A Survey on Lightweight Encryption Methods for IoT-Enabled Healthcare Applications

Through the proliferation of billions of devices and the generation of enormous amounts of data, the Internet of Things (IoT) has revolutionized the way we interact with the world, particularly in healthcare applications. Although IoT enables new operational technologies and offers vital benefits, it poses new security challenges, especially for resource-constrained devices. This paper investigates existing lightweight encryption approaches designed for IoT devices in healthcare applications. Additionally, concerns related to the design of Lightweight encryption method for the IoT-based healthcare systems include block size, key length, encryption timing, the number of rounds, and throughput. This analysis aims to provide insights for further investigation and enhancement in the deployment of IoT-based lightweight encryption methods in healthcare applications.


INTRODUCTION
In today's fast-paced digital world, the healthcare industry recognizes the imperative for efficient and secure data access.Smart healthcare systems have emerged as transformative solutions, streamlining patient care, reducing operational costs, and enhancing the quality of healthcare services.Furthermore, recent studies have emphasized the necessity of transitioning from traditional processes to digital methods, leveraging innovative technologies like smart healthcare systems.These advancements have significantly impacted the healthcare profession in recent years.
Many recent articles [1]- [7] have defined the Internet of Things (IoT) as the adaptive self-configuring intelligent objects or devices that enable communication and interaction with other objects over the Internet.IoT gains a very high significance due to the great impact on most aspects of our lives.It has been used in healthcare for purposes such as remote health monitoring, early diagnosis, and elderly care [8]- [11].IoT devices such as wearable fitness trackers, smartwatches, and medical sensors, gather critical health data, providing valuable insights into patients' wellbeing [1].These devices enable the collection and exchange of data, making them pivotal in healthcare.Accordingly, the IoT represents one of the most recent IT advancements in the healthcare domain.It enabled healthcare systems to facilitate remote monitoring of patients' health conditions, with continuous tracking of vital signs, such as heart rate, blood pressure, and temperature.This data is wirelessly transmitted to healthcare professionals, who can offer remote monitoring and timely interventions.
The surge in data gathering raises significant concerns about data security, particularly given the sensitive and classified nature of healthcare data.This includes confidential personal information such as medical diagnoses, treatment records, and genetic data.Inadequate protection of this information may lead to privacy breaches, exposing patients to the risks of identity theft, discrimination, and emotional distress.The interconnectivity of IoT devices renders them vulnerable to cyber intrusions, posing a threat to the confidentiality, integrity, and availability of patient data.Such breaches not only have the potential to compromise patient care but also entail significant legal and financial consequences.
The substantial volume of confidential patient information gathered and transmitted by these devices presents formidable obstacles to privacy and security [5], [12], [13].Despite their efficacy, conventional cryptographic algorithms often prove unfeasible for IoT devices with limited computational resources.Lightweight cryptography, minimizing computational overhead while ensuring adequate security, emerges as a viable solution.In this context, novel approaches, including the integration of elliptic curve cryptography (ECC), are proposed to enhance the security of the scheme.Furthermore, additional research supports the idea that lightweight encryption and IoT mechanisms are crucial for safeguarding the confidentiality and integrity of sensitive medical data, marking a substantial milestone in the healthcare sector.
This paper provides a comparative examination of state-of-theart IoT-based lightweight encryption methods.The comparison is conducted using various measures, including block size, key length, encryption timings, number of rounds, and throughput.The remainder of the paper is organized as follows: The IoT healthcare architecture and its primary components are outlined and discussed in Section 2. In Section 3, we introduce the main concepts and requirements of lightweight encryption methods.Section 4 outlines recent IoT-based lightweight encryption methods, while the analysis and discussion of these methods are presented in Section 5. Finally, Section 6 concludes the paper.

