用于关键系统有线通信的crystals -后量子网络安全SoC

IF 7.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things Pub Date : 2025-06-04 DOI:10.1016/j.iot.2025.101656

Armando Astarloa, Jesús Lázaro, José Ignacio Gárate

{"title":"用于关键系统有线通信的crystals -后量子网络安全SoC","authors":"Armando Astarloa, Jesús Lázaro, José Ignacio Gárate","doi":"10.1016/j.iot.2025.101656","DOIUrl":null,"url":null,"abstract":"<div><div>Critical systems in the energy industry and aerospace are the backbone of modern society and national defense. These systems are becoming heterogeneous computing and networking infrastructures composed of Edge located, Fog, and Cloud control devices. Strict coordination and reliable networking are required to orchestrate the tasks and actions controlled by multiple devices. The well-known Ethernet standard for inter and intra sub-system networking is evolving to Time-Sensitive Networking (TSN). Regarding the security at the link level in this networking, the industry has selected MACsec as the technology to protect hard-real time traffic, in general and TSN, in particular.</div><div>The extensive application of TSN will intersect with the post-quantum attack landscape in the future. As a result, it becomes imperative to conduct research on security solutions capable of effectively addressing these emerging threats. A quantum attack represents a novel and significant threat to network security. And, to operate MACsec in a post-quantum scenario, it is necessary to analyze the cipher suites for symmetric and asymmetric cryptography and used in MACsec (standard IEEE 802.1AE) and MKA (IEEE 802.1X).</div><div>In the Post-Quantum Cryptography Standardization process, The National Institute of Standards and Technology has selected for public-key encryption and key-establishment algorithm CRYSTALS–KYBER. Additionally, the selected digital signature algorithms for standardization include CRYSTALS-Dilithium.</div><div>This work contributes with a novel concept-proof semiconductor implementation that fulfill the requirements in terms of power-consumption, resources utilization and PQC security level for Industrial IoT applications. The presented research analyzes the resources required by a high-performance CRYSTALS-Dilithium implementation on IIoT SoC devices. Firstly, the architecture and implementation of RTL-based CRYSTALS-Dilithium IP are presented and discussed. Secondly, a System-on-Chip semiconductor device composed of a RISC-V CPU subsystem and the CRYSTALS-Dilithium IP is developed in the scope of this research as a concept-prof to evaluate the viability of integrating PQC on resource-constrained devices for IIoT.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"33 ","pages":"Article 101656"},"PeriodicalIF":7.6000,"publicationDate":"2025-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"CRYSTALS-Dilithium post-quantum cyber-secure SoC for wired communications in critical systems\",\"authors\":\"Armando Astarloa, Jesús Lázaro, José Ignacio Gárate\",\"doi\":\"10.1016/j.iot.2025.101656\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Critical systems in the energy industry and aerospace are the backbone of modern society and national defense. These systems are becoming heterogeneous computing and networking infrastructures composed of Edge located, Fog, and Cloud control devices. Strict coordination and reliable networking are required to orchestrate the tasks and actions controlled by multiple devices. The well-known Ethernet standard for inter and intra sub-system networking is evolving to Time-Sensitive Networking (TSN). Regarding the security at the link level in this networking, the industry has selected MACsec as the technology to protect hard-real time traffic, in general and TSN, in particular.</div><div>The extensive application of TSN will intersect with the post-quantum attack landscape in the future. As a result, it becomes imperative to conduct research on security solutions capable of effectively addressing these emerging threats. A quantum attack represents a novel and significant threat to network security. And, to operate MACsec in a post-quantum scenario, it is necessary to analyze the cipher suites for symmetric and asymmetric cryptography and used in MACsec (standard IEEE 802.1AE) and MKA (IEEE 802.1X).</div><div>In the Post-Quantum Cryptography Standardization process, The National Institute of Standards and Technology has selected for public-key encryption and key-establishment algorithm CRYSTALS–KYBER. Additionally, the selected digital signature algorithms for standardization include CRYSTALS-Dilithium.</div><div>This work contributes with a novel concept-proof semiconductor implementation that fulfill the requirements in terms of power-consumption, resources utilization and PQC security level for Industrial IoT applications. The presented research analyzes the resources required by a high-performance CRYSTALS-Dilithium implementation on IIoT SoC devices. Firstly, the architecture and implementation of RTL-based CRYSTALS-Dilithium IP are presented and discussed. Secondly, a System-on-Chip semiconductor device composed of a RISC-V CPU subsystem and the CRYSTALS-Dilithium IP is developed in the scope of this research as a concept-prof to evaluate the viability of integrating PQC on resource-constrained devices for IIoT.</div></div>\",\"PeriodicalId\":29968,\"journal\":{\"name\":\"Internet of Things\",\"volume\":\"33 \",\"pages\":\"Article 101656\"},\"PeriodicalIF\":7.6000,\"publicationDate\":\"2025-06-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Internet of Things\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2542660525001702\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Internet of Things","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2542660525001702","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

