Next Article in Journal
Optimizing Customer Experience by Exploiting Real-Time Data Generated by IoT and Leveraging Distributed Web Systems in CRM Systems
Previous Article in Journal
Text Mining and Unsupervised Deep Learning for Intrusion Detection in Smart-Grid Communication Networks
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
IoT
Volume 6
Issue 2
10.3390/iot6020023
IoT-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Review

A Lightweight Encryption Method for IoT-Based Healthcare Applications: A Review and Future Prospects

by
Omar Sabri
1,
Bassam Al-Shargabi
2,*,
Abdelrahman Abuarqoub
2 and
Tahani Ali Hakami
3
1
Zekelman School of Information Technology, St. Clair College, Windsor, ON N9A 6S4, Canada
2
Cardiff School of Technologies, Cardiff Metropolitan University, Cardiff CF5 2YB, UK
3
Department of Accounting and Finance, Jazan University, Jazan 45142, Saudi Arabia
*
Author to whom correspondence should be addressed.
IoT 2025, 6(2), 23; https://doi.org/10.3390/iot6020023
Submission received: 31 January 2025 / Revised: 7 April 2025 / Accepted: 18 April 2025 / Published: 20 April 2025
Browse Figures
Versions Notes

Abstract

:
The rapid proliferation of Internet of Things (IoT) devices in healthcare, from wearable sensors to implantable medical devices, has revolutionised patient monitoring, personalised treatment, and remote care delivery. However, the resource-constrained nature of IoT devices, coupled with the sensitivity of medical data, presents critical security challenges. Traditional encryption methods, while robust, are computationally intensive and unsuitable for IoT environments, leaving sensitive patient information vulnerable to cyber threats. Addressing this gap, lightweight encryption methods have emerged as a pivotal solution to balance security with the limited processing power, memory, and energy resources of IoT devices. This paper explores lightweight encryption methods tailored for IoT healthcare applications, evaluating their effectiveness in securing sensitive data while operating under resource constraints. A comparative analysis is conducted on encryption techniques such as AES-128, LEA, Ascon, GIFT, HIGHT, PRINCE, and RC5-32/12/16, based on key performance metrics including block size, key size, encryption and decryption speeds, throughput, and security levels. The findings highlight that AES-128, LEA, ASCON, and GIFT are best suited for high-sensitivity healthcare data due to their strong security features, while HIGHT and PRINCE provide balanced protection for medium-sensitivity applications. RC5-32/12/16, on the other hand, prioritises efficiency over comprehensive security, making it suitable for low-risk scenarios where computational overhead must be minimised. The paper underscores the significant trade-offs between efficiency, security, and resource consumption, emphasising the need for careful selection of encryption methods based on the specific requirements of IoT healthcare environments. Additionally, the paper highlights the growing demand for lightweight encryption methods that balance energy efficiency with robust protection against cyber threats. These insights offer valuable guidance for researchers and practitioners seeking to enhance the security of IoT-based healthcare systems while ensuring optimal performance in resource-constrained settings.

1. Introduction

The medical industry is poised to enter a period of significant transformation, where the Internet of Things (IoT) holds the potential to revolutionise healthcare delivery by enabling the seamless monitoring of patients, the transmission of real-time data, and the empowerment of proactive healthcare delivery through interconnected IoT devices. These intelligent technologies, such as implantable glucose monitors and smart inhalers, have the potential to greatly transform the care and treatment of chronic diseases, remote monitoring of patients, and personalised medicine [1]. Nevertheless, the interconnectivity of this environment poses a notable obstacle, particularly the concern about the security of data. The protection of information security and privacy has emerged as a crucial priority [2]. The increasing prevalence of IoT in healthcare requires the implementation of robust privacy and security protocols. Effective encryption is necessary to safeguard patient privacy and maintain data integrity because of the extensive collection of sensitive data by interconnected IoT devices, which includes private information, health records, and real-time physiological data [3,4].
However, IoT devices can gather substantial personal health data, encompassing medical history, treatment plans, and biometric information. Consequently, these devices have become appealing targets for hackers. The critical considerations surrounding medical data sensitivity and potential threats in IoT healthcare underscore the importance of addressing security and privacy concerns. As IoT devices become more prevalent in healthcare settings, there is growing apprehension regarding protecting confidential medical information. Patient vitals and medication adherence data, among others, are highly sensitive and demand safeguarding against unauthorised access and manipulation [5]. Within IoT healthcare environments, potential threats to medical data include unauthorised access, data manipulation, and denial of service attacks. These risks are particularly concerning in healthcare settings where patient safety and privacy are of utmost importance. Moreover, the inherent limitations of IoT devices in healthcare, such as restricted processing power and memory, exacerbate their vulnerability to security breaches [6]. Insufficient security measures within healthcare systems and networks make them susceptible to data breaches, ransomware attacks, and non-compliance with regulatory requirements. These events have the potential to jeopardise patient safety and undermine confidence in the healthcare system [4,7]. The implementation of data encryption is of utmost importance in ensuring the preservation of patient confidentiality and the security of sensitive healthcare data against unauthorised access and interception. Encryption transforms plaintext information into ciphertext through the utilisation of encryption methods, rendering it incomprehensible to anyone lacking the requisite decryption key. Healthcare organisations can effectively reduce the potential for data breaches, cyberattacks, and unauthorised access to patient records by implementing encryption measures for both in-transit and at-rest IoT data [8]. Traditional encryption techniques, although providing strong security, are frequently costly in terms of CPU resources and memory usage. The lack of compatibility across IoT devices in healthcare and their limited resources creates an opportunity for lightweight encryption to be a practical solution [9,10]. Lightweight encryption and authentication mechanisms designed specifically for IoT devices play a pivotal role in ensuring the confidentiality, integrity, and security of medical data [11]. Additionally, the adoption of secure communication protocols and effective key distribution mechanisms is essential to counter potential threats and uphold the privacy and security of medical information in IoT healthcare environments.
The notion of lightweight encryption holds significant importance for IoT devices that face constraints in computational power, memory, and energy resources [12,13,14]. Lightweight encryption endeavours to design encryption primitives and methods that can operate swiftly, demand a minimal memory footprint and consume minimal energy. The primary objective is to strike a balance between security, resource costs, and performance [15,16]. This is particularly critical for IoT devices, as traditional encryption methods often necessitate resources that surpass what these devices can offer. Hence, lightweight encryption is indispensable for upholding the security and privacy of IoT environments, particularly in scenarios characterised by resource limitations and multi-hop communication requirements. Recognising the significance of lightweight cryptography in IoT-constrained environments, the National Institute of Standards and Technology (NIST) has initiated an evaluation and standardisation process for lightweight cryptography methods suitable for these devices. This endeavour has resulted in the development of several lightweight cryptographic methods, such as ASCON, ELEPHANT, GIFT-COFB, and Tiny JAMBU, which are tailor-made to address the security needs of resource-constrained IoT devices [17]. Lightweight encryption plays a pivotal role in safeguarding sensitive data and ensuring the security and privacy of IoT applications, establishing itself as a fundamental concept for developing secure IoT networks [5].
Several surveys have explored lightweight encryption methods for IoT applications, focusing on general-purpose IoT devices or specific domains such as smart cities and industrial IoT. A survey reviewed lightweight cryptography in IoT networks, emphasising energy efficiency and computational overhead but without a specific focus on healthcare applications [18]. Other review focused on securing medical data in IoT environments but primarily addressed general security challenges rather than providing a systematic evaluation of encryption methods [10], while another review discussed the integration of blockchain and lightweight cryptography in healthcare IoT but did not explore the performance trade-offs of specific encryption methods in detail [1]. Moreover, a different paper analysed lightweight encryption methods for IoT-enabled healthcare in [16] but did not provide a detailed comparison of newer encryption techniques like SIT, PICCOLO, and CryptoCore. Another survey in [19] provides a comprehensive survey of advanced lightweight encryption methods for general IoT devices, addressing broad challenges (e.g., resource constraints, scalability) and solutions across diverse applications. Their analysis, however, lacks healthcare-specific evaluation metrics and omits post-2017 methods (e.g., ASCON, GIFT, SIT) critical for modern medical IoT systems, while this paper advances the survey in [19] by focusing explicitly on healthcare IoT with tailored metrics (e.g., HIPAA compliance, real-time latency thresholds for implantables, and data sensitivity tiers), evaluating post-2017 lightweight methods (e.g., ASCON, GIFT, SIT, CryptoCore) omitted in prior surveys, and introducing a healthcare-specific framework that maps encryption performance (throughput, energy use).
This paper builds upon our previously published work [16], which reviewed lightweight encryption methods for IoT healthcare applications. While the previous work focused on a subset of encryption methods and their general applicability, this paper extends the analysis by incorporating a broader range of encryption techniques, including SIT, PICCOLO, CryptoCore, and others. Additionally, this paper introduces a more detailed evaluation framework, considering metrics such as block size, key size, encryption/decryption times, and throughput, to provide a comprehensive comparison. Furthermore, this paper emphasises future research directions, such as quantum-resistant encryption and context-aware security solutions, which were not explored in the previous work. The key contributions of this paper are as follows:
  • A comprehensive review of lightweight encryption methods tailored for IoT healthcare applications, focusing on metrics such as block size, key size, encryption/decryption times, and throughput.
  • A detailed comparison of lightweight encryption methods, including AES-128, LEA, Ascon, GIFT, HIGHT, PRINCE, and newer techniques like SIT, PICCOLO, and CryptoCore.
  • An analysis of the trade-offs between security, efficiency, and resource constraints provides insights into the suitability of each method for different healthcare scenarios.
  • Identification of future research directions, including quantum-resistant encryption, energy-efficient solutions, and context-aware security mechanisms, to address emerging challenges in IoT healthcare systems.
The subsequent sections of the paper are structured in the following manner: Section 2 provides an outline of the background of the IoT healthcare ecosystem and its main components. Section 3 introduces the fundamental principles and requirements of lightweight encryption methods. Section 4 provides an overview of contemporary lightweight encryption methods in the context of the IoT healthcare application, whereas Section 5 presents a comprehensive analysis and examination of these methods. Section 6 offers insights into future work and presents relevant recommendations. Section 7 serves as the conclusion of the paper.

2. Background on the IoT in Healthcare: A Connected Ecosystem

A profound revolution is currently taking place in the healthcare industry, propelled by continuously advancing IoT technology. This rapidly expanding ecosystem facilitates the establishment of connections among numerous healthcare systems and devices, thereby setting the stage for forthcoming advancements in personalised medicine, proactive interventions, and improved patient care. Central to this interconnected structure resides a network of complex elements, each fulfilling an indispensable function in fundamentally transforming the approach to the provision of healthcare. In this section, we examined the components of IoT healthcare ecosystem in greater detail, as shown in Figure 1, highlighting their functions and integrations.

