Abstract
The rapid advancement of quantum computing poses significant threats to classical cryptographic methods, such as Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC), which currently secure Internet of Things (IoT) and cloud communications. Post-Quantum Cryptography (PQC), particularly lattice-based schemes, has emerged as a promising alternative. CRYSTALS-Kyber, standardized by the National Institute of Standards and Technology (NIST) as ML-KEM, has shown efficiency and practicality for constrained IoT devices. Most existing research has focused on PQC within the Transport Layer Security (TLS) protocol. Consequently, a critical gap exists in understanding PQC’s performance in lightweight IoT protocols. These are Message Queuing Telemetry Transport (MQTT) and Constrained Application Protocol (CoAP), particularly under adverse network conditions. To address this gap, this paper provides a systematic review of the literature on the network resilience and performance of CRYSTALS-Kyber when integrated into these protocols operating over lossy and high-latency networks. Additional challenges include non-standardized integration, resource limitations, and side-channel vulnerabilities. This review provides a structured synthesis of current knowledge, highlights unresolved trade-offs between security and efficiency, and outlines future research directions, including protocol-level optimization, lightweight signature schemes, and resilience testing of PQC-secured IoT protocols under realistic conditions.