Paper 2023/506

Energy Consumption Evaluation of Post-Quantum TLS 1.3 for Resource-Constrained Embedded Devices

George Tasopoulos, Athena Research and Innovation Center In Information Communication & Knowledge Technologies
Charis Dimopoulos, Athena Research and Innovation Center In Information Communication & Knowledge Technologies, University of Patras
Apostolos P. Fournaris, Athena Research and Innovation Center In Information Communication & Knowledge Technologies
Raymond K. Zhao, Data61
Amin Sakzad, Monash University
Ron Steinfeld, Monash University

Post-Quantum cryptography (PQC), in the past few years, constitutes the main driving force of the quantum resistance transition for security primitives, protocols and tools. TLS is one of the widely used security protocols that needs to be made quantum safe. However, PQC algorithms integration into TLS introduce various implementation overheads compared to traditional TLS that in battery powered embedded devices with constrained resources, cannot be overlooked. While there exist several works, evaluating the PQ TLS execution time overhead in embedded systems there are only a few that explore the PQ TLS energy consumption cost. In this paper, a thorough power/energy consumption evaluation and analysis of PQ TLS 1.3 on embedded systems has been made. A WolfSSL PQ TLS 1.3 custom implementation is used that integrates all the NIST PQC algorithms selected for standardisation as well as 2 out of 3 of those evaluated in NIST Round 4. Also 1 out of 2 of the BSI recommendations have been included. The PQ TLS 1.3 with the various PQC algorithms is deployed in a STM Nucleo evaluation board under a mutual and a unilateral client-server authentication scenario. The power and energy consumption collected results are analyzed in detail. The performed comparisons and overall analysis provide very interesting results indicating that the choice of the PQC algorithms in TLS 1.3 to be deployed on an embedded system may be very different depending on the device use as an authenticated or not authenticated, client or server. Also, the results indicate that in some cases, PQ TLS 1.3 implementations can be equally or more energy consumption efficient compared to traditional TLS 1.3.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Malicious Software and Hardware in Internet of Things Workshop, 20th ACM International Conference on Computing Frontiers ’23
energy consumptionpost-quantumTLS 1.3cryptographycryptographic protocolsembedded systemsresource-constrained
Contact author(s)
g tasop @ isi gr
c dimopoulos @ upnet gr
fournaris @ isi gr
raymond zhao @ data61 csiro au
amin sakzad @ monash edu
ron steinfeld @ monash edu
2023-04-13: revised
2023-04-07: received
See all versions
Short URL
Creative Commons Attribution


      author = {George Tasopoulos and Charis Dimopoulos and Apostolos P. Fournaris and Raymond K. Zhao and Amin Sakzad and Ron Steinfeld},
      title = {Energy Consumption Evaluation of Post-Quantum {TLS} 1.3 for Resource-Constrained Embedded Devices},
      howpublished = {Cryptology ePrint Archive, Paper 2023/506},
      year = {2023},
      doi = {10.1145/3587135.3592821},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.