On Wide-Area IoT Networks, Lightweight Security and Their Applications—A Practical Review

Abstract

The Internet of Things (IoT) allows users to collect sensor data, control devices, and analyze collected data over the Internet. IoT devices are located in diverse environments and support many applications. To protect IoT systems from cyber threats, Confidentiality, Integrity, and Authentication—the CIA triad—must be supported. However, IoT devices have limited energy and computational resources. Lightweight encryption algorithms have been proposed for IoT, and have been reviewed by previous studies. Some cover communication protocols, while others cover lightweight security or review the challenges in implementing a secure IoT system. The aim of this literature review is to combine the first two topics: communication protocols and lightweight security. They will be approached from a practitioner’s standpoint. Several applications are provided that help readers with a minor background in security to understand these technologies and which elements of the CIA triad have more priority. This paper describes wide-area IoT networks, such as LoRAWAN, Sigfox, and NB-IoT, and their security. It also describes applications throughout the world, and how to enhance their security by implementing emerging lightweight security—specifically, approaches to make well-known ciphers such as Advanced Encryption Standard (AES) and Elliptic Curve Cryptography (ECC) more lightweight.