Post-Quantum Cryptosystems for Internet-of-Things: A Survey on Lattice-Based Algorithms

The latest quantum computers have the ability to solve incredibly complex classical cryptography equations particularly to decode the secret encrypted keys and making the network vulnerable to hacking. They can solve complex mathematical problems almost instantaneously compared to the billions of years of computation needed by traditional computing machines. Researchers advocate the development of novel strategies to include data encryption in the post-quantum era. Lattices have been widely used in cryptography, somewhat peculiarly, and these algorithms have been used in both; (a) cryptoanalysis by using lattice approximation to break cryptosystems; and (b) cryptography by using computationally hard lattice problems (non-deterministic polynomial time hardness) to construct stable cryptographic functions. Most of the dominant features of lattice-based cryptography (LBC), which holds it ahead in the post-quantum league, include resistance to quantum attack vectors, high concurrent performance, parallelism, security under worst-case intractability assumptions, and solutions to long-standing open problems in cryptography. While these methods offer possible security for classical cryptosytems in theory and experimentation, their implementation in energy-restricted Internet-of-Things (IoT) devices requires careful study of regular lattice-based implantation and its simplification in lightweight lattice-based cryptography (LW-LBC). This streamlined post-quantum algorithm is ideal for levelled IoT device security. The key aim of this survey was to provide the scientific community with comprehensive information on elementary mathematical facts, as well as to address real-time implementation, hardware architecture, open problems, attack vectors, and the significance for the IoT networks.

[1]  William Whyte,et al.  Practical Lattice-Based Cryptography: NTRUEncrypt and NTRUSign , 2010, The LLL Algorithm.

[2]  Tanja Lange,et al.  Post-quantum cryptography , 2008, Nature.

[3]  Aziz Mohaisen,et al.  XMSS: eXtended Merkle Signature Scheme , 2018, RFC.

[4]  Mark G. Karpovsky,et al.  Algebraic manipulation detection codes and their applications for design of secure cryptographic devices , 2011, 2011 IEEE 17th International On-Line Testing Symposium.

[5]  Vinod Vaikuntanathan,et al.  Fully Homomorphic Encryption from Ring-LWE and Security for Key Dependent Messages , 2011, CRYPTO.

[6]  Jeffrey C. Lagarias,et al.  Korkin-Zolotarev bases and successive minima of a lattice and its reciprocal lattice , 1990, Comb..

[7]  Petr Dzurenda,et al.  On Feasibility of Post-Quantum Cryptography on Small Devices , 2018 .

[8]  Dorit Aharonov,et al.  Lattice problems in NP ∩ coNP , 2005, JACM.

[9]  Bo-Yin Yang,et al.  Multivariate Cryptography , 2011, Encyclopedia of Cryptography and Security.

[10]  Dan Boneh,et al.  The Decision Diffie-Hellman Problem , 1998, ANTS.

[11]  Bikash K. Behera,et al.  Automated error correction in IBM quantum computer and explicit generalization , 2017, Quantum Inf. Process..

[12]  J. R. Mitchell,et al.  Grover's search algorithm: An optical approach , 1999, quant-ph/9905086.

[13]  Martin R. Albrecht On Dual Lattice Attacks Against Small-Secret LWE and Parameter Choices in HElib and SEAL , 2017, EUROCRYPT.

[14]  Máire O'Neill,et al.  Lattice-based cryptography: From reconfigurable hardware to ASIC , 2016, 2016 International Symposium on Integrated Circuits (ISIC).

[15]  Lov K. Grover A fast quantum mechanical algorithm for database search , 1996, STOC '96.

[16]  Shan Huang,et al.  Cryptographie coprocessor design for IoT sensor nodes , 2016, 2016 International SoC Design Conference (ISOCC).

[17]  Arpita Maitra,et al.  Rapid communication Likelihood theory in a quantum world: Tests with quantum coins and computers , 2019 .

[18]  Martin Rötteler,et al.  Factoring with Qutrits: Shor's Algorithm on Ternary and Metaplectic Quantum Architectures , 2016, ArXiv.

[19]  Daniele Micciancio,et al.  On Bounded Distance Decoding, Unique Shortest Vectors, and the Minimum Distance Problem , 2009, CRYPTO.

