Key Length-Oriented Classification of Lightweight Cryptographic Algorithms for IoT Security

TL;DR

This paper surveys the security of lightweight symmetric cryptographic algorithms used in IoT, emphasizing the importance of key size in ensuring adequate security for resource-constrained applications.

Contribution

It provides a comprehensive security evaluation of lightweight ciphers and introduces two taxonomies for classifying IoT applications and assessing security based on key size.

Findings

Key size is crucial for cipher security in IoT.

Ciphers with keys shorter than 128 bits are less secure.

The study highlights the need for appropriate key lengths in lightweight cryptography.

Abstract

The successful deployment of the Internet of Things (IoT) applications relies heavily on their robust security, and lightweight cryptography is considered an emerging solution in this context. While existing surveys have been examining lightweight cryptographic techniques from the perspective of hardware and software implementations or performance evaluation, there is a significant gap in addressing different security aspects specific to the IoT environment. This study aims to bridge this gap. This research presents a thorough survey focused on the security evaluation of symmetric lightweight ciphers commonly used in IoT systems. The objective of this study is to provide a holistic understanding of lightweight ciphers, emphasizing their security strength, which is an essential consideration for real-time and resource-constrained applications. Furthermore, we propose two taxonomies: one for classifying IoT applications based on their inherent characteristics, and another for evaluating security levels based on key size. Our findings indicate that key size is a critical parameter in the security of lightweight ciphers. Ciphers employing keys shorter than 128 bits are considered less secure or even insecure for protecting sensitive data