Secure key agreement in IoT: A systematic literature review and taxonomy analysis

Abstract

The increasing reliance on smart systems and their remote management has led to the widespread adoption of the Internet of Things (IoT). Despite its benefits, IoT introduces significant communication security challenges due to its heterogeneous components. Key agreement techniques, which establish symmetric encryption keys between communicating parties, are crucial for secure communications. However, the diversity and resource constraints of IoT devices present ongoing challenges. Existing studies on key agreement often focus on devices with specific conditions and specialized communication models. Their broader applicability is limited by that reason. This study addresses this gap by identifying and compiling the necessary features and conditions for key agreement algorithms in IoT environments. We survey key agreement methods to understand the different approaches in IoT using the Systematic Literature Review (SLR) method. This paper aims to categorize, analytically and statistically, the current research techniques on key agreement approaches in IoT published from 2016 to 2024. We present three technical taxonomies for the key agreement approaches in IoT based on the content of current studies. Our findings reveal that crucial parameters such as communication models, essential resources, and required tools are often overlooked in current IoT key management approaches. Notably, only 2% of the reviewed algorithms are lightweight and suitable for device-to-device communication models without prerequisites. This highlights a significant gap, as over 98% of existing algorithms either fail to meet the current requirements of IoT devices or are not easily implementable in the desired environment.