Post-quantum Secure Communication with IoT Devices Using Kyber and SRAM Behavioral and Physical Unclonable Functions (Extended Abstract).

For a secure Internet-of-Things (IoT) ecosystem, not only the establishment of secure communication channels but also the authentication of devices is crucial. Authenticated key exchange protocols establish shared cryptographic keys between the parties and, in addition, authenticate their identities. Usually, the identities are based on a pair of private and public keys. Physical Unclonable Functions (PUFs) are widely used recently to bind physically the private key to a device. However, since PUFs are vulnerable to attacks, even non-invasive attacks without accessing the device, this paper proposes the use of Behavioral and Physical Unclonable Functions (BPUFs), which allow multimodal authentication and are more difficult to be virtually or physically cloned. In order to resist attacks from classic and quantum computers, this paper considers a Kyber key exchange protocol. Recently, Kyber has been selected by the Post-Quantum Cryptography standardization process of the National Institute of Standards and Technology (NIST) for key establishment protocols. In this work, we propose to strengthen a Kyber key exchange protocol with BPUFs extracted from SRAMs included in IoT devices. Experimental results prove the feasibility of the proposal in WiPy boards.