Post-Quantum Cryptography for the Internet of Things: new approach

Pablo Rubens de Moura; Elmer Rolando Llanos Villarreal; Diego Antonio de Moura Fonsêca; Andrés Ortiz Salazar

doi:10.18540/jcecvl11iss1pp21741

Authors

Pablo Rubens de Moura Departamento de Ciências Naturais, Matemática e Estatística DCME/CCEN Universidade Federal Rural do Semiárido UFERSA, Mossoró/RN, Brazil https://orcid.org/0009-0002-9637-8421
Elmer Rolando Llanos Villarreal Departamento de Ciências Naturais, Matemática e Estatística DCME/CCEN Universidade Federal Rural do Semiárido UFERSA, Mossoró/RN, Brazil https://orcid.org/0000-0002-3059-3340
Diego Antonio de Moura Fonsêca Departamento de Engenharia de Computação e Automação (DCA) Universidade Federal do Rio Grande do Norte UFRN, Brazil
Andrés Ortiz Salazar Departamento de Engenharia de Computação e Automação (DCA) Universidade Federal do Rio Grande do Norte UFRN, Brazil

DOI:

https://doi.org/10.18540/jcecvl11iss1pp21741

Keywords:

Quantum scattering. Fredholm. Neumann-Born. Computational modeling., Microcontrolller, intensity of traffic (IoT), cryptography, B92 protocol

Abstract

The growth of quantum computing reveals a series of significant threats to cryptographic systems known today, such as RSA, ECC, and Diffie-Hellman, which are extremely important for Internet security, but are threatened by the increase in possible quantum attacks. The area of public and private key cryptography is vast. Therefore, this article addresses post-quantum cryptography (PQC) algorithms and the challenges of implementing them in Internet of Things (IoT) devices, given the difficulty of application due to restricted resources, such as RAM and clock speed . To this end, we will discuss the need for standardization of algorithms considering low-resource IoT devices, prioritizing RAM over ROM, meeting the needs of low-memory devices, which are lighter. The National Institute of Standards and Technology (NIST) has validated four cryptographic systems that are secure against quantum attacks. We analyze the implications of these systems on the infrastructure of current networks and will compare in detail these algorithms and their respective strengths, weaknesses, and trade-offs. We evaluate the feasibility of post-quantum encryption (PQC) algorithms in resource-constrained IoT devices using the ESP-WROOM-32 microcontroller. Three cryptographic schemes were implemented and compared.

Downloads

Download data is not yet available.

References

Atkins, D. (2021). Requirements for post-quantum cryptography on embedded devices in the IoT. Presented at Third PQC Standardization Conference.

Choi, J., & Lee, J. (2024). Secure and scalable Internet of Things model using post-quantum MACsec. Applied Sciences, 14(10), 4215. https://doi.org/10.3390/app14104215

Chen, L., Jordan, S., Liu, Y.-K., Moody, D., Peralta, R., Perlner, R., & Smith-Tone, D. (2016). Report on post-quantum cryptography (NISTIR 8105). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.IR.8105

Fernández-Caramés, T. M. (2019). From pre-quantum to post-quantum IoT security: A survey on quantum-resistant cryptosystems for the Internet of Things. IEEE Internet of Things Journal, 7(7), 6457–6480. https://doi.org/10.1109/JIOT.2019.2958788

Fagan, M., Megas, K., Watrobski, P., Marron, J., Cuthill, B., Lemire, D., Hoehn, B., & Evans, C. (2024). Recommended cybersecurity requirements for consumer-grade router products (NIST IR 8425A). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.IR.8425A

Imine, B., & Ali-Pacha, A. (2022). McEliece cryptosystem based on Plotkin construction with QC-MDPC and QC-LDPC codes. Journal of Cryptography, 45(2), 123–140. https://arxiv.org/abs/2211.14206v3

Kaplan, M., Leurent, G., Leverrier, A., & Naya-Plasencia, M. (2016). Breaking symmetric cryptosystems using quantum period finding. In Advances in Cryptology – CRYPTO 2016 (pp. 207–237). Springer. https://doi.org/10.1007/978-3-662-53018-4_8

