Next Article in Journal
FC-BENTEN: Synchrotron X-Ray Experimental Database for Polymer-Electrolyte Fuel-Cell Material Analysis
Previous Article in Journal
Temporal Enhancement of Top-N Recommendation on Heterogeneous Graphs
Previous Article in Special Issue
Enhancing Security and Efficiency in IoT Assistive Technologies: A Novel Hybrid Systolic Array Multiplier for Cryptographic Algorithms
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Energy Consumption Analysis of ISO/IEC 29192-2 Standard Lightweight Ciphers

Department of Software Engineering, Kırklareli University, 39100 Kırklareli, Türkiye
Appl. Sci. 2025, 15(7), 3928; https://doi.org/10.3390/app15073928
Submission received: 5 March 2025 / Revised: 30 March 2025 / Accepted: 31 March 2025 / Published: 3 April 2025

Abstract

:
The Internet of Things (IoT) is a transformative technology that enables connection and communication between devices, systems, and objects using an existing network. This interconnectivity allows these objects to collect and analyze data, facilitating interaction in various environments. IoT spans areas such as homes, industries, cities, and even ecosystems, creating smart and responsive systems. In today’s digital age, where protecting personal, industrial, and commercial information is critical, IoT technologies must ensure a high level of security. It is essential to employ secure communication protocols or applications to ensure that IoT devices with limited resources, such as embedded systems, can communicate safely. Due to the low processing and memory capacities of these devices, traditional encryption techniques like AES are often impractical. Consequently, numerous lightweight encryption techniques have been developed specifically for use in embedded systems. The first stage of this research focused on the CLEFIA, PRESENT, and LEA algorithms outlined in the ISO/IEC 29192-2:2019 standard. The second stage involved developing a test environment to run these algorithms on embedded systems, ensuring that they were compatible with the systems’ constraints. The third stage focused on determining and analyzing the real-time energy consumption of these algorithms when implemented on embedded systems.

1. Introduction

ARPANET, which was created in 1969 with the initial idea of connecting only a few systems, has today become a vast separate world where billions of computers and systems come together. The speed, capacity and traffic of the Internet has increased exponentially, reaching today and extending into the future. Today, mobile devices that almost everyone carries in their pockets have superior capabilities compared to the supercomputers of 20 years ago. Now, human beings can make almost all devices smart thanks to microsensors and smart chips. Smartphones, cars, and heating systems have become easily controllable and programmable. In the last decade, applications developed within the scope of the Internet of Things (IoT) have started to take place in our lives quietly and gradually with the advancement of sensor and communication technologies. Globally, the number of things that can be characterized as devices and connections is growing faster than the human population. Therefore, this accelerates the increase in the average number of devices and connections per household and per person. Every year, new devices in different forms with increasing capabilities and intelligence are being introduced and adopted. In a vast and dynamic ecosystem, IoT applications introduce a range of emerging challenges. As the commitment of people, businesses and countries to Internet of Things applications increases, the desire of hackers and malicious people to access and steal data increases. Therefore, security is the biggest challenge that IoT technologies must overcome. Most Internet of Things applications collect and process information to facilitate people’s daily lives. Since most of these data can be characterized as personal data, privacy issues arise.
The development of cryptographic standards has evolved to keep up with the increasingly complex security demands of our highly interconnected world. Early encryption methods like DES (Data Encryption Standard) laid the foundation but eventually became outdated as advances in computing power and cryptanalysis made them vulnerable. This led to the introduction of AES (Advanced Encryption Standard), which provided more robust security and improved efficiency [1]. Although AES is still a powerful and widely used standard, its high computational and resource demands make it a poor fit for IoT devices and other systems with limited resources. To address this, lightweight cryptographic standards such as ISO/IEC 29192-2 [2] have emerged. These algorithms are designed to be energy-efficient and high-performing while still providing adequate security. They are tailored to meet the specific challenges of IoT environments, ensuring that devices can operate securely even with minimal processing power and memory, making robust security accessible for even the most constrained systems. There have been significant advancements in the world of information security since the block cipher algorithm AES was recognized as a standard in 2001. The AES encryption method is commonly used to secure communication between clients and servers, and is intended for use in conventional networks for standard data communication.
IoT technology is now used in a variety of applications, ranging from wearables to industrial applications. The communication infrastructure in this area is not adequately secure. According to published reports, although data transfer worldwide is large, a very small part of IoT device traffic is encrypted [3]. The general objective of IoT devices is to ensure that they operate quickly and reliably for an extended period while using minimal power. As a result, algorithms and systems that are small in size in the rapidly expanding IoT ecosystem, require less energy, and take up little space should be used. The TCP/IP protocol, which is used for standard Internet communication, is often used. On the other hand, additional security measures should be taken to increase data security to greater levels. Conventional encryption techniques are often impractical in IoT data security due to device processors and memory limitations [4], because when conventional cryptographic methods are added to the activity already performed by the devices, a severe energy consumption problem arises. In IoT systems, more efficient lightweight cryptographic algorithms are used to assure data communication security. Many lightweight encryption algorithms have been developed in this context. However, most of these encryption algorithms remain experimental and have not been used in industry. IoT manufacturers in industry prefer to work based on standards like ISO because it provides significant advantages in terms of security, interoperability, and market access. The ISO standards ensure that IoT devices meet high levels of data protection and are resistant to cyber threats. They also improve device compatibility by offering a unified framework, enabling the seamless integration of products from different vendors. Compliance with international standards facilitates global market entry and ensures adherence to regulations, reducing legal risks and speeding up time-to-market. Furthermore, ISO standards promote consistent quality, reliability, and customer satisfaction, strengthening brand reputation. By implementing standardized processes, manufacturers improve operational efficiency, reduce costs, and support sustainability efforts, making their products more appealing in a competitive global market [5].
In this paper, the energy consumption behavior of encryption algorithms defined by the international ISO standard will be examined in depth. In this context, the energy consumption of lightweight encryption algorithms proposed in the ISO/IEC 29192-2 standard will be analyzed and their suitability for their application areas will be evaluated. The rest of the paper is structured as follows. Section 2 presents related works and the rationale for focusing on standardized lightweight ciphers. Section 3 describes the encryption algorithms and their internal structures in detail. Section 4 outlines the experimental setup, test scenario, and measurement methodology. Section 5 provides a comprehensive analysis of the results obtained from energy, runtime, and current measurements. Section 6 offers recommendations for enhancing ISO/IEC 29192-2 algorithms. Finally, Section 7 presents conclusions and discusses potential directions for future work.