IOT HEALTHCARE ARCHITECTURE
The IoT has brought about a significant transformation in the healthcare industry by enabling remote patient monitoring, wearable gadgets, and intelligent medical equipment, revolutionizing the healthcare environment.The interlinked system of devices produces a substantial volume of delicate patient data, requiring a robust and secure structure to safeguard it.
A stratified IoT healthcare architecture offers a systematic framework for arranging and managing the many elements of an IoT healthcare system as illustrated in Figure 1.This architectural framework typically consists of four layers.The first layer is the perception layer, comprising tangible devices, sensors, and actuators that gather and convey data.Devices include wearable sensors, intelligent beds, and systems for monitoring the surroundings [14].The second layer is the network layer, facilitating data transmission between devices and other layers of the architecture.It includes protocols, routers, and gateways ensuring smooth data flow [15].The third layer is the Platform Layer, offering the necessary framework for processing, analyzing, and managing gathered data.Components include cloud-based platforms, data analytics tools, and application programming interfaces (APIs).The final layer is the Application Layer, providing necessary features and services to healthcare practitioners and patients.This layer includes mobile applications, web portals, and clinical decision support tools.
The primary objective of IoT healthcare architecture is to enhance security measures by devising sophisticated security protocols and algorithms that safeguard confidential patient information [16].Given that IoT healthcare architectures handle sensitive patient data, security is of the utmost importance.Critical security measures include the following: • Authentication and Authorization: Prevent unauthorized access by verifying the identities of users and devices.• Data Encryption: Protect data from unauthorized interception or disclosure by encrypting it both in transit and at rest.

LIGHTWEIGHT ENCRYPTION METHODS
Lightweight encryption methods encompass block and stream ciphers.In block ciphers, individual blocks are encrypted, while stream ciphers encrypt data bit by bit.Although block cipher methods may appear slower than stream ciphers, they provide higher security.Conversely, stream ciphers, which encrypt data bit by bit, are faster but less secure [17].
Protecting the data produced by IoT-based E-health applications, the utilization of Lightweight cryptography presents a practical remedy.This approach ensures sufficient security measures while decreasing the computing burden.Lightweight encryption algorithms can be classified into two primary types: • Symmetric-key methods, which utilize a single shared secret key for both encryption and decoding.Some examples of encryption algorithms are ChaCha20, PRESENT, and Speck.• Public-key methods are a second type of algorithm that utilizes a key pair, which includes a public key and a private key.The public key is employed for encryption, whilst the private key is utilized for decryption.Some examples of cryptographic algorithms are Elliptic Curve Cryptography (ECC) and RSA.However, Lightweight encryption methods for IoT healthcare should satisfy the following essential criteria: • Security: The encryption method must offer robust protection against prevalent cryptographic threats, ensuring the confidentiality, integrity, and authenticity of patient data [19].• Adaptability: The encryption system should be capable of adjusting to diverse IoT healthcare settings, accommodating various data types and communication protocols.
The determination of which lightweight encryption scheme to utilize is contingent upon the specific demands of the IoT healthcare application [20].The selection of the most suitable algorithm is influenced by hardware and software capabilities, the sensitivity of the data, and communication limitations.Consequently, lightweight encryption methods are specifically engineered to accommodate the limited computational capacity, memory constraints, and battery life of IoT devices.Their objective is to ensure sufficient security while reducing the computational burden linked to cryptographic operations.Fundamental principles that underpin lightweight encryption algorithms include: • Reduced computational complexity: Lightweight algorithms commonly utilize smaller key sizes than conventional cryptography, resulting in reduced computational complexity for encryption and decryption operations.• Focus on specific cryptographic operations: To conserve resources, lightweight algorithms concentrate on a subset of cryptographic operations, such as stream ciphers or substitution-permutation networks.• Optimal execution: Lightweight algorithms undergo optimization for particular hardware architectures and programming languages to attain peak performance on devices with limited resources.
Various lightweight algorithms for encryption have been proposed for IoT healthcare, each with distinct benefits and constraints.Some noteworthy instances include: • ChaCha20-Poly1305: A highly efficient stream cipher and authenticated encryption technique known for its compact code size [21] • CRYSTALS-Kyber: A public-key encryption technique offering protection against quantum computing assaults, making it suitable for long-term data security [22].• Lightweight ChaCha20: A modified version of ChaCha20 specifically designed for IoT devices, improved to reduce the amount of code required and minimize energy usage [23].
Through the integration of lightweight encryption, as prescribed earlier, and extensive security measures, healthcare practitioners can proficiently protect patient data and guarantee the reliability of IoT healthcare systems.

