Dynamic Key Replacement Mechanism for Lightweight IoT Microcontrollers to Resist Side-channel Attacks

5G technology and IoT devices are improving efficiency and quality of life across many sectors. IoT devices are often used in open environments where they handle sensitive data. This makes them vulnerable to side-channel attacks (SCA), where attackers can intercept and analyses the electromagnetic signals emitted by microcontroller units (MCUs) to expose encryption keys and compromise sensitive data. To address this pressing issue, we proposed a highly efficient key replacement mechanism tailored specifically for lightweight IoT microcontrollers. This mechanism established a secure Diffie-Hellman (D-H) channel for key transmission, effectively preventing key leakage and providing strong defense against SCAs. The core of this solution lied in its integration of the Moving Target Defense (MTD) approach, dynamically updating encryption keys with each cryptographic cycle. Experimental results demonstrated that the proposed mechanism achieves key updates with minimal time overhead, ranging between 12 and 50 milliseconds per encryption transmission. More importantly, it exhibits resilience against template attacks. After 20,000 attack attempts, only 2 out of 16 AES-128 subkeys were compromised, reflecting a significant improvement in the security of IoT devices. This dynamic key replacement mechanism dramatically reduced the risk of data leakage, offering an effective and scalable solution for lightweight IoT microcontroller applications that require both efficient performance and strong security.