Table of Contents
Fetching ...

Quantum Encryption Resilience Score (QERS) for MQTT, HTTP, and HTTPS under Post-Quantum Cryptography in Computer, IoT, and IIoT Systems

Jonatan Rassekhnia

TL;DR

This work tackles the challenge of assessing protocol resilience under post-quantum cryptography on constrained computer, IoT, and IIoT devices. It introduces QERS, a multi-criteria decision analysis framework that normalizes and combines end-to-end latency, cryptographic overhead, energy, RSSI, and key size into a single resilience score with Basic, Tuned, and Fusion layers. An experimental setup with an ESP32-C6 client and Raspberry Pi CM4 server benchmarks MQTT, HTTP, and HTTPS under Kyber and Dilithium PQC, revealing that MQTT provides the best efficiency while HTTPS offers the strongest security-weighted resilience. The results support protocol selection and migration planning for PQC-enabled IoT/IIoT deployments and demonstrate a reproducible methodology for protocol benchmarking under PQC conditions, including end-to-end measurements, normalization, and multi-layer scoring.

Abstract

Post-quantum cryptography (PQC) introduces significant computational and communication overhead, which poses challenges for resource-constrained computer systems, Internet of Things (IoT), and Industrial IoT (IIoT) devices. This paper presents an experimental evaluation of the Quantum Encryption Resilience Score (QERS) applied to MQTT, HTTP, and HTTPS communication protocols operating under PQC. Using an ESP32-C6 client and an ARM-based Raspberry Pi CM4 server, latency, CPU utilization, RSSI, energy consumption, key size, and TLS handshake overhead are measured under realistic operating conditions. QERS integrates these heterogeneous metrics into normalized Basic, Tuned, and Fusion scores, enabling systematic comparison of protocol efficiency and security resilience. Experimental results show that MQTT provides the highest efficiency under PQC constraints, while HTTPS achieves the highest security-weighted resilience at the cost of increased latency and resource consumption. The proposed framework supports informed protocol selection and migration planning for PQC-enabled IoT and IIoT deployments.

Quantum Encryption Resilience Score (QERS) for MQTT, HTTP, and HTTPS under Post-Quantum Cryptography in Computer, IoT, and IIoT Systems

TL;DR

This work tackles the challenge of assessing protocol resilience under post-quantum cryptography on constrained computer, IoT, and IIoT devices. It introduces QERS, a multi-criteria decision analysis framework that normalizes and combines end-to-end latency, cryptographic overhead, energy, RSSI, and key size into a single resilience score with Basic, Tuned, and Fusion layers. An experimental setup with an ESP32-C6 client and Raspberry Pi CM4 server benchmarks MQTT, HTTP, and HTTPS under Kyber and Dilithium PQC, revealing that MQTT provides the best efficiency while HTTPS offers the strongest security-weighted resilience. The results support protocol selection and migration planning for PQC-enabled IoT/IIoT deployments and demonstrate a reproducible methodology for protocol benchmarking under PQC conditions, including end-to-end measurements, normalization, and multi-layer scoring.

Abstract

Post-quantum cryptography (PQC) introduces significant computational and communication overhead, which poses challenges for resource-constrained computer systems, Internet of Things (IoT), and Industrial IoT (IIoT) devices. This paper presents an experimental evaluation of the Quantum Encryption Resilience Score (QERS) applied to MQTT, HTTP, and HTTPS communication protocols operating under PQC. Using an ESP32-C6 client and an ARM-based Raspberry Pi CM4 server, latency, CPU utilization, RSSI, energy consumption, key size, and TLS handshake overhead are measured under realistic operating conditions. QERS integrates these heterogeneous metrics into normalized Basic, Tuned, and Fusion scores, enabling systematic comparison of protocol efficiency and security resilience. Experimental results show that MQTT provides the highest efficiency under PQC constraints, while HTTPS achieves the highest security-weighted resilience at the cost of increased latency and resource consumption. The proposed framework supports informed protocol selection and migration planning for PQC-enabled IoT and IIoT deployments.
Paper Structure (29 sections, 6 equations, 8 figures, 3 tables)

This paper contains 29 sections, 6 equations, 8 figures, 3 tables.

Figures (8)

  • Figure 1: End-to-end QERS calculation workflow showing protocol execution, metric collection, normalization, Basic/Tuned/Fusion evaluation, and final resilience score. HTTPS explicitly includes certificate handling and PQC-based key establishment.
  • Figure 2: End-to-end QERS workflow showing MQTT, HTTP, and HTTPS operating under Kyber-based PQC key exchange and Dilithium-signed authentication. All protocols are evaluated on an ESP32-C6 client communicating with a Raspberry Pi QERS server under close-range and far-range wireless conditions.
  • Figure 3: Scenario 1: Normalized QERS metrics (Latency, CPU, RSSI, Key Size, Fusion) for MQTT, HTTP, and HTTPS under Kyber–Dilithium PQC at close range.
  • Figure 4: Scenario 2: QERS multi-metric heatmap (far range, normalized 0--100).
  • Figure 5: Scenario 1: Representative scatter plot (latency vs QERS Fusion).
  • ...and 3 more figures