IOT HEALTHCARE BASED LIGHTWEIGHT ENCRYPTION METHODS
This section comparatively analyses the most recent lightweight encryption methods employed in IoT-based healthcare systems.This analysis focuses on resolving security issues related to the implementation of such systems.The evaluation of these methods encompasses various measures, including block size, key length, encryption timings, number of rounds, and throughput.A lightweight encryption method called PRINCE [24] delivers strong security with minimal computational overhead and lower latency.PRINCE has gained acceptance in various applications and is considered a viable alternative to classic block ciphers like AES.Operating on a 128-bit key size, PRINCE can encrypt IoT data within a single clock cycle, thanks to its use of a combination of substitution-permutation networks and Feistel networks.The low latency provided by PRINCE makes it suitable for securing communication and data storage in IoT devices, offering robust security against various cryptanalytic attacks [17].
An Extended Tiny Encryption Algorithm (XTEA) provides a simple and efficient block cipher designed for applications with limited resources.It is easy to implement and strikes a good balance between security and performance [25].XTEA is a cryptographic algorithm that uses the Feistel cipher structure to divide the plaintext into 64 blocks and encrypts each block individually.The encryption process involves modular addition, rotation, permutation, and XOR operations on each block.XTEA operates on 64-bit data blocks, using a 128-bit key and recommended for 64 rounds of encryption.The simplicity and efficiency of XTEA make it highly suitable for devices with limited resources, such as those used in resource-constrained devices like the IoT [26].
Other methods, such as Simon and Speck, were designed by the National Security Agency (NSA) in 2013 for use in resource-limited devices.These methods prioritize efficiency and security.Simon is specifically designed for hardware implementations, supporting block sizes from 32 to 128 bits and key sizes of 128, 192, and 256 bits.Simon employs a symmetric encryption algorithm known as a balanced Feistel network, utilizing four subkeys for each encryption round.Meanwhile, Speck is engineered to be particularly effective in software, handling the same block and key sizes as other encryption methods but with a varying number of rounds.Simon and Speck are highly efficient, exceptionally secure, and remarkably versatile, making them well-suited for applications such as IoT devices, embedded systems, secure communications, and data security.They are gaining popularity in cryptography due to their excellent combination of performance and security [27], [28].
SIT is an encryption method that operates on 64-bit blocks of data [29].It utilizes a combination of a Feistel structure and a uniform substitution-permutation network to perform encryption, consisting of five encryption rounds.The method offers strong security while maintaining a manageable level of computing complexity.The SIT algorithm employs a 64-bit key size designed for IoT applications.Another cipher, LEO, is a lightweight cryptography method that combines substitution-permutation networks (SPNs) and Feistel networks for secure encryption [30].SPNs are known for their robustness against linear and differential cryptanalysis, while Feistel networks offer effective diffusion and confusion.In LEO, these elements are compact, low latency, and resistant to various cryptanalytic attacks.LEO ciphers support various block and key sizes, making them suitable for both hardware and software implementations [31].PICCOLO is another block cipher tailored to operate on devices with limited resources, such as IoT devices [32].It employs a 64-bit block cipher and keys of 80 or 128 bits in length.The Piccolo cipher combines substitution and permutation operations based on the Feistel network architecture, allowing it to rapidly encrypt and decrypt data even on low-power devices, ensuring real-time applications' responsive performance.Additionally, it exhibits resilience against various cryptanalytic assaults, including linear and differential cryptanalysis.These features make PICCOLO an ideal choice for IoT devices, embedded systems, and healthcare applications [33], [34].
An adapted IoT-based lightweight encryption approach based on DNA sequences is designed for healthcare applications [35].his method leverages the inherent randomization properties of DNA sequences to generate encryption keys suitable for IoT devices.Exploiting the meticulous selection of a 32-bit key size within a staggering key space of 10^6 bits ensures alignment with the constrained processing capacities of IoT devices without compromising a high level of security.The deliberate creation of an extensive and entirely random key space presents a formidable challenge for potential attackers in predicting or deducing the encryption key.Moreover, the method combines substitution and transposition operations to secure data while accommodating the limited computational capabilities of IoT devices.The encryption key comprises 32 bits, thoughtfully selected from a vast key space of 10 6 bits [31].
The PRESENT cipher, based on a substitution-permutation network, supports block sizes of 64 bits, as well as key lengths of 80 and 128 bits [36].PRESENT includes 31 rounds, with each round involving an XOR operation and a bit-by-bit permutation.However, it is vulnerable to both hardware assaults and side-channel attacks.Conversely, an alternative version of the PRESENT cipher managed to decrease the overall number of encryption rounds needed by modifying the key register updating technique [37].This was achieved by integrating an additional layer into the encryption process, already present between the S-box layer and the P-layer.
To maintain an up-to-date key register, the value is encrypted using the TEA delta value function [38], [39], serving as an additional, efficient cipher.They managed to add a layer allowing for the decrease of the current round from 31 to 25, the minimum number of rounds required for security.A cryptographic method named CryptoCore operates on 64-bit blocks of data [40].It employs a combination of substitution-permutation networks and Feistel networks, wellregarded for their strong security and computational efficiency.This unique processor architecture is specifically designed to maximize parallelism and energy efficiency.An implementation of Redundant Signed Digit (RSD)-Elliptic Curve Cryptography on the Vertex5 FPGA system [41].Typically, ECC operates on elliptic planar curves with finite fields, requiring the multiplication of points.Here, multiplying and adding points constitute point multiplication.To reduce memory usage, two procedures were implemented: Carry field arithmetic was substituted with modular arithmetic, utilizing the Kartusube-Offman approach [42].