[20]  Hugo Krawczyk,et al.  HMQV: A High-Performance Secure Diffie-Hellman Protocol , 2005, CRYPTO.

[21]  Tiago M. Fernandez-Carames,et al.  From Pre-Quantum to Post-Quantum IoT Security: A Survey on Quantum-Resistant Cryptosystems for the Internet of Things , 2020, IEEE Internet of Things Journal.

[22]  Daniele Micciancio Lattice-Based Cryptography , 2011, Encyclopedia of Cryptography and Security.

[23]  Guy Kindler,et al.  Approximating CVP to Within Almost-Polynomial Factors is NP-Hard , 2003, Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280).

[24]  E. Gibney Physics: Quantum computer quest , 2014, Nature.

[25]  Irit Dinur,et al.  Approximating SVPinfinity to within almost-polynomial factors is NP-hard , 1998, Theor. Comput. Sci..

[26]  Phong Q. Nguyen Cryptanalysis of the Goldreich-Goldwasser-Halevi Cryptosystem from Crypto '97 , 1999, CRYPTO.

[27]  Miklós Ajtai,et al.  Representing hard lattices with O(n log n) bits , 2005, STOC '05.

[28]  Jin-Yi Cai,et al.  Approximating the SVP to within a factor (1-1/dim/sup /spl epsiv//) is NP-hard under randomized conditions , 1998, Proceedings. Thirteenth Annual IEEE Conference on Computational Complexity (Formerly: Structure in Complexity Theory Conference) (Cat. No.98CB36247).

[29]  Máire O'Neill,et al.  Lattice-based encryption over standard lattices in hardware , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[30]  Christian Wieschebrink,et al.  Two NP-complete Problems in Coding Theory with an Application in Code Based Cryptography , 2006, 2006 IEEE International Symposium on Information Theory.

[31]  T. Monz,et al.  Realization of a scalable Shor algorithm , 2015, Science.

[32]  Tim Güneysu,et al.  Towards Efficient Arithmetic for Lattice-Based Cryptography on Reconfigurable Hardware , 2012, LATINCRYPT.

[33]  Matthew J. B. Robshaw,et al.  New Stream Cipher Designs: The eSTREAM Finalists , 2008 .

[34]  Jani Suomalainen,et al.  Evaluating the Efficiency of Physical and Cryptographic Security Solutions for Quantum Immune IoT , 2018, Cryptogr..

[35]  Gerhard J. Woeginger,et al.  Exact Algorithms for NP-Hard Problems: A Survey , 2001, Combinatorial Optimization.

[36]  Chris Peikert,et al.  Public-key cryptosystems from the worst-case shortest vector problem: extended abstract , 2009, STOC '09.

[37]  Jeffrey C. Lagarias,et al.  Polynomial Time Algorithms for Finding Integer Relations Among Real Numbers , 1989, STACS.

[38]  Mihir Bellare,et al.  Optimal Asymmetric Encryption , 1994, EUROCRYPT.

[39]  Ashley Montanaro,et al.  Quantum algorithms: an overview , 2015, npj Quantum Information.

[40]  Máire O'Neill,et al.  Lattice-based Cryptography for IoT in A Quantum World: Are We Ready? , 2019, 2019 IEEE 8th International Workshop on Advances in Sensors and Interfaces (IWASI).

[41]  Daniele Micciancio,et al.  Fast Lattice Point Enumeration with Minimal Overhead , 2015, SODA.

[42]  Miklós Ajtai,et al.  Generating Hard Instances of Lattice Problems , 1996, Electron. Colloquium Comput. Complex..

[43]  Craig Gentry,et al.  Packed Ciphertexts in LWE-Based Homomorphic Encryption , 2013, Public Key Cryptography.

[44]  A Systematic Study of Lattice-based NIST PQC Algorithms: from Reference Implementations to Hardware Accelerators , 2020, ArXiv.

[45]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[46]  Craig Costello,et al.  Frodo: Take off the Ring! Practical, Quantum-Secure Key Exchange from LWE , 2016, IACR Cryptol. ePrint Arch..

[47]  Máire O'Neill,et al.  Practical Lattice-Based Digital Signature Schemes , 2015, ACM Trans. Embed. Comput. Syst..