2.1. The Cloud Server and IoT Device Adaptability

The cloud server functions as the secure and centralised store for all patient data, serving as the central component of the IoT healthcare ecosystem. This online storage facility is essential for managing and analysing data, enabling healthcare practitioners to make well-informed decisions. The cloud server component serves multiple crucial roles:
  • Data Storage: The cloud server is responsible for securely storing large quantities of patient data from various sources within the ecosystem. This encompasses essential physiological indicators obtained from IoT wearable devices, measurements from home medical equipment, and pertinent clinical data extracted from hospitals and clinics, such as Electronic Health Records (EHRs) [20,21]. To accommodate this large data volume, strong security measures are essential to safeguard patient confidentiality and adhere to regulations such as HIPAA in the USA or the Data Protection Act in the UK.
  • Data Organisation and Management: The cloud server enables effective data organisation and management. Authorised healthcare personnel can easily access individual patient information, allowing them to monitor patterns, identify problems, and make informed treatment decisions [22,23]. Cloud-based data management utilises advanced search features and user-friendly interfaces to provide efficient information retrieval and optimise healthcare workflows [24].
  • Data Analysis: The cloud server provides a robust platform for sophisticated data analysis. Integrated analytical techniques can detect patterns, trends, and potential health issues within a patient’s complete health data [25,26]. Data-driven methods facilitate personalised medicine strategies, empowering physicians to tailor treatment approaches to each patient’s specific needs and risk factors [9]. Furthermore, anonymised patient data collected via the cloud can support research, leading to advancements in disease prevention, early detection, and the development of new treatments [26].
  • API and Interoperability: Cloud servers act as APIs, enabling data exchange between IoT devices (wearable or implantable) and applications within the IoT healthcare ecosystem. This integration permits interoperability among other components, facilitating data sharing and collaboration among healthcare providers.
Crucially, the diverse nature of IoT devices used in healthcare presents significant challenges for data security and encryption. These devices vary considerably in their computational resources, memory capacity, and power availability, which directly impacts their ability to implement complex encryption methods.
  • Wearable Devices: These devices, such as smartwatches and fitness trackers, typically have limited processing power, memory, and battery life. This necessitates the use of lightweight encryption methods that minimise computational overhead and energy consumption. Methods like PRESENT, SIMON, SPECK, and some stream ciphers like ChaCha20 are often considered due to their efficiency. However, the limited resources can also make these devices more vulnerable to certain side-channel attacks.
  • Implantable Devices: Devices like pacemakers and insulin pumps have extremely stringent resource constraints due to their size and the need for long-term battery operation. Encryption methods for these devices must have minimal overhead, low latency, and extremely low energy consumption. This often means using highly optimised and specialised implementations of lightweight methods or even custom-designed solutions. Security considerations are paramount, as device compromise could have life-threatening consequences.
  • Other IoT Devices in Healthcare: Other devices, such as remote patient monitoring systems and smart medical equipment, may have more substantial resources than wearables or implantables but still face limitations compared to traditional computers. The choice of encryption method will depend on the specific resources available and the sensitivity of the data being transmitted.
Therefore, the selection of an appropriate encryption method must carefully consider the specific resource limitations and usage scenarios of each type of IoT device. A one-size-fits-all approach is not feasible. The cloud server’s role in data aggregation and processing also requires robust security measures to protect data transmitted from these diverse devices.
The cloud server functions as the secure and centralised store for all patient data, serving as the central component of the IoT healthcare ecosystem. This online storage facility is essential for managing and analysing data, enabling healthcare practitioners to make well-informed decisions. The cloud server component can serve as data storage, where the cloud server is responsible for securely storing large quantities of patient data that come from various sources in the ecosystem. This encompasses essential physiological indicators obtained from IoT wearable devices, measurements obtained from medical equipment used at home, and pertinent clinical data extracted from hospitals and clinics, such as EHRs [20,21]. To accommodate the storage of a large volume of data, it is essential to implement strong security measures to safeguard patient confidentiality and adhere to rules such as the Health Insurance Portability and Accountability Act (HIPAA) in the USA or the Data Protection Act in the UK.
In addition to providing storage, the cloud server enables effective data organisation and management. Authorised healthcare personnel can easily access individual patient information, which enables them to monitor patterns, identify problems, and make well-informed decisions regarding treatment plans [22,23]. Cloud-based data management relies on advanced search features and user-friendly interfaces to provide efficient information retrieval and optimise healthcare workflows [24].
The cloud server offers a robust platform for sophisticated data analysis. Analytical techniques that are integrated can detect patterns, trends, and possible health issues in a patient’s complete health data [25]. The utilisation of data-driven methods facilitates the implementation of customised medicine strategies, empowering physicians to customise treatment approaches according to the specific requirements and risk factors of each patient [9]. In addition, the utilisation of anonymised patient data collected via the cloud can support research efforts, resulting in significant advancements in disease prevention, early detection, and the development of new treatments [26].
Moreover, the cloud servers act as APIs that enable the data exchange between IoT devices (wearable or implant devices) and applications in the IoT healthcare ecosystem. This integration permits interoperability among other components of the IoT healthcare ecosystem, facilitating data sharing and collaboration among healthcare providers.

2.2. Patients and Hospitals

The IoT healthcare ecosystem encompasses the surveillance of health by in-hospital devices and patients, the collection of real-time data, and the facilitation of remote care delivery. During hospital stays, in-hospital devices collect and transmit data, whereas wearable sensors monitor vital signs. For analysis, this information, which may consist of physiological measurements and medication adherence, is transmitted to cloud servers or healthcare applications. By granting access to real-time data and individualised care, IoT devices enable patients to exercise agency in the management of their health.
Patients and hospitals are at the vanguard of the IoT healthcare ecosystem, with a variety of personal IoT devices helping to collect health data. These devices deliver real-time information on patients’ health status, allowing researchers, nurses, and physicians to monitor patient healthcare in real time. Hospitals contribute data to the ecosystem through linked equipment and devices, including imaging, monitoring, and prescription dispensers. Patients can use wearables, such as smartwatches and fitness trackers, which are devices that are worn on the body and constantly monitor important health indicators, such as heart rate, blood pressure, sleep patterns, and activity levels [24]. Patients can utilise in-home technologies specifically intended for managing chronic diseases and self-care. For example, diabetics can use blood glucose monitors, individuals managing their weight can use weight scales, and those with breathing disorders can use spirometers to collect important data [27]. This data can then be securely transmitted to a cloud server using wireless connections [24]. Another category of devices is smart implants, where recent progress in medical technology has led to the development of intelligent implants such as pacemakers and insulin pumps. These advanced devices not only carry out their main operations but also can directly send real-time data on a patient’s status to the cloud server [9]. This enables healthcare providers to remotely monitor vital signs, promptly detect potential difficulties, and arrange required remedies.
Besides that, devices used in hospitals, such as imaging technologies, such as X-ray machines, MRI scanners, and CT scan devices, are essential for diagnosing and monitoring a wide range of medical disorders. These cutting-edge imaging technologies produce high-quality images that are utilised for the identification of diseases, the planning of treatments, and guidance during surgical procedures. Within the IoT healthcare ecosystem, these images can be securely transferred and kept in the cloud server, enabling remote consultations with specialists and guaranteeing that all pertinent information is easily accessible to authorised healthcare providers participating in a patient’s treatment [24,28].

2.3. Secure Communication

The IoT healthcare ecosystem must facilitate continuous data flow to ensure prompt and reliable access to patient information. Secure and trustworthy communication channels are essential for transmitting data between various devices and the cloud server, acting as connecting threads [29]. Wireless networks can be utilised to link all devices in the IoT healthcare ecosystem. Bluetooth and Wi-Fi connectivity facilitate data exchange within a healthcare organisation. These established wireless networks enable wearables, in-home medical devices, and bedside monitors to transmit patient data securely to the cloud server [26]. This capability allows real-time monitoring and reduces the time required for healthcare professionals to access data. Another method is the use of cellular networks, which offer an extended range of data transmission in remote monitoring scenarios. Wearables and certain implanted devices can utilise cellular connections to transmit gathered data securely to the cloud server, regardless of the patient’s geographical location [29]. This feature enables healthcare practitioners to monitor patients remotely, which is especially beneficial for individuals recovering at home following hospitalisation or those with chronic conditions requiring ongoing monitoring. The security component comprises various technologies and methods designed to safeguard confidential medical data from unauthorised access or theft. Securing communication within the IoT healthcare ecosystem is vital, and many methods have been applied and exploited, such as:
  • Encryption: A crucial aspect of secure communication. It entails encrypting data before it is transmitted to ensure that unauthorised individuals cannot access it [30]. Healthcare providers can guarantee the confidentiality and security of patient data during network transmission by employing strong encryption methods like Advanced Encryption Standard (AES) or Rivest–Shamir–Adleman (RSA) for data encryption. Although these conventional encryption methods provide strong data security, they can be computationally demanding. Lightweight encryption is a specialised solution created for IoT devices that have limited processing power and memory. These methods ensure data security while using minimal resources, making them well-suited for IoT devices with limited resources [31].
  • Authentication: An essential aspect of secure communication. It entails using procedures to authenticate the identity of devices and individuals participating in data exchange. By using methods such as mutual authentication and digital certificates, healthcare systems can effectively verify the identity of devices and users, thereby limiting access to sensitive information and minimising the likelihood of data breaches [32].
  • Integrity Checking: Another critical aspect of secure communication, integrity checking aims to validate that the transmitted data has not been altered or tampered with [33,34]. By employing methods such as digital signatures and checksums, unauthorised alterations to the data can be identified, thereby safeguarding its integrity and dependability.
  • Secure Protocols: Employing security protocols within the IoT healthcare ecosystem, such as Transport Layer Security (TLS), is essential for establishing secure connections between IoT devices and cloud servers [35,36]. These protocols provide encryption, authentication, and data integrity, enabling secure data exchange over public networks. In the IoT healthcare ecosystem, TLS, Virtual Private Networks (VPNs), and Public Key Infrastructure (PKI) are key components for secure communication. They verify the authenticity of IoT devices and users through digital signatures and certificates [37,38]. Moreover, secure APIs, with built-in security features like OAuth and JSON Web Tokens (JWT), protect against unauthorised access and data breaches. Firewalls and intrusion detection systems provide an additional layer of security to prevent unauthorised access to healthcare systems [38]. MQTT and CoAP are also lightweight protocols widely used in IoT healthcare applications due to their efficiency in handling low-power, low-bandwidth communication. MQTT, with its publish-subscribe architecture, is ideal for real-time patient monitoring and remote healthcare data streaming, while CoAP’s request-response model is well-suited for periodic data exchange and device management. Both protocols enhance interoperability, security, and efficiency in IoT-based healthcare systems, improving patient care and enabling seamless remote diagnostics [39].
However, security levels in lightweight encryption for IoT devices are categorised into three tiers: high security employs strong methods like AES-128/256 with long key lengths (≥128 bits), high resistance to attacks, and compliance with standards such as NIST, making it suitable for critical applications like healthcare and industrial IoT [40]; medium security uses lightweight ciphers like PRESENT or SPECK with moderate key lengths (80–128 bits) and partial resistance to attacks, balancing security and efficiency for applications such as smart home devices and wearables [41]; and low security relies on weaker methods like TEA or XOR with short keys (40–64 bits) and low resistance to attacks, typically used in non-critical applications such as toys or basic sensors where security is less prioritized [42,43].

2.4. Stakeholder

The advantages of the IoT healthcare ecosystem go beyond just advancements in technology. The efficient functioning of the system relies on a variety of stakeholders from diverse backgrounds and perspectives. Each stakeholder brings their own expertise and knowledge to enhance the quality of patient care as follows:
  • Patients: They are the central focus of the ecosystem. They play an active role in their healthcare journey by using connected devices and sharing the data they collect with their healthcare professionals. This enables individuals to acquire a more profound understanding of their health condition, monitor patterns, and make well-informed choices about their wellbeing [18].
  • Physicians: Having access to a thorough overview of a patient’s data enables them to create tailored treatment strategies and make well-informed medical judgments. The ability to monitor in real-time allows for the early identification of potential issues and timely action, resulting in improved patient outcomes [36]. Additionally, anonymised patient data collected from the ecosystem can offer important insights for research projects, leading to breakthroughs in healthcare procedures.
  • Nurses: They can save time on administrative activities and concentrate on delivering direct patient care thanks to the use of connected devices, which provide efficient data collection and analysis. Having immediate access to vital signs enables proactive actions and ensures quick fulfilment of a patient’s needs [18].
  • Pharmacists: They can use medication adherence data collected by smart dispensers to identify and address concerns related to patients not taking their medication as prescribed. Moreover, the extensive patient information accessible via EHRs enables the modification of medications and the detection of any drug interactions, thereby ensuring patient safety [44].
  • Researchers: They drive innovation in the IoT healthcare ecosystem by developing cutting-edge technologies, data analysis, and ethical considerations. They explore and develop technologies to enhance connected devices, cloud storage solutions, and data analytics tools. By analysing vast amounts of data, they identify trends and patterns, leading to breakthroughs in disease prediction, prevention, and treatment. Researchers also address ethical concerns by developing frameworks for data privacy, security, and ownership. They evaluate the effectiveness of the IoT ecosystem by assessing its impact on patient outcomes, healthcare efficiency, and cost-effectiveness. Additionally, they strive for seamless integration and interoperability, fostering a more unified healthcare experience for patients and providers.