2. Related Works

Cryptographic solutions for the IoT should be designed appropriately taking into account the limited resources of devices used in this field. This has caused the emergence of a new branch of cryptography known as lightweight cryptography, which is more efficient for systems with lower energy consumption and smaller capacity. Many lightweight algorithms have been developed to achieve this goal. PRESENT [6] is one of the first lightweight encryption algorithms proposed for constrained hardware environments. Additionally, various algorithms, including CLEFIA [7], PICCOLO [8], PRINCE [9], LBLOCK [10], HIGHT [11], TWINE [12], SIMON&SPECK [13], have been developed to address this issue.
Recent studies show that the development of lightweight algorithms for IoT security is increasingly gaining attention. Sahay et al. have developed a lightweight cryptographic algorithm designed for resource-constrained IoT devices [14]. Their algorithm is based on the Feistel structure and uses circular shifts, XOR, and key addition for both encryption and decryption of data. They have employed a 128-bit key size and a 64-bit block size, using Linear Feedback Shift Registers for key generation. Another example is the work of Kuang and colleagues, who have devised a lightweight encryption method called DRcipher, also aimed at resource-limited IoT devices [15]. It has a 64-bit block size and supports 96-bit or 128-bit key sizes, with a pseudo-random number of encryption rounds determined by the key. DRcipher uses a generalized Feistel network with four branches, mixing in elements like the F-function, the FF-function, and RP permutation, and includes a negative feedback mechanism to enhance security. Feng et al. have developed a low-energy lightweight block cipher, INLEC, to enhance data security in IoT devices while addressing constraints in battery life and energy resources [15]. They have introduced the Structure and Components Involution design, which utilizes two similar round functions to ensure front–back symmetry, improving efficiency in both encryption and decryption. Zhang et al. have developed a new lightweight block cipher, RAB, to enhance data security in wireless sensor networks [16]. The algorithm supports variable key lengths and is based on a Feistel and substitution permutation network structure. They have designed a flexible key schedule function that accommodates different key lengths for varying security needs. Xu et al. have developed a lightweight block cipher, LPHD, to enhance security in battery-powered smart door locks while minimizing storage and power consumption [17]. They have designed a low-power S-box and introduced a two-stage permutation layer (TP structure) by filtering 8-bit permutations. To address slow diffusion in the standard Feistel structure, LPHD has implemented an 8-branch generalized Feistel structure (GFS), ensuring that all branch bits are affected in a single encryption round. Consistent with these studies, many algorithms such as LTLBC [18], IoVCipher [19], DNA-PRESENT [20], RAZOR [21], GFLE [22], and GFSPX [23] were developed in 2024.
Moreover, some studies have been conducted to compare algorithms based on various parameters. Rana et al. have conducted a comprehensive analysis of a lightweight block cipher, focusing on its power consumption and security features for IoT applications [24]. Their study examines several algorithms, including PICCOLO, RECTANGLE, PRINT, PRESENT, PUFFIN, ICEBERG, HIGH, and TEA. The results indicate that the ICEBERG and HIGH ciphers exhibit significantly higher power consumption levels. Zhong and Gu have conducted a comprehensive study on lightweight block ciphers to address the growing security and privacy concerns in the IoT [25]. Their research introduces and evaluates various lightweight block ciphers based on performance and security criteria. The findings indicate that WARP and Piccolo demonstrate superior throughput, gate equivalent efficiency, and energy consumption in hardware implementations. Meanwhile, in software implementations, SIMON, SPECK, CHAM, and PRIDE exhibit high throughput with low memory requirements, ensuring excellent efficiency. Dahiphale et al. have examined the FPGA implementation of the PRIDE and PRESENT lightweight block ciphers [26]. Their study focused on evaluating throughput, energy consumption, and power efficiency in FPGA implementations. The study has analyzed various design parameters on FPGAs and has compared PRIDE’s performance against PRESENT, offering insights into its efficiency and reliability in resource-constrained IoT environments. Aslan et al. have examined the role of lightweight cryptography in addressing security and privacy challenges in IoT applications [27]. Their study has analyzed five lightweight block ciphers (PRESENT, CLEFIA, PICCOLO, PRINCE and LBLOCK) in a controlled test environment to evaluate their effectiveness in securing IoT data. Kumar et al. have analyzed the security challenges associated with resource-constrained IoT devices [28]. Their research has evaluated and compared well-known cryptographic algorithms based on implementation cost, hardware and software efficiency, and resistance to attacks, providing a comprehensive analysis of their suitability for constrained environments by conducting a thorough literature review on existing lightweight cryptographic techniques and their applications in IoT security.
As previous studies show, researchers have mostly focused on developing new algorithms or testing and improving the algorithms developed in the literature according to various criteria. Certainly, the development of new algorithms that are robust to attack is very valuable. However, it is important for the industry to use applicable algorithms defined by standards. For this reason, studies should be carried out on algorithms that are determined by ISO standards and announced to the public. When reviewing the literature, it can be seen that these studies are very limited. With this motivation, this study analyses the algorithms within the scope of ISO/IEC 29192-2.

3. ISO/IEC 29192-2 Standard Lightweight Ciphers

ISO (International Organization for Standardization) standards are guidelines that set internationally accepted criteria for quality, safety, efficiency and reliability. These standards are developed to ensure that products, services, and systems are implemented consistently and securely around the world. In particular, in the area of security and technology, ISO standards provide requirements to maintain high levels of security while supporting the interoperability of different devices and software. Standards such as ISO/IEC 29192-2 focus on enabling secure data communication in resource-constrained environments such as IoT devices and embedded systems by defining lightweight cryptography algorithms. Within the scope of ISO/IEC 29192-2:2012, the encryption algorithms PRESENT [6] and CLEFIA [7] were accepted as standards in 2012. The LEA [29] encryption algorithm was included in the ISO/IEC 29192-2:2019 document in 2019, and three encryption algorithms were recognized as standards by ISO, and their implementation was recommended. The following requirements for lightweight cryptography are also recommended by ISO/IEC 29192-2:2019. To achieve different levels of security, various lengths of blocks and keys are recommended. For a high level of security, a block length of 128 bits and a key length of 256 bits are required. For a normal level of security, both the block length and the key length should be 128 bits. Meanwhile, for a sufficient level of security, a block length of 64 bits combined with a key length of 128 bits is considered adequate. The CLEFIA, PRESENT, and LEA algorithms announced in the ISO/IEC 29192-2:2019 standard were examined and analyzed in this work. The algorithms’ operating performances and energy consumption for the determined scenario have been measured, interpreted, and conveyed in the findings section.

3.1. CLEFIA Algorithm

CLEFIA is a block cipher encryption algorithm designed to operate on 128-bit data blocks with key length options of 128, 192, or 256-bits. It employs a Feistel network structure, a common design for symmetric key block ciphers, which divides the data block into two halves and processes them through multiple rounds of encryption. The number of rounds in CLEFIA depends on the key length: 18 rounds for 128-bit keys, 22 rounds for 192-bit keys, and 26 rounds for 256-bit keys. Each round applies a series of operations, including substitution, permutation, and mixing, to provide strong security against cryptanalysis. In general, lightweight algorithms that use the Feistel architecture have more rounds than those that use the SPN architecture. To boost encryption speed, the CLEFIA designers lowered the number of rounds while maintaining security using a strong diffusion layer. The CLEFIA encryption structure is given in Figure 1a. The substitution layers ensure non-linearity, enhancing resistance to differential and linear cryptanalysis. The diffusion layer, implemented using a carefully designed MDS (maximum distance separable) matrix, spreads input changes across the data block, maximizing security with minimal computational overhead. CLEFIA also features a dual pseudo-random function (F0 and F1) within each round, which operates on data halves to further strengthen the encryption process. These elements work together to ensure CLEFIA’s efficiency while maintaining robust protection against cryptanalytic attacks.

3.2. PRESENT Algorithm

PRESENT with a 64-bit block length supports 80 or 128-bit keys. The algorithm is made up of 31 rounds and is based on the SPN architecture. Encryption algorithms based on the SPN architecture require fewer rounds, while maintaining robust security compared to those designed with the Feistel architecture. The PRESENT developers have raised the number of rounds since the block size has increased to 64-bit. The structure of the PRESENT encryption algorithm includes key addition, non-linear substitution, and linear bitwise permutation layers that make up each round. The PRESENT encryption structure is given in Figure 1b. The internal structure of PRESENT is designed for simplicity and efficiency, making it particularly suitable for resource-constrained environments. Each round in the SPN architecture consists of three key steps: key addition, substitution, and permutation. Key addition is performed by XORing the current round key with the data block, ensuring dependency on the key at each step. The substitution layer uses a 4-bit S-box, which is optimized for both hardware and security, to introduce non-linearity and protect against differential and linear cryptanalysis. Finally, the permutation layer reorders the bits of the block using a predefined permutation table, achieving a high diffusion rate with minimal computational cost. Additionally, the PRESENT key schedule is lightweight yet secure, generating round keys through simple rotations and XOR operations. This minimalistic design allows PRESENT to maintain strong security properties while requiring minimal resources, making it ideal for applications like the IoT and embedded systems.

