Challenges of Cryptography for Low-Resource IoT Devices
Key Takeaways
-
Low-resource IoT devices face unique cryptographic challenges due to strict limits on power, processing, memory, and storage.
-
Standard public-key algorithms like RSA and ECC may be too slow or resource-intensive for constrained environments.
-
Lightweight cryptography offers a practical short-term solution but must be balanced against security needs.
-
Quantum computing will disrupt current cryptographic systems, making post-quantum algorithms necessary for long-lived devices.
-
Post-Quantum Cryptography (PQC) poses challenges for constrained devices due to larger key sizes, higher CPU/memory requirements, and increased energy consumption.
-
Hybrid approaches combining lightweight classical crypto for daily use with PQC for critical communications may offer a practical migration path.
-
Early planning and design for quantum resistance can prevent costly device replacements in the future.
Challenges of Cryptography for Low-Resource IoT Devices
Many Internet of Things (IoT) devices operate under strict constraints on the amount of energy available to them. Examples include wireless environmental sensors, RFID tags, NFC tags, smart cards, and machine-to-machine (M2M) microcontrollers. Like most other connected devices, they must be secured by cryptographic methods that provide reliable identification, authentication, and data protection. However, while their ultra-low energy usage offers advantages in terms of size, cost, and deployment flexibility, it also introduces a set of unique and significant security challenges.
Limited Energy Use and Storage
“Constrained” IoT devices typically consume far less power than traditional computing systems. For perspective, a typical laptop computer consumes about 60 watts of power when in use. Smartphones operate at a much lower range, usually between 5 and 12 watts. In contrast, a wireless temperature or motion sensor might operate on just 1 milliwatt, and certain passive RFID tags work with energy levels as low as 1–10 microwatts harvested from the electromagnetic field of a reader.
This drastic difference in available power has a direct impact on security design. Many commonly used public-key cryptography protocols, such as RSA or Diffie-Hellman, require significant processing power and memory to execute efficiently. Even elliptic curve cryptography (ECC), which is considered more efficient than RSA, can still be too resource-intensive for devices operating under such extreme energy limits. If implemented at all, these algorithms may take so long to complete that they render the device unsuitable for real-time communication or high-frequency operations.
The issue is compounded when the device also has a limited energy storage capacity, such as a small battery or no battery at all. In these cases, the device must perform all required functions such as sensing, communication, and security within a strict runtime budget. Any increase in cryptographic workload could lead to failures in other critical functions, such as transmitting sensor data before the energy supply is exhausted.
Limited RAM and ROM
In addition to power constraints, many low-energy IoT devices have severe physical size limitations. This often means minimal RAM and ROM are available for software execution and data storage. For example, a smart lighting module might have just a few kilobytes of RAM and less than 100 kilobytes of flash memory. Fitness trackers, smartwatches, and tire pressure monitoring systems may have similarly tight limits.
Cryptographic algorithms are not just CPU-intensive, they also require space to store code, keys, and intermediate data during calculations. Implementing standard cryptography on devices with very little memory forces engineers to choose between security and other device functions. This trade-off is risky, as it can lead to stripped-down implementations with reduced key sizes, simplified protocols, or the complete omission of encryption for some operations.
In some cases, developers rely on symmetric-key cryptography, which typically requires fewer computational resources than public-key methods. While this approach can work in certain low-energy environments, it introduces additional risks: symmetric systems require secure key distribution and management, which can be challenging at scale in IoT deployments.
Communication and Latency Constraints
Another challenge is that many low-energy IoT devices operate over low-bandwidth or intermittent communication channels. For example, a remote soil moisture sensor in a smart agriculture system may only transmit data a few times a day to conserve battery life. Cryptographic protocols that require multiple handshakes or long message exchanges may consume too much energy or time, causing delays or preventing timely data delivery. This is particularly problematic for applications that require rapid authentication, such as access control systems or time-sensitive industrial automation.
Post-Quantum Cryptography (PQC) Implications
A new layer of complexity is emerging for IoT security: the coming era of quantum computing. Large-scale quantum computers, once operational, will be capable of breaking widely used public-key algorithms such as RSA, ECC, and Diffie-Hellman in a fraction of the time it takes classical computers. This means that cryptographic systems protecting IoT devices today may become obsolete in the future, leaving long-lived devices vulnerable.
