Post-Quantum Cryptography based Improved Security Mechanism for Resource-Constrained IoT Devices

Abstract

The Internet of Things (IoT) has revolutionized the world with everyday applications. IoT is used for many applications and it plays an important role in the digital evolution of smart city applications. It enables various devices to be connected to the Internet and provides access to various resources on the network. Because of the interconnection of a wide variety of devices, there is a large amount of sensitive information that needs to be handled carefully. The sixth generation (6G) IoT networks are predicted to transform data sharing and communication for a future of thorough brilliant and sovereign systems. 6G technologies will empower so many IoT applications like home automation, smart city applications, smartphones, industrial automation, transport management, smart vehicles, health monitoring system, smart environment, groundwater communication, fire detection, satellite communication etc. However, secure communication in a sensor network is very difficult and is more amplified by the use of the latest 6G IoT technology which is vulnerable to different kinds of attacks due to its limited security features. Multiple security measures have been constantly taken to address these issues by providing secured services to users. Among these solutions, the most effective attempt is to invent a cryptographic system capable of solving complex problems in the environment. However, the advent of quantum computers in the world has brought up some critical security problems that the normal cryptographic solutions failed to solve. The computing capacity of a quantum computer is higher than classical computers. A 30-qubit quantum computer has the equivalent computing capacity as a traditional silicon-based computer computing at 10 teraflops per second. Existing security systems like RSA and Elliptic curve cryptography which are based on large integer factors and the discrete logarithmic problem is vulnerable to quantum attack. Also, the complexity and computation cost of conventional cryptographic approaches is very high and are not feasible to be implemented on resource-constrained IoT Devices. This is where post-quantum cryptographic systems gain advantages, as these systems are reliable enough to overcome any kind of complex security issues. To secure the communication in the IoT devices, efficient, Robust-yet practical Post-Quantum Cryptography (PQC) algorithm(s) are introduced in this research. In total, we have worked on four PQC algorithms out of seven PQC algorithms selected and standardized by NIST. The four PQC algorithms enhanced in this research are: i) Supersingular Isogeny Die-Hellman ii) Hash-Based Merkle Signature iii) Lattice-based Ring Learning with Error and iv) Hybrid code-based Quasi Cyclic-Low Density Parity Check. Initially, this research introduces a Die Supersingular Multiplication (DSM) and Signature based Merkle Hash Multiplication (SMHM) method for securing communication in powerful as well as resource-constrained IoT devices. The proposed SIDH and Hash-Based PQC approach has achieved a low-complexity solution by merging the Bernoulli karatsuba multiplication scheme, which results in a decreased delay, area and power values and an increase in frequency, speed and throughput values. Also, the proposed approach work against attacks to provide secure transmission and solve key management issues. In this research, the FPGA based proposed model has been implemented using the Xilinx ISE14.5 tool, both Hardware Description Language(HDL) and High-Level Synthesis(HLS) approach is used to calculate the performance metrics which has improved 31.5% frequency, 23% area, 10% confidential rate, power consumption up to 14%, 10% error and 17.5% delay. The robust and lightweight post-quantum lattice-based authentication and code-based hybrid encryption scheme is proposed for resource-constrained IoT devices. The proposed method increases the level of network and data security by combining the benefits of both lattice-based cryptography and code-based cryptography. Also, the Ring-Learning with Errors (Ring-LWE) based authentication scheme is modified by introducing a Bernstein reconstruction in polynomial multiplication to achieve minimal computation cost, hence resource limited IoT devices are viable to use the reliable authentication mutually. Furthermore, the code-based encryption scheme is enhanced using the Diagonal Structure Based QC-LDPC Codes with column loop optimization and Simplified Log Domain Sum Product Algorithm (SLDSPA) to provide the function of lightweight encryption with minimum hardware requirements. The total authentication delay of the proposed authentication scheme is 23% less than the authentication scheme where conventional polynomial multiplication is considered. Also, the optimized design of the proposed code-based HE uses only 64 slices and 640 slices on Xilinx Virtex-6 FPGA for encoding and decoding processes respectively. Also, the encryption and decryption times of the code-based HE are 1.5298<B and 5.8430<B respectively. Furthermore, the proposed scheme requires 52.05% and 7.15% lesser number of clock cycles for encryption and decryption operations respectively. These simulation results prove the effectiveness of the proposed cryptographic scheme against other competitive systems in terms of its functionality and hardware complexities.