3.3. LEA Algorithm

LEA offers 128, 192, and 256-bit key variants with 128-bit block length. The algorithm encrypts 24 rounds for 128-bit key lengths, 28 rounds for 192-bit key lengths, and 32 rounds for 256-bit key lengths. Only 32-bit ARX (bitwise add, rotate, XOR) operations were used in the LEA encryption algorithm. This provides high-speed encryption and decryption for 32-bit and 64-bit systems. The key scheduling stage also uses ARX operations. The LEA encryption structure is given in Figure 1c. The internal structure of LEA is designed to maximize performance and simplicity by relying exclusively on ARX operations. Each round in LEA consists of three primary steps: modular addition, cyclic rotation, and XOR operations. Modular addition introduces non-linearity and ensures diffusion, while cyclic rotation changes the bit positions to prevent direct relationships between input and output. The XOR operation adds randomness and strengthens the algorithm against cryptanalytic attacks. LEA’s key schedule is equally efficient, using simple ARX operations to generate round keys dynamically, ensuring minimal overhead during key derivation. The absence of S-boxes and reliance on ARX operations not only simplifies the implementation of LEA but also optimizes it for both software and hardware environments. This design enables LEA to achieve high throughput and low energy consumption, which makes it particularly suitable for IoT devices and other resource-constrained platforms.

3.4. Related Works on ISO/IEC 29192-2

As demonstrated in Section 2, numerous studies in the literature focus on the development of lightweight cryptographic algorithms to improve the cryptographic security of IoT and WSN systems. These studies explore various encryption techniques, performance optimizations, and security enhancements tailored for resource-constrained environments. However, none of these studies directly address the ISO/IEC 29192-2 standard. In this section, a compilation of studies that are partially related to this research is provided, offering insights into cryptographic approaches that exhibit similarities with the research focus, but do not explicitly conform to the ISO/IEC 29192-2 standard. This review highlights relevant advancements in the field, while demonstrating the absence of direct studies on ISO/IEC 29192-2, thereby reinforcing the novelty and contribution of this work.
Neal et al. examine the feasibility of hardware acceleration for lightweight encryption algorithms in resource-constrained IoT devices such as sensor nodes and embedded systems [30]. Since these devices often lack the computational power to implement standard encryption algorithms, the study explores whether dedicated hardware, specifically FPGAs, can efficiently handle encryption tasks. To achieve this, the researchers implemented and evaluated different lightweight ciphers, interfacing them with a microcontroller via serial communication. The study focuses on ciphers aligned with the ISO/IEC 29192-2 standard, specifically PRESENT, LEA, and CLEFIA, while using AES as a benchmark for comparison. The results indicate that PRESENT-128 and LEA-128 offer the best balance between the throughput and implementation area, making them the most efficient choices for lightweight cryptographic applications in constrained environments.
Pyrgas and Kitsos present a highly compact CLEFIA block cipher architecture designed for ultra-low-area IoT devices [31]. The architecture supports 128-bit plaintext/ciphertext and a 128-bit key, processing data through a 4-bit data path to minimize hardware resource usage. The design was implemented in Verilog and tested on a BASYS3 FPGA.
Goyal et al. evaluate various security algorithms in terms of performance and robustness, particularly for resource-constrained devices such as wristwatches, RFID tags, and IoT devices with limited hardware resources [32]. Their study focuses on identifying an encryption algorithm that balances low hardware footprint, high speed, and adequate security for such environments. Through hardware implementation and cryptanalysis, the authors compare PRESENT, AES, ECDH, DH, and RSA using the UMC-90 nm standard gate library. The study finds that PRESENT, included in the ISO/IEC 29192-2:2012 standard for lightweight cryptography due to its simple and efficient design, is particularly well suited for constrained environments.
Cano-Quiveu et al. address the critical security challenges in IoT systems, emphasizing the need to prevent data tampering and ensure confidentiality, integrity, and authenticity, particularly for data stored on removable devices like microSD cards [33]. While software-based security solutions are commonly used, their effectiveness is limited due to the resource constraints of IoT devices. The researchers introduce Embedded LUKS (E-LUKS), a hardware-based security framework inspired by Linux Unified Key Setup for encrypting data partitions. E-LUKS enhances LUKS by incorporating integrity and authentication mechanisms along with its confidentiality features. It employs advanced encryption and hash algorithms, such as PRESENT and SPONGENT, both recognized for IoT security, with PRESENT is included in the ISO/IEC 29192-2:2019 standard for lightweight block ciphers.
An and Seo explore highly efficient implementations of block ciphers on NVIDIA GPUs for large-scale IoT and cloud computing applications [34]. The researchers focus on three block ciphers, AES, LEA, and CHAM. Their implementation on an RTX 2070 GPU achieves notable improvements in encryption throughput, with AES reaching 310 Gbps, reflecting a 10.7% increase over the previous best result. LEA demonstrates a throughput of 2.47 Tbps, marking a 67% improvement, while CHAM achieves 3.03 Tbps, representing its first optimized implementation on GPUs. These results highlight the potential of GPU-based cryptographic acceleration for high-performance encryption in IoT and cloud computing environments.

4. Test Environment, Scenario, and Results

The test environment, scenario, and results used in the study are described in detail in this section. This part outlines the specific setup of the testing environment, including hardware and software configurations, followed by a description of the test scenarios designed to evaluate key performance indicators. Finally, the results obtained from the tests are presented and analyzed to assess the effectiveness and reliability of the proposed solution.

4.1. Test Environment

The MSP-EXP430FR5994 (Texas Instruments Inc., Dallas, TX, USA) was chosen for the test environment, and is shown in Figure 2. The microcontroller in the kit contains 256 KB of ultra-low-energy consumption FRAM nonvolatile memory and operates at a clock frequency of 16 MHz. It supports a wide voltage range from 1.8 V to 3.6 V, making it suitable for low-power applications. The system is built on a 16-bit RISC architecture, capable of running at a 16 MHz system clock with 8 MHz FRAM access speed. In addition to 256 KB of FRAM, it includes 8 KB of SRAM, ensuring efficient memory usage. For analog signal processing, the microcontroller features a 16-channel 12-bit ADC and a 16-channel analog comparator, enhancing its capability for sensor-based applications. It is equipped with six 16-bit timers, each with seven capture/compare registers, allowing precise timing operations. The device also supports 6-channel direct memory access, enabling efficient data transfer without CPU intervention. Algorithms were coded in CCS (Code Composer Studio) and compiled using C code before being transferred to the MSP430FR5994 device (Texas Instruments Inc., Dallas, TX, USA). The EnergyTrace software (version 10) was used to measure the algorithms’ energy, power, and current [35]. The energy consumption of all encryption algorithms developed in the test environment was measured with the EnergyTrace software. The EnergyTrace software was used to measure the algorithms’ energy, power, and current. EnergyTrace technology is an energy-based code analysis tool that monitors the application’s energy profile and assists in optimizing for ultra-low energy consumption.
The MSP-EXP430FR5994 microcontroller was selected due to its suitability for low-power embedded system research, particularly in cryptographic and IoT-focused applications. It features an ultra-low-power FRAM architecture, built-in EnergyTrace technology for accurate energy profiling, and native AES hardware acceleration, making it ideal for real-time cryptographic benchmarking. Additionally, it is a cost-effective and widely accessible platform, making it a practical choice for both academic research and industrial prototyping. As a Texas Instruments product, it is also commonly used in industrial applications, ensuring that the findings of this study are relevant to real-world IoT deployments.

