Title: Impact of Quantum Computing on IoT Security

Abstract:

Many IoT systems deployed today will remain operational for many years. With advances in quantum computers, it is possible that large-scale quantum computers will be available in the future to perform cryptanalysis on existing cryptographic algorithms and cipher suites. Such scenario will have two consequences. First, key exchange, public-key encryption, and signatures would no longer be secure due to Shor's algorithm. Second, the security level of symmetric algorithms will decrease, for example, the security of a block cipher with a key size of n bits will only offer n/2 bits of security due to Grover's algorithm. 

The above scenario becomes critical when we consider the “harvest and decrypt” attack in which an attacker can begin to harvest (store) encrypted data today, before a quantum computer is available, and then decrypt years later, once a quantum computer is available. It may also become difficult to update IoT devices securely. This situation would force us to switch to quantum-resistant alternatives, especially for key exchange, public-key encryption, and signatures. As IoT devices are vulnerable to hacking, it becomes important to use quantum-safe cryptography to protect the data transmitted between IoT devices and the internet.