Post-quantum Secure Communication on a Low Performance IoT Platform

University essay from Lunds universitet/Institutionen för elektro- och informationsteknik

Abstract: A recent trend in the IT world is the term Internet of Things (IoT). As more and more devices get connected to the internet, and with companies trying to lower production costs in order to stay competitive, security can easily be neglected. In this report traditional Transport Layer Security (TLS) implementations and post-quantum based TLS were evaluated and performance measurements were conducted. The initial attempt was to run post-quantum secure algorithms on an IoT device in order to see if an IoT device theoretically would be able to withstand an attack from a quantum computer. Due to memory constraints it was not possible to run the modified version of the cryptography library, PolarSSL, on the intended IoT device. For that reason we switched to another platform, namely a Raspberry Pi. The measurements were conducted on that platform and in-depth analysis was performed to determine if current implementations of post-quantum algorithms can be suitable for IoT devices or not. The conclusion was that post-quantum algorithms are more time-consuming than traditional algorithms used today. One of the experiments in this report shows that using a post-quantum algorithm for the key exchange is 2.5 times slower and needs 10 times as much RAM memory than a traditional solution with the same security level. There is therefore no apparent need to start using post-quantum algorithms today in terms of security level, when considering the duration and RAM usage for the key exchange. With time and optimization some of the algorithms evaluated in this report, or similar algorithms, could be good candidates the day large quantum computers are produced.

  AT THIS PAGE YOU CAN DOWNLOAD THE WHOLE ESSAY. (follow the link to the next page)