Post-quantum group key management for the internet of things (IoT)

Fouzia, Samiullah (2025) Post-quantum group key management for the internet of things (IoT). PhD thesis, UTAR.

PDF Download (2786Kb)

Abstract

The emergence of quantum computing presents a significant challenge to conventional cryptographic methods, highlighting the urgent need to create quantum-resistant solutions. In Internet of Things (IoT) networks, ensuring secure group communication facilitates effective and authenticated interactions among numerous devices. Group Key Management (GKM) is a crucial element in this communication framework, ensuring the safe distribution, updating, and revocation of keys across various devices. Nonetheless, current GKM schemes significantly depend on traditional public-key cryptography, exposing them to potential quantum threats. In response to this challenge, Group Authenticated Key Exchange (GAKE) protocols have surfaced as a viable solution, facilitating the secure formation of shared group keys while ensuring mutual authentication among all involved devices. While significant, the design and practical implementation of post-quantum GAKE protocols remains a complex and underexplored study area. This study focuses on developing a post-quantum secure GAKE protocol specifically designed for IoT environments. To accomplish this, we thoroughly examine current GAKE protocols, pinpointing their shortcomings regarding computational overhead, communication complexity, and vulnerability to quantum attacks. Drawing from these insights, we introduce an innovative Saber-based GAKE protocol that guarantees security within the Quantum Random Oracle Model vii (QROM) framework. The protocol's security has been rigorously demonstrated, confirming its resilience in the face of quantum threats. To assess the protocol's efficiency and scalability, we implemented Saber-GAKE on a local hardware platform (Intel(R) Core(TM) i7-1165G7 with 16 GB RAM, Ubuntu 22.04), and performed comparative benchmarks against the Compiled Kyber GAKE scheme. Additionally, to evaluate its feasibility in constrained IoT environments, performance estimations were derived using existing Saber implementations for ARM Cortex-M4 and M0 processors. Key metrics such as execution time, memory usage, and communication overhead were considered. These results highlight the protocol's superior efficiency and scalability, particularly in large groups of up to 2000 participants, and its compatibility with resource-constrained devices. This study enhances post-quantum cryptographic protocols for IoT applications by offering a secure, efficient, and scalable GAKE solution. The Saber-GAKE protocol effectively tackles the increasing security demands of IoT networks while providing a robust solution to the potential threats introduced by quantum computing.

Actions (login required)