Post-Quantum Cryptography (PQC) algorithms are being developed to resist attacks from quantum computers, but they come with significant trade-offs for low-energy IoT devices. Many PQC algorithms require larger key sizes, more RAM for processing, and greater computational power compared to current cryptographic methods. For example, some PQC schemes have public keys in the range of hundreds of kilobytes, a non-starter for devices with only a few kilobytes of RAM.
The challenge is twofold:
- Future-Proofing Devices – Many IoT devices are expected to operate for years or even decades without hardware upgrades. Manufacturers must anticipate quantum threats now to avoid mass device replacement in the future.
- Lightweight PQC Development – Research is underway to adapt PQC to constrained environments, but lightweight, quantum-resistant algorithms are still in early stages. The National Institute of Standards and Technology (NIST) is working to standardize PQC, yet practical adoption for tiny, battery-powered devices remains a major engineering challenge.
For constrained IoT devices, hybrid approaches may emerge combining lightweight classical cryptography for day-to-day operations with PQC for critical communications, possibly offloaded to a more capable gateway. This strategy could help bridge the gap between today’s energy-limited designs and tomorrow’s quantum-safe requirements.
Comparison: Lightweight Cryptography vs. Post-Quantum Cryptography for Constrained IoT Devices
| Feature / Metric | Lightweight Cryptography (e.g., AES-128, ECC-256) | Post-Quantum Cryptography (e.g., Kyber, Dilithium) |
| Security Goal | Protect against classical computing attacks | Protect against both classical & quantum attacks |
| Key Size | Small (128–256 bits for symmetric, ~256 bytes for ECC public keys) | Large (often 1–2 KB for public keys; some >10 KB) |
| Signature / Cipher Size | Small, efficient for low-bandwidth devices | Often larger, increasing transmission costs |
| Processing Requirements | Low CPU load, optimized for constrained hardware | Higher CPU load, may exceed MCU capabilities |
| Memory Footprint | Minimal (fits in devices with <10 KB RAM) | Larger memory needed, sometimes >100 KB RAM |
| Energy Consumption | Low, suitable for battery-powered or energy-harvesting devices | Higher, may shorten battery life significantly |
| Deployment Readiness | Mature, widely deployed in IoT today | Emerging, still in standardization phase |
Balancing Security with Usability
In real-world IoT deployments, engineers often face a delicate balancing act. Stronger encryption and authentication protocols improve security but consume more energy, processing power, and memory. Lighter-weight cryptographic solutions conserve resources but may not offer sufficient protection against modern or future cyber threats. This trade-off is especially critical for devices in sensitive applications such as healthcare monitoring, industrial control systems, and payment processing.
To address these challenges, researchers and industry groups are developing lightweight cryptographic algorithms specifically designed for constrained environments. Examples include the NIST Lightweight Cryptography Standardization process, which aims to identify algorithms that provide robust security without overwhelming limited hardware. Additionally, some designs offload heavy cryptographic operations to nearby gateways or cloud services, allowing the low-energy device to focus on minimal, resource-friendly security tasks.
Conclusion
The security of low-energy IoT devices is a complex challenge that cannot be solved simply by applying traditional cryptographic methods. Their minimal energy supply, limited memory, and sometimes restricted communication capacity require careful design choices and, in many cases, entirely new cryptographic approaches. The looming transition to post-quantum cryptography only heightens the urgency for solutions tailored to constrained devices.
As the IoT ecosystem expands into every corner of daily life — from smart homes to industrial automation — ensuring these devices remain both functional and secure will require innovation in lightweight cryptography, efficient key management, and energy-aware security protocols. The next generation of cryptography must be not only secure, but also lean enough to thrive in the smallest, most power-starved devices.
Steep as these challenges are, solutions exist. Veridify offers several cryptographic methods that can demand as little as 0.7% of the energy and 5-50% of the RAM and ROM required by elliptic curve methods. In addition, gates required for hardware implementations can be reduced by 30% or more as compared to ECC.
To learn how we can secure your low-energy IoT devices or hear about our cryptographic solutions, please contact us or read our white paper on lightweight cryptography, presented at a NIST Workshop.