4.2. Test Scenario

The mission of edge computing embedded devices involves processing data from sensors according to the specific purpose of the IoT application, then either transmitting these data to cloud, server, or broker devices, or executing various operations on the sensor based on the received data. Data are typically transmitted unencrypted via communication protocols like MQTT and CoAP. Data must be encrypted before being sent in order to ensure a secure connection, and they should be sent afterward [27].
The test scenario illustrated in Figure 3 and Figure 4 demonstrates the encryption and decryption process of 1 KB data using the selected lightweight cryptographic algorithms. The MSP430FR5994 edge device initiates the process by transitioning from low-power mode (LPM) to active mode (AM). During this phase, the device performs either encryption or decryption, following a structured sequence that involves key scheduling and the cryptographic operations. To enhance transparency and reproducibility, pseudocode representations of the CLEFIA, PRESENT, and LEA implementations used in this scenario are provided in Appendix B.
Since energy measurements are cumulative, a 1 KB fixed data block provides a measurable and meaningful workload for evaluating encryption algorithms without excessive computational overhead. To improve measurability and ensure consistency with previous experiments, a fixed 1 KB data size was selected. The input plaintext (1 KB) is processed by the encryption algorithm, resulting in a 1 KB ciphertext. Conversely, in decryption mode, the ciphertext is restored to its original plaintext form following the same structured process. To accurately evaluate the runtime, energy consumption, and current usage of each algorithm, the EnergyTrace tool is run. As shown in Figure 4, EnergyTrace initiates at the start of the encryption/decryption process and terminates at the end of the operation, ensuring that the power consumption measurements reflect only the cryptographic processing stage. This allows for a precise assessment of the energy efficiency of different lightweight encryption algorithms within the scope of ISO/IEC 29192-2. Additionally, to optimize power consumption, the device automatically switches back to low-power mode (LPM) once the encryption or decryption process is completed. If the device remains inactive between operations, it conserves energy by staying in LPM until the next encryption/decryption request is triggered. This behavior closely aligns with real-world IoT applications, where devices frequently alternate between active computation and idle states to prolong battery life. The test scenario provides a controlled and repeatable environment for analyzing the performance of the encryption algorithms while considering practical constraints such as power consumption and execution time. By leveraging MSP430FR5994’s ultra-low-power capabilities and the EnergyTrace tool, this setup ensures reliable benchmarking of the cryptographic algorithms under ideal conditions, minimizing the influence of external factors such as network delays or sensor noise.
Figure 4. Sequence diagram representing the energy measurement process of ISO/IEC 29192-2 algorithms based on the test scenario.
Figure 4. Sequence diagram representing the energy measurement process of ISO/IEC 29192-2 algorithms based on the test scenario.
Applsci 15 03928 g004
This study is limited to the evaluation of encryption and decryption energy consumption under ideal and controlled test conditions. While the experimental scenario was designed to reflect typical trends observed in real-world IoT applications, it does not account for external factors such as temperature fluctuations, network latency, or real-time data transmission. These variables may influence the overall energy behavior of the devices in actual deployments. However, the use of a controlled test environment enables an isolated and objective comparison of algorithmic performance, focusing purely on the computational characteristics of the encryption algorithms.
Additionally, the study was conducted using a single hardware platform, the MSP430FR5994, which was selected for its low-power features and advanced energy profiling capabilities. Although microcontroller architecture such as instruction set design, memory hierarchy, and power management can influence absolute performance metrics such as energy consumption and runtime, it is expected that the relative performance differences among the algorithms tested will remain largely consistent across platforms. In other words, an algorithm that performs more efficiently than others on the MSP430FR5994 is likely to maintain its relative advantage on other embedded systems as well. This observation strengthens the validity of the comparative results obtained in this study and supports their generalizability to a broader range of IoT platforms.
The test scenario considers only the encryption and decryption processes inside the device under ideal conditions. Other factors such as data generation and transmission to the network are not included in the study. This is because the focus of this study is to analyze the pure performance of the algorithms adopted in the ISO standards. Thus, by providing a test environment free from environmental factors, it is aimed to evaluate the basic metrics of the algorithms such as energy consumption and runtime in the most accurate way.

4.3. Results

The experimental results obtained from the test scenario are presented in Table 1 and Table 2. When the scenario was run separately for each of the 128-, 192-, and 256-bit key lengths for the CLEFIA algorithm, the encryption of 1 KB data was completed in 2.57873, 2.38394, and 3.45865 s, respectively, while its decryption was completed in 2.35172, 2.37323, 3.25429 s, respectively. Accordingly, during encryption, a mean current of 0.5846 mA was drawn; and a mean current of 0.5904 mA was drawn for decryption. While the encryption process consumed 4657.2 μJ of energy, the decryption process consumed 4269.9 μJ of energy. When the scenario is run for the PRESENT algorithm, the encryption of 1 KB data was completed in 15.80920 s, and the decryption was completed in 16.17239 s. A mean current of 0.5939 mA for encryption and 0.6017 mA for decryption was drawn. During the encryption process, 28,020.3 µJ of energy was consumed and for the decryption process, 29,266.7 µJ of energy was consumed. When the scenario was run individually for each of the LEA algorithm’s 128, 192, and 256-bit key lengths, 1 KB of data was encrypted in 0.61108, 1.71779, and 1.07285 s, respectively. At the same time, the decryption took 0.62134, 0.63230, and 0.60001 s, respectively. Consequently, a mean current of 0.5224 mA was drawn for encryption, and a 0.5315 mA current was drawn for decryption. A 990.6 μJ of energy was consumed during the encryption process, while 1031.6 μJ of energy was consumed during the decryption stage. The scenario was similarly applied for AES with the same conditions. AES produced better results than CLEFIA and PRESENT. Appendix A presents the relative power–time (s) diagrams for each algorithm tested in the study. These figures visually illustrate the energy consumption patterns of the encryption and decryption processes for PRESENT, CLEFIA (128-bit), and LEA (128-bit) algorithms.

5. Discussion

When real-time data from the test environment is evaluated, it is clear that the LEA algorithm significantly outperforms other algorithms. The LEA algorithm is based on ARX. As a result, encryption and decryption are limited to basic bit-wise operations. Therefore, energy usage is extremely low. ARX-based encryption algorithms are known to be fast and suitable for IoT systems [36]. Therefore, the LEA algorithm is expected to give good performance. While 1 KB of data is encrypted in the edge device in the test environment, only 32% of the runtime and energy used is spent in AM. The device is switched to LPM for the remainder of the operation.
Unlike other ISO/IEC 29192-2 algorithms, CLEFIA shares structural similarities with AES due to its complex computational operations. Notably, the GF multiplication-based diffusion layer based on GF multiplication alone accounts for approximately 52.5% of the total runtime. During both encryption and decryption, the device remained in active mode (AM) throughout the entire process and was unable to transition to low-power mode (LPM), resulting in increased energy consumption. This prolonged active operation makes CLEFIA considerably slower and more energy-intensive compared to other algorithms. For battery-powered IoT devices deployed in the field, such inefficiencies are critical. Optimizing the diffusion layer, which is responsible for the majority of the computational workload, could lead to significant improvements in performance and energy efficiency.
When compared to other algorithms, the PRESENT algorithm delivered the worst results. Because of its shorter block length, the PRESENT algorithm has more rounds. At the same time, despite having a simple key schedule stage, the PRESENT algorithm generates round keys while encrypting or decrypting. Other algorithms generate the required keys during the key schedule stage before the start of the round. This could have contributed to PRESENT’s poor performance. The PRESENT algorithm was in AM for 85.9% of its runtime, while the remainder of the time, the device was in LPM.
Although AES is a widely used robust encryption algorithm, it is not optimized for resource-constrained environments. In such environments, the lightweight encryption algorithms PRESENT, CLEFIA, and LEA offer more energy-efficient solutions than AES. LEA is characterized by the lowest energy consumption and fast runtimes, making it a much more efficient option than AES for IoT devices, where energy savings are critical. CLEFIA performs similarly to AES with lower energy consumption, while at the same time providing lower computational cost. However, PRESENT stands out as a less efficient option than AES in terms of energy consumption due to its high round count and long run times. Overall, AES provides strong security and LEA and CLEFIA offer better energy efficiency and performance, while PRESENT is at an energy disadvantage.
Tests can be conducted on other platforms; however, given the structure of encryption algorithms or the computational parts, the results are expected to be broadly similar. Even when different processor architectures or hardware specifications are utilized, variations in energy consumption and performance will remain within comparable ranges.
A direct comparison between CLEFIA and LEA across identical key sizes (128, 192, and 256 bits) further reinforces LEA’s advantage in terms of both energy efficiency and runtime. At the 128-bit key size, LEA consumed approximately 78.7% less energy and completed the encryption process 76.3% faster than CLEFIA. In the 192-bit configuration, LEA also outperformed CLEFIA, using 30.9% less energy and achieving a 27.9% reduction in runtime. The most significant performance gap was observed at the 256-bit level, where LEA required 69.2% less energy and executed the encryption 69% faster. These comparative results indicate that LEA maintains a consistent and scalable energy advantage over CLEFIA, making it a more suitable choice for power-constrained environments such as embedded systems and IoT devices. A comparative evaluation between LEA and PRESENT further highlights the efficiency of LEA in low-power encryption scenarios. When using LEA with a 128-bit key and PRESENT with an 80-bit key under identical test conditions, LEA demonstrated a substantial energy saving of approximately 96.5%. Furthermore, LEA completed the encryption process in 96.1% less time compared to PRESENT. These results clearly indicate that LEA not only consumes significantly less power, but also operates with much greater speed, making it a more suitable option for resource-constrained environments, such as IoT and embedded systems, where energy efficiency and real-time performance are critical.