能源工业和航空航天中的关键系统是现代社会和国防的支柱。这些系统正在成为由边缘定位、雾和云控制设备组成的异构计算和网络基础设施。为了协调多个设备控制的任务和操作，需要严格的协调和可靠的网络。众所周知，用于子系统间和子系统内网络的以太网标准正在向时间敏感网络（TSN）发展。对于这种网络的链路级安全性，业界选择了MACsec作为保护硬实时流量的技术，特别是TSN。TSN的广泛应用将与未来的后量子攻击格局相交叉。因此，必须对能够有效应对这些新出现的威胁的安全解决方案进行研究。量子攻击是对网络安全的一种新的重大威胁。并且，为了在后量子场景中操作MACsec，有必要分析在MACsec（标准IEEE 802.1AE）和MKA （IEEE 802.1X）中使用的对称和非对称密码套件。在后量子加密标准化过程中，美国国家标准与技术研究院选择了CRYSTALS-KYBER作为公钥加密和密钥建立算法。此外，为标准化选择的数字签名算法包括CRYSTALS-Dilithium。这项工作有助于实现一种新颖的概念验证半导体实现，满足工业物联网应用在功耗、资源利用率和PQC安全级别方面的要求。本研究分析了在IIoT SoC器件上实现高性能crystals - diliium所需的资源。首先，介绍并讨论了基于rtl的CRYSTALS-Dilithium IP的架构和实现。其次，在本研究范围内，开发了一个由RISC-V CPU子系统和CRYSTALS-Dilithium IP组成的片上系统半导体器件，作为概念分析，以评估在资源受限的IIoT设备上集成PQC的可行性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

CRYSTALS-Dilithium post-quantum cyber-secure SoC for wired communications in critical systems

Critical systems in the energy industry and aerospace are the backbone of modern society and national defense. These systems are becoming heterogeneous computing and networking infrastructures composed of Edge located, Fog, and Cloud control devices. Strict coordination and reliable networking are required to orchestrate the tasks and actions controlled by multiple devices. The well-known Ethernet standard for inter and intra sub-system networking is evolving to Time-Sensitive Networking (TSN). Regarding the security at the link level in this networking, the industry has selected MACsec as the technology to protect hard-real time traffic, in general and TSN, in particular.

The extensive application of TSN will intersect with the post-quantum attack landscape in the future. As a result, it becomes imperative to conduct research on security solutions capable of effectively addressing these emerging threats. A quantum attack represents a novel and significant threat to network security. And, to operate MACsec in a post-quantum scenario, it is necessary to analyze the cipher suites for symmetric and asymmetric cryptography and used in MACsec (standard IEEE 802.1AE) and MKA (IEEE 802.1X).

In the Post-Quantum Cryptography Standardization process, The National Institute of Standards and Technology has selected for public-key encryption and key-establishment algorithm CRYSTALS–KYBER. Additionally, the selected digital signature algorithms for standardization include CRYSTALS-Dilithium.

This work contributes with a novel concept-proof semiconductor implementation that fulfill the requirements in terms of power-consumption, resources utilization and PQC security level for Industrial IoT applications. The presented research analyzes the resources required by a high-performance CRYSTALS-Dilithium implementation on IIoT SoC devices. Firstly, the architecture and implementation of RTL-based CRYSTALS-Dilithium IP are presented and discussed. Secondly, a System-on-Chip semiconductor device composed of a RISC-V CPU subsystem and the CRYSTALS-Dilithium IP is developed in the scope of this research as a concept-prof to evaluate the viability of integrating PQC on resource-constrained devices for IIoT.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Internet of Things Multiple-

CiteScore

3.60

自引率

5.10%

发文量

115

审稿时长

37 days

期刊介绍： Internet of Things; Engineering Cyber Physical Human Systems is a comprehensive journal encouraging cross collaboration between researchers, engineers and practitioners in the field of IoT & Cyber Physical Human Systems. The journal offers a unique platform to exchange scientific information on the entire breadth of technology, science, and societal applications of the IoT. The journal will place a high priority on timely publication, and provide a home for high quality. Furthermore, IOT is interested in publishing topical Special Issues on any aspect of IOT.