Quantum Cryptography for IoT security
Maryam Alhefeiti
College of Engineer and computer Science
Abu Dhabi University
1079231@students.adu.ac.ae
Abstract—Internet of Things (IoT) is a new creation that our
world is tending to move towards. This invention will be part of
our lives and it is simply referring to more than billions of
physical devices around the world which are now connected to
the internet, and all of these devices are able to collect and share
data. Now some may ask; what type of physical objects can be
transformed into IoT device? Well, any device can be
transformed into IoT device if it can be connected to the Internet
to be controlled or if it is used to communicate and share
information. For example, If the lightbulb is controlled by
smartphone, then this is an IoT device. Even the IoT technology
tend to ease our life, on the other hand there are a lot of concerns
related to IoT security must be taking in considerable. For
example, data infringements, side-channel attacks and
authentication of viruses and data. The common classical
cryptographic algorithms may work well with the classical
computers like RSA (Rivest-Shamir-Adleman) algorithm,
however, since the new technology is shifting towards quantum
computing, that has immense processing power and is more than
enough to break the current cryptographic algorithms easily. For
that reason, there was a need for new robust cryptographic
algorithm which is Quantum Cryptography so that our systems
are prevented from violating safety even before supercomputers
are commercially available. The IoT will be the one of the areas
to ensure that malicious activity may be prevented. Equally
quantum computing, can pose as a threat to classical
cryptography due to its rapid computation speed and processing
power. Therefore, the need arises to design quantum-resistant
cryptographic algorithm which are considered protected even
when attacked by a quantum computer. Apart from traditional
cryptography which encrypts information to bits, quantum
encryption in turn utilizes qubits i.e., photons and photon
polarization to encode data
Index Terms—IoT, Quantum Cryptography, QKD, qubit
(Quantum bit)
I. INTRODUCTION
These days, computers provide us various kinds of services.
It makes our lives easier for so many chores. However, every
task they execute may also carry a security risk. Therefore, it is
crucial for us that our valuable and personal data are
completely secure
Sustainable computer security includes the use of
appropriate anticipatory measures, the detection of emerging
vulnerabilities, potential compulsive and endangered systems
and incidents of handling [1]. Due to the extensive usage of
internet, Wi-Fi, & Bluetooth, computer safety is becoming
Zarrin Hassain
College of Engineer and computer Science
Abu Dhabi University
1030496@students.adu.ac.ae
increasingly crucial. Misuse of a computer network, such as
Hacking, phishing, Computer viruses, worms or Trojans can
happen in various sorts. Damage to hardware, software or
technological data sources may also result from misuse. With
the advancement of technology, the Internet of Things is
indeed a new topic of interest that automates additional
processes and provides further data for users on the Internet.
For that the demand for security is raised [2].
Multi-technological
convergence,
machine-learning,
sensors of goods, wireless sensors, management systems,
automatics, all contribute to optional IoT. IoT consists of
expanding the website on the far side of common devices,
including desktops, laptops, phones and tablets, towards any
variation in physical equipment and daily things which were
historically unable to use the Internet. Incorporated with
technology, these gadgets communicate and move through the
net and may be watched and controlled remotely. IoT is
susceptible to several security attacks and violations due to
these ubiquitous applications. So, when designing or using IoT
applications we must be more attentive [3].
Digital applications and services are becoming the
mainstream in today's society in response to the rapid invention
of Computers and the Internet of Things (IoT) technology. This
trend makes it possible to transfer more data and information
via the Internet. Thus, complete encryption techniques are
provided to safeguard the confidentiality of the data and ensure
authentication between sender and receiver in the digital age. It
is a vital responsibility of cryptography to create secure
encrypted keys via untrusted networks. The session key for end
users/applications was related to theoretical security, however
existing public-key cryptography are based on computer
complicated mathematical challenges [2] (e.g. RSA or Diffie
Hellman public key protocol) that can deliver the session key
distributor. Therefore, the need arises to design quantumresistant cryptographic algorithm which will be presented in
the rest of this research paper [4].
The rest of this paper is organized as follows: Section 2
explains the background of Quantum computing. Section 3 lists
the security issues in IoT system. Section 4 identifying
different traditional security techniques. And section 5 explains
the Quantum node. In section 6 Quantum Cryptography is
shown. After that, the Quantum link is explained in section 7.
Quantum cryptography implementation with IoT is explained
in section 8. Section 9 is about QKD Network type. We
conclude our paper in section 10.