3. IoT Lightweight Encryption Methods

Traditional encryption methods, such as RSA, DES, and AES-256, are renowned for their robust cryptographic security, making them well-suited for protecting sensitive data in high-resource environments [43]. However, these methods demand substantial computational power and memory, resulting in increased power consumption and latency, which renders them impractical for resource-constrained IoT devices. In contrast, lightweight encryption methods are specifically optimised for low-power devices, offering adequate security for the majority of IoT applications [45]. These methods typically employ smaller key sizes and simplified algorithms, which, in certain cases, may lead to a marginal reduction in cryptographic strength. Nevertheless, the level of security provided by lightweight encryption is generally sufficient for most IoT healthcare applications. The inherent efficiency of these methods enables secure data transmission while preserving device performance and extending battery life, as illustrated in Table 1.
Lightweight encryption offers a practical solution for protecting the data produced by IoT-based E-health applications. The use of lightweight encryption ensures sufficient security protections while minimising computing overhead. Block and stream ciphers are two types of encryption methods that are considered lightweight. Block ciphers encrypt data in fixed-size blocks, whereas stream ciphers encrypt data on a bit-by-bit basis. Although block cipher methods may require more computational resources and more decryption and encryption compared to stream cipher methods, they provide a higher level of security. However, stream ciphers employ a process of encrypting data on a bit-by-bit basis, which results in fast encryption but compromises security to some extent [18]. There are two main types of lightweight encryption methods: symmetric-key methods and public-key methods. Symmetric-key methods employ a single shared secret key for both encryption and decryption, such as ChaCha20, PRESENT, and Speck. Public-key methods use a pair of keys, consisting of a public key and a private key. Encryption is performed using the public key, whereas decryption is carried out using the private key. Examples of public-key encryption methods include Elliptic Curve Cryptography (ECC) and RSA. Nevertheless, encryption methods used for IoT healthcare must meet some crucial requirements:
  • Efficiency: An ideal encryption method for IoT devices with limited resources should have low computational and memory requirements to operate efficiently [37,44].
  • Security: The encryption method must ensure the confidentiality, integrity, and authenticity of patient data, providing robust protection against standard cryptographic threats [37,46].
  • Adaptability: The encryption method must be adaptable to a wide range of data types and communication protocols to effectively secure IoT healthcare applications.
The application of lightweight encryption methods depends on the specific requirements of the IoT healthcare application [37]. The decision regarding the most appropriate method is influenced by the features of the hardware and software, the degree of data sensitivity, and communication constraints. Therefore, lightweight encryption methods are specifically designed to suit the restricted computing capacity, memory limitations, and battery life of IoT devices such as wearable sensors and remote monitoring equipment, which have limited computational capabilities, memory capacity, and energy resources. Their goal is to achieve adequate security while minimising the computational load associated with encryption methods. The fundamental principles that form the basis of lightweight encryption methods include:
  • Reduced computing cost: Lightweight encryption methods commonly exhibit reduced computing costs for encryption and decryption operations. This is achieved by utilising smaller key sizes compared to conventional encryption methods.
  • Resource optimisation: Because most IoT devices have limited resources, lightweight encryption methods use a subset of encryption and decryption operations, such as stream ciphers or substitution–permutation networks, to minimise resource usage.
  • Optimal execution: Refers to the achievement of maximum performance on devices that have limited resources. To achieve this, lightweight methods are optimised specifically for the hardware architectures and programming languages they are intended to run on.
Various lightweight methods for encryption have been proposed for IoT healthcare, each possessing distinct benefits and constraints. Noteworthy examples include:
  • ChaCha20-Poly1305: A highly efficient stream cipher and authenticated encryption technique that boasts a compact code size [47].
  • CRYSTALS-Kyber: A public-key encryption technique that offers protection against quantum computing attacks, making it suitable for long-term data security [48].
  • Lightweight ChaCha20: A modified version of ChaCha20 specifically designed for IoT devices. It has been improved to reduce the amount of code required and minimise energy usage [47].
Through the integration of lightweight encryption methods as described earlier and extensive security measures, healthcare practitioners can proficiently protect patient data and ensure the reliability of IoT healthcare systems.

4. IoT Healthcare-Based Lightweight Encryption Methods

This analysis addresses how to resolve security issues related to the implementation of IoT-based healthcare systems. The analysis of encryption methods considers several measures, including block size, key length, encryption timings, number of rounds, and throughput.
A lightweight encryption method called PRINCE delivers strong security with minimal computational overhead and lower latency. PRINCE has been embraced by diverse applications and is considered a feasible option compared to classic block ciphers like AES. PRINCE uses a combination of substitution–permutation networks and Feistel networks and operates on a 128-bit key size, allowing IoT data to be encrypted within a single clock cycle. Additionally, the low latency provided by PRINCE makes it suitable for securing communication and data storage in IoT devices. It offers robust security against various cryptanalytic attacks [49]. Therefore, its low latency makes it particularly suitable for securing communication and data storage in IoT devices.
The Extended Tiny Encryption Method (XTEA) offers a simple and efficient block cipher designed for applications with limited resources. It is easy to implement and provides a good balance between security and performance [50]. XTEA utilises the Feistel cipher structure to divide the plaintext into 64-bit blocks, encrypting each block individually. The encryption process involves modular addition, rotation, permutation, and XOR operations on each block. XTEA operates on 64-bit blocks and uses a 128-bit key, typically performing sixty-four rounds of encryption. Its simplicity and efficiency make XTEA highly suitable for resource-constrained devices like those used in the IoT [51]. Another lightweight AES-128 is an efficient encryption technique designed for low-power devices such as IoT, which employs a multi-round series of substitution and permutation operations [52].
Other methods, such as Simon and Speck, were designed by the National Security Agency (NSA) in 2013 for use in resource-limited devices. These methods prioritise efficiency and security. Simon is specifically designed for hardware implementations, supporting block sizes ranging from 32 to 128 bits and key sizes of 128, 192, and 256 bits. It employs a symmetric encryption method known as a balanced Feistel network, using four subkeys for each round of encryption. Speck, on the other hand, has been engineered to be particularly effective when implemented in software. It can manage the same block and key sizes as Simon, but with a varying number of rounds. Both Simon and Speck are highly efficient, exceptionally secure, and remarkably versatile, making them well-suited for a wide range of applications, such as IoT devices, embedded systems, secure communications, and data security. They are gaining popularity in cryptography due to their good combination of performance and security [51,53]. The SKINNY method [54] employs several rounds of substitution, permutation, and key addition to encrypt data. The encryption method has configurable key sizes (64, 128, 192 bits) and 32–56 rounds, allowing for flexible encryption efficiency in resource-limited settings such as IoT devices.
The SIT encryption method is an encryption method that operates on 64-bit blocks of data [55]. It uses a combination of a Feistel structure and a uniform substitution–permutation network to perform encryption. The method consists of five encryption rounds, offering strong security while maintaining a manageable level of computing complexity. The SIT method uses a 64-bit key size, making it suitable for IoT applications.
PICCOLO is another block cipher tailored for devices with limited resources, such as IoT devices [56]. It employs a 64-bit block cipher and uses keys of either 80 or 128 bits in length. The Piccolo cipher combines substitution and permutation operations based on the Feistel network architecture. It encrypts and decrypts data rapidly, even on low-power devices, ensuring responsive performance for real-time applications. Additionally, it exhibits resilience against a range of cryptanalytic assaults, such as linear and differential cryptanalysis. These features make PICCOLO an ideal choice for IoT devices and embedded systems used in healthcare applications [51,56].
An adapted IOT-based lightweight encryption method based on DNA sequences is designed for healthcare applications [57]. This method capitalises on the inherent randomisation properties of DNA sequences to generate encryption keys suitable for IoT devices. It utilises a 32-bit key size within an extensive key space of 106 bits, ensuring alignment with the constrained processing capacities of IoT devices without compromising the high level of security. The extensive and entirely random key space presents a significant challenge to potential attackers in predicting or deducing the encryption key. Additionally, the method integrates substitution and transposition operations to ensure data security while accommodating the limited computational capabilities of IoT devices. The 32-bit encryption key is carefully selected from a vast key space of 106 bits [58].
The PRESENT cipher, based on a substitution–permutation network, supports block sizes of 64 bits and key lengths of 80- and 128-bit [40]. In addition, PRESENT includes 31 rounds, each consisting of an XOR operation and a bit-by-bit permutation. However, it is vulnerable to both hardware attacks and side-channel attacks. An alternative version of the PRESENT cipher reduces the total number of encryption rounds by modifying the key register updating technique [59]. This modification adds an additional layer to the encryption process, positioned between the S-box layer and the P-layer. The updated key register value is encrypted using the TEA delta value function [50,60], which acts as an additional, efficient cipher. This adjustment reduces the number of rounds from 31 to 25, which is the minimum required for security.
QARMA, also known as the Quite Advanced Round-reduced Memory-optimised Method, is a block cipher developed specifically for resource-constrained environments such as IoT devices and embedded systems [61]. QARMA features a modifiable block cipher structure that includes an extra input, known as the tweak, in addition to the key and plaintext. This inclusion enhances both adaptability and security. QARMA utilises a modified version of the Feistel network to achieve simplicity and efficiency, designed to operate effectively in both hardware and software implementations. Its design minimises delay and power consumption, making it ideal for systems with strict energy constraints [62,63]. QARMA offers strong protection against established cryptographic threats while maintaining efficiency in limited environments.
HIGHT is another block cipher developed for low-resource devices such as RFID tags and smart cards [64]. It includes a 64-bit block size, a 128-bit key size, and a 32-round Feistel-like structure. HIGHT employs a combination of additions, bit-wise rotations, and XOR operations, with round keys derived through a unique key scheduling process. Its lightweight design ensures low computational and memory requirements, making it suitable for IoT devices and RFID tags. HIGHT has been tested against various attacks, leading to potential optimisations and minor modifications to enhance performance without compromising security. Suggested enhancements include hybrid methods to further optimise resource consumption in IoT devices for healthcare applications. These optimisations might involve modifying HIGHT for specific platforms or employing alternative key schedules to improve performance, although its fixed key and block sizes may limit flexibility [51,65]. In another method, the LBlock uses a 64-bit block size and an 80-bit key size, utilising 32 encryption rounds. LBlock integrates a modified version of the Feistel architecture with an SP network [66]. Moreover, RC5-32/12/16 is a variant of the RC5 encryption method for IoT devices. It utilises 32-bit blocks, 12 rounds, and a 128-bit key to provide secure data communication on devices with restricted processing capabilities [67]. However, a similar multi-round lightweight block method called GIFT [68], consists of two variants, GIFT-64 and GIFT-128, and both use 128-bit encryption keys. Every round executes three logical operations: substitution, bit permutation, and XOR operation with the round key. This is tuned for optimal for constrained devices, particularly for ensuring IoT security.
CryptoCore is an encryption method that operates on 64-bit blocks of data [69]. It employs a combination of substitution–permutation networks and Feistel networks, which are known for their strong security and computational efficiency. CryptoCore is designed with a unique processor architecture that maximises parallelism and energy efficiency. An implementation of Redundant Signed Digit (RSD) Elliptic Curve Cryptography on the Vertex5 FPGA system [70] uses elliptic planar curves with finite fields. ECC requires point multiplication, and two procedures were implemented to reduce memory usage: Carry field arithmetic was replaced with modular arithmetic, utilising the Karatsuba–Ofman approach [71].
ASCON is a family of authenticated encryption methods designed for lightweight applications [72], especially in constrained environments like IoT devices and embedded systems. ASCON was a finalist in the CAESAR competition and is known for its simplicity, efficiency, and strong security properties. It is optimised for both hardware and software implementations, offering low power consumption and high speed. ASCON supports both authenticated encryption with associated data (AEAD) and hashing, making it versatile for various applications. While it may not be suitable for high-performance systems or require extensive real-world testing, ASCON is particularly useful in healthcare applications, such as medical IoT devices, patient data protection, and telemedicine. ASCON provides robust security against a wide range of cryptographic attacks, including differential and linear cryptanalysis. Its architecture is based on permutations, which ensures strong diffusion and confusion features. ASCON has undergone extensive security evaluations, including differential and linear cryptanalysis, statistical tests (NIST and TestU01), side-channel and fault injection tests, and formal verification. It was a finalist in the CAESAR competition, demonstrating its robustness and suitability for resource-constrained environments. Similar methods called TinyJAMBU method with key lengths of 128-bit, 192-bit, and 256-bit and functions by employing a 128-bit keyed permutation. This method had been designed to provide both encryption and authentication with minimal computational resources. TinyJAMBU has also been shortlisted as a finalist in the NIST Lightweight Cryptography competition [73].
Another Lightweight Encryption Method (LEA) is a block cipher that was created by the Korea Internet & Security Agency (KISA) [74]. It was specifically designed for efficient use in applications on processors that have a 32-bit architecture. LEA supports key sizes of 128, 192, and 256 bits, with a block size of 128 bits. It utilises either 24, 28, or 32 encryption rounds, depending on the key size. LEA offers excellent efficiency with minimal resource usage, making it well-suited for IoT and constrained contexts [75]. The LEA method exhibits robust security characteristics and demonstrates adequate computing efficiency, making it highly suitable for a wide range of lightweight encryption applications, including those involving high-sensitivity healthcare data. However, the implementation complexity of LEA can be greater compared to other methods such as PRESENT or HIGHT [51].
ChaCha20, a stream cipher designed for secure internet communication, uses a 256-bit key and 64-bit initialisation vector to generate a 512-bit keystream for encryption [76]. Based on the Salsa cipher, it permutes 64-bit words across up to 20 rounds [77], resisting differential and linear cryptanalysis [78]. However, reducing rounds can create vulnerabilities [79]. Consequently, ChaCha20 is part of TLS 1.3, useful for resource-constrained devices [80], and used in authenticated encryption like HCA and HCASM [81]. Current research focuses on hardware optimisations for power consumption [82], reflecting the need for lightweight security in IoT and mobile devices.
Subsequently, CLEFIA, an ISO-approved lightweight block cipher [83], balances performance and security against key recovery attacks [84]. Offering 128-, 192-, and 256-bit key sizes [85], it uses a substitution–permutation network (SPN) structure suitable for lightweight networks like personal care systems [86]. Crucially, CLEFIA resists differential attacks and uses Cipher Feedback (CFB) mode [87], achieving security comparable to AES [88] in lightweight environments
In contrast, RC6, a symmetric key block cipher derived from RC5, prioritises security and efficiency in resource-constrained environments like wireless sensor networks [89]. Using a 128-bit block and 128-, 192-, and 256-bit keys, it operates over 20 rounds (100–200 cycles per encryption), demonstrating high efficiency and security. Its resistance to side-channel attacks makes it suitable for secure systems like e-commerce [90], achieving high throughput with a computational complexity of 3.0 [91]).
Moving to ultra-constrained devices, KATAN is a highly efficient, lightweight block cipher with 32-, 48-, and 64-bit key lengths and an 80-bit block. Operating with 254 rounds, it balances efficiency (70–100 cycles per operation) and medium security for fast encryption [92]. Its low-area design and brute-force resistance suit it for embedded systems and wireless sensor networks [87].
TWINE, a 64-bit symmetric block cipher with 80/128-bit key options and 36 rounds, is designed for resource-constrained environments, achieving 70–140 cycles per byte and a 5.5 gate count, offering medium security and throughput [93]. Conversely, FELICS-FIDES, also a 64-bit symmetric cipher with 80/128-bit keys and approximately 36 rounds, targets ultra-constrained devices, delivering moderate performance with a focus on minimal hardware footprint, maintaining medium security and throughput [94].
Furthermore, SPONGENT, a hardware-optimised, permutation-based method [95], supports 88–256-bit keys and variable output sizes. Its sponge construction minimises hardware overlap [96], with SPONGENT-384 being a key variant [92]. This versatility enables use in IoT signatures and named data system integrity [97], offering moderate security and medium throughput [65].
Finally, LED, a lightweight block cipher with versions like LED-40, LED-64, and LED-128, has faced scrutiny for cryptanalytic weaknesses. Notably, LED-40 is vulnerable to combined collision attacks [98,99,100] and differential attacks. However, LED-128 shows improved resistance to linear and differential attacks.
Accordingly, in many use cases in healthcare applications for such methods, such as the AES-128 is widely used in wearable devices, such as smartwatches, for securing real-time health data due to its optimal balance of security and efficiency, as proved by its ability to encrypt heart rate data with minimal latency for continuous monitoring [10]. Similarly, LEA has been implemented in remote patient monitoring systems to protect sensitive medical data during transmission, where it has high throughput and low energy consumption, making it ideal for battery-powered IoT devices [75]. PRINCE, known for its low latency and minimal computational overhead, is particularly suited for implantable devices like pacemakers, where energy efficiency and real-time performance are critical [65].