6. Considerations for Enhancing ISO/IEC 29192-2 Lightweight Ciphers

Up to this part of the study, lightweight encryption algorithms standardized according to ISO/IEC 29192-2 have been evaluated in terms of energy consumption. The results and discussions show that some algorithms in particular fail to achieve the expected energy efficiency [25]. The algorithms are secure in terms of both key sizes and number of cycles. However, it is important to reevaluate encryption algorithms used in resource-constrained systems such as IoT not only in terms of security, but also in terms of energy consumption. Academic and industrial requirements should be considered when setting security standards. This study suggests that future revisions of ISO/IEC 29192-2 could be updated to include algorithms that provide lower power consumption and better integration with embedded systems. In this section, recommendations and future research areas for the development of ISO/IEC 29192-2 lightweight encryption algorithms are discussed.
Block size is a critical parameter that directly affects the processing efficiency, security level and energy consumption of an encryption algorithm. In general, larger block sizes can increase energy consumption as they require more computation while allowing more data to be processed. On the other hand, small block sizes require fewer operations but more cycles for security reasons. Although PRESENT was the algorithm with the smallest block size, it was not the most efficient in terms of energy consumption due to its 31 rounds. CLEFIA and LEA can process larger data blocks with 128-bit block size, but CLEFIA has a more complex structure, which increased energy consumption. LEA provided both a 128-bit block size and the lowest energy consumption thanks to its ARX-based operations. As a result, the impact of block size on energy consumption should be evaluated together with the number of rounds of the algorithm, its structure, and the optimization techniques used. In systems such as IoT, where low energy consumption is important, choosing the optimal block size is a critical factor for both maintaining security and ensuring energy efficiency.
Lightweight block cipher algorithms should have simpler structures compared to traditional encryption methods due to their areas of use. Therefore, they involve more rounds to ensure security. While a higher number of rounds increases resilience against cryptanalysis attacks, it can negatively impact performance and energy consumption by increasing processing time. While PRESENT has the highest number of rounds, it requires relatively less processing power because it has a simple SPN structure. However, the high number of rounds increased energy consumption and decreased performance. CLEFIA aimed to provide high security with fewer rounds by using Feistel network architecture, but increased the computational cost due to the advanced diffusion layer. LEA was able to provide high security with less energy consumption with ARX-based operations. As a result, while increasing the number of rounds increases security, it increases processing time and energy consumption. In low-power applications such as IoT, determining the optimal number of rounds is a critical factor to improve energy efficiency. Therefore, the number of rounds in lightweight encryption algorithms should be optimized by balancing security and energy consumption. If the number of rounds is not carefully balanced, encryption algorithms can become vulnerable to attacks. Too few rounds may lead to weaknesses against differential and linear cryptanalysis, making the cipher easier to break, while too many rounds can unnecessarily increase computational overhead and energy consumption without significantly enhancing security [37]. Striking the right balance is crucial, as an insufficient number of rounds can lead to practical cryptographic weaknesses, allowing attackers to exploit structural flaws and compromise the encryption. Therefore, determining the appropriate number of rounds is not only a matter of performance optimization, but also a fundamental requirement for maintaining the integrity and reliability of encryption in resource-constrained environments.
The key scheduling stage is one of the components that contributes significantly to the total energy consumption of encryption algorithms. This phase involves the process of transforming the key into subkeys and requires different computational costs depending on the design of the algorithm. The key scheduling mechanisms of the CLEFIA, PRESENT, and LEA algorithms analyzed in this study differ in terms of energy consumption. Although PRESENT has a relatively simple key planning mechanism, the high total number of rounds and the repetition of key scheduling at the time of encryption cause an increase in energy consumption. Although CLEFIA improves security by using a more complex key expansion mechanism, this structure creates an additional burden in terms of energy. LEA, on the other hand, provides a lower energy consumption during the key generation phase owing to its ARX-based operations. In general, the computational load and memory access used during key generation directly affect the total energy consumption. For lightweight encryption algorithms to be used more effectively in IoT applications, optimizing key planning processes is a critical factor in reducing the computational load and, thus, energy consumption. To achieve this, a foundational structure that is both secure and streamlined should be employed.
Studies on lightweight cryptographic algorithms have outlined key criteria for designing future encryption methods. The trend of development shows that the most recent lightweight block ciphers implement a single 4-bit S-box, apply a 128-bit or lower key size, and execute more than 20 encryption rounds according to their structure [38]. Additionally, ARX-based designs have gained popularity due to their efficiency in software and hardware implementations and their ability to provide strong security with minimal computational overhead [25]. These design choices aim to balance security, efficiency, and low power consumption, which are critical for resource-constrained environments such as the IoT and embedded systems. To ensure both security and energy efficiency, future lightweight encryption algorithms should focus on optimizing the number of rounds, selecting efficient key scheduling mechanisms, and minimizing computational complexity through techniques such as ARX operations, all while maintaining resistance to cryptanalysis. In recent years, the field of lightweight cryptography has seen substantial advancements, particularly with the emergence of ARX-based algorithms that offer a strong trade-off between energy efficiency and security. ARX-based encryption algorithms, which utilize simple operations such as addition, rotation, and XOR, are particularly well-suited for resource-constrained devices, especially in the Internet of Things (IoT) domain. Their lightweight structure enables efficient implementation on low-power microcontrollers, minimizing computational overhead and energy consumption. At the same time, their design ensures a reasonable level of cryptographic security, offering resistance to differential and linear cryptanalysis. Due to their balance between performance and robustness, ARX-based ciphers have become a popular choice for securing communication in embedded and IoT environments, where efficiency and reliability are both critical. In this context, recently developed ciphers such as SIMON and SPECK—both based on ARX principles—have drawn attention for their ability to offer high efficiency and flexibility across various hardware and software platforms. Similarly, LBlock, although based on a Feistel structure rather than ARX operations, has demonstrated lightweight characteristics suitable for constrained environments. Its efficient design and low resource requirements make it a viable alternative for embedded systems, even though it does not follow the ARX paradigm. While these ciphers are not yet standardized under ISO/IEC 29192-2, their performance in energy-critical applications suggests they may be valuable candidates for future standardization. Comparing these with current ISO-standard algorithms like CLEFIA, PRESENT, and LEA may offer new insights into optimizing energy efficiency, security, and implementation complexity in the evolving landscape of IoT security.
The ISO/IEC 29192-2 lightweight cipher standard plays a crucial role in defining secure and efficient cryptographic solutions for resource-constrained environments, particularly in IoT systems. However, recent studies and this paper indicate that some of the standardized algorithms, particularly PRESENT and CLEFIA, may not be the most optimal choices in terms of energy efficiency and hardware performance. Given the increasing demands for secure and energy-efficient cryptographic solutions in IoT, a reassessment of the standard is necessary to ensure that it aligns with modern cryptographic advances and real-world constraints. In recent years, several newly developed lightweight cryptographic algorithms have demonstrated better security and hardware efficiency compared to the existing ISO/IEC 29192-2 ciphers. For example, the SIMON and SPECK cipher families, developed by the U.S. National Security Agency (NSA), have been widely analyzed and shown to offer strong security properties while maintaining high performance on both software and hardware platforms [38]. These ciphers have been adopted in various applications due to their low computational complexity and optimized execution on embedded processors. Such advancements suggest that lightweight cryptographic standards should be updated to incorporate more efficient and secure algorithms, ensuring that IoT systems benefit from the latest developments in cryptographic research.

7. Conclusions

Information security will become more important as the IoT ecosystem advances in the immediate future. Most of the time, communication protocols could be used to offer security. At the IoT application level, however, encryption is required to assure data transmission safety. Conventional encryption algorithms cannot be employed in IoT devices with low processing and memory capacity for various reasons. Even if they are used, they can cause performance issues. As a result, lightweight encryption algorithms have been developed that are better suited for deployment on IoT secure applications. The energy consumption of three lightweight encryption algorithms suggested in the ISO/IEC 29192-2:2019 document was investigated in real-time throughout this research. The results of the study are similar to the measurements made on other block cipher algorithms that are not included in the standard list in different studies in the literature [39,40]. However, there is no comparison on ISO standards in the literature on this subject. The implementation of ISO standards in the IoT domain is essential to guarantee secure and reliable data exchange among interconnected devices. They provide a common framework for interoperability, enabling seamless integration of products from different manufacturers. Additionally, ISO standards help IoT solutions meet regulatory requirements and improve market acceptance by ensuring consistent quality and performance. In this context, the algorithms accepted in ISO standards were compared in this study.
As a result of the study, it has been observed that lightweight encryption algorithms such as PRESENT and CLEFIA, which are included in the ISO standards, do not perform as expected when compared to AES, especially in terms of energy consumption and security. Although these algorithms are optimized for use in resource-constrained environments, they lag behind AES in terms of runtime and energy efficiency. However, this does not mean that AES is better for IoT applications since AES is not designed for IoT systems. This may necessitate a re-evaluation of these algorithms, especially for applications in IoT and embedded systems. Therefore, it is recommended that the authorities reconsider whether the ISO standards meet the requirements in this area and make these standards more efficient with possible updates.
Given that CLEFIA and PRESENT consume significantly more power and require longer processing times compared to LEA, the LEA algorithm stands out as a particularly advantageous choice for industrial IoT applications. Its consistently lower energy consumption and faster execution times compared to other ISO/IEC 29192-2 algorithms make it well-suited for applications where power efficiency and real-time processing are essential. In environments such as remote monitoring systems and sensor-driven automation, where devices often operate on limited battery resources, LEA’s performance characteristics can significantly extend operational lifespan and reduce maintenance frequency. These practical benefits reinforce its viability as a preferred encryption solution in energy-constrained industrial IoT ecosystems.
On the other hand, the future of lightweight cryptography, particularly within the scope of ISO/IEC 29192-2, appears promising as industries increasingly adopt IoT, embedded systems, and edge computing. As connected devices continue to grow in number and complexity, the demand for efficient, secure, and low-power cryptographic solutions becomes more critical. In terms of hardware development, microcontroller manufacturers and chip designers are expected to integrate hardware-accelerated encryption modules for PRESENT, CLEFIA, and LEA. Future IoT processors and embedded systems may feature specialized cryptographic units optimized for these lightweight algorithms, ensuring minimal power consumption while maintaining robust security levels. From an industry perspective, lightweight cryptography will play a crucial role across various domains. In IoT security, these algorithms will be essential for ensuring the secure transmission and authentication of data in smart homes, industrial automation, and smart city infrastructures. Additionally, one of the key areas of future development will be the continued standardization and optimization of lightweight cryptographic algorithms. While ISO/IEC 29192-2 establishes a fundamental framework for secure IoT communications, ongoing research will likely refine these algorithms to further enhance their security and efficiency, ensuring their long-term applicability in emerging technologies.
In resource-constrained IoT systems, energy consumption is a critical factor due to the limited processing power and battery capacity of embedded devices. Therefore, it is essential that mandatory components such as encryption algorithms operate with minimal energy requirements. However, while optimizing energy efficiency, it is equally important not to compromise on core security principles. Particularly in the context of hardware-level threats such as side-channel attacks, or algorithmic vulnerabilities like differential cryptanalysis, the robustness of the encryption scheme must remain a top priority. For this reason, encryption algorithms approved by reputable standardization authorities such as ISO/IEC, NIST, or ETSI should be preferred, as they have undergone rigorous evaluations in terms of both security and performance. Although this study highlights energy consumption as a key performance metric, any recommendation to revise cryptographic standards must be balanced with a thorough consideration of security trade-offs.
While meeting today’s energy and security demands, it is also important to anticipate the future direction of secure communication systems. Emerging technologies such as quantum computing and 6G networks are expected to reshape the landscape of data transmission and encryption. Within this context, concepts like the quantum IoT point to the necessity of cryptographic algorithms that are not only efficient for today’s embedded systems, but also resilient to potential quantum threats. While ISO/IEC 29192-2 provides a framework for current lightweight applications, future standardization efforts may need to integrate post-quantum considerations to ensure long-term viability.
In addition to providing a comparative analysis of standardized lightweight encryption algorithms, the results of this study may also contribute to the development of energy-aware maintenance strategies, such as energy-based maintenance (EBM) in embedded and IoT systems. By profiling the energy consumption behavior of encryption operations, it becomes possible to detect long-term anomalies or inefficiencies that may indicate cryptographic module degradation or hardware faults. Future work could explore the integration of such energy consumption metrics into predictive maintenance frameworks, allowing systems to dynamically monitor cryptographic workloads and optimize operational sustainability in energy-constrained environments.

Funding

This research received no external funding.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

The original contributions presented in the study are included in the article, further inquiries can be directed to the corresponding author.

Acknowledgments

The author thanks the reviewers and editors for their valuable feedback and contributions, which helped improve the quality of this manuscript.

Conflicts of Interest

The author declares no conflicts of interest.

Appendix A

The encryption and decryption diagrams of the algorithms, based on the defined test scenario, are presented below. Each figure illustrates the relative power vs. time behavior during the execution of cryptographic operations. The x-axis represents the total duration of the process in seconds, while the y-axis shows the relative power consumption observed at each moment. Peaks in the graph indicate periods of intensive processing or memory access, while lower values suggest idle or less power-demanding phases. The fluctuations reflect the algorithm’s internal operations, including key scheduling, substitution permutation stages, and final output generation. These diagrams provide insight into the energy consumption profile and temporal behavior of each algorithm when implemented on a resource-constrained embedded device.
Figure A1. PRESENT encryption energy consumption.
Figure A1. PRESENT encryption energy consumption.
Applsci 15 03928 g0a1
Figure A2. PRESENT decryption energy consumption.
Figure A2. PRESENT decryption energy consumption.
Applsci 15 03928 g0a2
Figure A3. CLEFIA 128-bit encryption energy consumption.
Figure A3. CLEFIA 128-bit encryption energy consumption.
Applsci 15 03928 g0a3
Figure A4. CLEFIA 128-bit decryption energy consumption.
Figure A4. CLEFIA 128-bit decryption energy consumption.
Applsci 15 03928 g0a4
Figure A5. LEA 128-bit encryption energy consumption.
Figure A5. LEA 128-bit encryption energy consumption.
Applsci 15 03928 g0a5
Figure A6. LEA 128-bit decryption energy consumption.
Figure A6. LEA 128-bit decryption energy consumption.
Applsci 15 03928 g0a6

Appendix B

Figure A7. PRESENT 128-bit encryption pseudo-code.
Figure A7. PRESENT 128-bit encryption pseudo-code.
Applsci 15 03928 g0a7
Figure A8. CLEFIA 128-bit encryption pseudo-code.
Figure A8. CLEFIA 128-bit encryption pseudo-code.
Applsci 15 03928 g0a8
Figure A9. LEA 128-bit encryption pseudo-code.
Figure A9. LEA 128-bit encryption pseudo-code.
Applsci 15 03928 g0a9

