Lightweight Cryptography for the Internet of Things

1. Introduction

Lightweight cryptography has been a very important for the last few years, wielded by the lack of
primitives capable to run on devices with very low computing power. We can think for instance of
RFID tags, sensors in wireless sensor network or, more generally, small internet enabled appliances
expected to flood the markets as the Internet of Things (IoT) be born. At the core of lightweight
cryptography is a trade-off between Lightweightness and security. Many cryptographers have
addressed these issues by suggesting lightweight stream ciphers, block ciphers, hash function and
recently one-pass authenticated encryption. The shift from desktop computers to small devices brings
a extensive range of new security and privacy concerns. It is challenging to apply conventional
cryptographic standards to small devices. In many conventional cryptographic standards, the trade-off
between security, performance and resource requirements was optimized for desktop and server
environments, and this makes them hard or impossible to implement in resource-constrained devices.
When they can be implemented, their performance may not be acceptable. Lightweight cryptography
is a subfield of cryptography that aims to provide solutions fitted for resource constrained devices.
There has been a cabalistic amount of work done by the academic community related to lightweight
cryptography; this includes efficient implementations of conventional cryptography standards, and the
design and analysis of new lightweight algorithms and protocols. IoT can be considered as the first
evolution of the Internet [1]. Internet of Things (IoT) is a ubiquitous network [2] of uniquely
identifiable things, original or virtual, that communicates massive amount of data to be used for
intelligent decision making. With IoT, the number of things connected to internet is expected to grow
up to 50 billion by 2020. IoT systems provide a large spectrum of services such as Intelligent
Transportation Systems (ITS), smart grids, smart buildings, smart cities, e-Health, intelligent drug
delivery system etc. Even the Cyber-Physical Systems (CPS) such as Nuclear Power Plant (NPP)
comes under IoT umbrella. Most of these services are critical in nature. Every IoT system is designed
to provide a specific service. Delivery of the services depends upon the information collected at the
perception layer. It is the lower-most layer in IoT. Resource-constrained devices or Wireless Sensor
Networks (WSNs) constitute the perception layer. Most of these devices are openly deployed and use
wireless media for transmission. Open deployment makes these devices susceptible to node
tampering. It is also quite easy to intercept a wireless transmission and alter the content of
information. The development and deployment of IoT infrastructure is in its infancy. The generic
architecture of the Internet of Things is shown in Figure 1. The architecture model is composed of
four parts: sensor nodes (devices), gateways, cloud servers, and users. They are interconnected
through wired and/or wireless technologies. In general, a gateway connects and manages several
corresponding sensing devices. As most of sensing devices deployed in an IoT environment are
physically accessible by adversaries, physical security of device hardware and information security
for device communications have become serious concerns for the deployment of IoT infrastructure. In
addition, heterogeneous hardware components and functionalities along with support complexity on
multiple communication protocols among sensing devices and gateways have brought more security
challenges to IoT environments. Among security issues of IoT environments, such as data protection
and access control, device authentication between a sensing device and a gateway is a fundamental

and indispensable security feature.