II. BACKGROUND
In quantum cryptography, the characteristics of
quantum mechanics have been utilized by Bennet and
Brassard [2] to create very first Quantum Keys Distribution
(QKD) method - the BB84 protocol – which used to
distribute session key for two end users. In addition, certain
investigations have found that the BB84 protocols is a
binding security protocol; that means, the BB84 session key
belongs to unconditionally security keys. Just a one-time
pad may comply with unconditional safety cyphers in
classical encryption.
Various QKD techniques were proposed in
accordance with the BB84 protocol. The semi-quantum
distributing key protocols and the independent
measurement instrument (MDI) QKD Key. These two keys
were presented to enhance the feasibility of QKD protocols
under present of quantum technologies. Various sorts of
quantum protocol for various applications have also been
suggested. For example, quantum secure direct interaction,
quantum secrecy (QSS), quantum comparison of private
use, and quantum information sharing [2]. However,
instead of existing public-key cryptographic systems in the
existing network environment, QKD protocols cannot
provide the service of key distribution as a core
infrastructure, due to limits of quantum computing (e.g., the
reachable distance of qubit transmission and the accuracy
of the qubit detector). Furthermore, due to the peculiarity of
quantum links & network organization, QKD protocols
could be incorporated instantly with the existing network
protocols.
The concept and structure of the QKD networks have
been developed to help the remote users and applications
distribution of security keys inside the existing network
environment, to solve the above-mentioned problem [5].
The QKD network extends the range of QKD
protocol and consists of numerous static quantum nodes
with full quantum capacity (e.g., one photon / punch state,
qubit storage and unit quantum operation). In order to
distribute safe key (also called local key) across
surrounding nodes, Quantum nodes run QKD (e.g., the
prototype BB84) and hop-by-hop is used to help remote
users and applications to transfer unconditional security
public key. The QKD network includes quantum nodes &
quantum connections, and the network framework can be
separated into 3 layers as it is illustrated in Figure 1. First,
the Data Communication layer, which is the top layer that
performs the routing operations and provides the API to
enable end users and applications to obtain secure QKD
protocol session keys. second, the medium layer is the main
managing layer which manages the key distributed energy
in the quantum layers to efficiently use the resources on
quantum devices. Last, the lower layer is the quantum
layer, it is an important management layer and a quantum
overlay. It consists of many quantum devices, but it
considered as an authorized classical public channel, also it
runs the QKD protocol to share local keys with nearby knot
[6].
Figure 1 QKD network layers
III. SECURITY ISSUES IN IOT SYSTEM
As discussed earlier there are a lot of security concerns
related to IoT system that must be taken in considerable. In this
section we focus on these several security problems associated
to IoT.
A. Intrusions of data
Tons of user’s data are collected by IoT applications to
make these application work properly. Some of these data,
maybe sensitive and personal like ID number, credit card
number or general information about where she/he lives.
Therefore, encryption must be protected.
B. Authentication of data
When data is encrypted correctly, the probability of the
system itself being hacked remains. If the validity of the data
transmitted to or from the IoT device is not determined, then
the security shall be granted [7].
C. Attacks on the side channel
Those attacks depend on the information and data gathered
from a system's implementation and not the flaws of the
implementation algorithm. A system can be exploited
sufficiently by its power consumption, electromagnetic leaks,
or sound [8].
D. Updates/No Irregular
In the next few years, IoT devices are anticipated to
increase in number. During device development, developers
typically do not consider future device upgrades, so a device
which is considered safe when made cannot remain secure after
two, three years if not continually updated [1].
E. Malware and rescue services
The Mirai Botnet, which contains IoT devices running on
the reduction of Argonaut instruction sets (ARC) CPUs, may
be a malware example. It is quite easy for Mirai - infect a
device if the default login and password combinations is not
updated for the device. Ransomware is malicious software
which tends to lock users from their devices and to threaten
users with their personal information until a ransom is paid
[1].
IV. TRADITIONAL SECURITY TECHNIQUES
There are several advantages and concerns associated with
IoT. Since the safety of all communications is a priority, this
section describes standard security methods for IoT.
A. Passwords hashed
Hashing is a typical method of encrypting device
passwords. Hash is an input string function which produces a
single and clarify objectives of bits. A technique called a
rainbow table can be used to crack the hash code. This is a
table with the hash key for the highly popular password strings,
which helps everyone search the password quickly. An entity
known as salt can prevent the reverse looking-up of the
rainbow table. It is a tiny random string attached to each and
every Hash key that is unique to each key [9]. To create a
rainbow table is a time consuming and costly process for such
long periods.