5. Analysis and Discussion

This section presents an analysis and comparison of various lightweight encryption methods, evaluating their suitability for the unique demands of IoT-based healthcare applications. Our evaluation considers several crucial factors, including block size, key size, the number of encryption rounds, throughput, encryption and decryption times, security level, and data sensitivity. This multifaceted approach is essential for understanding the trade-offs inherent in selecting an appropriate encryption scheme for resource-constrained devices handling sensitive medical data.

5.1. Evaluation Criteria and General Overview

In this section, we will conduct an analysis and comparison to evaluate multiple encryption methods based on important features that are essential for comprehending their performance and appropriateness for IoT-based healthcare applications. The analysis is based on a set of features detailed below:
  • Block Size: Refers to the number of bits that the method processes at a time.
  • Key Size: Refers to the number of bits in the encryption key utilised by the method.
  • Rounds: The number of rounds that the method does throughout the process of encryption or decryption.
  • Throughput (Mbps): The rate at which data can be encrypted or decrypted, measured in megabits per second.
  • Encryption Time (µs): The duration required to perform encryption, measured in microseconds.
  • Decryption Time (µs): The duration required to decrypt information, measured in microseconds.
  • Security Level: Refers to the degree of security provided by the method, categorised as high, medium, or low.
  • Data Sensitivity: Indicates the method’s suitability for handling confidential information, considering its security level.
As shown in Table 2, evaluating lightweight encryption methods for IoT healthcare applications reveals notable differences in several critical features that directly influence the suitability of each method for securing healthcare data transmission.

5.2. Block Size Effects

One of the primary factors is the block size, which determines the number of bits processed simultaneously during each encryption operation (for block ciphers). Most methods, such as AES-128 and CryptoCore, use block sizes of 128 bits, generally allowing for higher data throughput and efficient processing of larger data sets. For instance, AES-128, with its 128-bit block size, is well-suited for real-time healthcare applications demanding fast, secure communication of substantial data volumes. In contrast, methods like RC5-32/12/16 utilise smaller block sizes of 32 bits. While this reduces the data processing capacity per operation, it can improve efficiency and lower resource consumption, making them potentially suitable for IoT devices with limited computational power. Some methods, such as LEA, PRESENT, HIGHT, TEA, XTEA, LBlock, GIFT, TinyJAMBU, PRINCE, ASCON, SIT, PICCOLO, TWINE, LED, and FELICS-FIDES, use block sizes of 64 bits, often representing a balance between processing efficiency and data security. Notably, ChaCha20 is a stream cipher and does not operate on fixed-size blocks in the same way; instead, it generates a keystream. SKINNY and QARMA offer variable block sizes of 64 or 128 bits, providing more flexibility. SPONGENT also has variable block sizes ranging from 88 to 256 bits. KATAN also has variable block sizes of 32, 48 and 64 bits as shown in Table 2.

5.3. Key Size, Rounds, Throughput, and Timing Analysis

Another critical feature to consider is the key size, which directly influences the strength and resilience of encryption against brute-force attacks. Key sizes in these methods range from 64 bits to 256 bits, with larger key sizes generally offering stronger encryption but potentially at the cost of increased computational overhead. For example, as shown in Table 2, AES-128 uses a fixed 128-bit key, providing a standardised level of security suitable for many healthcare applications. Conversely, methods like LEA, CLEFIA and RC6 offer flexibility, supporting key sizes of 128, 192, and 256 bits, allowing for a more tailored approach based on the specific security needs. ChaCha20 uses a 256-bit key, providing a high level of security. SIT uses a 64-bit key, while KATAN uses an 80-bit key.
The number of encryption rounds, which determines the depth of encryption and its resistance to cryptanalytic attacks, also varies significantly. Methods like AES-128, with 10 rounds, aim for a balance between security and performance. Methods such as PRESENT and TinyJAMBU utilise a significantly higher number of rounds (31 and 1024, respectively), potentially enhancing their resistance to certain attacks but also increasing processing time and energy consumption. Conversely, methods like PRINCE and RC5-32/12/16, with 12 rounds, prioritise speed, making them potentially suitable for time-sensitive applications. QARMA uses a very low number of rounds (6). Therefore, the number of encryption rounds significantly impacts processing time and energy consumption in lightweight encryption methods. For instance, TEA and XTEA, with 64 rounds, have longer encryption/decryption times (6.1 µs and 5.8 µs, respectively) compared to PRINCE, which uses 12 rounds and achieves 1.0 µs. While more rounds enhance security by resisting cryptanalytic attacks, they increase computational overhead, making such methods less ideal for real-time applications. Thus, selecting an encryption method requires balancing the number of rounds with security needs and performance efficiency.
Throughput, measured in Mbps, is a crucial consideration for IoT healthcare applications, especially those involving real-time data transmission. High-throughput methods, such as ChaCha20 (300+ Mbps) and ASCON (200–300 Mbps), are well-suited for real-time monitoring and high-volume data transmission. Methods like LEA and SKINNY (110–250 Mbps and 140–220 Mbps, respectively) offer a balance between security and speed. Methods like TEA, XTEA, SIT and TWINE (70–150 Mbps, 70–140 Mbps, 70–150 Mbps, and 70–140 Mbps, respectively) might be more appropriate for applications with less stringent speed requirements or devices with limited processing capabilities.
Finally, encryption and decryption times (in microseconds) directly impact operational efficiency. As shown in Figure 2, methods like PRINCE and ChaCha20 exhibit very low encryption and decryption times (around 1 µs), making them suitable for time-critical applications like emergency healthcare scenarios. Methods like TEA, LBlock, HIGHT, PRESENT, RC5-32/12/16, KATAN, TWINE, LED, and PICCOLO (with times ranging from ~4.5 µs to 8 µs) may be less ideal for highly time-sensitive applications but may be acceptable when other factors like ease of implementation or specific security properties are more important. LEA, SIMON, SPECK, GIFT, TinyJAMBU, SKINNY, QARMA, ASCON, and CryptoCore offer a compromise between speed and other factors, with encryption/decryption times ranging from 1.2 µs to 3.5 µs. It is important to note that encryption and decryption times for SPONGENT and FELICS-FIDES were not available in the provided data.

