Paper 2023/095

On TLS for the Internet of Things, in a Post Quantum world

Michael Scott, Technical Innovation Institute, UAE
Abstract

The TLS (Transport Layer Security) protocol is the most important, most attacked, most analysed and most used cryptographic protocol in the world today. TLS is critical to the integrity of the Internet, and if it were to be broken e-commerce would become impossible, with very serious implications for the global economy. Furthermore TLS is likely to assume even greater significance in the near future with the rapid growth of an Internet of Things (IoT) -- a multiplicity of internet connected devices all engaged in secure inter-communication. However the impending invention of a Cryptographically Relevant Quantum Computer (CRQC) would represent an existential threat to TLS in its current form. As it stands the latest version TLS1.3, benefiting as it does from years of research and study, provides effective security, but it must soon be updated to resist this new threat. In this research we first undertake a new clean-room implementation of a small-footprint open source TLS1.3, written in C++ and Rust, and suitable for IoT applications. Our implementation is designed to be cryptographically agile, so that it can easily accomodate new post-quantum cryptographic primitives. Next we use this new implementation as a vehicle to study the impact of going post-quantum, with a particular emphasis on the impact on the Internet of Things. Finally we showcase the flexibility of our implementation by proposing an implementation of TLS that uses identity-based encryption to mitigate this impact.

Note: Code is now open sourced. Fixed Typo

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
TLSPost Quantum CryptographyIdentity-based encryption
Contact author(s)
michael scott @ tii ae
History
2024-10-03: last of 2 revisions
2023-01-26: received
See all versions
Short URL
https://ia.cr/2023/095
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/095,
      author = {Michael Scott},
      title = {On {TLS} for the Internet of Things, in a Post Quantum world},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/095},
      year = {2023},
      url = {https://eprint.iacr.org/2023/095}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.