Quantum-Resistant Security for Software Updates on Low-power Networked Embedded Devices

by   Gustavo Banegas, et al.

As the Internet of Things (IoT) rolls out today to devices whose lifetime may well exceed a decade, conservative threat models should consider attackers with access to quantum computing power. The SUIT standard (specified by the IETF) defines a security architecture for IoT software updates, standardizing the metadata and the cryptographic tools-namely, digital signatures and hash functions-that guarantee the legitimacy of software updates. While the performance of SUIT has previously been evaluated in the pre-quantum context, it has not yet been studied in a post-quantum context. Taking the open-source implementation of SUIT available in RIOT as a case study, we overview post-quantum considerations, and quantum-resistant digital signatures in particular, focusing on lowpower, microcontroller-based IoT devices which have stringent resource constraints in terms of memory, CPU, and energy consumption. We benchmark a selection of proposed post-quantum signature schemes (LMS, Falcon, and Dilithium) and compare them with current pre-quantum signature schemes (Ed25519 and ECDSA). Our benchmarks are carried out on a variety of IoT hardware including ARM Cortex-M, RISC-V, and Espressif (ESP32), which form the bulk of modern 32-bit microcontroller architectures. We interpret our benchmark results in the context of SUIT, and estimate the real-world impact of post-quantum alternatives for a range of typical software update categories. CCS CONCEPTS ∙ Computer systems organization → Embedded systems.


Exploring Post-Quantum Cryptographic Schemes for TLS in 5G Nb-IoT: Feasibility and Recommendations

Narrowband Internet of Things (NB-IoT) is a wireless communication techn...

On the Role of Hash-based Signatures in Quantum-Safe Internet of Things: Current Solutions and Future Directions

The Internet of Things (IoT) is gaining ground as a pervasive presence a...

Quantum-resistant digital signatures schemes for low-power IoT

Quantum computers are on the horizon to get to a sufficient size. These ...

Ultra Lightweight Multiple-time Digital Signature for the Internet of Things Devices

Digital signatures are basic cryptographic tools to provide authenticati...

Post-Quantum Signatures in DNSSEC via Request-Based Fragmentation

The Domain Name System Security Extensions (DNSSEC) provide authenticati...

Energy-Aware Digital Signatures for Embedded Medical Devices

Authentication is vital for the Internet of Things (IoT) applications in...

Femto-Containers: DevOps on Microcontrollers with Lightweight Virtualization Isolation for IoT Software Modules

Development, deployment and maintenance of networked software has been r...

Please sign up or login with your details

Forgot password? Click here to reset