Analysis and Contributions to a Post-Quantum Cryptography Library written in Rust for a ARM Cortex-M4 board

Nowadays there is a rapid proliferation of IoT systems motivated by the fact that these devices have a large field of applicability. Embedded systems are often used in IoT devices in order to process, collect, exchange data over the Internet and intercommunicate. These devices introduce new security challenges due to their hardware limitations. At the same time, the research into quantum computing is growing and becoming a tangible reality for the coming decades. As the main consequence, the world is starting to prepare to deal, in terms of cybersecurity, with quantum computers by introducing Post Quantum Cryptography (PQC) which is the set of cryptographic algorithms and protocols designed to allow systems to remain secure even in the presence of quantum computers. This work provides a comprehensive overview of the fundamental mathematical aspects of PQC and presents an efficient and practical solution for ARM Cortex M4 microcontrollers which are widely used for embedded systems and IoT applications for their known performance, versatility and efficiency. In particular, this study is focused on the public-key encryption implementation identifying, as an encapsulation mechanism (KEM) candidate the CRYSTALS-KYBER scheme which is one of the finalists in Round 3 in the NIST PQC Standardization process. This scheme can be considered as a great candidate because of its robustness, resilience and interoperability with legacy systems. Kyber’s resilience, unlike traditional cryptographic systems which are vulnerable to Shor's algorithm, derives mainly from difficulty of solving lattice-based mathematical problems, even for quantum computers. In this study, a specific Kyber library written in Rust is selected and the analysis pays close attention to aspects related to secure programming. Rust system programming language is known for its emphasis on safety at design phase in order to enhance the reliability and security; in particular it introduces its ownership model in order to mitigate common weaknesses such as memory leaks, null pointer dereferences, and data races. The objective of this study is to analyze these two technologies and determine their feasibility and efficiency when integrated with ARM Cortex M4 microcontrollers in order to make it secure in the face of a quantum threat. Finally, this work brings improvements for the library and contributions in terms of quality and code maturation.