[48]  Jacques Patarin Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'98 , 2000, Des. Codes Cryptogr..

[49]  Kinan Ghanem,et al.  Proof-of-PUF Enabled Blockchain: Concurrent Data and Device Security for Internet-of-Energy , 2020, Sensors.

[50]  Jintai Ding,et al.  Current State of Multivariate Cryptography , 2017, IEEE Security & Privacy.

[51]  Claus-Peter Schnorr,et al.  Factoring Integers and Computing Discrete Logarithms via Diophantine Approximation , 1990, Advances In Computational Complexity Theory.

[52]  Zain Ul Abideen,et al.  An Experimental Study of Building Blocks of Lattice-Based NIST Post-Quantum Cryptographic Algorithms , 2020, Electronics.

[53]  Zhe Liu,et al.  Efficient Implementation of NIST-Compliant Elliptic Curve Cryptography for 8-bit AVR-Based Sensor Nodes , 2016, IEEE Transactions on Information Forensics and Security.

[54]  Jacques Patarin,et al.  Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): Two New Families of Asymmetric Algorithms , 1996, EUROCRYPT.

[55]  Ravi Kannan,et al.  Improved algorithms for integer programming and related lattice problems , 1983, STOC.

[56]  H. Putnam,et al.  The Decision Problem for Exponential Diophantine Equations , 1961 .

[57]  Joseph Y.-T. Leung,et al.  Minimizing Total Tardiness on One Machine is NP-Hard , 1990, Math. Oper. Res..

[58]  Daniel J. Bernstein,et al.  The Poly1305-AES Message-Authentication Code , 2005, FSE.

[59]  R. Blümel,et al.  Streamlining Shor's algorithm for potential hardware savings , 2013 .

[60]  Martha Johanna Sepúlveda,et al.  Efficient and Flexible Low-Power NTT for Lattice-Based Cryptography , 2019, 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[61]  Nikil Dutt,et al.  Exploring Energy Efficient Quantum-resistant Signal Processing Using Array Processors , 2020, ICASSP 2020 - 2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[62]  R. V. Meter,et al.  Layered architecture for quantum computing , 2010, 1010.5022.

[63]  Rongxing Lu,et al.  Securing the Internet of Things in a Quantum World , 2017, IEEE Communications Magazine.

[64]  Ibrahim Sogukpinar,et al.  SIP Authentication Scheme using ECDH , 2007 .

[65]  Vivek Kapoor,et al.  Elliptic curve cryptography , 2008, UBIQ.

[66]  Wei Li,et al.  An efficient ASIC Implementation of QARMA Lightweight Algorithm , 2019, 2019 IEEE 13th International Conference on ASIC (ASICON).

[67]  John Gill,et al.  Relativizations of the P =? NP Question , 1975, SIAM J. Comput..

[68]  R. Blümel,et al.  Performance scaling of Shor's algorithm with a banded quantum Fourier transform , 2012 .

[69]  Matthieu Finiasz,et al.  Security Bounds for the Design of Code-Based Cryptosystems , 2009, ASIACRYPT.

[70]  Tim Güneysu,et al.  Towards lightweight Identity-Based Encryption for the post-quantum-secure Internet of Things , 2017, 2017 18th International Symposium on Quality Electronic Design (ISQED).

[71]  Lance Fortnow,et al.  The status of the P versus NP problem , 2009, CACM.

[72]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[73]  Xinyin Xiang,et al.  Anti-Quantum Fast Authentication and Data Transmission Scheme for Massive Devices in 5G NB-IoT System , 2019, IEEE Internet of Things Journal.

[74]  Jacques Stern,et al.  Cryptanalysis of the Ajtai-Dwork Cryptosystem , 1998, CRYPTO.

[75]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[76]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[77]  N. Turok,et al.  Algebraic structure of Toda systems , 1983 .

[78]  Paulo S. L. M. Barreto,et al.  Shorter hash-based signatures , 2016, J. Syst. Softw..

[79]  Nii O. Attoh-Okine,et al.  Multivariate adaptive regression (MARS) and hinged hyperplanes (HHP) for doweled pavement performance modeling , 2009 .

[80]  J. L. Hafner New omega theorems for two classical lattice point problems , 1981 .

