Internet of Things: From modern cryptography to post-quantum cryptography

In this presentation, I will focus on security and privacy in the Internet of Things (IoT), using modern asymmetric cryptography (e.g. RSA, Diffie-Hellman) and post-quantum cryptography (e.g., based on lattices).

IoT is an environment with its challenges and limitations. Application domains are diverse and heterogeneous (e.g., eHealth versus wearable technology). Smart devices forming IoT networks often have constrained resources in terms of computation, communication, and storage. While IoT has positively impacted our everyday life, security and privacy mechanisms are essential since IoT networks and their devices deal with a huge amount of sensitive data. As a result, cryptographic protocols must be developed adequately, by taking into account the inherent features of such an environment. I will present some cryptographic solutions that were developed during my first postdoctoral contract, using modern cryptosystems (e.g., based on the discrete logarithm).

Nevertheless, the proposed cryptographic solutions rely on mathematical problems that will be solved by quantum computers. To prevent successful attacks by quantum computers, post-quantum cryptography (e.g., based on lattices) has been proposed. New quantum-resistant algorithms are on their way for standardization. However, those algorithms bring extras (e.g., bigger component sizes, bigger calculations) that may impede the usability of post-quantum cryptography in our real world. In particular, with the limited resources of smart devices, IoT and post-quantum cryptography may not coexist. I will present some experimental results from implementing post-quantum algorithms in an IoT context, as a way to check the deployability of post-quantum cryptography in IoT.