Quantum-Safe Authentication Protocol For Smart-City Based Iot Devices

Abstract

Authentication key exchange protocols enable communication entities to agree on a shared secret value over an insecure public channel. Conventional authentication key exchange protocols rely on mathematical problems that can be broken by Shor's algorithm executed on a quantum computer. This study proposes a quantum-safe authentication protocol that uses the CRYSTALS-Kyber post-quantum cryptographic primitive and Elliptic-Curve Cryptography. The primary application area of the proposed scheme is smart-city infrastructures and resource-constrained environments. This protocol is motivated by the scheme of Parameswarath et al. Their solution lacks perfect forward secrecy and protection against denial-of-service attacks, and it is practically infeasible. The proposed scheme addresses those limitations. The scheme presented in this study was analyzed in the Real-or-Random formal security model. Additionally, the formal security verifier ProVerif was used to verify security properties, including message integrity, strong authentication, and session key secrecy. Moreover, this document includes an informal security analysis that demonstrates a wide range of security features. This study also contains a performance analysis of the proposed scheme along with other recently published schemes. The total computation costs at the IoT device and the Cloud Server are 0.2014 and 0.216 milliseconds, respectively. The storage cost for both the IoT device and the Cloud Server is 2545 bytes. The total communication cost for authentication messages is 1687 bytes. Finally, the presented protocol was simulated using the NS3 network simulator. The measured values for Packet Delivery Ratio, End-to-End delay, and Throughput in a scenario with 40 devices are 99.07\%, 3.54 ms, and 162.92 kbps, respectively.