Paper 2020/308

Post-Quantum TLS on Embedded Systems

Kevin Bürstinghaus-Steinbach, Christoph Krauß, Ruben Niederhagen, and Michael Schneider

Abstract

We present our integration of post-quantum cryptography (PQC), more specifically of the post-quantum KEM scheme Kyber for key establishment and the post-quantum signature scheme SPHINCS$^+$, into the embedded TLS library mbed TLS. We measure the performance of these post-quantum primitives on four different embedded platforms with three different ARM processors and an Xtensa LX6 processor. Furthermore, we compare the performance of our experimental PQC cipher suite to a classical TLS variant using elliptic curve cryptography (ECC). Post-quantum key establishment and signature schemes have been either integrated into TLS or ported to embedded devices before. However, to the best of our knowledge, we are the first to combine TLS, post-quantum schemes, and embedded systems and to measure and evaluate the performance of post-quantum TLS on embedded platforms. Our results show that post-quantum key establishment with Kyber performs well in TLS on embedded devices compared to ECC variants. The use of SPHINCS$^+$ signatures comes with certain challenges in terms of signature size and signing time, which mainly affects the use of embedded systems as PQC-TLS server but does not necessarily prevent embedded systems to act as PQC-TLS clients.

Note: Conference date of AsiaCCS 2020 has been postponed to October.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. AsiaCCS 2020
DOI
10.1145/3320269.3384725
Keywords
PQCKyberSPHINCS+TLSembedded systemsmbed TLS
Contact author(s)
ruben @ polycephaly org
History
2020-03-23: revised
2020-03-12: received
See all versions
Short URL
https://ia.cr/2020/308
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/308,
      author = {Kevin Bürstinghaus-Steinbach and Christoph Krauß and Ruben Niederhagen and Michael Schneider},
      title = {Post-Quantum {TLS} on Embedded Systems},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/308},
      year = {2020},
      doi = {10.1145/3320269.3384725},
      url = {https://eprint.iacr.org/2020/308}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.