5.4. Security Levels, Data Sensitivity, and Correlation Analysis

The lightweight encryption methods are classified based on their security levels, determined by their capacity to resist various cryptographic attacks. These levels are categorised as high, medium, or low. AES-128, LEA, ASCON, and GIFT are classified as high-security methods, specifically engineered to provide robust protection for sensitive healthcare data. Methods like HIGHT and PRINCE fall into the medium-security category, offering adequate protection for less critical healthcare information. In contrast, low-security methods such as RC5-32/12/16 prioritise efficiency over stringent security measures.
The sensitivity of data in healthcare contexts relates to the suitability of each method for handling confidential information. High-security methods like ASCON and GIFT are necessary to protect high-sensitivity data, such as patient medical records and real-time health monitoring data. Medium-security methods like HIGHT and PRINCE can effectively safeguard moderate-sensitivity data, such as administrative records and non-sensitive patient information. Low-security methods like RC5-32/12/16 are suitable for protecting low-sensitivity data, such as public healthcare notifications and non-critical administrative information, due to their high efficiency.
Methods like AES-128, GIFT, TinyJAMBU, SKINNY, QARMA, SPECK, and ASCON offer high security, making them ideal for protecting high-sensitivity healthcare data. These methods are resilient to various cryptographic attacks, ensuring the confidentiality and integrity of patient information.
As shown in Figure 3, the heatmap illustrates the correlations between key size and encryption/decryption operations, revealing insightful patterns pertinent to various methods. The positive correlation between block size and key size (0.44) suggests that methods like AES-128 and LEA, which both use 128-bit blocks and keys, are more likely to be associated with larger key sizes. The 128-bit block size and swift encryption time of 1.2 µs for LEA indicate that larger blocks can result in shorter processing times, as evidenced by the negative correlation between block size and encryption/decryption time (−0.36). A positive correlation between key size and throughput (0.25) suggests that larger key sizes often correspond to higher throughput. For example, GIFT’s 128-bit key achieves speeds of 150–250 Mbps. The strong negative correlation between throughput and encryption/decryption time (−0.74) highlights that increased throughput is associated with reduced processing times. For instance, LEA and ASCON, with high throughputs (up to 250–300 Mbps) and low encryption/decryption times (1.2 and 1.5 µs, respectively), demonstrate this trend. Slightly negative correlations between rounds and encryption/decryption time (−0.16) indicate that an increased number of rounds marginally raises processing times. This is exemplified by TEA and XTEA, which have 64 rounds and longer times (6.1 and 5.8 µs). Specific examples illustrate these patterns: AES-128 features a 128-bit block and key size, 10 rounds, high throughput (100–150 Mbps), and low processing time (2.4 µs), resulting in high security and data sensitivity. PRESENT, with a 64-bit block, 80-bit key, 31 rounds, moderate throughput (100–200 Mbps), and 5.0 µs latencies, provides medium security and sensitivity. SIMON and SPECK’s variable capacities, rounds, and moderate times, along with LEA’s high performance and low times, are designed to meet high-security requirements.

5.5. Cryptographic Resilience and Vulnerability Analysis

The analysis of various lightweight encryption methods revealed a diverse landscape of strengths and vulnerabilities, underscoring the critical importance of secure implementation. AES-128, widely regarded for its robust design, exhibits exceptional resistance to differential and linear cryptanalysis due to its strong S-boxes and well-defined structure. Nevertheless, like many encryption methods, it remains susceptible to side-channel attacks in practical deployments, necessitating effective countermeasures. Similarly, PRESENT and HIGHT, while designed to withstand differential and linear assaults, require side-channel protections to maintain their security integrity. LEA, SIMON, and SPECK demonstrate strong resilience against standard cryptanalytic techniques; however, certain parameter sets, particularly in SIMON and SPECK, have raised concerns regarding security margins. In contrast, TEA and XTEA exhibit vulnerabilities to related-key attacks, rendering them less suitable for applications demanding strict key independence. Lightweight ciphers such as TinyJAMBU, SKINNY, QARMA, and ASCON display commendable resistance to differential and linear cryptanalysis but remain susceptible to side-channel exploits. Notably, PRINCE, despite its robust design, has demonstrated specific weaknesses to side-channel attacks, highlighting the ongoing challenges in balancing efficiency with security.
Stream and legacy ciphers exhibit similar security patterns, with practical resilience often hinging on careful implementation. ChaCha20, renowned for its efficiency and security, offers strong resistance to differential and linear cryptanalysis, yet its implementation-specific side-channel vulnerabilities warrant caution. Likewise, CLEFIA and RC6, while robust by design, require rigorous side-channel protections to prevent exploitation in real-world applications. Conversely, KATAN has shown weaknesses in its reduced-round versions, raising concerns regarding its security margins. Ciphers such as SPONGENT, TWINE, and GIFT exhibit resilience against standard attacks but remain vulnerable to side-channel threats without appropriate safeguards. LED-40, in particular, is susceptible to combined collision and differential attacks, making it less secure in certain contexts. The lesser-analysed SIT and FELICS-FIDES also demand meticulous implementation due to their limited scrutiny. Ultimately, the findings underscore that while many encryption methods demonstrate theoretical robustness, their practical security is heavily contingent on effective implementation and the deployment of comprehensive side-channel countermeasures.

6. Recommendations for Future Research

The performance analysis, as discussed in Section 5, highlights significant variations in the performance of lightweight encryption methods, particularly in terms of block size, key size, encryption/decryption times, and throughput. These findings underscore the need for future research to address emerging challenges in IoT healthcare systems. Key areas for improvement include:
  • Quantum-Resistant Encryption: As quantum computing advances, traditional encryption methods like AES-128 and LEA may become vulnerable to attacks. Future work should explore integrating quantum-resistant principles, such as lattice-based cryptography or hash-based signatures, into lightweight encryption methods. For example, methods like CRYSTALS-Kyber [48], which offer post-quantum security and could be adapted for IoT healthcare applications. This would ensure long-term security for sensitive healthcare data, even in the face of quantum threats.
  • Energy Efficiency: The performance analysis in Section 5 reveals that methods like PRINCE and ChaCha20 exhibit low encryption/decryption times and high throughput, making them suitable for real-time applications. However, energy efficiency remains a critical concern for battery-powered IoT devices. Future research should focus on optimising existing methods for low-power environments, such as through hardware acceleration [18,103], energy-aware key management strategies, or the use of ultra-low-power cryptographic modules.
  • Context-Aware Security: The evaluation in Section 5 demonstrates that different encryption methods are suited for varying levels of data sensitivity. For example, high-security methods like AES-128 and GIFT are ideal for protecting sensitive patient data, while medium-security methods like HIGHT and PRINCE are better suited for less critical information. Future research should develop adaptive encryption frameworks that dynamically adjust security levels based on contextual factors, such as data sensitivity, device capabilities, and real-time threat levels [18]. This would enable IoT healthcare systems to balance security and efficiency more effectively.
  • Standardisation and Interoperability: The diversity of encryption methods evaluated in Section 5 highlights the need for standardised protocols to ensure interoperability across IoT healthcare systems. Future research should promote the development of standardised encryption solutions that are compatible with existing healthcare frameworks, such as HL7 FHIR, DICOM, and IHE integration profiles [38]. This includes creating standardised APIs for encrypted data exchange, developing robust key management protocols for IoT devices, and establishing conformance testing methodologies to ensure compliance with relevant standards. Standardisation will facilitate seamless integration and widespread adoption of secure IoT solutions in healthcare.
  • Enhanced Resilience Against Emerging Threats: The security analysis in Section 5 identifies vulnerabilities in certain methods, such as PRESENT’s susceptibility to side-channel attacks. Future research should focus on enhancing the resilience of lightweight encryption methods against emerging threats, including advanced cryptanalytic attacks, side-channel attacks, and fault injection attacks. Techniques like masking, shuffling, and error detection could be integrated into existing methods to improve their robustness [12].
  • Specific Encryption Methods for Healthcare IoT: Future research should explore encryption methods explicitly tailored to healthcare IoT’s unique demands. For instance, homomorphic encryption could enable secure data analytics on encrypted patient records (e.g., anonymised research on aggregated EHRs) without compromising confidentiality. This is critical for compliance with regulations like HIPAA while supporting AI-driven diagnostics. Similarly, attribute-based encryption (ABE) could refine access control in multi-stakeholder environments (e.g., granting physicians temporary access to specific patient data). Such methods must be optimised for resource-constrained devices to avoid excessive computational overhead.
  • Integration Challenges with Emerging Technologies: The adoption of edge computing and 6G networks introduces new challenges for lightweight encryption. Edge nodes’ limited resources may struggle with encryption/decryption tasks during real-time processing of physiological data (e.g., ECG monitoring). Similarly, 6G’s ultra-low latency requirements demand encryption protocols that minimise delays without sacrificing security. Research should address harmonising lightweight encryption with these technologies—for example, designing edge-aware cryptographic frameworks or optimising key exchange protocols for 6G’s high-speed, high-mobility environments.
By addressing these research directions, future work can build on the findings of this paper to develop more secure, efficient, and interoperable encryption solutions for IoT healthcare applications. These advancements will play a critical role in safeguarding sensitive healthcare data and ensuring the reliability of IoT-enabled healthcare systems in an increasingly interconnected world.

7. Conclusions

This paper has provided a comprehensive review of lightweight encryption methods tailored for IoT-based healthcare applications, evaluating their suitability through six critical metrics: block size, key size, encryption/decryption speed, throughput, security level, and data sensitivity. The analysis revealed that AES-128, LEA, ASCON, and GIFT are optimal for securing high-sensitivity healthcare data (e.g., implantable devices, EHRs) due to their robust security and compliance with standards such as NIST, while HIGHT and PRINCE offer balanced efficiency for medium-sensitivity applications (e.g., wearables). Methods like RC5-32/12/16, though efficient, are better suited to low-risk scenarios due to inherent security trade-offs.
The paper also highlighted the importance of aligning encryption selection with healthcare-specific constraints, such as real-time latency for life-critical devices, energy efficiency for battery-powered sensors, and regulatory compliance (e.g., HIPAA). Future research should prioritise quantum-resistant encryption, context-aware adaptive security, and integration with emerging technologies like edge computing and 6G networks to address evolving threats and resource limitations. By bridging the gap between cryptographic theory and clinical practicality, this work provides a framework for securing IoT healthcare ecosystems while optimising performance in resource-constrained environments.

