Enabling Quantum-Resistant EDHOC: Design and Performance Evaluation

Enabling Quantum-Resistant EDHOC: Design and Performance Evaluation

Blog Article

The Ephemeral Heat Protectant Diffie-Hellman over COSE (EDHOC) is a compact and lightweight key establishment protocol for constrained scenarios that provides end-to-end application layer security context.However, because of the vulnerability of the discrete logarithm problem to Shor’s algorithm, a quantum resistant replacement for Diffie-Hellman is required.This paper proposes an architecture to transform EDHOC into a quantum-resistant protocol, with an open-source implementation supporting various Post Quantum Cryptography (PQC) schemes from the National Institute of Standards and Technology (NIST) PQC standardization process.

Necessary modifications to EDHOC are analyzed, integrating PQC Key Encapsulation Mechanisms (KEMs) and PQC digital signatures in a complete Post-Quantum (PQ) version of the EDHOC protocol (PQ-EDHOC).PQC operations often involve complex computations and require larger byte sizes, which can challenge resource-constrained devices designed for lightweight operation in constrained network environments.To evaluate the applicability of various PQC schemes in a realistic PQ EDHOC environment, various PQC KEM and Digital Signature combinations are assessed for execution time, energy consumption, memory usage, and network performance on an nRF52840 ARM Cortex-M4 platform with a 6LoWPAN (IPv6 over Low-Power Wireless Protein Blends Personal Area Networks) over BLE (Bluetooth LowEnergy) network.

Results indicate that NIST standardized ML-KEM emerges as the only suitable KEM choice for resource-constrained environments, while promising new signature schemes, like HAWK, show significant performance improvement over the NIST standardized ML-DSA and selected for standardization FALCON.