Evaluation of performance, energy, and computation costs of quantum-attack resilient encryption algorithms for embedded devices
Evaluation of performance, energy, and computation costs of quantum-attack resilient encryption algorithms for embedded devices
The accelerated development of quantum computers poses a direct threat to all current standards of public key encryption, for example, the Shor algorithm exploits the superposition state of the qubits to solve the problem of integer factorization in polynomial time, rendering all systems whose security relies on this hard mathematical problem not secure. Public key encryption algorithms are used in a multitude of applications that form the core of the digital world (e.g., emails, banking, digital currency, defense, and communication.). The prospects of a quantum machine that can break such systems are too risky to ignore, even if such a computer still needs thirty years to build. This is because adversaries can be storing data now to decrypt later aka. SNLD attack, moreover, some systems have an operational lifetime that spans more than thirty years (e.g., defense, aviation industry). Consequently, the work has already started to develop quantum-attack resilient security schemes. The number of Internet of Things (IoT) devices is expected to be around 29 billion in 2030, forming a significant portion of all computing machines. Most of these will be implemented as embedded systems with limited resources. Consequently, assessing the energy and computational overheads of the quantum-attack resilient security schemes is vital. This work presents a comprehensive study that evaluates the energy and performance costs of the proposed solutions in resource-constrained devices, in comparison with the existing schemes. This was achieved through the development of a testbed that emulates a client-server configuration, wherein both devices perform mutual authentication and then agree on a shared key using the TLS protocol. A Raspberry Pi 3b+ was used as a server, and a client in the first set of experiments. Raspberry Pi Pico W was the client in the second group of tests. The results of the evaluation have shown that Kyber1-Dilithuim-2 is the most resource-efficient solution, it outperforms all other PQC algorithms, including the current scheme that uses elliptic curve cryptography. Our study has also shown the digital signature scheme Sphinx+ is associated with significant latency and energy costs so may not be suitable for IoT-type devices.
Cryptography, Elliptic curves, Embedded Devices, Encryption, Internet of Things, Post Quantum Cryptography, Protocols, Public key, Quantum computing, Quantum cryptography, Security, post quantum cryptography, embedded devices
8791-8805
Halak, Basel
8221f839-0dfd-4f81-9865-37def5f79f33
Gibson, Thomas
25d89fdf-37ce-4c96-a667-5551a9d25540
Henley, Millicent
4602ce17-2b0a-4c7c-97a4-b3d306eadb26
Botea, Cristin-Bianca
ca5be276-ab24-4828-a550-fe21e368a7d1
Heath, Benjamin
95b1cb88-97c6-4101-97e7-e485022b0938
Khan, Sayedur
abaad3ba-a37b-4745-8e48-0cd5d1071230
19 January 2024
Halak, Basel
8221f839-0dfd-4f81-9865-37def5f79f33
Gibson, Thomas
25d89fdf-37ce-4c96-a667-5551a9d25540
Henley, Millicent
4602ce17-2b0a-4c7c-97a4-b3d306eadb26
Botea, Cristin-Bianca
ca5be276-ab24-4828-a550-fe21e368a7d1
Heath, Benjamin
95b1cb88-97c6-4101-97e7-e485022b0938
Khan, Sayedur
abaad3ba-a37b-4745-8e48-0cd5d1071230
Halak, Basel, Gibson, Thomas, Henley, Millicent, Botea, Cristin-Bianca, Heath, Benjamin and Khan, Sayedur
(2024)
Evaluation of performance, energy, and computation costs of quantum-attack resilient encryption algorithms for embedded devices.
IEEE Access, 12, .
(doi:10.1109/ACCESS.2024.3350775).
Abstract
The accelerated development of quantum computers poses a direct threat to all current standards of public key encryption, for example, the Shor algorithm exploits the superposition state of the qubits to solve the problem of integer factorization in polynomial time, rendering all systems whose security relies on this hard mathematical problem not secure. Public key encryption algorithms are used in a multitude of applications that form the core of the digital world (e.g., emails, banking, digital currency, defense, and communication.). The prospects of a quantum machine that can break such systems are too risky to ignore, even if such a computer still needs thirty years to build. This is because adversaries can be storing data now to decrypt later aka. SNLD attack, moreover, some systems have an operational lifetime that spans more than thirty years (e.g., defense, aviation industry). Consequently, the work has already started to develop quantum-attack resilient security schemes. The number of Internet of Things (IoT) devices is expected to be around 29 billion in 2030, forming a significant portion of all computing machines. Most of these will be implemented as embedded systems with limited resources. Consequently, assessing the energy and computational overheads of the quantum-attack resilient security schemes is vital. This work presents a comprehensive study that evaluates the energy and performance costs of the proposed solutions in resource-constrained devices, in comparison with the existing schemes. This was achieved through the development of a testbed that emulates a client-server configuration, wherein both devices perform mutual authentication and then agree on a shared key using the TLS protocol. A Raspberry Pi 3b+ was used as a server, and a client in the first set of experiments. Raspberry Pi Pico W was the client in the second group of tests. The results of the evaluation have shown that Kyber1-Dilithuim-2 is the most resource-efficient solution, it outperforms all other PQC algorithms, including the current scheme that uses elliptic curve cryptography. Our study has also shown the digital signature scheme Sphinx+ is associated with significant latency and energy costs so may not be suitable for IoT-type devices.
Text
PQC IEEE Access
- Accepted Manuscript
Text
Evaluation_of_Performance_Energy_and_Computation_Costs_of_Quantum-Attack_Resilient_Encryption_Algorithms_for_Embedded_Devices
- Version of Record
More information
Accepted/In Press date: 15 December 2023
e-pub ahead of print date: 8 January 2024
Published date: 19 January 2024
Additional Information:
Publisher Copyright:
© 2013 IEEE.
Keywords:
Cryptography, Elliptic curves, Embedded Devices, Encryption, Internet of Things, Post Quantum Cryptography, Protocols, Public key, Quantum computing, Quantum cryptography, Security, post quantum cryptography, embedded devices
Identifiers
Local EPrints ID: 486704
URI: http://eprints.soton.ac.uk/id/eprint/486704
ISSN: 2169-3536
PURE UUID: 72e54ead-8634-4fe1-96f7-5e6bec85c15f
Catalogue record
Date deposited: 02 Feb 2024 17:30
Last modified: 13 Apr 2024 01:44
Export record
Altmetrics
Contributors
Author:
Basel Halak
Author:
Thomas Gibson
Author:
Millicent Henley
Author:
Cristin-Bianca Botea
Author:
Benjamin Heath
Author:
Sayedur Khan
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics