Cryptology ePrint Archive: Report 2020/308

Post-Quantum TLS on Embedded Systems

Kevin Bürstinghaus-Steinbach and Christoph Krauß and Ruben Niederhagen and Michael Schneider

Abstract: We present our integration of post-quantum cryptography (PQC), more specifically of the post-quantum KEM scheme Kyber for key establishment and the post-quantum signature scheme SPHINCS$^+$, into the embedded TLS library mbed TLS. We measure the performance of these post-quantum primitives on four different embedded platforms with three different ARM processors and an Xtensa LX6 processor. Furthermore, we compare the performance of our experimental PQC cipher suite to a classical TLS variant using elliptic curve cryptography (ECC). Post-quantum key establishment and signature schemes have been either integrated into TLS or ported to embedded devices before. However, to the best of our knowledge, we are the first to combine TLS, post-quantum schemes, and embedded systems and to measure and evaluate the performance of post-quantum TLS on embedded platforms. Our results show that post-quantum key establishment with Kyber performs well in TLS on embedded devices compared to ECC variants. The use of SPHINCS$^+$ signatures comes with certain challenges in terms of signature size and signing time, which mainly affects the use of embedded systems as PQC-TLS server but does not necessarily prevent embedded systems to act as PQC-TLS clients.

Category / Keywords: implementation / PQC; Kyber; SPHINCS+; TLS; embedded systems; mbed TLS

Original Publication (in the same form): AsiaCCS 2020
DOI:
10.1145/3320269.3384725

Date: received 11 Mar 2020, last revised 23 Mar 2020

Contact author: ruben at polycephaly org

Available format(s): PDF | BibTeX Citation

Note: Conference date of AsiaCCS 2020 has been postponed to October.

Version: 20200323:092901 (All versions of this report)

Short URL: ia.cr/2020/308


[ Cryptology ePrint archive ]