This internship focuses on the study and design of a post-quantum key management mechanism for the LoRaWAN protocol. The first step consists of a security-oriented analysis of LoRaWAN to identify current key generation, establishment, and renewal mechanisms. Based on this analysis, the intern will propose an architecture integrating post-quantum primitives adapted to the protocol’s constraints, including the possibility of using multiple algorithms, depending on security requirements and network conditions. Particular attention will be paid to practical feasibility in environments subject to a 1% duty cycle, which can significantly extend the duration of cryptographic exchanges, such as handshake procedures. The work will include a detailed performance evaluation (memory, computation, energy consumption), as well as an analysis of network overhead (number of retransmissions, packet loss, message fragmentation, total exchange size, and response time). Finally, the proposed solutions will undergo security assessment and experimental validation through laboratory tests and LoRaWAN network simulations.

Required profile: Master’s (M2) or final-year engineering student in cybersecurity, IoT and embedded systems, with solid knowledge of cryptography and network security. Programming skills in C/C++ or Python are expected. Interest in IoT and post-quantum cryptography is appreciated; knowledge of LoRa/LoRaWAN or embedded platforms is a mandatory.

References

-John Preuss Mattsson, Göran Selander, Ben J. M. Smeets, Erik Thormarker, and Ericsson.Constrained radio networks, small ciphertexts, signatures, and non-interactive key exchange. 2022.

-Markus Grassl, Brandon Langenberg, Martin Roetteler, and Rainer Steinwandt. Applying grover’s algorithm to aes: quantum resource estimates. In International Workshop on Post-Quantum Cryptography, pages 29–43. Springer, 2016.

-Peter Shor. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Journal on Computing, 26(5):1484–1509, 1997.

-Salahaldeen Duraibi and Abdullah Mujawib Alashjaee. Lightweight post-quantum secure communication protocol for iot devices using code-based cryptography. IEEE Transactions on Consumer Electronics, 2025.

-National Institute of Standards and Technology. Module-lattice-based key-encapsulation mechanism standard (fips 203). NIST Federal Information Processing Standards Publication 203, 2024. https://csrc.nist.gov/pubs/fips/203/final.

-NationalInstituteofStandardsandTechnology. Modulelattice-baseddigitalsignaturestandard (fips 204). NIST Federal Information Processing Standards Publication 204, 2024. https://csrc.nist.gov/pubs/fips/204/final.

-Eric Blancaflor, Mark Francis James Bona, David Josiah Dychioco, Matthew Jake Inson, and Prince Rayly Reyes. Security implications of quantum-resistant encryption in emerging iot networks. InInternational Conference on Intelligent Systems Design and Engineering Applications,pages 47–60. Springer, 2025.

-Sujit Biswas, Rajat Subhra Goswami, and K Hemant Kumar Reddy. Advancing quantumsteganography: a secure iot communication with reversible decoding and customized encryption technique for smart cities. Cluster Computing, 27(7):9395–9414, 2024.

-Ohood Saud Althobaiti and Mischa Dohler. Quantum-resistant cryptography for the internet of things based on location-based lattices. IEEE Access, 9:133185–133203, 2021.

-Elisée Toe, Fehmi Jaafar, and Laurent Charles André Ferrier. Securing lorawan in the aiotera: A systematic mapping study and a mitre-based threat matrix. IEEE Internet of Things Journal, 2025.

-Lidia Pocero Fraile, Georgios Tasopoulos, Christos Koulamas, Raymond K Zhao, Nazatul HSultan, Francesco Regazzoni, and Apostolos P Fournaris. Enabling quantum-resistant edhoc:Design and performance evaluation. IEEE Access, 2025.

-National Institute of Standards and Technology. Lightweight cryptography project. https://csrc.nist.gov/projects/lightweight-cryptography, 2025. Accessed: 2026-03-04.

-Giacomo De Meulenaer, François Gosset, François-Xavier Standaert, and Olivier Pereira. Onthe energy cost of communication and cryptography in wireless sensor networks. In Proceedings of the 2008 IEEE International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pages 580–585. IEEE, 2008.

-Markku-Juhani O. Saarinen. Mobile energy requirements of the upcoming NIST post-quantum cryptography standards. In 8th IEEE International Conference on Mobile Cloud Computing,Services, and Engineering, MobileCloud 2020, Oxford, United Kingdom, August 3-6, 2020, pages 23–30. IEEE, 2020.

-The Things Network. Lorawan security.https://www.thethingsnetwork.org/docs/lorawan/security/. Accessed: 2024-03.

-XavierBonnetain, MaríaNaya-Plasencia, and André Schrottenloher. Quantumsecurityanalysis of aes. IACR Transactions on Symmetric Cryptology, 2019(2):55–93, 2019.

-Gabriel Rossi Figlarz and Fabiano Hessel. Enhancement in lorawan’s security with post- quantum key encapsulation method. 2024 IEEE 10th World Forum on Internet of Things (WF-IoT), pages 804–809, 2024.

-Matheus Saldanha, Alexandre Giron, Ricardo Custódio, and Thaís Idalino. Enhancing lorawan security: Addressing static root keys with post-quantum cryptography. In Anais do XXVSimpósio Brasileiro de Cibersegurança, pages 367–383, Porto Alegre, RS, Brasil, 2025. SBC.

-LoRa Alliance Technical Committee Regional Parameters Workgroup. Lorawan regional parameters rp002-1.0.4. https://resources.lora-alliance.org/technical specifications/rp002-1-0-4-regional-parameters, 2022. Accessed: March 2025.

-Jeferson Rodrigues Cotrim and Cíntia Borges Margi. Make or break? how lorawan duty cycle impacts performance in multihop networks. IEEE Access, 12:168925–168937, 2024.