Evaluation of Performance, Energy, and Computation Costs of Quantum-Attack Resilient Encryption Algorithms for Embedded Devices

The accelerated development of quantum computers poses a direct threat to all current standards of public key encryption, for example, the Shor algorithm exploits the superposition state of the qubits to solve the problem of integer factorization in polynomial time, rendering all systems whose security relies on this hard mathematical problem not secure. Public key encryption algorithms are used in a multitude of applications that form the core of the digital world (e.g., emails, banking, digital currency, defense, and communication.). The prospects of a quantum machine that can break such systems are too risky to ignore, even if such a computer still needs thirty years to build. This is because adversaries can be storing data now to decrypt later aka. SNLD attack, moreover, some systems have an operational lifetime that spans more than thirty years (e.g., defense, aviation industry). Consequently, the work has already started to develop quantum-attack resilient security schemes. The number of Internet of Things (IoT) devices is expected to be around 29 billion in 2030, forming a significant portion of all computing machines. Most of these will be implemented as embedded systems with limited resources. Consequently, assessing the energy and computational overheads of the quantum-attack resilient security schemes is vital. This work presents a comprehensive study that evaluates the energy and performance costs of the proposed solutions in resource-constrained devices, in comparison with the existing schemes. This was achieved through the development of a testbed that emulates a client-server configuration, wherein both devices perform mutual authentication and then agree on a shared key using the TLS protocol. A Raspberry Pi 3b+ was used as a server, and a client in the first set of experiments. Raspberry Pi Pico W was the client in the second group of tests. The results of the evaluation have shown that Kyber1-Dilithuim-2 is the most resource-efficient solution, it outperforms all other PQC algorithms, including the current scheme that uses elliptic curve cryptography. Our study has also shown the digital signature scheme Sphinx+ is associated with significant latency and energy costs so may not be suitable for IoT-type devices.