher, Int. J. Circuit Theory Appl. (2020), https://doi.org/10.1002/
cta.2832.
[182] S.J. Shepherd, The tiny encryption algorithm, Cryptologia (2007), https://doi.org/10.1080/01611190601090606.
[183] M. Femy Mulya and N. Rismawati, “Analisis dan simulasi algoritma tea (Tiny encryption algorithm) UNTUK ENKRIPSI DAN DEKRIPSI PESAN TEXT
MENGGUNAKAN cryptool2,” 2019.
[184] Z. Mishra, B. Acharya, Efficient hardware implementation of TEA, XTEA and XXTEA lightweight ciphers for low resource IoT applications, Int. J. High Perform.
Syst. Archit. (2021), https://doi.org/10.1504/IJHPSA.2021.119150.
[185] H.R. Ismaeel, Apply block ciphers using tiny encryption algorithm (TEA), Baghdad Sci. J. (2010).
[186] M. Matsui, J. Nakajima, S. Moriai, A description of the camellia encryption algorithm status, CWL Publ. Enterp. Inc., Madison (2004).
[187] J. Chen, P. Wang, Y. Zhang, H. Zhang, SPUF design based on Camellia encryption algorithm, Microelectronics J. (2021), https://doi.org/10.1016/j.
mejo.2021.105051.
[188] B.S.W. Poetro, “Implementation of 128 bits camellia algorithm for cryptography in digital image,” 2016. doi: 10.1088/1757-899X/190/1/012038.
[189] N. Alassaf, A. Gutub, S.A. Parah, M. Al Ghamdi, Enhancing speed of SIMON: a light-weight-cryptographic algorithm for IoT applications, Multimed. Tools Appl.
(2019), https://doi.org/10.1007/s11042-018-6801-z.
[190] S. Feizi, A. Ahmadi, and A. Nemati, “A hardware implementation of Simon cryptography algorithm,” 2014. doi: 10.1109/ICCKE.2014.6993386.
[191] W. Wu and L. Zhang, “LBlock: a lightweight block cipher,” 2011. doi: 10.1007/978-3-642-21554-4_19.
[192] Y. Cui, H. Xu, W. Qi, Improved integral attacks on 24-round LBlock and LBlock-s, IET Inf. Secur. (2020), https://doi.org/10.1049/iet-ifs.2019.0353.
[193] T. Akishita and H. Hiwatari, “Very compact hardware implementations of the blockcipher CLEFIA,” 2012. doi: 10.1007/978-3-642-28496-0_17.
[194] K. Shibutani, T. Isobe, H. Hiwatari, A. Mitsuda, T. Akishita, and T. Shirai, “Piccolo: an ultra-lightweight blockcipher,” 2011. doi: 10.1007/978-3-642-23951-9_
23.
[195] S.K. Ojha, N. Kumar, K. Jain, and Sangeeta, “TWIS - A lightweight block cipher,” 2009. doi: 10.1007/978-3-642-10772-6_21.
[196] B. Su, W. Wu, L. Zhang, and Y. Li, “Full-round differential attack on TWIS block cipher,” 2011. doi: 10.1007/978-3-642-17955-6_17.
[197] R. Beaulieu, D. Shors, J. Smith, S. Treatman-clark, The simon and speck families of lightweight block ciphers, Cryptol. ePrint Arch. (2013).
[198] R. Beaulieu, D. Shors, J. Smith, S. Treatman-Clark, B. Weeks, L. Wingers, Simon and speck: block ciphers for the Internet of Things, in: Proceedings of the 52nd
Annual Design Automation Conference on - DAC ’15, 2015.
[199] W. Tian, B. Hu, Deep learning assisted differential cryptanalysis for the lightweight cipher SIMON, KSII Trans. Internet Inf. Syst. (2021), https://doi.org/
10.3837/tiis.2021.02.012.
[200] X. Lai and J.L. Massey, “A proposal for a new block encryption standard,” 1991. doi: 10.1007/3-540-46877-3_35.
[201] D. Hong et al., “HIGHT: a new block cipher suitable for low-resource device,” 2006. doi: 10.1007/11894063_4.
[202] D. Engels, X. Fan, G. Gong, H. Hu, and E.M. Smith, “Hummingbird: ultra-lightweight cryptography for resource-constrained devices,” 2010. doi: 10.1007/978-
3-642-14992-4_2.
[203] A. Poojary, V.G. Kiran Kumar, H.R. Nagesh, FPGA implementation novel lightweight MBRISI cipher, J. Ambient Intell. Humaniz. Comput. (2022), https://doi.
org/10.1007/s12652-022-03726-y.
[204] Y.A. Birgani, S. Timarchi, A. Khalid, Ultra-lightweight FPGA-based RC5 designs via data-dependent rotation block optimization, Microprocess. Microsyst. 93