ANALYSIS AND DISCUSION
The lightweight encryption methods employed to secure data generated from IoT devices are influenced by several factors, including the size of the encryption key, encryption operations, the keyspace, the number of encryption rounds, data block size, and encryption duration.The size of the encryption key is crucial for establishing the robustness of the encryption technique; typically, most lightweight encryption methods use key sizes ranging from 80 to 128 bits.Concerning encryption operations, common techniques such as substitution-permutation networks (SPNs), Feistel networks, linear feedback shift registers (LFSRs), XOR transposition, and substitutions are efficient and highly resistant to cryptanalysis.The keyspace, representing the total number of potential keys, enhances security by making it more challenging to guess or employ bruteforce methods to determine the correct key.The number of encryption rounds, dictating the algorithm's intricacy, can enhance security but may also increase computing overhead.The block size, indicating the quantity of data encrypted within a single block, strikes a balance between efficiency and the need to safeguard data.The duration of encryption is a crucial metric directly impacting the performance of real-time IoT healthcare applications.Moreover, IoT lightweight encryption methods are designed to encrypt data rapidly, ensuring that real-time IoT healthcare applications remain responsive.This rapid data exchange between IoT devices or with cloud servers is of utmost importance.

CONCLUSION
Having lightweight encryption algorithms for the IoT is vital to secure communication and data storage in the current IoT landscape.These algorithms strike a compromise between efficiency, security, and adaptability, making them suitable for a wide variety of IoT applications.The role of lightweight encryption on the IoT is increasingly significant, ensuring the protection of sensitive data and the security of connected devices as the IoT continues to grow and improve.In this paper, we examined the current state-ofthe-art IoT-based lightweight encryption methods, examining their contributions and limitations.In summary, lightweight encryption methods designed for IoT-based healthcare applications need to consider factors such as the size of the encryption key, encryption operations, the keyspace, the number of encryption rounds, data block size, throughput, and the time required for encryption as the time is critical factor for the IoT based Healthcare applications.As a future direction, there would be a need for designing and implementing lightweight encryption methods for IoT-based healthcare applications that exhibit all the above-mentioned factors.