Figure1. The generic architecture of the Internet of Things

Given the critical nature of services, information security is of paramount importance as the
interception or alteration of the information can result in heavy loss of life and money. Dave Evans
[1] mentions that in an IoT application for cow monitoring, on average each cow generate 200 mega-
bytes (MB) of information every year. A connected car generates tens of mega-bytes of data per
second. An autonomous vehicle can generate up to 1 gigabyte of data per second. Considering 50
billion devices and the amount of data generated per device, a huge amount of data is placed in the air
making it vulnerable tso different kind of attacks. These attacks are increasing day by day. Denial of
service, man-in-the-middle, zero day, identity theft, and malware are some crucial attacks. Denial of
service attacks can prove fatal in e-Health and ITS. Similar attack can sear a whole city in case of
smart cities and NPPs. Identity theft can pose threat to a nation’s security or financial loss to an
organization. According to Internet Security Threat Report (ISTR) 2019 by Symantec [ 3] crypto-
jacking attacks were around 4 million in number in December 2018 and around 4800 websites were
compromised with form-jacking attacks. Highest contributors of attacks on IoT devices were worms
and bots. Proof of concept attacks on IoT products by Ronen and Shamir [4] demonstrates their
vulnerability. A smart hacker can use these vulnerabilities [4–9] to attack various IoT devices such as
light-bulbs, smart TVs, smart tablets etc. In [10] authors have shown the vulnerability of cross-
protocol IoT products using hierarchical attack representation models. These attacks underline the
need of developing new security mechanisms for IoT. Many organizations and research agencies have
stressed upon the need of security for IoT. Open Web Application Security Project (OWASP) [11] has
identified privacy, insufficient authentication/authorization, lack of transport encryption, and poor
physical layer security among the top ten vulnerabilities for IoT. As per IoT reference architecture,
IoT security has five functional components [12], identity management, authentication, authorization,
key exchange and management, trust, and reputation. Figure 1 shows the major thrust area in the field
of IoT security. It includes authentication, access control non-repudiation apart from the
confidentiality, integrity, and availability. With the help of cryptographic primitives all of these
objectives can be fulfilled. Confidentiality and integrity of the information can be achieved by
cryptography. But traditional cryptographic methods require large allocation of resources. On the
other hand, IoT devices are characterized [13] by limited computational power, limited memory,

Figure 2. Thrust area in security

limited power supply, and limited battery life. In [14] authors have compared different sensor motes
used for the WSN and found that resource-constrained devices have as low as 2 kilo bytes (kB) and 1
kB of Random Access Memory (RAM) and Electrically Erasable Programmable Read Only Memory
(EEPROM) respectively. Such sensors can’t utilize the resource-consuming traditional security
methods. Their qualities are in complete contrast to the security requirements in these networks.
Hence, security is one of the main challenges in low power and lossy networks [15], [16]. This clearly
outlines the need to develop Lightweight Cryptographic (LWC) algorithms for information security.
In this paper, current state of the art in the field of lightweight cryptography has been presented
covering the time line till 2019. A comparative evaluation of existing and some of the newly proposed
lightweight ciphers such as SFN, Espresso, Fruit-v2, and Lizard etc. has been presented. An extensive
performance evaluation has been carried out in terms of chip area, energy, and power, hardware and
software efficiency, throughput latency and Figure of Merit (FoM). FoM given by Badel et al. [17] is
used for the first time in a survey to compare different ciphers. It is an important parameter which
removes the effect of CMOS technology on the ‘throughput’ of the cipher. After the detailed
examination research gaps have been identified. This paper has been organised into nine parts.
Section I introduces LWC and IoT and also the need for the development of LWC. Section II presents
Significance related works. In Section III classification and applications of cryptographic primitives
have been presented. Section IV-VII explains and compares the crucial Lightweight Block Ciphers
(LWBCs), Lightweight Stream Ciphers (LWSCs), Lightweight Hash Functions (LWHFs) and Elliptic
Curve Cryptography (ECC) respectively. In Section VIII different parameters to evaluate a LWC
primitive have been discussed at length and the research gaps are provided. Based on individual
parameter a detailed comparison of the mentioned LWC primitives have been plotted. Finally,
conclusion is provided in Section IX.

2. Significance

It is a communications protocol designed with less complexity in order to reduce overhead. For
example, it may use fixed-length headers because they are faster to parse than variable-length headers.
To keep the memory requirement low, a lightweight protocol may eliminate many options that are part
of the standard. Embedded devices often have inherent limitations in terms of processing power,
memory, storage and energy. The cryptographic functionality that ESs utilize to provide tamper
resistant hardware and software security functions has direct impact on the system’s:
(i)Memory elements constitute a significant part of the module’s surface.(ii) Directly linked to the
surface of the component.(iii)Optimized code provides results faster.(iv)The quicker a set of
instructions is executed, the quicker the module can return to an idle state or be put in sleep mode
where power consumption is minimal.
3. Related work

