Stability-Aware Security–Performance Trade-Off Analysis in Resource-Constrained IoT Systems: A Time-Series and Bootstrap-Based Evaluation of TLS and Hybrid ECC–AES Mechanisms

The increasing deployment of resource-constrained Internet of Things (IoT) devices requires security mechanisms that preserve confidentiality without compromising energy efficiency or responsiveness. Although Transport Layer Security (TLS) provides standardized protection for MQTT-based communication, its computational overhead may significantly affect embedded architectures. This study presents a controlled experimental evaluation of three communication configurations implemented on ESP32-based nodes: unencrypted Message Queuing Telemetry Transport (MQTT), MQTT over TLS 1.2, and an application-layer hybrid scheme combining Elliptic Curve Diffie–Hellman key exchange with AES-128 encryption. Second-level measurements of instantaneous current, accumulated energy, end-to-end latency, and memory footprint were collected across repeated experimental runs. Time-series diagnostics were performed to assess autocorrelation and stationarity, and block bootstrap resampling was applied to ensure dependence-aware statistical inference. The results indicate that TLS introduces the highest cumulative energy growth and latency dispersion, while the hybrid ECC–AES configuration demonstrates intermediate behavior with reduced overhead relative to TLS. Pareto frontier analysis shows that TLS is dominated in the joint energy–latency space, whereas the hybrid scheme represents a non-dominated compromise between security and efficiency. These findings provide a stability-aware and statistically robust framework for evaluating security–performance trade-offs in embedded IoT systems.