The Internet of Things (IoT) is a new technology with a lot of potential in the future. On the one hand, it can be useful for us; on the other hand, it carries many security threats, like remote scalable attacks, side-channel attacks on cryptography, DDoS attacks, data breaches, malwares and many others.
Classical cryptographic algorithms, such as the Rivest-Shamir-Adleman (RSA) algorithm, can work well with classical computers. But the technology is beginning to shift towards quantum computing, which has excellent processing power and can easily break the current cryptographic algorithms. So we need to design quantum cryptographic algorithms to prevent the systems from security breaches before quantum computers come into commercial use. IoT is also one of the fields which have to be secured to prevent malicious activities.
IoT devices could have many security loopholes covering the hardware and software, the network, or users. Hacking techniques have advanced so much over the past few years and attackers are using more and more state of the art means which represents a significant threat to IoT security so why not quantum is used at some point. The security protection measures implemented by design have to ensure that IoT devices cannot be easily hacked today but also in ten years from now for those devices that are expected to have a long life-time span.
Of course technical quantum solutions are not easy to implement in IoT devices due to technical and commercial constraints, therefore few ways consist to combine both the quantum and classical approaches. One option keeps the current semiconductor chips but uses quantum techniques to create a unique long cryptographic key for every device. This can be done with a quantum random number generation (QRNG), which creates a noise source with a high randomness level. Quantum computing can generate such large numbers at a fast speed and quite efficiently. It will be very hard to guess the key, and every device will have a unique key. The only way to get the key would be to access the physical device configuration, and doing that without getting noticed in tamper resistant devices would be very difficult. Hence, the communications can be safe, and the key can be secured.
Although quantum cryptography and quantum computing have developed quite efficiently, some more advancement is necessary for them to become a reality in commercial systems. Commercial use is a big challenge when implementing quantum systems in the IoT due to the expensive, large scale quantum apparatus that not every organization can afford. Also, the properties of photons restrict them to travel long distances. If these issues can be resolved, we will have successful IoT systems with quantum cryptography, making them the most secure modern systems.
Finally, we strongly recommend you to start from the basics to secure your IoT devices and systems by implementing the requirements defined in EN 303 645 standard and monitor the state of the art of quantum cryptography before making up your choice to buy or use a secure component in your IoT product.