Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Post-Quantum Cryptography for Internet of Things: A Survey on Performance and Optimization

Tao Liu, Gowri Ramachandran, Raja Jurdak

TL;DR

The paper addresses the challenge of securing IoT in the post-quantum era by surveying how PQC performs on resource-constrained devices and how software, hardware, and GPU optimizations can mitigate overheads. It finds that lattice-based KEMs (e.g., Kyber) are increasingly feasible on lightweight IoT platforms, while signature schemes (e.g., Dilithium, Falcon, SPHINCS+) remain more resource-intensive; TLS-like PQC protocols reveal trade-offs between latency and bandwidth. A key takeaway is the lack of a uniform, cross-metric evaluation framework and the need for coordination with NIST standardization to ensure an efficient and safe migration toward IoT in the quantum era. The study recommends focusing on NIST-approved algorithms, standardizing evaluation methods, and aligning research with IoT deployment realities to enable practical adoption.

Abstract

Due to recent development in quantum computing, the invention of a large quantum computer is no longer a distant future. Quantum computing severely threatens modern cryptography, as the hard mathematical problems beneath classic public-key cryptosystems can be solved easily by a sufficiently large quantum computer. As such, researchers have proposed PQC based on problems that even quantum computers cannot efficiently solve. Generally, post-quantum encryption and signatures can be hard to compute. This could potentially be a problem for IoT, which usually consist lightweight devices with limited computational power. In this paper, we survey existing literature on the performance for PQC in resource-constrained devices to understand the severeness of this problem. We also review recent proposals to optimize PQC algorithms for resource-constrained devices. Overall, we find that whilst PQC may be feasible for reasonably lightweight IoT, proposals for their optimization seem to lack standardization. As such, we suggest future research to seek coordination, in order to ensure an efficient and safe migration toward IoT for the post-quantum era.

Post-Quantum Cryptography for Internet of Things: A Survey on Performance and Optimization

TL;DR

The paper addresses the challenge of securing IoT in the post-quantum era by surveying how PQC performs on resource-constrained devices and how software, hardware, and GPU optimizations can mitigate overheads. It finds that lattice-based KEMs (e.g., Kyber) are increasingly feasible on lightweight IoT platforms, while signature schemes (e.g., Dilithium, Falcon, SPHINCS+) remain more resource-intensive; TLS-like PQC protocols reveal trade-offs between latency and bandwidth. A key takeaway is the lack of a uniform, cross-metric evaluation framework and the need for coordination with NIST standardization to ensure an efficient and safe migration toward IoT in the quantum era. The study recommends focusing on NIST-approved algorithms, standardizing evaluation methods, and aligning research with IoT deployment realities to enable practical adoption.

Abstract

Due to recent development in quantum computing, the invention of a large quantum computer is no longer a distant future. Quantum computing severely threatens modern cryptography, as the hard mathematical problems beneath classic public-key cryptosystems can be solved easily by a sufficiently large quantum computer. As such, researchers have proposed PQC based on problems that even quantum computers cannot efficiently solve. Generally, post-quantum encryption and signatures can be hard to compute. This could potentially be a problem for IoT, which usually consist lightweight devices with limited computational power. In this paper, we survey existing literature on the performance for PQC in resource-constrained devices to understand the severeness of this problem. We also review recent proposals to optimize PQC algorithms for resource-constrained devices. Overall, we find that whilst PQC may be feasible for reasonably lightweight IoT, proposals for their optimization seem to lack standardization. As such, we suggest future research to seek coordination, in order to ensure an efficient and safe migration toward IoT for the post-quantum era.
Paper Structure (13 sections, 3 figures, 7 tables)

This paper contains 13 sections, 3 figures, 7 tables.

Table of Contents

  1. Introduction
  2. Preliminary Knowledge
  3. Data Encryption for IoT
  4. Cryptography and Information Security
  5. Quantum Threats Against Cryptography
  6. Migration Toward PQC
  7. Methodology
  8. PQC Performance Evaluation
  9. Software Optimization for PQC
  10. Hardware Optimization for PQC
  11. Graphic Processor Unit (GPU) Acceleration for PQC
  12. Critical Reflection and Future Directions
  13. Conclusion

Figures (3)

  • Figure 1: Layers in a simple IoT network. In general, we consider IoT sensor/actuator node devices and gateway devices resource constrained. As such, two types of communication are resource constrained: the Node-to-Gateway layer and the Gateway-to-Internet layer.
  • Figure 2: Process used to determine publications relevant to our survey's scope. The number of results found by using the search criteria from each database is accurate as of Jan 2023.
  • Figure 3: Pie chart showing the topic composition of literature surveyed in this paper.