References

  1. Menezes, A.J.; van Oorschot, P.C.; Vanstone, S.A. Handbook of Applied Cryptography; CRC Press: Boca Raton, FL, USA, 2018. [Google Scholar] [CrossRef]
  2. ISO/IEC 29192-2:2019; Information technology—Security techniques—Lightweight cryptography—Part 2: Block ciphers. International Organization for Standardization: Geneva, Switzerland, 2019.
  3. Sasi, T.; Lashkari, A.H.; Lu, R.; Xiong, P.; Iqbal, S. A comprehensive survey on IoT attacks: Taxonomy, detection mechanisms and challenges. J. Inf. Intell. 2024, 2, 455–513. [Google Scholar] [CrossRef]
  4. Bogdanov, A.; Mendel, F.; Regazzoni, F.; Rijmen, V.; Tischhauser, E. ALE: AES-Based Lightweight Authenticated Encryption; Springer: Berlin/Heidelberg, Germany, 2014; pp. 447–466. [Google Scholar] [CrossRef]
  5. Saidala, R.K.; Padmapriya, H.V.V.G.; Priya, J.S.V.K.; Shaikh, A.A. Interoperability and Standardization in the Internet of Things. In Proceedings of the 2024 Ninth International Conference on Science Technology Engineering and Mathematics (ICONSTEM), Chennai, India, 4–5 April 2024; IEEE: Piscataway, NJ, USA, 2024; pp. 1–6. [Google Scholar] [CrossRef]
  6. Bogdanov, A.; Knudsen, L.R.; Leander, G.; Paar, C.; Poschmann, A.; Robshaw, M.J.; Seurin, Y.; Vikkelsoe, C. PRESENT: An Ultra-Lightweight Block Cipher. In Cryptographic Hardware and Embedded Systems—CHES 2007; Springer: BerlinBerlin/Heidelberg, Germany, 2007; pp. 450–466. [Google Scholar] [CrossRef]
  7. Shirai, T.; Shibutani, K.; Akishita, T.; Moriai, S.; Iwata, T. The 128-Bit Blockcipher CLEFIA (Extended Abstract); Springer: Berlin/Heidelberg, Germany, 2007; pp. 181–195. [Google Scholar] [CrossRef]
  8. Shibutani, K.; Isobe, T.; Hiwatari, H.; Mitsuda, A.; Akishita, T.; Shirai, T. Piccolo: An Ultra-Lightweight Blockcipher; Springer: Berlin/Heidelberg, Germany, 2011; pp. 342–357. [Google Scholar] [CrossRef]
  9. Borghoff, J.; Canteaut, A.; Güneysu, T.; Kavun, E.B.; Knezevic, M.; Knudsen, L.R.; Leander, G.; Nikov, V.; Paar, C.; Rechberger, C.; et al. PRINCE—A Low-Latency Block Cipher for Pervasive Computing Applications; Springer: Berlin/Heidelberg, Germany, 2012; pp. 208–225. [Google Scholar] [CrossRef]
  10. Wu, W.; Zhang, L. LBlock: A Lightweight Block Cipher; Springer: Berlin/Heidelberg, Germany, 2011; pp. 327–344. [Google Scholar] [CrossRef]
  11. Hong, D.; Sung, J.; Hong, S.; Lim, J.; Lee, S.; Koo, B.S.; Lee, C.; Chang, D.; Lee, J.; Jeong, K.; et al. HIGHT: A New Block Cipher Suitable for Low-Resource Device; Springer: Berlin/Heidelberg, Germany, 2006; pp. 46–59. [Google Scholar] [CrossRef]
  12. Suzaki, T.; Minematsu, K.; Morioka, S.; Kobayashi, E. TWINE: A Lightweight Block Cipher for Multiple Platforms; Springer: Berlin/Heidelberg, Germany, 2013; pp. 339–354. [Google Scholar] [CrossRef]
  13. Beaulieu, R.; Shors, D.; Smith, J.; Treatman-Clark, S.; Weeks, B.; Wingers, L. The SIMON and SPECK lightweight block ciphers. In Proceedings of the 52nd Annual Design Automation Conference, New York, NY, USA, 7–11 June 2015; ACM: New York, NY, USA, 2015; pp. 1–6. [Google Scholar] [CrossRef]
  14. Sahay, R.; Lakshmi, L.; Dodhiawala, Z. LiteEncrypt: A Lightweight Block Cipher for Secure Communication in IoT Enabled Sensor. In Internet Technology Letters; Wiley: Hoboken, NJ, USA, 2024. [Google Scholar] [CrossRef]
  15. Feng, J.; Li, L.; Yan, L.; Deng, C. INLEC: An involutive and low energy lightweight block cipher for internet of things. Pervasive Mob. Comput. 2024, 105, 101991. [Google Scholar] [CrossRef]
  16. Zhang, X.; Yang, M.; Chen, J.; Li, T.; Wang, C. RAB: A lightweight block cipher algorithm with variable key length. Peer Peer Netw. Appl. 2024, 17, 2906–2920. [Google Scholar] [CrossRef]
  17. Xu, R.; Li, L.; Huang, X. LPHD: A low power and high diffusion lightweight block cipher. Int. J. Circuit Theory Appl. 2024, 52, 6424–6447. [Google Scholar] [CrossRef]
  18. Sun, W.; Li, L.; Huang, X. LTLBC: A low-latency lightweight block cipher for internet of things. Clust. Comput. 2024, 27, 9783–9794. [Google Scholar] [CrossRef]
  19. Huang, X.; Li, L.; Zhang, H.; Yang, J.; Kuang, J. IoVCipher: A low-latency lightweight block cipher for internet of vehicles. Ad Hoc Netw. 2024, 160, 103524. [Google Scholar] [CrossRef]
  20. Imdad, M.; Fazil, A.; Ramli, S.N.B.; Ryu, J.; Mahdin, H.B.; Manzoor, Z. DNA-PRESENT: An Improved Security and Low-Latency, Lightweight Cryptographic Solution for IoT. Sensors 2024, 24, 7900. [Google Scholar] [CrossRef]
  21. Singh, D.; Kumar, M.; Yadav, T. RAZOR A Lightweight Block Cipher for Security in IoT. Def. Sci. J. 2024, 74, 46–52. [Google Scholar] [CrossRef]
  22. Hu, M.; Li, L.; Huang, X.; Sun, W. GFLE: A low-energy lightweight block cipher based on a variant of generalized Feistel structure. Phys. Scr. 2024, 99, 085121. [Google Scholar] [CrossRef]
  23. Zhang, X.; Shao, C.; Li, T.; Yuan, Y.; Wang, C. GFSPX: An efficient lightweight block cipher for resource-constrained IoT nodes. J. Supercomput. 2024, 80, 25256–25282. [Google Scholar] [CrossRef]
  24. Rana, M.; Mamun, Q.; Islam, R. Balancing Security and Efficiency: A Power Consumption Analysis of a Lightweight Block Cipher. Electronics 2024, 13, 4325. [Google Scholar] [CrossRef]
  25. Zhong, Y.; Gu, J. Lightweight block ciphers for resource-constrained environments: A comprehensive survey. Future Gener. Comput. Syst. 2024, 157, 288–302. [Google Scholar] [CrossRef]
  26. Dahiphale, V.; Raut, H.; Bansod, G.; Dahiphale, D. Securing IoT devices with fast and energy efficient implementation of PRIDE and PRESENT ciphers. Cyber Secur. Appl. 2025, 3, 100055. [Google Scholar] [CrossRef]
  27. Aslan, B.; Aslan, F.Y.; Sakallı, M.T. Energy Consumption Analysis of Lightweight Cryptographic Algorithms That Can Be Used in the Security of Internet of Things Applications. Secur. Commun. Netw. 2020, 2020, 1–15. [Google Scholar] [CrossRef]
  28. Kumar, S.; Kumar, D.; Dangi, R.; Choudhary, G.; Dragoni, N.; You, I. A Review of Lightweight Security and Privacy for Resource-Constrained IoT Devices. Comput. Mater. Contin. 2024, 78, 31–63. [Google Scholar] [CrossRef]
  29. Hong, D.; Lee, J.-K.; Kim, D.-C.; Kwon, D.; Ryu, K.H.; Lee, D.-G. LEA: A 128-Bit Block Cipher for Fast Encryption on Common Processors; Springer: Berlin/Heidelberg, Germany, 2014; pp. 3–27. [Google Scholar] [CrossRef]
