Secure and Scalable Internet of Things Model Using Post-Quantum MACsec

Abstract

Read online

For the secure deployment of network platforms tailored for IoT devices, the encryption of data transmission is equally as crucial as the process of authentication. In this context, we introduce the Secure and Scalable IoT network (SSI) network platform, designed to accommodate a diverse range of IoT devices. It provides scalability and implements effective many-to-many and end-to-end encryption across extensive regions. With the emergence of quantum computing, secure public key exchange mechanisms have become important. Among the various post-quantum cryptography (PQC) algorithms assessed, Nth Degree Truncated Polynomial Ring Units (NTRUs) have emerged as an optimally suited PQC algorithm for IoT devices constrained by limited computational capabilities. We have integrated NTRUs with SSI as a lightweight PQC solution. Moreover, SSI-PQM (Post-Quantum MACsec) enhances the SSI’s initial authentication structure to minimize PQC-TLS session attempts and protect the SSI’s important configuration information. When applying TLS with PQC for secret key exchange purposes, it was verified that this approach ensures stable performance in IoT environments. Upon the implementation of our proposed SSI-PQM on Raspberry Pi 3B+ based IoT devices, SSI-PQM exhibited acceptable performance at security levels from 80 to 128 and achieved a minimum speed improvement of 161% over RSA at security levels above 160. It can be concluded that SSI-PQM stands out as an effective Zero Trust-based IoT network platform, demonstrating its viability and efficiency in safeguarding data transmission against potential quantum computing threats.

Keywords

• IoT
• L2TP
• MACsec
• network overlay
• Nth Degree Truncated Polynomial Ring Units
• post-quantum cryptography