Cortex-M4 constraints, LoRaWAN, DTLS 1.3, and NB-IoT payload limits: hardware-level PQC reference for city IoT architects.
Why smart city sensor networks face a distinct cryptographic challenge.
Where quantum attacks hit IoT communication stacks. Key areas include: DTLS 1.3 and CoAP security: how ML-KEM key exchange affects handshake sizes on constrained Class 1 and Class 2 devices (RFC 7228); LoRaWAN 1.1 and NB-IoT key management: AES-128 root key derivation, join server authentication, and PQC upgrade paths for LPWAN gateways; MQTT-SN and LwM2M: TLS/DTLS dependency mapping for smart metering, environmental monitoring, and traffic sensor telemetry channels.
FIPS 203/204/205 performance on microcontrollers and embedded platforms. Key areas include: ML-KEM-512 versus ML-KEM-768: ciphertext sizes, decapsulation cycles, and RAM footprint on ARM Cortex-M4 and RISC-V microcontrollers; ML-DSA versus SLH-DSA: signature verification latency for firmware update authentication on battery-powered sensors with 64 KB RAM; Hybrid key exchange: X25519+ML-KEM in DTLS 1.3 for backward compatibility during phased migration across mixed-generation sensor fleets.
PQC handshake simulation on constrained IoT hardware. Key areas include: Facilitator-led demonstration of ML-KEM key exchange over CoAP/DTLS on a Cortex-M4 development board with power and latency measurement; Comparing handshake completion times and packet sizes: classical ECDH versus ML-KEM-512 versus hybrid X25519+ML-KEM on LoRaWAN uplink; Identifying the failure threshold: at what sensor density and gateway load do enlarged PQC handshakes cause channel congestion on NB-IoT.
Phased rollout across heterogeneous IoT deployments. Key areas include: ETSI EN 303 645 baseline security and quantum readiness: mapping current compliance to PQC migration requirements for municipal IoT; Fleet segmentation: prioritising migration by data sensitivity (ANPR, smart metering, environmental) and device capability (OTA-upgradable versus replace-only); Gateway-first strategy: deploying PQC at LoRaWAN network servers and NB-IoT base stations before endpoint firmware updates reach constrained devices.
Q&A and Migration Roadmap Review: this session covers the core principles and technical underpinnings relevant to the subject area.
Discuss this topic with senior peers.