Postquantum SSL/TLS for Embedded Systems

Abstract

The "the internet of things" will require security in fracture on small devices. This task is made more difficult as large quantum computers may appear soon and break currently standard PKCs (public-key cryptosystems). In anticipation, PKCs which can survive quantum computing ("post quantum cryptosystems", or PQCs) are actively being studied. However, effort put into building infrastructure for PQCs has been insufficient, in particular w.r.t. The lack a comprehensive library with a quantum-computing-resilient option for each public-key task. We present such a post quantum SSL/TLS library using publicly available parameters. We adapted this library from Polar SSL rather than the more popular Open SSL because it was a much cleaner code base to work from. We have also refactored the original Polar SSL code base to facilitate the incorporation of future cryptosystems. While testing is yet incomplete, both throughput and code size seem reasonable, facilitating adoption in resource-limited devices.