In [13], authors have elaborated various aspects of the lightweight cryptography. Authors have
purposed a lightweight hybrid algorithm for the IoT devices. It tells which LWC algorithm should be
used on a specific device. This decision is made on the basis of memory storage, and power of the
device alongside the computational power required for the LWC algorithm. This article covered the
timeline until 2016. In [14], a thorough evaluation of different block ciphers has been carried out and
their performance has been compared. Authors have also provided the details of sensor motes used in
WSNs. In [18], authors have studied eight different IoT frameworks and presented the requirements to
develop third party applications for IoT systems. Authentication and access control are the primary
security need for any IoT application and framework. This work helps the developers to improve the
security and design of their systems and application. In [19] a detailed assessment of lightweight
block ciphers and their implementations have been submitted. It has been shown that the CMOS
technology has an impact upon the gate equivalence required for the hardware implementation of a
cipher. In [20] a tutorial on the cryptographic primitives has been presented. It also emphasises the
need of the lightweight algorithms. In [21], symmetric ciphers for the resource-constrained
environment have been studied and evaluated. A detailed survey on the lightweight block ciphers for
low resource devices, that covers the scenario till 2013 has been provided in [22].Aziz and Singh [23]
have presented compressive sensing as a means to provide lightweight security for the IoT. In this
work compressive sensing has been used for encryption of the data. It helps in conserving the energy.
In [24], the need for the security for the low power and lossy networks has been identified. It has
outlined the deficiency of Datagram Transport Layer Security (DTLS) and Internet Protocol version 6
(IPv6) over wireless personal area network (6LoWPAN). A new protocol for the security of IoT has
been proposed which ensures end-to-end security of 6LoWPAN. A new protocol for the security of
IoT has been proposed in [25] which utilizes random and separate key for encryption of every file. It
also uses probabilistic encryption to avoid chosen plaintext attacks (CPA). Authors have compared it
with Internet Protocol Security (IPSec) and found it better in performance. A detailed tutorial has
been presented in [26] on Physically Unclonable Functions (PUF). These functions are based on
special characteristics of the Integrated Chips (ICs) to exhibit the unique pattern and response to a
given stimulus. In this manner ICs can be identified and security can be provided against tampering.
Radio frequency identification (RFID) is being used in the IoT since 1999. It is a challenging task to
provide security to such a resource-constrained device. In [27] a new secure and lightweight mutual
RFID authentication protocol (SecLAP) has been proposed by the authors by removing the
vulnerabilities of Lightweight RFID Mutual authentication (LRMI) protocol. The protocol has been
proposed for a medical IoT scenario where RFID is used for conveying the patient’s information to a
cloud. In [28] authors have exploited the vulnerabilities in an existing lightweight authentication
protocol for RFID. Authors have presented solutions to improve the security of the existing protocol.
In [29] a three way strategy has been used to reduce the footprints of RSA public key cryptography.
Machine learning and parallel processing have been used to identify the anomaly and implement RSA
on sensors. Another Lightweight Anonymous Authentication Protocol (LAAP) has been proposed in
[30] by utilizing one way functions and exclusive-OR operations. LAAP is aimed at edge devices
which also have limited resources. It creates small overhead and can be used in both 5G and IoT. In
[31] a new set of curves, NUMS, has been used to provide an efficient and fast implementation of
ECC. It provides an improved implementation for the asymmetric ciphers. Transport Layer Security
protocol (TLS) and IPSec are not suitable for providing security for the constrained devices as the
overhead is generated in considerable amount and Internet Key Exchange protocol version 2 (IKEv2)
which is used for key establishment is also resource consuming. Shahid Raza and Runar Mar
Magnusson have developed TinyIKE [32] which is a lightweight version for the IKEv2. In [33]
authors have presented an extensive evaluation of cooperative communication for the physical layer
security that can be utilized in resource-constrained devices. Though, a number of surveys including
various LWC algorithms have been reported in the literature. But most of them are focused on single
category of cipher. Few of them are presenting all type of LWC ciphers, but an in depth analysis has
not been carried out. The work presented in [13, 14, 18, 19, 21] is not the current state-of-art. To the
best of our knowledge the work presented in this paper is an extensive overview of all the crucial
LWC primitives till 2019. In this paper 21 lightweight block ciphers (LWBC), 19 lightweight stream
ciphers (LWSC), 9 lightweight hash functions (LWHF) and 5 variants of elliptic curve cryptography
(ECC) has been discussed i.e. in total 54 LWC primitives are compared in their respective classes.
Comparative analysis of some new LWC primitives such as QTL, Fruit-v2, Espresso, Lizard, SFN
and Neeva have also been included in the present work and the same has not been done in any of the
existing literature till date.

