We are entering the era of the Internet of Things (IoT). The IoT connects not only classical computing and communication devices, but all kinds of other gadgets that we use in our everyday lives: Cars, door locks, personal medical devices, washing machines, refrigerators, and light switches are often cited examples. These devices can then download software from, and upload data to, the Internet. Likewise, users on the Internet can query the devices for information, or issue commands for the device to perform specific actions.
Thus the IoT provides a capacity for remote users to manipulate our physical environment. This manipulation is obviously potentially dangerous, and it must be understood that access to IoT devices must be allowed only for legitimate, authorized users. This requires the use of cryptographic techniques for proving the identity of devices and users, and for protecting the interchanged information.
The most popular current cryptographic techniques are not secure against an attacker that can do computations on a quantum computer. As of early 2018, full-scale quantum computers are not publicly known to exist, and it is still considered a significant challenge to construct one. However, there are strong ongoing efforts worldwide to build these computers, motivated by political and commercial interests. Therefore it is recommended that sensitive information is protected by new cryptographic techniques that are not vulnerable to an attacker with access to a quantum computer. These techniques are referred to as quantum-safe, or post-quantum, crypto.
Known quantum-safe techniques rely on heavy computations and very long cryptographic keys. This is particularly inconvenient in the IoT setting, where many devices may be strictly limited with respect to computation, storage, communication, and battery capacity. In this project, we address the design and analysis of lightweight quantum-safe crypto primitives and IoT-compatible crypto communication protocols.
The Research Council of Norway (IKTPluss)