Kim, Y., Song, J., & Seo, S. C. (2022). Accelerating Falcon on ARMv8. IEEE Access. https://doi.org/10.1109/ACCESS.2022.3169784

Kwala, A. K., Kant, S., & Mishra, A. (2024). Comparative analysis of lattice-based cryptographic schemes for secure IoT communications. Discover Internet of Things Research. https://doi.org/10.1007/s12345-024-00314-6

Liu, T., Ramachandran, G., & Jurdak, R. (2024). Post-Quantum Cryptography for Internet of Things: A Survey on Performance and Optimization. arXiv preprint arXiv:2401.17538. https://arxiv.org/abs/2401.17538

Ngouen, M., Rahman, M. A., Prabakar, N., Uluagac, S., & Njilla, L. (2024). Q-SECURE: A quantum resistant security for resource-constrained IoT device encryption. Journal of Quantum Cryptography, 10(3), 245–265. https://doi.org/10.1007/s00776-024-00354-2

Open Quantum Safe. LibOQS [Software]. Retrieved from https://github.com/open-quantum-safe/liboqs

Policarpo, R. C. (2023). Implementação em FPGA de um mecanismo de encapsulamento de chave pós-quântico utilizando HLS. Universidade de Brasília, Brasília, Brasil.

Pursche, M., Puch, N., Peters, S. N., & Heinl, M. P. (2024). SoK: The Engineer’s Guide to Post- Quantum Cryptography for Embedded Devices. Cryptology ePrint Archive. https://eprint.iacr.org/2024/1345

Rawal, B. S., & Biswas, A. (2024). A comprehensive survey of post-quantum cryptography and its implications. Engineering Science & Technology, 5(2), 256–269. https://doi.org/10.37256/est.5220244169

Roldán-Gómez, J., Carrillo-Mondéjar, J., Castelo Gómez, J. M., & Ruiz-Villafranca, S. (2022). Security analysis of the MQTT-SN protocol for the Internet of Things. Applied Sciences, 12(21), 10991. https://doi.org/10.3390/app122110991

?afak, ?., Alagöz, F., & Anarim, E. (2024). Post-quantum security measures for the Internet of Things. In Handbook of Research on Smart Solutions for Modern Logistics and Supply Chains (Capítulo 75). IGI Global. https://doi.org/10.4018/978-1-6684-7366-5.ch075

Sanjeev, A. (2023, September). Cryptology: Tool for IoT security. International Journal of Novel Research and Development, 8(9), a256. https://www.ijnrd.org

Segatz, F. KyberSP32 [Software]. Retrieved from https://github.com/fsegatz/kybesp32

Septien-Hernandez, J.-A., Arellano-Vazquez, M., Contreras-Cruz, M. A., & Ramirez-Paredes, J.- P. A. (2022). A comparative study of post-quantum cryptosystems for Internet-of-Things applications. Sensors, 22, 489. https://doi.org/10.3390/s22020489

Silva, C., Cunha, V. A., Barraca, J. P., & Aguiar, R. L. (2023). Analysis of the cryptographic algorithms in IoT communications. Journal of Cryptographic Engineering, 13(2), 125-138. https://doi.org/10.1007/s10207-023-00680-0

Softtek. With IoT growth, so do cyberattacks. Retrieved from https://blog.softtek.com/en/alongside-iot-growth-so-do-cyberattacks

Thales. Algoritmo Falcon, co-desenvolvido com a Thales, foi selecionado pelo NIST como um novo padrão em criptografia pós-quântica. Retrieved from https://cryptoid.com.br/thales

Watchdata. What are the trends that we should be attentive to regarding to digital security in 2024? Retrieved from https://www.watchdata.com/pt/538/

Weger, V., Gassner, N., & Rosenthal, J. (2024). A survey on code-based cryptography. https://arxiv.org/abs/2407.01585

Zhang, S. et al. (2023). A novel and quantum-resistant handover authentication protocol in IoT environment. Wireless Networks, 29, 2873–2890. https://doi.org/10.1007/s11276-023- 03342-4