EVALUATION OF THE PERFORMANCE OF HYBRID CRYPTOGRAPHIC SCHEMES WHEN IMPLEMENTED IN SYSTEMS WITH LIMITED RESOURCES IN CONDITIONS OF QUANTUM THREAT

Abstract

This paper presents an experimental evaluation of a hybrid cryptographic scheme tailored for resource-constrained embedded systems facing quantum threats. The scheme combines Kyber512, a post-quantum key exchange algorithm, with the ChaCha20-Poly1305 stream cipher for secure, efficient data encryption.

Implementation was carried out on the STM32F407VGT6 microcontroller (ARM Cortex-M4, 168 MHz, 1 MB Flash, 192 KB RAM) using FreeRTOS and the lwIP network stack for UDP transmission. Hardware features such as DMA and RNG were leveraged to offload cryptographic processing and ensure high throughput. During initialization, Kyber512 is used to establish a secure symmetric key, which is then applied in ChaCha20-Poly1305 for encryption and authentication of telemetry packets.

Performance was evaluated across key metrics: execution time, RAM/Flash usage, energy consumption, network delay, and CPU load. Tests were conducted for three configurations: ChaCha20-Poly1305 only, Kyber512 only, and the full hybrid scheme. Results show the hybrid setup achieved 8475 μs average execution time, 6.89 mJ energy per cycle, and moderate memory use (9376 bytes RAM). CPU load did not exceed 53%, and network delay increased only slightly to 0.4 ms – acceptable for real-time applications.

The hybrid scheme ensures quantum-resistant key exchange with minimal performance loss in the main data flow. Post-quantum operations are performed once per session, while the symmetric cipher handles continuous encryption efficiently. The design proves suitable for low-power systems such as environmental monitoring, medical telemetry, and industrial IoT.

Future work includes testing on other platforms (ESP32-S3, RISC-V), integration with MQTT, LoRa, BLE, and exploration of adaptive cryptographic scheduling and resilience to side-channel threats. The results highlight the feasibility of post-quantum hybrid cryptography for embedded systems operating under strict resource constraints.