B. Authentication of the private key
The asymmetrical encryption of private keys gives two
keys, one public and one private. If data is encrypted using the
private key, only the public key can be decrypted, and vice
versa. This preserves the system's security and improves
connection with other devices. This can be beneficial for
connecting a new device to the IoT system and verifying
messages across systems [10].
C. Firmware signed
The developer makes a secret digital certificate during the
production of the firmware, which prevents hackers from
changing the actual version with a Malicious firmware, as
verified signatures are not replicated. A secure boot mechanism
is also used to check whether any code running on this device
is properly signed. All these aforementioned strategies in real
life systems owing to resource restrictions cannot be achieved
very effectively. A limited quantity of memory and processing
power is a huge obstacle for developers. These solutions are
theoretically flawless, yet we may nevertheless detect security
violations in IoT devices in a variety of instances [11]. Some
Examples of harmful assaults are as follow:
• Botnet or assault by Dyn Mirai.
• Hackable St. Jude cardiac surveillance devices.
• Vulnerabilities for the Wi-Fi Baby Monitor.
• The webcam of TREND.
• Stuxnet.
In order to avoid the above-mentioned risks, we clearly
need more effective cryptographic and security techniques.
V. QUANTUM NODE
A quantum node has various devices needed to run the
QKD technique, including qubit producers, qubit measuring
equipment and qubit memory. Quantum device technologies
and types rely on the QKD protocol kinds (E.g., QKD or
continuous QKD based on variable disclosures) [7].
Quantum nodes according to the functionality of the
quantum node may be divided into three categories:
a) The node of repeat.
b) The node of access.
c) Central hub of control.
The repeater node helps others to send session-key packets
via an appropriate routing path, with the primary feature of the
accessing node being the API, whereby end-users/applications
access the session-key(s) [6]. The central control knot is the
routing server that manages the whole root node of the QKD
network on a given QKD network (i.e. the client-server
architecture).
Moreover, because key generation rate & key demand for
services are dynamic, a balance between both the key supply
side cannot be maintained at all times. Thus, a buffer (called
key storage) must require the quantum node to store local keys
to increase the dynamic environment tolerance in a QKD
network. It is a crucial duty to protect local keys in key storage.
A relevant key management method for managing and
protecting key production, storage and use in key storage has
therefore to be implemented [9].
VI. QUANTUM CRYPTOGRAPHY
Quantum cryptography is really a highly exciting area,
using quantum mechanical concepts to construct the most
secure cryptosystem. No one can break it, without the
transmitter or the recipient of the message being noticed.
Quantum crypto graphing is based on photons and their
essential quantum features for developing an indestructible
cryptosystem, as without disturbing the system it is not
important to identify the quantum state of every system.
Nowadays, cryptography is used to construct efficient
cryptosystems based on mathematical concepts. The 'key' is a
combination of a wide range of prime factors, created using
random numbers as one example of a mathematical
cryptography procedure.
The cracking of those keys may have been a difficult task,
but it is not impossible with a conventional computer. Thus,
researchers have moved from mathematics to physics and have
tried to design systems that will replace the systems that are
currently employed. Quantum mechanics are thought to be
100% un-hackable and safe to send/receive messages [12].
The foundation of quantum cryptography is that it exploits
the smallest single particles in nature. Photons have the trait of
existing in more than one state simultaneously and only alter
their conditions when measured. This is the principal property
used by quantum algorithms. Whenever a message passes from
the sender to the recipient via the channel, and every malicious
entity attempts to intercept the communication, the
sender/receiver immediately sees a change in photon status.
There is also a version of a strategy that uses a phenomenon
called quantum interplay [13].
Quantum enclosure is a trait in which a change of one
photon leads to a change in another, even if 2 quantum
particles/photons are divided by a physical distance, so that the
intruder in a network may simply be detected [10].
communication distance performance and the key generation
rate remains an important research problem for QKD networks
[7].
In general, the use of fiber channels to create a QKD
network can improve the performance of communication
distance or key generation rates as compared to empty space.
Nevertheless, expenses are still high (including expenditures of
a precise single photon detector and specialized fiber).