(2022), 104588, https://doi.org/10.1016/j.micpro.2022.104588.
[205] F. Thabit, O. Can, S. Alhomdy, G.H. Al-Gaphari, S. Jagtap, A novel effective lightweight homomorphic cryptographic Algorithm for data security in cloud
computing, Int. J. Intell. Networks 3 (2022) 16–30, https://doi.org/10.1016/j.ijin.2022.04.001.
[206] K. Chatterjee, R.R.K. Chaudhary, A. Singh, A lightweight block cipher technique for IoT based E-healthcare system security, Multimed. Tools Appl. (2022),
https://doi.org/10.1007/s11042-022-13106-5.
28
[207] A.A.M. Ragab, A. Madani, A.M. Wahdan, G.M.I. Selim, Design, analysis, and implementation of a new lightweight block cipher for protecting IoT smart
devices, J. Ambient Intell. Humaniz. Comput. (2021), https://doi.org/10.1007/s12652-020-02782-6.
[208] B. Aboushosha, R.A. Ramadan, A.D. Dwivedi, A. El-Sayed, M.M. Dessouky, SLIM: a lightweight block cipher for internet of health things, IEEE Access (2020),
https://doi.org/10.1109/ACCESS.2020.3036589.
[209] H. Kim et al., “PIPO: a lightweight block cipher with efficient higher-order masking software implementations,” 2021. doi: 10.1007/978-3-030-68890-5_6.
[210] S. Toprak, A. Akbulut, M.A. Aydın, A.H. Zaim, Lwe: an energy-efficient lightweight encryption algorithm for medical sensors and IoT devices, Electrica (2020),
https://doi.org/10.5152/ELECTRICA.2020.19082.
[211] B.W. Aboshosha, M.M. Dessouky, A. Elsayed, Energy efficient encryption algorithm for low resources devices, Acad. Res. Community Publ. (2019), https://doi.
org/10.21625/archive.v3i3.520.
[212] B.T. Liu, L. Li, R.X. Wu, M.M. Xie, Q.P. Li, Loong: a family of involutional lightweight block cipher based on spn structure, IEEE Access (2019), https://doi.org/
10.1109/ACCESS.2019.2940330.
[213] J. Patil, G. Bansod, and K.S. Kant, “Dot: a new ultra-lightweight sp network encryption design for resource-constrained environment,” 2019. doi: 10.1007/978-
981-13-1610-4_26.
[214] L. Li, B. Liu, Y. Zhou, Y. Zou, SFN: a new lightweight block cipher, Microprocess. Microsyst. (2018), https://doi.org/10.1016/j.micpro.2018.04.009.
[215] M. Usman, I. Ahmed, M. Imran, S. Khan, U. Ali, SIT: a lightweight encryption algorithm for secure Internet of Things, Int. J. Adv. Comput. Sci. Appl. (2017),
https://doi.org/10.14569/ijacsa.2017.080151.
[216] S. Salim, Design 32-bit lightweight block cipher algorithm (DLBCA, Int. J. Comput. Appl. (2017), https://doi.org/10.5120/ijca2017914088.
[217] J. Patil, G. Bansod, and K.S. Kant, “LiCi: a new ultra-lightweight block cipher,” 2017. doi: 10.1109/ETIICT.2017.7977007.
[218] C. Beierle et al., “The SKINNY family of block ciphers and its low-latency variant MANTIS,” 2016. doi: 10.1007/978-3-662-53008-5_5.
[219] D. Dinu, L. Perrin, A. Udovenko, V. Velichkov, J. Großschädl, A. Biryukov, SPARX: a family of arx-based lightweight block ciphers provably secure against
linear and differential attacks, in: Proc. ASIACRYPT’16, 2016.
[220] D. Dinu, L. Perrin, A. Udovenko, V. Velichkov, J. Großschädl, and A. Biryukov, “Design strategies for ARX with provable bounds: SPARX and LAX,” 2016. doi:
10.1007/978-3-662-53887-6_18.
[221] A. Baysal, S. Şahin, RoadRunneR: a small and fast bitslice block cipher for low cost 8-bit processors, Lect. Notes Comput. Sci. (including Subser. Lect. Notes
Artif. Intell. Lect. Notes Bioinformatics) (2016), https://doi.org/10.1007/978-3-319-29078-2_4.
[222] G. Bansod, N. Pisharoty, A. Patil, PICO: an ultra lightweight and low power encryption design for ubiquitous computing, Def. Sci. J. (2016), https://doi.org/