[81]  Todd A. Brun,et al.  Quantum Computing , 2011, Computer Science, The Hardware, Software and Heart of It.

[82]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2009, JACM.

[83]  Nicolas Sendrier Code-Based Cryptography , 2011, Encyclopedia of Cryptography and Security.

[84]  Frédérique E. Oggier,et al.  New algebraic constructions of rotated Z/sup n/-lattice constellations for the Rayleigh fading channel , 2004, IEEE Transactions on Information Theory.

[85]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[86]  Jean-Pierre Seifert,et al.  Approximating Shortest Lattice Vectors is Not Harder Than Approximating Closest Lattice Vectors , 1999, Electron. Colloquium Comput. Complex..

[87]  Yanbin Pan,et al.  Improvements on Reductions among Different Variants of SVP and CVP , 2013, WISA.

[88]  Thomas Johansson,et al.  A Key Recovery Attack on MDPC with CCA Security Using Decoding Errors , 2016, ASIACRYPT.

[89]  Mohammad S. Obaidat,et al.  LAAC: Lightweight Lattice-Based Authentication and Access Control Protocol for E-Health Systems in IoT Environments , 2020 .

[90]  Scott R. Fluhrer,et al.  State Management for Hash-Based Signatures , 2016, SSR.

[91]  Helena Handschuh,et al.  Security Analysis of SHA-256 and Sisters , 2003, Selected Areas in Cryptography.

[92]  Steven D. Galbraith,et al.  Recent progress on the elliptic curve discrete logarithm problem , 2015, Designs, Codes and Cryptography.

[93]  John Preskill,et al.  Quantum Computing in the NISQ era and beyond , 2018, Quantum.

[94]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[95]  Bo-Yin Yang,et al.  Multivariate Public Key Cryptography , 2009 .

[96]  Nikil D. Dutt,et al.  Post-Quantum Lattice-Based Cryptography Implementations , 2019, ACM Comput. Surv..

[97]  Nicolas Gama,et al.  Finding short lattice vectors within mordell's inequality , 2008, STOC.

[98]  Andrew W. Appel,et al.  Verification of a Cryptographic Primitive: SHA-256 , 2015, TOPL.

[99]  Peter W. Shor Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1999 .

[100]  Jakob Jonsson,et al.  On the Security of RSA Encryption in TLS , 2002, CRYPTO.

[101]  Tsuyoshi Takagi,et al.  Portable Implementation of Postquantum Encryption Schemes and Key Exchange Protocols on JavaScript-Enabled Platforms , 2018, Secur. Commun. Networks.

[102]  Michele Mosca,et al.  Finding shortest lattice vectors faster using quantum search , 2015, Designs, Codes and Cryptography.

[103]  Incrementally and inductively constructing basis of multiplicative dependence lattice of non-zero algebraic numbers , 2018, ArXiv.

[104]  X-Q Zhou,et al.  Experimental realization of Shor's quantum factoring algorithm using qubit recycling , 2011, Nature Photonics.

[105]  Anja Becker,et al.  New directions in nearest neighbor searching with applications to lattice sieving , 2016, IACR Cryptol. ePrint Arch..

[106]  Leslie Lamport,et al.  Constructing Digital Signatures from a One Way Function , 2016 .

[107]  David S. Johnson,et al.  The NP-completeness column , 2005, TALG.

[108]  Tanja Lange,et al.  Post-quantum cryptography - dealing with the fallout of physics success , 2017, IACR Cryptol. ePrint Arch..

[109]  Claus-Peter Schnorr,et al.  Lattice basis reduction: Improved practical algorithms and solving subset sum problems , 1991, FCT.

[110]  Chanathip Namprempre,et al.  Breaking and provably repairing the SSH authenticated encryption scheme: A case study of the Encode-then-Encrypt-and-MAC paradigm , 2004, TSEC.

[111]  Jeremy Clark,et al.  2013 IEEE Symposium on Security and Privacy SoK: SSL and HTTPS: Revisiting past challenges and evaluating certificate trust model enhancements , 2022 .

[112]  Peter W. Shor,et al.  Algorithms for quantum computation: discrete logarithms and factoring , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[113]  Sherali Zeadally,et al.  Lattice-Based Public Key Cryptosystem for Internet of Things Environment: Challenges and Solutions , 2019, IEEE Internet of Things Journal.

