Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


Requirements for Post-Quantum Cryptography on Embedded Devices in the IoT

June 8, 2021


Derek Atkins - Veridify Security


As NIST proceeds through Round 3 to whittle down and choose the PQC methods it will standardize, members of the commercial community who plan to use the output of NIST would like to ensure their needs are also being met. Specifically, while the needs of the US Federal Government are absolutely vital, and large organizations like Google, Amazon, Microsoft, Apple, etc. would be able to directly leverage anything NIST creates for the Federal Government, there are other use-cases that are just as vital but have a significantly different set of operating requirements and restrictions, namely restricted resources for embedded “Internet of Things” (IoT) devices. This paper provides the background of various IoT platforms in common use, their available resources, and summarizes with the point that NIST should include at least one method that will fit and successfully operate in these restricted environments, along with a suggestion for how NIST might achieve that by prioritizing RAM usage over ROM usage while also prioritizing low clock-cycle (faster) methods.

Event Details



Related Topics

Security and Privacy: post-quantum cryptography

Applications: Internet of Things

Created June 08, 2021, Updated June 10, 2021