4. Lightweight Cryptographic Classification :

There are mainly four types of lightweight cryptographic primitives that are available for
the use. Lightweight cryptography primitives can be classified as Lightweight Block Cipher (LWBC),
Lightweight Stream Ciphers (LWSC), Lightweight Hash Functions (LWHF) and Elliptic Curve
Cryptography (ECC) .

Figure 3.Lightweight cryptographic primitives for IoT

 Figure 5.Research gaps for LWC primitives

The factors on which the lightweight cryptographic primitives can be analyzed are key size, block
size, number of rounds, and structures. ECC is another option for lightweight cryptography. Being an
asymmetric cipher, it can provide authentication and non-repudiation. An important question is how
to decide whether a given primitive or algorithm is lightweight or not? Device capabilities, hardware
implementation, and software implementation of the algorithm are three qualities used to categorize
the cryptographic algorithm. Three categories of lightweight cryptographic algorithms, low-cost
cryptographic algorithm, and ultra-lightweight cryptographic algorithm. The first characteristic is
device capability which relates to the resource-constrained nature of the device like 8051 and ATtiny
45. These two devices are more constrained in resources in comparison of devices based on
ATmega128 etc. Hardware-based algorithm implementation provides details of the chip area or Gate
Equivalence (GE) that is required for the implementation of the algorithm. It also reports the
complexity in terms of a number of logic gates. Finally, software implementation helps in
classification of cipher based on RAM and Read-Only Memory (ROM) requirements for its
implementation [19]. The ciphers which are placed in a particular category based upon these three
factors. This classification means that one cannot use a LWC primitive requiring higher resources on
a device of lesser capacity.

4.1 Lightweight Block Ciphers

Block cipher is a type of symmetric ciphers where a complete block is processed at once. Block
ciphers are used for the design of hash functions and message authentication codes (MACs). The aim
of a block cipher is to provide a keyed pseudo-random permutation which is then used as the building
block of more complex protocols. For instance, coupled with a proper Mode of operation, they can be
used to encrypt data. A "good" block cipher must be fast and secure, i.e. it must be impossible for an
adversary with realistic computing power to retrieve the key used even if she has access to a black-
box capable of encrypting and decrypting the plaintext of her choice (security against chosen-cipher
text attack). There are two families of designs for block ciphers: Substitution-Permutation Networks
and Feistel Networks. There are also specific constraints when designing lightweight block ciphers.
First of all, memory is very expensive so that implementing S-boxes as look-up table can lead to a
large hardware footprint. That is why these ciphers usually have no S-box at all (SIMON) or very
small ones, only 4x4 (PRESENT).

Implementing decryption alongside encryption should lead to an increase of the area necessary as it
requires its own logic. However, depending on the mode of operation of the cipher, it may be possible
to ignore the decryption algorithm: for instance, in the case of OFB, decryption is useless. Another
way of reducing the additional cost is to build algorithms such that encryption and decryption are very
similar. A first approach is to use involutions as components, for instance in KLEIN. The whole
structure can be exploited to have involution related properties, for instance α-reflexivity in the case
of PRINCE or differentiate encryption from decryption simply by a variation in the keyschedule
(Feistel networks, mCrypton).

The designers of symmetric block ciphers have different approaches regarding related key attacks.
The use-case of lightweight cryptography can lead to opposite views concerning the necessity of
counter-measure to prevent such attacks. Because the key is likely to be "burnt" in the device, i.e. that
it will not be possible to change it, there is no point in worrying about related key attacks: the
probability for an attacker to obtain several devices keyed with appropriately related keys is too small
to be of any importance. However, such block ciphers are very likely to be used to build compression
functions for hash function with a Merkle-Damgård structure. In this context, resilience against
related key attacks is much more important.

