Quantum-Resilient Cryptographic Implementations for Embedded Communication Systems

Abstract

The fast development of quantum computers poses a severe threat to classical cryptographic protocols, especially those installed in embedded communication technologies on which the Internet of Things (IoT), vehicular networks, and industrial automation (and a wide variety of other mission-critical applications) are based. Circumventing known quantum attacks like Shor algorithm on the traditional public-key systems i.e., RSA and ECC, there is an emerging need to move to quantum resistant cryptology. In this paper, it is focused on this novel menace and provides the design, implementation, as well as the full assessment of post-quantum cryptographic (PQC) algorithms that have been optimised and were deployed on the resource-constrained embedded systems. We pay attention to three of the NIST-recommended schemes Kyber512 (as a lattice-based key encapsulation), Dilithium2 (as a lattice-based digital signature) and SPHINCS+128s (as a hash-based stateless signature). The design of these algorithms was performed and benchmarked with two low-power examples of embedded processor-based encryption: The ARM Cortex-M4 and the RISC-V, of which the former is commonly used as an industrial standard in high-security embedded communication, and the latter is becoming a popular alternative. Performance metrics discussed in the study are realistic in nature where the execution time, memory footprint, power, and cryptographic strength are studied under the embedded constraint condition. Kyber512 was found to be the most efficient algorithm in terms of providing a good trade-off between speed and memory usage in a selected set of algorithms, whereas Dilithium2 was found to play a good role of designing an authentication on firmware and message integrity. SPHINCS+ was additionally deployed as a robust backup given its hash based structure, although with an additional computational cost. A number of optimizations were performed at implementation level; constant-time coding to fight side-channel attacks, memory segmentation to prevent fragmentation and loop unrolling to speed up execution. Moreover, the offered system was tested with respect to fault injection analysis, as well as side-channel resistance testing, thus, assuring its strength against physical-layer attacks. The message of the experimental findings is that a quantum-resistant form of cryptography can be amicably incorporated into embedded systems without sacrificing performance to a meaningful degree, and thus a viable means of future proofing embedded systems with exposure to a post-quantumized environment. The work establishes a baseline standard towards the implementation of standardized PQC in use cases of real-time secure communication.