[114]  W. Banaszczyk New bounds in some transference theorems in the geometry of numbers , 1993 .

[115]  Thomas Wunderer,et al.  On the Security of Lattice-Based Cryptography Against Lattice Reduction and Hybrid Attacks , 2018 .

[116]  R. Solovay,et al.  Relativizations of the $\mathcal{P} = ?\mathcal{NP}$ Question , 1975 .

[117]  László Lovász,et al.  Factoring polynomials with rational coefficients , 1982 .

[118]  Nikil Dutt,et al.  Special session: trends, challenges and needs for lattice-based cryptography implementations , 2017, 2017 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[119]  Michael Naehrig,et al.  Accelerating Homomorphic Evaluation on Reconfigurable Hardware , 2015, CHES.

[120]  Harald Niederreiter,et al.  Algebraic Geometry in Coding Theory and Cryptography , 2009 .

[121]  Alex Biryukov,et al.  Symmetrically and Asymmetrically Hard Cryptography , 2017, ASIACRYPT.

[122]  Vijey Thayananthan,et al.  A Lightweight Blockchain Based Cybersecurity for IoT environments , 2019, 2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/ 2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom).

[123]  Tibor Jager,et al.  Tightly secure signatures and public-key encryption , 2012, Designs, Codes and Cryptography.

[124]  Mritunjay Kumar Rai,et al.  A Privacy-Preserving Secure Framework for Electric Vehicles in IoT Using Matching Market and Signcryption , 2020, IEEE Transactions on Vehicular Technology.

[125]  Siavash Bayat-Sarmadi,et al.  Lightweight and Fault-Resilient Implementations of Binary Ring-LWE for IoT Devices , 2020, IEEE Internet of Things Journal.

[126]  Joseph H. Silverman,et al.  NTRU: A Ring-Based Public Key Cryptosystem , 1998, ANTS.

[127]  Chris Peikert,et al.  A Decade of Lattice Cryptography , 2016, Found. Trends Theor. Comput. Sci..

[128]  Oded Goldreich,et al.  On the Limits of Nonapproximability of Lattice Problems , 2000, J. Comput. Syst. Sci..

[129]  Michael Rose,et al.  Lattice-based cryptography: a practical implementation , 2011 .

[130]  William J. Buchanan,et al.  Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment , 2017, Secur. Commun. Networks.

[131]  Subhash Khot,et al.  Hardness of approximating the shortest vector problem in lattices , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[132]  Michael Luby,et al.  Approximating Probabilistic Inference in Bayesian Belief Networks is NP-Hard , 1993, Artif. Intell..

[133]  Daniel J. Bernstein,et al.  Introduction to post-quantum cryptography , 2009 .

[134]  Peter Schwabe,et al.  SPHINCS: Practical Stateless Hash-Based Signatures , 2015, EUROCRYPT.

[135]  Ravi Kumar,et al.  A sieve algorithm for the shortest lattice vector problem , 2001, STOC '01.

[136]  Shay Gueron,et al.  Fast prime field elliptic-curve cryptography with 256-bit primes , 2014, Journal of Cryptographic Engineering.

[137]  Erdem Alkim,et al.  Post-quantum Key Exchange - A New Hope , 2016, USENIX Security Symposium.

[138]  Baocang Wang,et al.  PKCHD: Towards a Probabilistic Knapsack Public-Key Cryptosystem with High Density , 2019, Inf..

[139]  Jacques Stern,et al.  The Hardness of the Hidden Subset Sum Problem and Its Cryptographic Implications , 1999, CRYPTO.

[140]  Damien Stehlé,et al.  CRYSTALS - Kyber: A CCA-Secure Module-Lattice-Based KEM , 2017, 2018 IEEE European Symposium on Security and Privacy (EuroS&P).

[141]  Oded Goldreich,et al.  Eliminating Decryption Errors in the Ajtai-Dwork Cryptosystem , 1997, Electron. Colloquium Comput. Complex..

[142]  Ya. M. Nykolaichuk,et al.  Realization of Rsa cryptographic algorithm based on vector-module method of modular exponention , 2018, 2018 14th International Conference on Advanced Trends in Radioelecrtronics, Telecommunications and Computer Engineering (TCSET).