Author Contributions

Conceptualization, O.S., B.A.-S. and A.A.; methodology, O.S., B.A.-S., A.A. and T.A.H.; software, O.S. and B.A.-S.; validation, O.S., B.A.-S. and A.A.; formal analysis, O.S., B.A.-S., A.A. and T.A.H.; investigation, O.S. and B.A.-S.; resources, O.S. and B.A.-S.; data curation, O.S., B.A.-S. and T.A.H.; writing—original draft preparation, O.S. and B.A.-S.; writing—review and editing, A.A. and T.A.H.; visualization, O.S. and B.A.-S.; supervision, O.S. and B.A.-S. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Data Availability Statement

No new data were created or analyzed in this study.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. Mahajan, H.B.; Junnarkar, A.A. Smart healthcare system using integrated and lightweight ECC with private blockchain for multimedia medical data processing. Multimed. Tools Appl. 2023, 82, 44335–44358. [Google Scholar] [CrossRef] [PubMed]
  2. Rathee, G.; Sharma, A.; Saini, H.; Kumar, R.; Iqbal, R. A hybrid framework for multimedia data processing in IoT-healthcare using blockchain technology. Multimed. Tools Appl. 2020, 79, 9711–9733. [Google Scholar] [CrossRef]
  3. Kamara, S.; Lauter, K. Cryptographic cloud storage. In International Conference on Financial Cryptography and Data Security; Springer: Berlin/Heidelberg, Germany, 2010; pp. 136–149. [Google Scholar]
  4. Selvaraj, S.; Sundaravaradhan, S. Challenges and opportunities in IoT healthcare systems: A systematic review. SN Appl. Sci. 2020, 2, 139. [Google Scholar] [CrossRef]
  5. Rosa, P.; Souto, A.; Cecílio, J. Light-SAE: A lightweight authentication protocol for large-scale IoT environments made with constrained devices. IEEE Trans. Netw. Serv. Manag. 2023, 20, 2428–2441. [Google Scholar] [CrossRef]
  6. Farahani, B.; Firouzi, F.; Chang, V.; Badaroglu, M.; Constant, N.; Mankodiya, K. Towards fog-driven IoT eHealth: Promises and challenges of IoT in medicine and healthcare. Future Gener. Comput. Syst. 2018, 78, 659–676. [Google Scholar] [CrossRef]
  7. Bhuiyan, M.N.; Rahman, M.M.; Billah, M.M.; Saha, D. Internet of things (IoT): A review of its enabling technologies in healthcare applications, standards protocols, security, and market opportunities. IEEE Internet Things J. 2021, 8, 10474–10498. [Google Scholar] [CrossRef]
  8. Thilagam, K.; Beno, A.; Lakshmi, M.V.; Wilfred, C.B.; George, S.M.; Karthikeyan, M.; Peroumal, V.; Ramesh, C.; Karunakaran, P. Secure IoT healthcare architecture with deep learning-based access control system. J. Nanomater. 2022, 2022, 2638613. [Google Scholar] [CrossRef]
  9. Lamkuche, H.S.; Singh, K.; Shirkhedkar, K. A lightweight block cipher for cloud-based healthcare systems. In International Conference on Computing, Communication and Learning; Springer: Berlin/Heidelberg, Germany, 2022; pp. 3–14. [Google Scholar]
  10. Hasan, M.K.; Islam, S.; Sulaiman, R.; Khan, S.; Hashim, A.H.A.; Habib, S.; Islam, M.; Alyahya, S.; Ahmed, M.M.; Kamil, S.; et al. Lightweight encryption technique to enhance medical image security on internet of medical things applications. IEEE Access 2021, 9, 47731–47742. [Google Scholar] [CrossRef]
  11. Amintoosi, H.; Nikooghadam, M.; Shojafar, M.; Kumari, S.; Alazab, M. Slight: A lightweight authentication scheme for smart healthcare services. Comput. Electr. Eng. 2022, 99, 107803. [Google Scholar] [CrossRef]
  12. Chatterjee, K.; Chaudhary, R.R.K.; Singh, A. A lightweight block cipher technique for IoT based E-healthcare system security. Multimed. Tools Appl. 2022, 81, 43551–43580. [Google Scholar] [CrossRef]
  13. Ayub, M.F.; Mahmood, K.; Kumari, S.; Sangaiah, A.K. Lightweight authentication protocol for e-health clouds in IoT-based applications through 5G technology. Digit. Commun. Netw. 2021, 7, 235–244. [Google Scholar]
  14. Rejeb, A.; Rejeb, K.; Treiblmaier, H.; Appolloni, A.; Alghamdi, S.; Alhasawi, Y.; Iranmanesh, M. The Internet of Things (IoT) in healthcare: Taking stock and moving forward. Internet Things 2023, 22, 100721. [Google Scholar] [CrossRef]
  15. Adavoudi-Jolfaei, A.; Ashouri-Talouki, M.; Aghili, S.F. Lightweight and anonymous three-factor authentication and access control scheme for real-time applications in wireless sensor networks. Peer Peer Netw. Appl. 2019, 12, 43–59. [Google Scholar] [CrossRef]
  16. Al-Shargabi, B.; Sabri, O.; Aldabbas, O.A.; Abuarqoub, A. A Survey on Lightweight Encryption Methods for IoT-Enabled Healthcare Applications. In ACM International Conference Proceeding Series; Association for Computing Machinery: New York, NY, USA, 2023; pp. 753–757. [Google Scholar] [CrossRef]
  17. Madushan, H.; Salam, I.; Alawatugoda, J. A review of the nist lightweight cryptography finalists and their fault analyses. Electronics 2022, 11, 4199. [Google Scholar] [CrossRef]
  18. Rana, M.; Mamun, Q.; Islam, R. Lightweight cryptography in IoT networks: A survey. Future Gener. Comput. Syst. 2022, 129, 77–89. [Google Scholar] [CrossRef]
  19. Singh, S.; Sharma, P.K.; Moon, S.Y.; Park, J.H. Advanced lightweight encryption algorithms for IoT devices: Survey, challenges and solutions. J. Ambient. Intell. Humaniz. Comput. 2024, 15, 1625–1642. [Google Scholar] [CrossRef]
  20. Chawla, N.V.; Davis, D.A. Bringing big data to personalized healthcare: A patient-centered framework. J. Gen. Intern. Med. 2013, 28, 660–665. [Google Scholar] [CrossRef]
  21. Johnson, K.B.; Wei, W.Q.; Weeraratne, D.; Frisse, M.E.; Misulis, K.; Rhee, K.; Zhao, J.; Snowdon, J.L. Precision medicine, AI, and the future of personalized health care. Clin. Transl. Sci. 2021, 14, 86–93. [Google Scholar] [CrossRef]
  22. Swamy, T.J.; Murthy, T.N. eSmart: An IoT based intelligent health monitoring and management system for mankind. In Proceedings of the 2019 International Conference on Computer Communication and Informatics (ICCCI), Coimbatore, India, 23–25 January 2019; IEEE: Piscataway, NJ, USA, 2019; pp. 1–5. [Google Scholar]
  23. Sattar, H.; Bajwa, I.S.; Amin, R.U.; Sarwar, N.; Jamil, N.; Malik, M.G.A.; Mahmood, A.; Shafi, U. An IoT-based intelligent wound monitoring system. IEEE Access 2019, 7, 144500–144515. [Google Scholar] [CrossRef]
  24. Chaudhary, R.R.K.; Chatterjee, K. A lightweight security framework for electronic healthcare system. Int. J. Inf. Technol. 2022, 14, 3109–3121. [Google Scholar] [CrossRef]
  25. Dang, L.M.; Piran, M.J.; Han, D.; Min, K.; Moon, H. A survey on internet of things and cloud computing for healthcare. Electronics 2019, 8, 768. [Google Scholar] [CrossRef]
  26. Chaudhary, R.R.K.; Chatterjee, K. An efficient lightweight cryptographic technique for IoT based E-healthcare system. In Proceedings of the 2020 7th International Conference on Signal Processing and Integrated Networks (SPIN), Noida, India, 27–28 February 2020; IEEE: Piscataway, NJ, USA, 2020; pp. 991–995. [Google Scholar]
  27. Akkaş, M.A.; Sokullu, R.; Çetin, H.E. Healthcare and patient monitoring using IoT. Internet Things 2020, 11, 100173. [Google Scholar] [CrossRef]
  28. Jabeen, T.; Ashraf, H.; Ullah, A. A survey on healthcare data security in wireless body area networks. J. Ambient. Intell. Humaniz. Comput. 2021, 12, 9841–9854. [Google Scholar] [CrossRef]
  29. Fernández-Caramés, T.M.; Fraga-Lamas, P. A Review on the Use of Blockchain for the Internet of Things. IEEE Access 2018, 6, 32979–33001. [Google Scholar] [CrossRef]
  30. Ray, P.P. A survey on Internet of Things architectures. J. King Saud-Univ.-Comput. Inf. Sci. 2018, 30, 291–319. [Google Scholar] [CrossRef]
  31. Al-Shargabi, B.; Abuarqoub, S. IoT-Enabled Healthcare: Benefits, Issues and Challenges. In Proceedings of the 4th International Conference on Future Networks and Distributed Systems (ICFNDS), Saint Petersburg, Russia, 26–27 November 2020; pp. 1–5. [Google Scholar]
  32. Hameed, K.; Khan, A.; Ahmed, M.; Reddy, A.G.; Rathore, M.M. Towards a formally verified zero watermarking scheme for data integrity in the Internet of Things based-wireless sensor networks. Future Gener. Comput. Syst. 2018, 82, 274–289. [Google Scholar] [CrossRef]
  33. Liu, G.-X.; Shi, L.-F.; Xin, D.-J. Data integrity monitoring method of digital sensors for Internet-of-Things applications. IEEE Internet Things J. 2020, 7, 4575–4584. [Google Scholar] [CrossRef]
  34. Al-Fuqaha, A.; Guizani, M.; Mohammadi, M.; Aledhari, M.; Ayyash, M. Internet of things: A survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutor. 2015, 17, 2347–2376. [Google Scholar] [CrossRef]
  35. Tseng, Y.-M.; Tsai, T.-T.; Huang, S.-S.; Huang, C.-P. Identity-based encryption with cloud revocation authority and its applications. IEEE Trans. Cloud Comput. 2016, 6, 1041–1053. [Google Scholar] [CrossRef]
  36. Williams, P.; Dutta, I.K.; Daoud, H.; Bayoumi, M. A survey on security in internet of things with a focus on the impact of emerging technologies. Internet Things 2022, 19, 100564. [Google Scholar] [CrossRef]
  37. Nourse, R.; Dingler, T.; Kelly, J.; Kwasnicka, D.; Maddison, R. The Role of a Smart Health Ecosystem in Transforming the Management of Chronic Health Conditions. J. Med. Internet Res. 2023, 25, e44265. [Google Scholar] [CrossRef] [PubMed]
  38. Alhirabi, N.; Rana, O.; Perera, C. Security and privacy requirements for the internet of things: A survey. ACM Trans. Internet Things 2021, 2, 1–37. [Google Scholar] [CrossRef]
  39. Borgia, E. The Internet of Things Vision: Key Features, Applications and Open Issues; Elsevier B.V.: Amsterdam, The Netherlands, 2014. [Google Scholar] [CrossRef]
  40. Bogdanov, A.; Knudsen, L.R.; Leander, G.; Paar, C.; Poschmann, A.; Robshaw, M.J.; Seurin, Y.; Vikkelsoe, C. PRESENT: An ultra-lightweight block cipher. In Proceedings of the Cryptographic Hardware and Embedded Systems-CHES 2007: 9th International Workshop, Vienna, Austria, 10–13 September 2007; Proceedings 9. Springer: Berlin/Heidelberg, Germany, 2007; pp. 450–466. [Google Scholar]
