SoK: Evolution of the Key Encapsulation Mechanism’s Role in Cryptographic Migrations for IoT Systems

Key Encapsulation Mechanisms (KEM) is a special case of Public Key Encryption (PKE) that was recently standardized by National Institute of Standards and Technology in USA. The broader adoption of the term in industry practice was necessitated by the discovery of the malleability property of ciphertext, which led to new approaches PKE. New standard initiated refactoring of all cryptographic software libraries and this process relates to the problems of cryptographic agility. This Systematization of Knowledge (SoK) addresses the developments of public key encryption methods and the main challenges that drive the specialization of KEM in cryptographic software. Based upon our findings from a systematic literature review, we present a formal analysis that provides cryptographic users a means of better understanding of KEM and its roles in cryptographic migrations in IoT systems. We have identified the main milestones of KEM evolution and structured it into four development areas. We found that the evolution of KEM is defined by a variety of mathematical foundations that always reflect various aspects of the cryptosystem. Our findings indicate that academia, industry practitioners and standardization bodies propagate such approaches into practice by additional abstraction layers in cryptographic software libraries. However, the libraries is still not in consensus, which is confirmed after the discovery of a new class of libraries, cryptographic bindings. To structure the mentioned phenomena, we introduced a novel, three-facet, consumer-centered mapping of the data security domain. We believe our contribution can help researchers and practitioners to have a broader and deeper understanding of data encryption tooling in context of cryptographic migrations.