Advanced

Post-quantum Secure Communication on a Low Performance IoT Platform

Strahl, Thomas LU and Johansson, Rickard LU (2016) EITM01 20161
Department of Electrical and Information Technology
Abstract
A recent trend in the IT world is the term Internet of Things (IoT). As more and
more devices get connected to the internet, and with companies trying to lower
production costs in order to stay competitive, security can easily be neglected.
In this report traditional Transport Layer Security (TLS) implementations
and post-quantum based TLS were evaluated and performance measurements were
conducted. The initial attempt was to run post-quantum secure algorithms on an
IoT device in order to see if an IoT device theoretically would be able to withstand
an attack from a quantum computer. Due to memory constraints it was not
possible to run the modified version of the cryptography library, PolarSSL, on the
intended IoT device. For that... (More)
A recent trend in the IT world is the term Internet of Things (IoT). As more and
more devices get connected to the internet, and with companies trying to lower
production costs in order to stay competitive, security can easily be neglected.
In this report traditional Transport Layer Security (TLS) implementations
and post-quantum based TLS were evaluated and performance measurements were
conducted. The initial attempt was to run post-quantum secure algorithms on an
IoT device in order to see if an IoT device theoretically would be able to withstand
an attack from a quantum computer. Due to memory constraints it was not
possible to run the modified version of the cryptography library, PolarSSL, on the
intended IoT device. For that reason we switched to another platform, namely a
Raspberry Pi. The measurements were conducted on that platform and in-depth
analysis was performed to determine if current implementations of post-quantum
algorithms can be suitable for IoT devices or not.
The conclusion was that post-quantum algorithms are more time-consuming
than traditional algorithms used today. One of the experiments in this report
shows that using a post-quantum algorithm for the key exchange is 2.5 times
slower and needs 10 times as much RAM memory than a traditional solution
with the same security level. There is therefore no apparent need to start using
post-quantum algorithms today in terms of security level, when considering the
duration and RAM usage for the key exchange. With time and optimization some
of the algorithms evaluated in this report, or similar algorithms, could be good
candidates the day large quantum computers are produced. (Less)
Please use this url to cite or link to this publication:
author
Strahl, Thomas LU and Johansson, Rickard LU
supervisor
organization
course
EITM01 20161
year
type
H2 - Master's Degree (Two Years)
subject
keywords
Post-quantum, TLS, SSL, RLWE, Quantum computer, key exchange
report number
LU/LTH-EIT 2016-518
language
English
id
8878692
date added to LUP
2016-06-28 09:22:05
date last changed
2016-06-28 09:22:05
@misc{8878692,
  abstract     = {A recent trend in the IT world is the term Internet of Things (IoT). As more and
more devices get connected to the internet, and with companies trying to lower
production costs in order to stay competitive, security can easily be neglected.
In this report traditional Transport Layer Security (TLS) implementations
and post-quantum based TLS were evaluated and performance measurements were
conducted. The initial attempt was to run post-quantum secure algorithms on an
IoT device in order to see if an IoT device theoretically would be able to withstand
an attack from a quantum computer. Due to memory constraints it was not
possible to run the modified version of the cryptography library, PolarSSL, on the
intended IoT device. For that reason we switched to another platform, namely a
Raspberry Pi. The measurements were conducted on that platform and in-depth
analysis was performed to determine if current implementations of post-quantum
algorithms can be suitable for IoT devices or not.
The conclusion was that post-quantum algorithms are more time-consuming
than traditional algorithms used today. One of the experiments in this report
shows that using a post-quantum algorithm for the key exchange is 2.5 times
slower and needs 10 times as much RAM memory than a traditional solution
with the same security level. There is therefore no apparent need to start using
post-quantum algorithms today in terms of security level, when considering the
duration and RAM usage for the key exchange. With time and optimization some
of the algorithms evaluated in this report, or similar algorithms, could be good
candidates the day large quantum computers are produced.},
  author       = {Strahl, Thomas and Johansson, Rickard},
  keyword      = {Post-quantum,TLS,SSL,RLWE,Quantum computer,key exchange},
  language     = {eng},
  note         = {Student Paper},
  title        = {Post-quantum Secure Communication on a Low Performance IoT Platform},
  year         = {2016},
}