  41. Beaulieu, R.; Shors, D.; Smith, J.; Treatman-Clark, S.; Weeks, B.; Wingers, L. The SIMON and SPECK lightweight block ciphers. In Proceedings of the 52nd Annual Design Automation Conference, New York, NY, USA, 7–11 June 2015; pp. 1–6. [Google Scholar]
  42. Roman, R.; Zhou, J.; Lopez, J. On the features and challenges of security and privacy in distributed internet of things. Comput. Netw. 2013, 57, 2266–2279. [Google Scholar] [CrossRef]
  43. Zafir, E.I.; Akter, A.; Islam, M.N.; Hasib, S.A.; Islam, T.; Sarker, S.K.; Muyeen, S.M. Enhancing security of Internet of Robotic Things: A review of recent trends, practices, and recommendations with encryption and blockchain techniques. Internet Things 2024, 28, 101357. [Google Scholar] [CrossRef]
  44. Riahi, A.; Challal, Y.; Natalizio, E.; Chtourou, Z.; Bouabdallah, A.; Bouabdallah, A.A. A Systemic Approach for IoT Security. In Proceedings of the IEEE International Conference on Distributed Computing in Sensor Systems, Cambridge, MA, USA, 20–23 May 2013. [Google Scholar] [CrossRef]
  45. Radhakrishnan, I.; Jadon, S.; Honnavalli, P.B. Efficiency and security evaluation of lightweight cryptographic algorithms for resource-constrained IoT devices. Sensors 2024, 24, 4008. [Google Scholar] [CrossRef]
  46. Masood, F.; Masood, J.; Zhang, L.; Jamal, S.S.; Boulila, W.; Rehman, S.U.; Khan, F.A.; Ahmad, J. A new color image encryption technique using DNA computing and Chaos-based substitution box. Soft Comput. 2022, 26, 7461–7477. [Google Scholar] [CrossRef]
  47. De Santis, F.; Schauer, A.; Sigl, G. ChaCha20-Poly1305 authenticated encryption for high-speed embedded IoT applications. In Proceedings of the Design, Automation & Test in Europe Conference & Exhibition (DATE), Lausanne, Switzerland, 27–31 March 2017; IEEE: Piscataway, NJ, USA, 2017; pp. 692–697. [Google Scholar]
  48. Bos, J.; Ducas, L.; Kiltz, E.; Lepoint, T.; Lyubashevsky, V.; Schanck, J.M.; Schwabe, P.; Seiler, G.; Stehlé, D. CRYSTALS-Kyber: A CCA-secure module-lattice-based KEM. In Proceedings of the 2018 IEEE European Symposium on Security and Privacy (EuroS&P), London, UK, 24–26 April 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 353–367. [Google Scholar]
  49. Borghoff, J.; Canteaut, A.; Güneysu, T.; Kavun, E.B.; Knezevic, M.; Knudsen, L.R.; Leander, G.; Nikov, V.; Paar, C.; Rechberger, C.; et al. PRINCE–a low-latency block cipher for pervasive computing applications. In Proceedings of the Advances in Cryptology–ASIACRYPT 2012: 18th International Conference on the Theory and Application of Cryptology and Information Security, Beijing, China, 2–6 December 2012; Proceedings 18. Springer: Berlin/Heidelberg, Germany, 2012; pp. 208–225. [Google Scholar]
  50. Wheeler, D.J.; Needham, R.M. TEA, a tiny encryption algorithm. In International Workshop on Fast Software Encryption; Springer: Berlin/Heidelberg, Germany, 1994; pp. 363–366. [Google Scholar]
  51. Panahi, P.; Bayılmış, C.; Çavuşoğlu, U.; Kaçar, S. Performance evaluation of lightweight encryption algorithms for IoT-based applications. Arab. J. Sci. Eng. 2021, 46, 4015–4037. [Google Scholar] [CrossRef]
  52. Acla, H.B.; Gerardo, B.D. Performance evaluation of lightweight advanced encryption standard hardware implementation. Int. J. Recent Technol. Eng. 2019, 8, 1810–1815. [Google Scholar] [CrossRef]
  53. Ray, B.; Douglas, S.; Jason, S.; Stefan, T.-C.; Bryan, W.; Louis, W. The Simon and Speck Families of Lightweight Block Ciphers. 2013. Available online: https://eprint.iacr.org/2013/404 (accessed on 6 April 2025).
  54. Sadeghi, S.; Mohammadi, T.; Bagheri, N. Cryptanalysis of reduced round SKINNY block cipher. IACR Trans. Symmetric Cryptol. 2018, 2018, 124–162. [Google Scholar] [CrossRef]
  55. Usman, M.; Ahmed, I.; Imran, M.; Khan, S.; Ali, U. SIT: A Lightweight Encryption Algorithm for Secure Internet of Things. Int. J. Adv. Comput. Sci. Appl. 2017, 8, 1–10. [Google Scholar] [CrossRef]
  56. Shibutani, K.; Isobe, T.; Hiwatari, H.; Mitsuda, A.; Akishita, T.; Shirai, T. Piccolo: An ultra-lightweight blockcipher. In Proceedings of the Cryptographic Hardware and Embedded Systems–CHES 2011: 13th International Workshop, Nara, Japan, 28 September–1 October 2011; Proceedings 13. Springer: Berlin/Heidelberg, Germany, 2011; pp. 342–357. [Google Scholar]
  57. AL-Shargabi, B.; Assi, A.D. A modified lightweight DNA-based cryptography method for internet of things devices. Expert Syst. 2023, 40, e13270. [Google Scholar] [CrossRef]
  58. Al-Shargabi, B.; Assi, A.D. An Improved DNA based Encryption Algorithm for Internet of Things Devices. In Proceedings of the 2022 International Conference on Engineering & MIS (ICEMIS), Istanbul, Turkey, 4–6 July 2022; pp. 1–5. [Google Scholar]
  59. Chatterjee, R.; Chakraborty, R. A modified lightweight PRESENT cipher for IoT security. In Proceedings of the 2020 International Conference on Computer Science, Engineering and Applications (ICCSEA), Gunupur, India, 13–14 March 2020; pp. 1–6. [Google Scholar]
  60. Abdelhalim, M.B.; El-Mahallawy, M.; Ayyad, M.; ElHennawy, A. Implementation of a modified lightweight cryptographic TEA algorithm in RFID system. In Proceedings of the 2011 International Conference for Internet Technology and Secured Transactions, Abu Dhabi, United Arab Emirates, 11–14 December 2011; pp. 509–513. [Google Scholar]
  61. Avanzi, R. The QARMA block cipher family. Almost MDS matrices over rings with zero divisors, nearly symmetric even-mansour constructions with non-involutory central rounds, and search heuristics for low-latency s-boxes. IACR Trans. Symmetric Cryptol. 2017, 2017, 4–44. [Google Scholar] [CrossRef]
  62. Avanzi, R.; Banik, S.; Dunkelman, O.; Eichlseder, M.; Ghosh, S.; Nageler, M.; Regazzoni, F. The QARMAv2 Family of Tweakable Block Ciphers (Extended Version). Cryptol. ePrint Arch. 2023. preprint. [Google Scholar]
  63. Jiayao, L.I.; Wei, L.I.; Jianning, G.A.O.; Mengyang, Q.I.N.; Wenqian, S.U.N. Statistical Fault Analysis of Lightweight Tweakable Block Cipher QARMA in the Internet of Everything. J. Donghua Univ. 2024, 41, 172–180. [Google Scholar] [CrossRef]
  64. Hong, D.; Sung, J.; Hong, S.; Lim, J.; Lee, S.; Koo, B.S.; Lee, C.; Chang, D.; Lee, J.; Jeong, K.; et al. HIGHT: A new block cipher suitable for low-resource device. In Proceedings of the Cryptographic Hardware and Embedded Systems-CHES 2006: 8th International Workshop, Yokohama, Japan, 10–13 October 2006; Proceedings 8. Springer: Berlin/Heidelberg, Germany, 2006; pp. 46–59. [Google Scholar]
  65. Rashidi, B. Efficient and high-throughput application-specific integrated circuit implementations of HIGHT and PRESENT block ciphers. IET Circuits 2019, 13, 731–740. [Google Scholar] [CrossRef]
  66. Wu, W.; Zhang, L. LBlock: A lightweight block cipher. In Proceedings of the Applied Cryptography and Network Security: 9th International Conference, ACNS 2011, Nerja, Spain, 7–10 June 2011; Proceedings 9. Springer: Berlin/Heidelberg, Germany, 2011; pp. 327–344. [Google Scholar]
  67. Alsaffar, N.; Elmedany, W.; Ali, H. Application of RC5 for IoT devices in smart transportation system. In Proceedings of the 2019 8th International Conference on Modeling Simulation and Applied Optimization (ICMSAO), Manama, Bahrain, 15–17 April 2019; pp. 1–4. [Google Scholar]
  68. Banik, S.; Pandey, S.K.; Peyrin, T.; Sasaki, Y.; Sim, S.M.; Todo, Y. GIFT: A small present: Towards reaching the limit of lightweight encryption. In Cryptographic Hardware and Embedded Systems–CHES 2017: 19th International Conference, Taipei, Taiwan, 25–28 September 2017; Proceedings; Springer: Berlin/Heidelberg, Germany, 2017; pp. 321–345. [Google Scholar]
  69. Selvapriya, E.S.; Suganthi, L. Design and implementation of low power Advanced Encryption Standard cryptocore utilizing dynamic pipelined asynchronous model. Integration 2023, 93, 102057. [Google Scholar] [CrossRef]
  70. Shah, Y.A.; Javeed, K.; Azmat, S.; Wang, X. Redundant-signed-digit-based high speed elliptic curve cryptographic processor. J. Circuits 2019, 28, 1950081. [Google Scholar] [CrossRef]
  71. Marzouqi, H.; Al-Qutayri, M.; Salah, K.; Schinianakis, D.; Stouraitis, T. A high-speed FPGA implementation of an RSD-based ECC processor. IEEE Trans. Very Large Scale Integr. VLSI Syst. 2015, 24, 151–164. [Google Scholar] [CrossRef]
  72. Dobraunig, C.; Eichlseder, M.; Mendel, F.; Schläffer, M. Ascon v1. 2: Lightweight authenticated encryption and hashing. J. Cryptol. 2021, 34, 1–42. [Google Scholar] [CrossRef]
  73. Khalesi, A.; Ahmadian, Z. Beyond-Full-Round Integral Distinguisher of NIST Lightweight Cryptography Competition Finalist TinyJAMBU. Cryptol. ePrint Arch. 2023, preprint. [Google Scholar]
  74. Hong, D.; Lee, J.-K.; Kim, D.-C.; Kwon, D.; Ryu, K.H.; Lee, D.-G. LEA: A 128-bit block cipher for fast encryption on common processors. In Information Security Applications: 14th International Workshop, WISA 2013, Jeju Island, Republic of Korea, 19–21 August 2013; Revised Selected Papers 14; Springer: Berlin/Heidelberg, Germany, 2014; pp. 3–27. [Google Scholar]
  75. Choi, J.; Kim, Y. An improved LEA block encryption algorithm to prevent side-channel attack in the IoT system. In Proceedings of the 2016 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA), Jeju, Republic of Korea, 13–16 December 2016; pp. 1–4. [Google Scholar]
  76. Serrano, R.; Duran, C.; Sarmiento, M.; Pham, C.-K.; Hoang, T.-T. ChaCha20–Poly1305 authenticated encryption with additional data for transport layer security 1.3. Cryptography 2022, 6, 30. [Google Scholar] [CrossRef]
  77. Naskar, P.K.; Bhattacharyya, S.; Mahatab, K.C.; Dhal, K.G.; Chaudhuri, A. An efficient block-level image encryption scheme based on multi-chaotic maps with DNA encoding. Nonlinear Dyn. 2021, 105, 3673–3698. [Google Scholar] [CrossRef]
  78. Farooq, A.; Tariq, S.; Amin, A.; Qureshi, M.A.; Memon, K.H. Towards the design of new cryptographic algorithm and performance evaluation measures. Multimed. Tools Appl. 2024, 83, 9709–9759. [Google Scholar] [CrossRef]