10.14429/dsj.66.9276.
[223] H. Prendinger and M. Ishizuka, “Scream,” vol. 280141, p. 350, 2015, doi: 10.1145/544818.544823.
[224] N. Mouha, The design space of lightweight cryptography, NIST Light. Cryptogr. Work. (2015) 2015.
[225] F. Karakoç, H. Demirci, and A.E. Harmanci, “ITUbee: a software oriented lightweight block cipher,” 2013. doi: 10.1007/978-3-642-40392-7_2.
[226] D. Hong, J.K. Lee, D.C. Kim, D. Kwon, K.H. Ryu, and D.G. Lee, “LEA: a 128-bit block cipher for fast encryption on common processors,” 2014. doi: 10.1007/
978-3-319-05149-9_1.
[227] J. Borghoff et al., “PRINCE – a low-latency block cipher for pervasive computing applications,” 2012. doi: 10.1007/978-3-642-34961-4_14.
[228] J. Guo, T. Peyrin, A. Poschmann, and M. Robshaw, “The LED block cipher,” 2011. doi: 10.1007/978-3-642-23951-9_22.
[229] Z. Gong, S. Nikova, and Y.W. Law, “KLEIN: a new family of lightweight block ciphers,” 2012. doi: 10.1007/978-3-642-25286-0_1.
[230] S.-.I. Huang and S. Shieh, “SEA: secure encrypted-data aggregation in mobile wireless sensor networks,” 2008. doi: 10.1109/cis.2007.207.
[231] W.C. Barker, E. Barker, Recommendation for the triple data encryption algorithm (TDEA) Block Cipher, NIST Spec. Publ. (2012).
[232] K. Aoki et al., “Camellia: a 128-Bit block cipher suitable for multiple platforms – Design and analysis,” 2001. doi: 10.1007/3-540-44983-3_4.
[233] P. Barreto, V. Rijmen, The Khazad legacy-level block cipher, NESSIE Work 15 (May) (2000) pages.
Further Reading
[1] A. Juels and S.A. Weis, “Authenticating pervasive devices with human protocols,” 2006. doi: 10.1007/11535218_18.
[2] H. Moser, et al., Distributed computing for structured storage, retrieval and processing of DNA sequencing data, Futur. Gener. Comput. Syst. (2019).
[3] K. Kumar V G, S. Rai C, Design and implementation of novel BRISI lightweight cipher for resource constrained devices, Microprocess. Microsyst. (2021), https://
doi.org/10.1016/j.micpro.2021.104267.
[4] A. Hassani Karbasi, S. Shahpasand, SINGLETON: a lightweight and secure end-to-end encryption protocol for the sensor networks in the Internet of Things based
on cryptographic ratchets, J. Supercomput. (2021), https://doi.org/10.1007/s11227-020-03411-x.
[5] S. Mishra and D. Sadhya, “LiARX: a lightweight cipher based on the LTS design strategy of ARX,” 2020. doi: 10.1007/978-3-030-65610-2_12.
[6] R. Anusha and V. Veena Devi Shastrimath, “LCBC-XTEA: high throughput lightweight cryptographic block cipher model for low-cost RFID systems,” 2019. doi:
10.1007/978-3-030-19813-8_20.
[7] R. Shantha Mary Joshitta and L. Arockiam, “A novel block cipher for enhancing data security in healthcare internet of things,” 2018. doi: 10.1088/1742-6596/
1142/1/012002.
[8] M.J.R. Shantha and L. Arockiam, “SAT-Jo: an enhanced lightweight block cipher for the Internet of Things,” 2019. doi: 10.1109/ICCONS.2018.8663068.
[9] S. Abd Al-Rahman, A. Sagheer, and O. Dawood, “NVLC: new variant lightweight cryptography algorithm for internet of things,” 2019. doi: 10.1109/
AiCIS.2018.00042.
[10] M.P. Ali and G.T. George, “Optimised design of light weight block cipher lilliput with extended generalised feistal network (EGFN),” pp. 6590–6596, 2017, doi:
10.15680/IJIRSET.2017.0604072.
[11] S. Banik et al., “Midori: a block cipher for low energy,” 2015. doi: 10.1007/978-3-662-48800-3_17.
[12] R. Beaulieu, S. Treatman-Clark, D. Shors, B. Weeks, J. Smith, and L. Wingers, “The SIMON and SPECK lightweight block cIPhers,” 2015. doi: 10.1145/
2744769.2747946.
[13] M. Kumar, S. Pal, A. Panigrahi, FeW: a Lightweight Block Cipher, IACR Cryptol. ePrint Arch. (2014).
29

Cryptography Algorithms For Enhancing Io T

Uploaded by

Copyright:

Available Formats

Cryptography Algorithms For Enhancing Io T

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cryptography Algorithms For Enhancing Io T

Uploaded by

Copyright:

Available Formats

Internet of Things 22 (2023) 100759

Contents lists available at ScienceDirect

Cryptography Algorithms for Enhancing IoT Security✰

Available online 23 March 2023

human-free communication between them.

1) What is the need for the IoT?

1.2. Major contributions

1.3. Organization of the paper

3. The research methodology

4. The Internet of Things (IoT)

Fig. 1. Depicts a five-layer IoT infrastructure [7].

4.1. IoT architecture

Fig. 2. IoT classification.

4.1.1. User interface layer

4.1.2. Application layer

4.1.3. Middleware layer

4.1.4. The network layer

4.1.5. Perception layer

4.1.6. Applications of cloud computing and IoT integration

• Intelligent Home and Smart Metering

• Surveillance through Video

5. IoT cyber security challenges

5.1. IoT cyber attack

(IM) IP misconfiguration (DA) Device attack DA IP, MC, CE, D

• Application Service Attack

• Web Interface Attack

Fig. 3. Classification of attacks.

5.2. Vulnerabilities and threats of the IoT

5.3. IoT security requirements

5.3.2. Authentication and trust

5.3.3. End-to-end security

5.3.5. Identity management

5.3.6. Attack-resistant security solutions

6. Introduction to IoT security

6.1. Existing security techniques for IoT environment

Fig. 4. Typical IoT security architecture.

7. Cryptography algorithms for IoT security

Fig. 5. IoT security challenges.

• Minimize processing power

Fig. 6. Critical challenges with conventional cryptography.

• Limited memory (registers, RAM, ROM)

8. Lightweight cryptography for resource-constrained IoT devices

8.1. Characteristics offered by lightweight cryptography

8.2. Lightweight cryptography classification based on structure

• Feistel Network (FN)

8.3. Existing lightweight algorithms

8.3.1. Categorize these LWC algorithms

1 Substitution Permutation Network (SPN)

8.3.2. Comparative analysis of lightweight block ciphers

8.3.3. Application of LWC ciphers

Low power consumption

2022 MBRISI ARX 32 64 16-bit

2022 Ultra-lightweight ARX 64/128 64/128 8

2017 SIT [216] SFN 64 64 5

Internet of Things 22 (2023) 100759

Availability of data and materials

Consent for publication

Declaration of Competing Interest

No data was used for the research described in the article.