4.2 Lightweight Hash Functions

Lightweight hash functions are another way to provide security. They create a fixed-length ‘message
digest’ from an arbitrary-length message. This ‘message digest’ is used to ensure the integrity of the
transmitted data. The footprint of a hash function is determined by the number of state bits, and the
size of functional and control logic used in the round function. Conventional hash functions may not
be suitable for constrained environments, mainly due to their large internal state sizes and high power
consumption requirements. This has led to the development of lightweight hash functions, such as
PHOTON [24], Quark [2], SPONGENT [8], and Lesamnta-LW [27]. The expected usage of
conventional and lightweight hash functions differs in various aspects such as [34]:

- Smaller internal state and output sizes: Large output sizes are important for applications that
require collision resistance of hash functions. For applications that do not require collision resistance,
smaller internal states and output sizes might be used. When a collision-resistant hash function is
required, it may be acceptable that this hash function has the same security against preimage, second-
preimage and collision attacks. This may reduce the size of the internal state.
- Smaller message size: Conventional hash functions are expected to support inputs with very large
sizes (around 264 bits). In most of the target protocols for lightweight hash functions, typical input
sizes are much smaller (e.g., at most 256 bits). Hash functions that are optimized for short messages

may therefore be more suitable for lightweight applications.

4.3 Lightweight Message Authentication Codes

A message authentication code (MAC) generates a tag from a message and a secret key, which is used
to verify the authenticity and the integrity of the message. Tag sizes are recommended to be at least 64
bits for typical applications. For certain applications such as VoIP (Voice over IP), occasionally
accepting an in authentic message may have limited impact on the security of the application, so that
shorter tags can be used after careful consideration. TuLP [22], and LightMAC [35] are some of the

examples of lightweight MAC algorithms.

4.4 Lightweight Stream Ciphers

Stream ciphers are also promising primitives for constrained environments. The eSTREAM
competition [20], organized by the European Network of Excellence for Cryptology, aimed to identify
new stream ciphers that might be suitable for widespread adoption. The finalists of the competition
were announced in 2008 and included three stream ciphers for hardware applications with restricted
resources:

- Grain [26] is widely analyzed and provides implementation flexibility, and also has a version that
supports authentication.

-Trivium [16] is a widely analyzed design; however, it only supports 80-bit keys.
-Mickey [3] is less analyzed compared to Grain and Trivium. It provides less implementation
flexibility and is susceptible to timing and power analysis, due to irregular clocking.

4. Your own idea/Discussion

Our contribution can be summarized as follows:

 Our work covers a wide range of LWC primitives, symmetric, and asymmetric algorithms
along with lightweight hash functions covering current state of the art till date.
  With the massive data connectivity, IoT has increased the challenges for security. Resource
constrained devices like RFID and sensor motes contradict with the resource requirements
of available security solutions. It has also provided motivation to the research in the field of
lightweight cryptography. Lightweight cryptography has emerged as a potential solution
for the security by providing low cost, low latency implementation that consumes smaller
chip area, and lesser memory consumption i.e. RAM or ROM. Security, chip area, power and
energy consumption, FoM, latency are the parameters that help in the evaluation of a cipher.
 A comparative analysis of the ciphers has been carried out in terms of chip area, energy and
power, efciency (hardware and software), throughput, latency and FoM.
 Research gaps are indicate to open the research issues which are required to be addressed.

5. Conclusion

In IoT settings for resource constrained Lightweight and low cost cryptographic algorithms are being
developed. For their software implementation in hardware or memory requirements are evaluated
on the basis of chip area. IoT applications require the information security at very low latency like as
ITS and UAV which added a new dimension in the design of lightweight cryptography. In IoT two
important design parameters are latency and chip area. On the basis of security, chip area,
throughput, latency, hardware and software efficiency, and figure of merit cipher can be evaluated.
Prince and Klein ciphers can be used for the low latency requirements. Despite of the continuous
development of ciphers, AES remains the preferred choice for provisioning of the security. Based on
the extensive evaluation of the ciphers in this work, it is established that AES is the most competitive
cipher among block ciphers. In asymmetric cryptography, ECC remains the important option which
provides authentication and non-repudiation in addition to the confidentiality. Ever evolving attacks
underline the need for development of new lightweight ciphers. In future, researchers can focus on
smaller key or block size, simpler rounds and key schedules in the development of LWBC. While in
the field of LWSC, minimization of key length, internal state and initialization vector would be prime
objectives. For LWHF designer must try to reduce message and output size while providing high bit
security. For implementation it is important to LWC for occupy small chip area. For faster execution
and reduced memory requirement group arithmetic, design of optimized prime fields and asymmetric
ciphers are help.

6. References

1. Evans, D. (2011). The Internet of Things: How the next evolution of Internet is changing
everything”,CISCO, San Jose, CA, USA, white paper, 2011.
https://www.cisco.com/c/dam/en_us/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf.
2. Dhanda, S. S., Singh, B., & Jindal, P. (2019). Wireless technologies in IoT: Research challenges. In
K. Ray, S. Sharan, S. Rawat, S. Jain, S. Srivastava, & A. Bandopadhyay (Eds.), Engineering
vibration, communication and information processing. Lecture Notes in Electrical Engineering, Vol.
478.Springer, Singapore.
3. Internet Security Threat Report. (2019). Vol. 24, Symantec.
4. Ronen, E., & Shamir, A. (2016). Extended functionality attacks on IoT devices: The case of smart
lights. In Proceedings of the 2016 IEEE European symposium on security and privacy (SP’16),March
2016 (pp. 3–12).
5. Michele, B., & Karpow, A. (2014). Watch and be watched: Compromising all Smart TV
generations. In Proceedings of the 2014 IEEE 11th Consumer Communications and Networking
Conference(CCNC’14). IEEE, 2014 (pp. 351–356).
6. Bachy, Y., Basse, F., Nicomette, V., Alata, E., Kaaniche, M., Courrege, J. C., & Lukjanenko, P.
(2015). Smart-TV security analysis: practical experiments. In Proceedings of the 2015 45th Annual
IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’15). IEEE, 2015
(pp. 497–504).
7. Unuchek, R. (2016). Obad.a Trojan Now Being Distributed via Mobile Botnets. Retrieved
September 14, 2016, https://securelist.com/blog/mobile/57453/obad-a-trojan-now-being-distributed-
via-mobile-botnets/.
8. Dhanjani, N. (2017). Hacking lightbulbs. Retrieved April 12, 2017, http://goo.gl/RY252I.
9. Notra, S., Siddiqi, M., Gharakheili, H., Sivaraman, V., & Boreli, R. (2014). An experimental study
of security and privacy risks with emerging household appliances. In Proceedings of the 2014 IEEE
Conference on Communications and Network Security (CNS’14). IEEE, 2014 (pp. 79–84).
10. Ge, M., Hong, J. B., Alzaid, H., & Kim, D. S. (2017) Security modeling and analysis of cross-
protocol IoT devices. IEEE Trustcom/BigDataSE/ICESS (pp. 1043–1048).
11. http://www.owsap.org/index.php/OWASP_Internet_of_Things_Project.

12. Kamal, R. (2017). Internet of Things: Architecture and Design Principles, (p. 403), TMH, India,
ISBN-13: 978-93-5260-522-4.