  79. Kebande, V.R. Extended-Chacha20 Stream Cipher with Enhanced Quarter Round Function. IEEE Access 2023, 11, 14220–114237. [Google Scholar] [CrossRef]
  80. Jiao, L.; Hao, Y.; Feng, D. Stream cipher designs: A review. Sci. China Inf. Sci. 2020, 63, 131101. [Google Scholar] [CrossRef]
  81. Mahdi, M.S.; Hassan, N.F.; Abdul-Majeed, G.H. An improved chacha algorithm for securing data on IoT devices. SN Appl. Sci. 2021, 3, 429. [Google Scholar] [CrossRef]
  82. Cai, W.; Chen, H.; Wang, Z.; Zhang, X. Implementation and optimization of ChaCha20 stream cipher on sunway taihuLight supercomputer. J. Supercomput. 2022, 78, 4199–4216. [Google Scholar] [CrossRef]
  83. Kumar, S.; Pillai, C.S. An Analysis of Light Weight Symmetric Encryption Algorithms for Secure Data Transmission in IoT. In Proceedings of the 2024 International Conference on Intelligent Algorithms for Computational Intelligence Systems (IACIS), Hassan, India, 23–24 August 2024; pp. 1–4. [Google Scholar]
  84. Zakaria, A.A.; Azni, A.H.; Ridzuan, F.; Zakaria, N.H.; Daud, M. Systematic literature review: Trend analysis on the design of lightweight block cipher. J. King Saud. Univ.-Comput. Inf. Sci. 2023, 35, 101550. [Google Scholar] [CrossRef]
  85. Al-Assam, H.; Jassim, S. Security evaluation of biometric keys. Comput. Secur. 2012, 31, 151–163. [Google Scholar] [CrossRef]
  86. AbdulRaheem, M.; Balogun, G.B.; Abiodun, M.K.; Taofeek-Ibrahim, F.A.; Tomori, A.R.; Oladipo, I.D.; Awotunde, J.B. An Enhanced Lightweight Speck System for Cloud-Based Smart Healthcare. In Communications in Computer and Information Science; Springer: Berlin/Heidelberg, Germany, 2021. [Google Scholar] [CrossRef]
  87. Zhong, Y.; Gu, J. Lightweight block ciphers for resource-constrained environments: A comprehensive survey. Future Gener. Comput. Syst. 2024, 157, 288–302. [Google Scholar] [CrossRef]
  88. Nikolaidis, I. Secrets and lies: Digital security in a networked world [Book Review]. IEEE Netw. 2000, 14, 3. [Google Scholar] [CrossRef]
  89. El-Fishawy, N.A.; Zaid, O.M.A. A modification of RC6TM block cipher algorithm for data security (MRC6). In Proceedings of the 2004 International Conference on Electrical, Electronic and Computer Engineering, ICEEC’04, Cairo, Egypt, 5–7 September 2004; pp. 222–226. [Google Scholar]
  90. Shan, W.; Shi, L.; Fu, X.; Zhang, X.; Tian, C.; Xu, Z.; Yang, J.; Li, J. A side-channel analysis resistant reconfigurable cryptographic coprocessor supporting multiple block cipher algorithms. In Proceedings of the 51st Annual Design Automation Conference, San Fransisco, CA, USA, 1–5 June 2014; pp. 1–6. [Google Scholar]
  91. Law, Y.W.; Doumen, J.; Hartel, P. Survey and benchmark of block ciphers for wireless sensor networks. ACM Trans. Sens. Netw. (TOSN) 2006, 2, 65–93. [Google Scholar] [CrossRef]
  92. De Cannière, C.; Dunkelman, O.; Kneževic, M.K. KTANTAN—A Family of Small and Efficient Hardware-Oriented Block Ciphers BT—Cryptographic Hardware and Embedded Systems—CHES 2009; Clavier, C., Gaj, K., Eds.; Springer: Berlin/Heidelberg, Germany, 2009. [Google Scholar]
  93. Sakamoto, K.; Minematsu, K.; Shibata, N.; Shigeri, M.; Kubo, H.; Funabiki, Y.; Bogdanov, A.; Morioka, S.; Isobe, T. Tweakable TWINE: Building a tweakable block cipher on generalized feistel structure. IEICE Trans. Fundam. Electron. 2020, 103, 1629–1639. [Google Scholar] [CrossRef]
  94. Chakrabarty, P.; Sarkar, T.; Rakhra, M.; Jairath, K.; Sharma, V. Enhanced Data Security Framework Using Lightweight Cryptography and Multi-Level Encryption. In Proceedings of the 2024 International Conference on Communication, Computer Sciences and Engineering (IC3SE), Gautam Buddha Nagar, India, 9–11 May 2024; pp. 720–725. [Google Scholar]
  95. Abed, S.; Jaffal, R.; Mohd, B.J.; Al-Shayeji, M. An analysis and evaluation of lightweight hash functions for blockchain-based IoT devices. Cluster Comput. 2021, 24, 3065–3084. [Google Scholar] [CrossRef]
  96. Menezes, A.J.; Van Oorschot, P.C.; Vanstone, S.A. Handbook of Applied Cryptography; CRC Press: Boca Raton, FL, USA, 2018. [Google Scholar]
  97. Ahmed, A.A. Lightweight digital certificate management and efficacious symmetric cryptographic mechanism over industrial Internet of Things. Sensors 2021, 21, 2810. [Google Scholar] [CrossRef]
  98. Gohr, A. Improving attacks on round-reduced speck32/64 using deep learning. In Proceedings of the Advances in Cryptology–CRYPTO 2019: 39th Annual International Cryptology Conference, Santa Barbara, CA, USA, 18–22 August 2019; Proceedings, Part II 39. Springer: Berlin/Heidelberg, Germany, 2019; pp. 150–179. [Google Scholar]
  99. Mendel, F.; Rijmen, V.; Toz, D.; Varıcı, K. Differential analysis of the LED block cipher. In Proceedings of the Advances in Cryptology–ASIACRYPT 2012: 18th International Conference on the Theory and Application of Cryptology and Information Security, Beijing, China, 2–6 December 2012; Proceedings 18. Springer: Berlin/Heidelberg, Germany, 2012; pp. 190–207. [Google Scholar]
  100. Zhao, G.; Li, R.; Cheng, L.; Li, C.; Sun, B. Differential fault analysis on LED using Super-Sbox. IET Inf. Secur. 2015, 9, 209–218. [Google Scholar] [CrossRef]
  101. Ramu, G.; Mishra, Z.; Singh, P.; Acharya, B. Performance optimised architectures of Piccolo block cipher for low resource IoT applications. Int. J. High Perform. Syst. Archit. 2020, 9, 49–57. [Google Scholar] [CrossRef]
  102. Rashidi, B. Efficient full data-path width and serialized hardware structures of SPONGENT lightweight hash function. Microelectron. J. 2021, 115, 105167. [Google Scholar] [CrossRef]
  103. Eisenbarth, T.; Kumar, S.; Paar, C.; Poschmann, A.; Uhsadel, L. A survey of lightweight-cryptography implementations. IEEE Des. Test Comput. 2007, 24, 522–533. [Google Scholar] [CrossRef]
Iot 06 00023 g001
Figure 1. IoT healthcare ecosystem.
Figure 1. IoT healthcare ecosystem.
Iot 06 00023 g001
Iot 06 00023 g002
Figure 2. Methods, encryption and decryption times.
Figure 2. Methods, encryption and decryption times.
Iot 06 00023 g002
Iot 06 00023 g003
Figure 3. Heatmap of lightweight encryption methods.
Figure 3. Heatmap of lightweight encryption methods.
Iot 06 00023 g003
Table 1. Trade-offs in security and efficiency.
Table 1. Trade-offs in security and efficiency.
AspectTraditional MethodsLightweight Methods
Method ComplexityHigh, involving multiple rounds and large key sizesLower complexity, optimised for constrained environments
Security StrengthStronger due to longer key lengths and robust encryptionSlightly lower, but sufficient for most IoT use cases
Computational OverheadHigh, requiring more processing powerLow, designed for minimal computational load
Memory FootprintLarger due to complex key schedulingSmaller, using optimised structures
LatencyHigher due to extensive processing stepsLower, enabling real-time encryption
Table 2. Evaluations of different IoT-based lightweight encryption methods.
Table 2. Evaluations of different IoT-based lightweight encryption methods.
MethodTypeBlock SizeKey SizeRoundsThroughput (Mbps)Encryption Time (µs)Decryption Time (µs)Security LevelSensitivity of DataSource
AES-128Symmetric128 bits128 bits10100–1502.42.4HighHigh[52]
PRESENTSymmetric64 bits80 bits31100–2005.05.0MediumMedium[40,65]
LEASymmetric128 bits128/192/256 bits24/28/32110–2501.21.2HighHigh[74,75]
SIMONSymmetric32–128 bits64–256 bits32–72100–2503.53.5HighHigh[41]
SPECKSymmetric32–128 bits64–256 bits22–34100–2502.52.5HighHigh[41,51]
HIGHTSymmetric64 bits128 bits32100–2005.15.1MediumMedium[64,65]
TEASymmetric64 bits128 bits6475–1506.16.1MediumLow[50]
XTEASymmetric64 bits128 bits6470–1405.85.8MediumLow[60]
LBlockSymmetric64 bits80 bits3290–1806.06.0MediumMedium[66]
RC5-32/12/16Symmetric32 bits128 bits1280–1606.56.5MediumLow[63]
GIFTSymmetric64 bits128 bits28/40150–2503.03.0HighHigh[67]
TinyJAMBUSymmetric64 bits128 bits1024120–2002.02.0HighHigh[73]
SKINNYSymmetric64/128 bits64–128 bits32–56140–2202.52.5HighHigh[54]
PRINCESymmetric64 bits128 bits12200–3001.01.0MediumMedium[49]
QARMASymmetric64/128 bits128 bits6180–2502.22.2HighHigh[61,62,63]
ASCONSymmetric64 bits128 bits12200–3001.51.5HighHigh[72]
SITSymmetric64 bits64 bits570–1508.08.0MediumLow[55]
PICCOLOSymmetric64 bits80/128 bits25/31100–1804.54.5MediumMedium[56,101]
CryptoCoreSymmetric128 bits256 bits20150–3002.02.0HighHigh[69]
ChaCha20SymmetricStream cipher256 bits20300+1.01.0HighHigh[76,79,82]
CLEFIASymmetric128 bits128/192/256 bits18/22/26Up to 2002.52.5HighHigh[84,86,87]
RC6Symmetric128 bits128/192/256 bits20100–2003.03.0HighHigh[89]
KATANSymmetric32/48/64 bits80 bits25470–1006.06.0MediumLow[92,102]
SPONGENTSymmetric88–256 bits88–256 bitsVariableModerateHighMedium[102]
TWINESymmetric64 bits80/128 bits3670–1405.55.5MediumMedium[93]
LEDSymmetric64 bits64–128 bits3250–1007.07.0MediumMedium[99,100]
FELICS-FIDESSymmetric64 bits80/128 bits~36ModerateMediumMedium[94]
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Sabri, O.; Al-Shargabi, B.; Abuarqoub, A.; Hakami, T.A. A Lightweight Encryption Method for IoT-Based Healthcare Applications: A Review and Future Prospects. IoT 2025, 6, 23. https://doi.org/10.3390/iot6020023

AMA Style

Sabri O, Al-Shargabi B, Abuarqoub A, Hakami TA. A Lightweight Encryption Method for IoT-Based Healthcare Applications: A Review and Future Prospects. IoT. 2025; 6(2):23. https://doi.org/10.3390/iot6020023

Chicago/Turabian Style

Sabri, Omar, Bassam Al-Shargabi, Abdelrahman Abuarqoub, and Tahani Ali Hakami. 2025. "A Lightweight Encryption Method for IoT-Based Healthcare Applications: A Review and Future Prospects" IoT 6, no. 2: 23. https://doi.org/10.3390/iot6020023

APA Style

Sabri, O., Al-Shargabi, B., Abuarqoub, A., & Hakami, T. A. (2025). A Lightweight Encryption Method for IoT-Based Healthcare Applications: A Review and Future Prospects. IoT, 6(2), 23. https://doi.org/10.3390/iot6020023

Article Metrics

Back to TopTop