VIII. QUANTUM CRYPTOGRAPHY IMPLEMENTATION WITH IOT
VII. QUANTUM LINK
A quantum link between two remote QKD nodes consists
of a quantum channel, or a classical authenticated public
connection as shown in Figure 2. The quantum channel is used
to transmit qubits while the public channel utilized for the post
processing of QKD protocol information by the traditional
channel and traditional cryptographic technologies (i.e.,
universal hash function) [11].
Figure 2 Channels of quantum link
There are two basic strategies for implementing quantum
channels in practical ways: first is direct optical fibers and the
second one is free point-to-point view (P2P) systems. In many
cases it is not possible to implement QKD protocols using
dedicated fibers, despite the widespread use of optical fibers
for transferring qubits.
A free space connection is occasionally convenient even
though it has some disadvantages, such as adequate air
conditions, a visible light route, and an acceptable signal-tonoise ratio. It should be noted that the viability of the
transmission of quantum and classical information across
shared optically fibers, namely that the quantum nodes can
transmit based on quantum information using the same optical
fiber, has been proven [8]. The technique could greatly
minimize the cost of installing new fiber connections from the
deployment viewpoint.
Different quantum channel types also relate to various
QKD protocol types. In other words, the fiber channel usually
includes discrete, variable QKD based protocols whereas the
free space links are used for the continuous variable QKD
protocols.
The distance and the key rate of generation are the essential
issues for the implementation of quantum connections. While
the key generation rate is reduced exponentially by the increase
in the known communication distance, improving both the
IoT system have several security flaws related to users,
devices, and networks. There are no provisions for the
detection of eavesdroppers on the channel in the existing art
and architecture of the IoT. The IoT network can also be
attacked when just one device in the network is infected by a
virus and another device is trusted by that infected device. The
failure can only be recognized late, and plentiful amount of
data can then be passed on to any malicious actor. Some
viruses can harm the systems in such a way that they can be
destroyed only through rebooting and the manufacturing and
commercial systems are not restarted very often [14].
The Internet of Things is particularly vulnerable to attacks
due to its many vulnerability areas. Our purpose here is to
examine a possible quantum encryption solution for IoT
security. The quantum key distribution, mentioned above, is a
very fundamental feature of quantum cryptography. The
channel's ability to detect the existence of eavesdropper in the
system design is the best characteristic in a quantum key
distribution. It contrasts sharply with standard cryptography
algorithms [15].
The quantum cryptography prototype BB84 varies severally,
but the principal difficulty in physical execution is the greatest
distance which photons can travel. In essence, photons are light
particles and can be distorted by natural or environmental
disasters. In circumstances where IoT networks are broad and
include numerous towns and nations, the photons have to travel
a really long distance. Quantum computing does not do this
here. Quantum devices are also exceedingly large,
cumbersome, and costly so not each organization cannot afford
this. The existing protocol for the quantum key distribution
works with only 2 devices. This is not theoretically possible in
a real IoT system that connects thousands of devices to interact
[13].
IX. QKD NETWORK TYPE
Regarding the type of QKD network, there are three classes
of QKD network based on the experiments and research papers
currently available which are [11]:
a) Active networks of optical switches.
b) Networks of trusted nodes
c) Networks for Quantum Replay
Here, it is possible to establish a convenient QKD Network
using hybrid network types, rather than a single type. For
instance, a fiber sensor switches and the trusted QKD Network
could be applied to form a QKD network. The following lines
will give a brief about each QKD network type.
A. Active Optical Switch network
An active optical switching technique is used to construct a
direct optical P2P-quantum channel among two quantum nodes
in the optical sensing switch network. The switching technique
allows for a clear relationship and perform the QKD protocol
using two quantum nodes without the assistance of other
nodes, but there are two problems with this framework which
are:
• The communication distance of a QKD network is still
limited by the maximum communications distance
between the two quantum nodes.
• The application may be limited by all quantum
technologies used on the network.
However, the challenges of implementation of the physical
layer active optical switch still impact the effectiveness of
qubit communications. The active optical switch, for example,
causes additional photon losses and reduces the quantum
channel maximum distance. An optical sensing switch with
limited risk and noise and without disrupting the state of qubits
is therefore a key issue [16].
[6]
[7]
[8]
[9]
[10]
[11]
[12]
X. CONCLUSION
Finally, it has been decided that, although computer
technology and quantum cryptography have grown very
effectively, progress needs to be made in the business systems.