  30. Neal, Z.; Goulart, A.; Chennamaneni, A. On the Practicality of Hardware Acceleration for Lightweight Block Ciphers. In Proceedings of the 2024 IEEE International Workshop Technical Committee on Communications Quality and Reliability (CQR), Seattle, WA, USA, 11 September 2024; IEEE: Piscataway, NJ, USA, 2024; pp. 31–36. [Google Scholar] [CrossRef]
  31. Pyrgas, L.; Kitsos, P. A Very Compact Architecture of CLEFIA Block Cipher for Secure IoT Systems. In Proceedings of the 2019 22nd Euromicro Conference on Digital System Design (DSD), Kallithea, Greece, 28–30 August 2019; IEEE: Piscataway, NJ, USA, 2019; pp. 624–627. [Google Scholar] [CrossRef]
  32. Goyal, T.K.; Sahula, V.; Kumawat, D. Energy Efficient Lightweight Cryptography Algorithms for IoT Devices. IETE J. Res. 2022, 68, 1722–1735. [Google Scholar] [CrossRef]
  33. Cano-Quiveu, G.; Ruiz-de-clavijo-Vazquez, P.; Bellido, M.J.; Juan-Chico, J.; Viejo-Cortes, J.; Guerrero-Martos, D.; Ostua-Aranguena, E. Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security. Electronics 2021, 10, 3036. [Google Scholar] [CrossRef]
  34. An, S.; Seo, S.C. Highly Efficient Implementation of Block Ciphers on Graphic Processing Units for Massively Large Data. Appl. Sci. 2020, 10, 3711. [Google Scholar] [CrossRef]
  35. Friesel, D.; Kaiser, L.; Spinczyk, O. Automatic energy model generation with MSP430 EnergyTrace. In Proceedings of the Workshop on Benchmarking Cyber-Physical Systems and Internet of Things, New York, NY, USA, 3–6 May 2021; ACM: New York, NY, USA, 2021; pp. 26–31. [Google Scholar] [CrossRef]
  36. Sevin, A.; Mohammed, A.A.O. A survey on software implementation of lightweight block ciphers for IoT devices. J. Ambient. Intell. Humaniz. Comput. 2023, 14, 1801–1815. [Google Scholar] [CrossRef]
  37. Liu, G.-Q.; Jin, C.-H. Differential cryptanalysis of PRESENT-like cipher. Des. Codes Cryptogr. 2015, 76, 385–408. [Google Scholar] [CrossRef]
  38. Ashur, T.; Luykx, A. An Account of the ISO/IEC Standardization of the Simon and Speck Block Cipher Families. In Security of Ubiquitous Computing Systems; Springer International Publishing: Cham, Germany, 2021; pp. 63–78. [Google Scholar] [CrossRef]
  39. Kerckhof, S.; Durvaux, F.; Hocquet, C.; Bol, D.; Standaert, F.-X. Towards Green Cryptography: A Comparison of Lightweight Ciphers from the Energy Viewpoint; Springer: Berlin/Heidelberg, Germany, 2012; pp. 390–407. [Google Scholar] [CrossRef]
  40. Aerabi, E.; Bohlouli, M.; Livany, M.H.A.; Fazeli, M.; Papadimitriou, A.; Hely, D. Design Space Exploration for Ultra-Low-Energy and Secure IoT MCUs. ACM Trans. Embed. Comput. Syst. 2020, 19, 1–34. [Google Scholar] [CrossRef]
Figure 1. Structural representation of lightweight encryption algorithms standardized under ISO/IEC 29192-2. (a) CLEFIA: A 128-bit block cipher using a Feistel network architecture with variable key lengths (128, 192, 256 bits) and modular key mixing and diffusion layers. (b) PRESENT: A 64-bit block cipher based on an SPN architecture with 31 rounds, incorporating S-box substitution and bitwise permutation layers. (c) LEA: A 128-bit block cipher utilizing ARX (addition, rotation, XOR) operations for high-speed encryption, with 24, 28, or 32 rounds depending on the key size.
Figure 1. Structural representation of lightweight encryption algorithms standardized under ISO/IEC 29192-2. (a) CLEFIA: A 128-bit block cipher using a Feistel network architecture with variable key lengths (128, 192, 256 bits) and modular key mixing and diffusion layers. (b) PRESENT: A 64-bit block cipher based on an SPN architecture with 31 rounds, incorporating S-box substitution and bitwise permutation layers. (c) LEA: A 128-bit block cipher utilizing ARX (addition, rotation, XOR) operations for high-speed encryption, with 24, 28, or 32 rounds depending on the key size.
Applsci 15 03928 g001
Figure 2. MSP-EXP430FR5994 LaunchPad development kit.
Figure 2. MSP-EXP430FR5994 LaunchPad development kit.
Applsci 15 03928 g002
Figure 3. Test scenario for energy measurement of ISO/IEC 29192-2 algorithms.
Figure 3. Test scenario for energy measurement of ISO/IEC 29192-2 algorithms.
Applsci 15 03928 g003
Table 1. Energy, runtime, and mean current consumption of encryption processes for ISO/IEC 29192-2 algorithms.
Table 1. Energy, runtime, and mean current consumption of encryption processes for ISO/IEC 29192-2 algorithms.
CipherKey LengthRound NumberEnergy (μJ)Runtime (s)Mean Current (mA)
PRESENT803128,020.315.809200.5939
CLEFIA128184657.22.578730.5846
192224193.92.383940.5728
256265891.63.458650.5618
LEA12824990.60.611080.5224
192282896.41.717790.5416
256321816.81.072850.5462
AES128101541.20.811530.5128
192121611.20.931410.5156
256161622.71.043110.5289
Table 2. Energy, runtime, and mean current consumption of decryption processes for ISO/IEC 29192-2 algorithms.
Table 2. Energy, runtime, and mean current consumption of decryption processes for ISO/IEC 29192-2 algorithms.
CipherKey LengthRound NumberEnergy (μJ)Runtime (s)Mean Current (mA)
PRESENT803129,266.716.172390.6017
CLEFIA128184269.92.351720.5904
192224141.32.373230.5720
256265596.53.254290.5714
LEA128241031.60.621340.5315
192281086.30.632300.5415
256321040.60.600010.5481
AES128101596.80.872940.5235
192121598.70.942130.5233
256161643.81.050210.5302
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Aslan, B. Energy Consumption Analysis of ISO/IEC 29192-2 Standard Lightweight Ciphers. Appl. Sci. 2025, 15, 3928. https://doi.org/10.3390/app15073928

AMA Style

Aslan B. Energy Consumption Analysis of ISO/IEC 29192-2 Standard Lightweight Ciphers. Applied Sciences. 2025; 15(7):3928. https://doi.org/10.3390/app15073928

Chicago/Turabian Style

Aslan, Bora. 2025. "Energy Consumption Analysis of ISO/IEC 29192-2 Standard Lightweight Ciphers" Applied Sciences 15, no. 7: 3928. https://doi.org/10.3390/app15073928

APA Style

Aslan, B. (2025). Energy Consumption Analysis of ISO/IEC 29192-2 Standard Lightweight Ciphers. Applied Sciences, 15(7), 3928. https://doi.org/10.3390/app15073928

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop