Lightweight Cryptographic Protocols for IoT-Constrained Devices: A Survey

Internet of Things (IoT) is an emergent and evolving technology, interconnecting the cyber and physical worlds. IoT technology finds applications in a broad spectrum of areas such as homes, health, water and sanitation, transportation, and environmental monitoring. However, the endless opportunities and benefits of IoT come with many security challenges due to the reduced computation, communication, storage, and energy capabilities of the IoT smart devices. Several computationally lightweight cryptographic protocols exist for these resource-constrained IoT smart devices. However, lightweight solutions render the resource-rich ends of the IoT systems (e.g., edge, fog, or cloud modes) vulnerable as nodes at those ends have the capacity for computationally heavier cryptographic protocols, and they operate in relatively more malicious environments. This asymmetric computational nature of IoT systems requires security protocols that can adapt to the resource availability at the node that they operate. This survey describes the IoT structure, computational capabilities of the devices at the end, edge, fog, and cloud platforms, and classifies existing lightweight cryptographic protocols. The comparative analysis of the existing lightweight cryptographic solutions along with their advantages, drawbacks, and vulnerabilities highlights the need for elastic cryptographic protocols which are capable of adapting to the asymmetric capabilities of the different nodes in IoT systems.