13. Singh, S., Sharma, P. K., Moon, S. Y., & Park, J. H. (2017). Advanced lightweight encryption
algorithms for IoT devices: Survey, challenges and solutions. Journal of Ambient Intelligece &
Human Computing. https://doi.org/10.1007/s12652-017-0494-4
14. Biswas, K., Muthukkumarasamy, V., Wu, X. W., & Singh, K. (2016). Performance evaluation of
block ciphers for wireless sensor networks. In R. Choudhary, J. Mandal, N. Auluck, & H.
Nagarajaram (Eds.), Advanced Computing and Communication Technologies. Advances in Intelligent
Systems and Computing, Vol. 452. Springer, Singapore.
15. Granjal, J., Monteiro, E., & Silva, J. S. (2015). Security in the integration of low-power wire- less
sensor networks with the internet: A survey. Ad Hoc Networks, 24, 264–287.
16. Zhao, K., & Ge, L. (2013). A survey on the internet of things security. In: 2013 9th International
Conference on Computational Intelligence and Security (CIS), IEEE (pp. 663–667).
17. Badel, S., Dağtekin, N., Nakahara, J. J., Ouaf, K., Refé, N., Sepehrdad, P., & Vaudenay, S.
(2010).ARMADILLO: A multi-purpose cryptographic primitive dedicated to hardware. In:
Proceeding of International Workshop on Cryptographic Hardware and Embedded Systems (pp. 398–
412). Berlin:Springer.
18. Ammar, M., Russello, G., & Crispo, B. (2018). Internet of Things: A survey on the security of IoT
frameworks. Journal of Information Security and Applications, 38, 8–27.
19. Hatzivallis, G., Fysarakis, K., Papaefstathiou, I., & Manifavas, C. (2018). A review of lightweight
block ciphers. Journal of Cryptographic Engineering, 8, 141–184.
20. Schinianakis, D. (2017). Alternative security options in the 5G and IoT Era. IEEE Circuits and
Systems Magzine, Fourth Quarter (pp. 6–28).
21. Kong, J. H., Ang, L.-M., & Hatzivallis, K. (2015). A comprehensive survey of modern symmetric
cryptographic solutions for resource constrained environments. Journal of Network and Computer
Applications, 49, 15–50.
22. Mohd, B. J., Hayajneh, T., & Vasilakos, A. V. (2015). A survey on lightweight block ciphers for
lowresource devices: Comparative study and open issues. Journal of Network and Computer
Applications, 58, 73–93.
23. Aziz, A., & Singh, K. (2018). Lightweight security scheme for Internet of Things. Wireless
Personal Communication Issue: 104, 2/2019, Springer online available: 26 Oct 2018.
https://doi.org/10.1007/s11277-018-6035-4.
24. Meddeb, A., & Glissa, G. (2019). 6LoWPSec: An end-to-end security protocol for 6LoWPAN. Ad
Hoc Networks, 82, 100–112. https://doi.org/10.1016/j.adhoc.2018.01.013.
25. Wu, X.-W., Yang, E.-H., & Wang, J. (2017). Lightweight security protocols for Internet of
Things.IEEE Conference.
26. Schinianakis, D. (2019) Lightweight security for the Internet of Things: A soft introduction to
physical unclonable functions. IEEE Potentials, March/April 2019 (pp. 21–28). Doi: https://doi.
org/10.1109/MPOT.2018.2849850. Date of publication: 6 March 2019.
27. Aghili, S. F., Mala, H., Kaliyar, P., & Conti, M. (2019). SecLAP: Secure and lightweight RFID
authentication protocol for Medical IoT. Future Generation Computer Systems, 101, 621–634. Doi:
https://doi.org/10.1016/j.future.2019.07.004.
28. Wang, K.-H., Chen, C.-M., Fang, W., & Tsu-Yang, W. (2018). On the security of a new ultra-
lightweight authentication protocol in IoT environment for RFID tags. Journal of Supercomputing,
74,
65–70. https://doi.org/10.1007/s11227-017-2105-8.
29. Domb, M. (2017). An adaptive lightweight security framework suited for IoT. In J. Sen (Ed.),
Internet of Things: Technology, Applications and Standardization, IntechOpen.
http://dx.doi.org/10.5772/intechopen.73712.
30. Gope, P. (2019). LAAP: Lightweight anonymous authentication protocol for D2D-Aided fog
computing paradigm. Computers & Security, 86, 223–237.
https://doi.org/10.1016/j.cose.2019.06.003.
31. Liu, Z., & Seo, H. (2019). IoT NUMS: Evaluating NUMS elliptic curve cryptography for IoT
platforms. IEEE Transactions on Information Forensics and Security, 14, 3.
32. Raza, S., & Magnusson, R. M. (2019). TinyIKE: Lightweight IKEv2 for Internet of Things. IEEE
Internet of Things Journal, 6(1), 856–866.
33. Pahuja, S., & Jindal, P. (2019). Cooperative communication in physical layer security:
Technologies and challenges, wireless personal communication. Berlin: Springer Nature.

34. Guo, J., Peyrin, T., Poschmann, A., & Robshaw, M. (2011). The LED block cipher. In:
Proceeding of Cryptographic Hardware and Embedded Systems-CHES 2011 (pp. 326–341). Springer.

35.Poonam, J., & Brahmjit, S. (2015). Quantitative analysis of the security performance in wireless
LANs. Journal of King Saud University-Computer and Information Sciences, 29(3), 246–268.