Several algorithms are an enhanced version, such as the
consistent one-way quantum key algorithm (COW), which
aims to correct the inconvinces of the first quantum key
method [8]. But the practical implementation of quantum
systems for IoT is a huge barrier because of the large-scale and
costly quantum appliances not available by each company.
Furthermore, the distance between quantum communications is
much lower because of the qualities of photons that restrict
them to lengthy distances. If these questions are addressed, we
can apply quantum cryptography to successful IoT systems that
make them to the day the safest systems [17].
[13]
[14]
[15]
[16]
XI. REFERENCES
[17]
[1]
[2]
[3]
[4]
[5]
V. K. a. M. K. a. I. P. a. N. Bardis, "Reliability and Security
Issues for IoT-based Smart Business Center: Architecture and
Markov Model," 2016 Third International Conference on
Mathematics and Computers in Sciences and in Industry
(MCSI), pp. 313-318, 2016.
I. a. G. M. a. H. S. a. K. B.-S. a. K. K. M. a. A. M. a. A. S. H.
Ud Din, "The Internet of Things: A Review of Enabled
Technologies and Future Challenges," vol. 7, no.
10.1109/ACCESS.2018.2886601, pp. 7606-7640, 2019.
Symantic, "Internet Security Threat Report," no. 04/16
21365088, 2016.
J. Stankovic, "Research Directions for the Internet of Things,"
no. 10.1109/JIOT.2014.2312291, 2019.
T.-Q. Z. X.-C. C. J. L. a. W. S. J. Shen, "Anonymous and
Traceable Group Data Sharing in Cloud Computing," IEEE
TRANSACTIONS ON INFORMATION FORENSICS AND
SECURITY, vol. 13, pp. 912-925, 2018.
R. P. Feynman, "Simulating physics with computers,"
International Journal of Theoretical Physics, vol. 21, no.
10.1007/BF02650179, pp. 467-488, 1982.
D. a. H.-K. L. Gottesman, "Proof of security of quantum key
distribution with two-way classical communications," IEEE
Transactions on Information Theory, vol. 49, no.
10.1109/TIT.2002.807289, pp. 457-475, 2003.
S. p. f. q.-k.-d. s. w. t. detectors, "Security proof for quantumkey-distribution systems with threshold detectors," Phys. Rev.
A, vol. 78, no. 3, p. 032302, 2008.
A. B. a. A. E. David Elieser Deutsch, "Universality in quantum
computation," Proc. of the Royal Society A: Mathematical and
Physical Sciences, vol. 449, no. 1937, pp. 669-677, 1995.
M. B. A. K. a. N. G. Nicolas J. Cerf, "Security of Quantum Key
Distribution Using d-level systems," Phys. Rev. Lett, vol. 88,
no. 12, p. 127902, 2002.
Y. a. W. L. a. Y. G. a. L. L. a. Z. H. Yang, "A Survey on
Security and Privacy Issues in Internet-of-Things," IEEE
Internet of Things Journal, vol. pp, no.
10.1109/JIOT.2017.2694844, pp. 1-1, 2017.
G. L. L. a. X. S. Liu, "Theoretically efficient high-capacity
quantum-key-distribution scheme," Phys. Rev. A, vol. 65, no.
10.1103/PhysRevA.65.032302, p. 032302, 2002.
G. B. Charles H. Bennett, "Quantum Cryptography: Public Key
Distribution and Coin Tossing. In Proceedings of the IEEE
International Conference on Computers, Systems and Signal
Processing.," Theoretical Computer Science, vol. 1, no.
10.1016/j.tcs.2014.05.025, p. 175–179, 1984.
y. J. Kelleher, "Will Enterprise Prioritize IoT Security Over
Innovation in 2019?," 11 February 2019. [Online]. Available:
https://www.veridify.com/will-enterprise-prioritize-iot-securityover-innovation-in-2019/.
G. V. A. J. W. R. B. N. J. C. P. G. F.Grosshans, "Quantum key
distribution using gaussian-modulated coherent states," Nature
(London) 421, 238 (2003), vol. 1, no. 10.1038/nature01289, p.
8, 2003.
C. H. a. B. G. a. M. N. D. Bennett, "Quantum cryptography
without Bell's theorem," Phys. Rev. Lett., vol. 68, no.
10.1103/PhysRevLett.68.557, pp. 557--559, 1992.
W.-Y. Hwang*, "Quantum Key Distribution with High Loss:
Toward Global Secure Communication," vol. 91, no.
10.1103/PhysRevLett.91.057901, 2003.