Skip to main content
Springer Nature Link
Log in

Future-Proofing Industrial Protocol Security: Integration of Post-quantum Cryptography in the Modbus Protocol

  • Conference paper
  • First Online:
Innovations in Cybersecurity and Data Science (ICICDS 2024)

Part of the book series: Algorithms for Intelligent Systems ((AIS))

  • 249 Accesses

  • 2 Citations

Abstract

This paper investigates the integration of Post-quantum Cryptography (PQC) into the Modbus TCP Security protocol, a cornerstone in İndustrial Control Systems (ICS), against the backdrop of the emerging quantum computing era. Recognizing the vulnerability of conventional cryptographic methods to quantum computing, particularly asymmetric algorithms like RSA and ECC, we explore PQC's potential to bolster security in ICS. Employing a precise methodology to measure Modbus connection times, we analyze various cryptographic configurations, including classical algorithms, standalone PQC, and hybrid PQC systems. Our results indicate a significant reduction in connection times with PQC, especially with Dilithium certificates, compared to traditional ECC-256 and RSA-2048 methods. The study also highlights the trade-offs in security and performance, particularly in configurations with and without Transport Layer Security (TLS). This research serves as a reference for future explorations in more realistic industrial scenarios, emphasizing the necessity of transitioning to PQC to safeguard ICS in the quantum computing age.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+
from $39.99 /Month
  • Starting from 10 chapters or articles per month
  • Access and download chapters and articles from more than 300k books and 2,500 journals
  • Cancel anytime
View plans

Buy Now

Chapter
USD 29.95
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 279.99
Price excludes VAT (Canada)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 299.99
Price excludes VAT (Canada)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Explore related subjects

Discover the latest articles, books and news in related subjects, suggested using machine learning.

References

  1. Barker W, Polk W, Souppaya M (2020) Getting ready for post-quantum cryptography: explore challenges associated with adoption and use of post-quantum cryptographic algorithms. In: NIST cyber security white paper (DRAFT), vol 26. CSRC, NIST, GOV

    Google Scholar 

  2. National Institute of Standards and Technology (2016) Announcing request for nominations for public-key post-quantum cryptographic algorithms. https://csrc.nist.gov/news/2016/public-key-post-quantum-cryptographic-algorithms

  3. National Institute of Standards and Technology (2023) Comments requested on three draft FIPS for post-quantum cryptography. https://csrc.nist.gov/News/2023/three-draft-fips-for-post-quantum-cryptography

  4. Paul S, Scheible P, Wiemer F (2022) Towards post-quantum security for cyber-physical systems: integrating PQC into industrial M2M communication. J Comput Secur 30(4):623–653

    Article  Google Scholar 

  5. Seyhan K, Nguyen TN, Akleylek S, Cengiz K (2022) Lattice-based cryptosystems for the security of resource-constrained IoT devices in post-quantum world: a survey. Clust Comput 25(3):1729–1748

    Article  MATH  Google Scholar 

  6. Ngouen M, Rahman MA, Prabakar N, Uluagac S, Njilla L (2023) Q-SECURE: a quantum resistant security for resource constrained IoT device encryption. In: 2023 10th ınternational conference on ınternet of things: systems, management and security (IOTSMS). IEEE, pp 141–148

    Google Scholar 

  7. Modbus Organization. Modbus specifications. Accessed 05 Jan 2024. https://www.modbus.org/specs.php

  8. Modbus Organization. Modbus application Protocol V1.1b3. Accessed 05 Jan 2024. https://www.modbus.org/docs/Modbus_Application_Protocol_V1_1b3.pdf

  9. Modbus Organization. Modbus messaging implementation Guide V1.0b. Accessed 05 Jan 2024. https://www.modbus.org/docs/Modbus_Messaging_Implementation_Guide_V1_0b.pdf

  10. Modbus Organization. MB-TCP-Security-v36_2021-07-30. Accessed 05 Jan 2024. https://www.modbus.org/docs/MB-TCP-Security-v36_2021-07-30.pdf

  11. Shor PW (1999) Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev 41(2):303–332

    Article  MathSciNet  MATH  Google Scholar 

  12. Grover LK (1997) Quantum mechanics helps in searching for a needle in a haystack. Phys Rev Lett 79(2):325

    Article  MATH  Google Scholar 

  13. Zalka C (1999) Grover’s quantum searching algorithm is optimal. Phys Rev A 60(4):2746

    Article  MATH  Google Scholar 

  14. Cloudflare. NIST’s pleasant post-quantum surprise. Accessed 05 Jan 2024. https://blog.cloudflare.com/nist-post-quantum-surprise

  15. National Institute of Standards and Technology. Report on post-quantum cryptography NIST IR 8105. Accessed 05 Jan 2024. https://csrc.nist.gov/pubs/ir/8105/final

  16. National Institute of Standards and Technology. Comments requested on three draft FIPS for Post-Quantum Cryptography. Accessed 05 Jan 2024. https://csrc.nist.gov/news/2023/three-draft-fips-for-post-quantum-cryptography

  17. National Institute of Standards and Technology. Module-lattice-based digital signature standard FIPS 204 (Draft). Accessed 05 Jan 2024. https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.204.ipd.pdf

  18. National Institute of Standards and Technology. Stateless hash-based digital signature standard FIPS 205. Accessed 05 Jan 2024. https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.205.ipd.pdf

  19. National Institute of Standards and Technology. Module-lattice-based key-encapsulation mechanism standard FIPS 203. Accessed 05 Jan 2024. https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.203.ipd.pdf

  20. Campagna M, Crockett E (2019) Hybrid post-quantum key encapsulation methods (PQ KEM) for transport layer security 1.2 (TLS). IETF, Internet-Draft draft-campagna-tls-bike-sike-hybrid-01

    Google Scholar 

  21. Stebila D, Fluhrer S, Gueron (2019) Hybrid Key Exchange in TLS 1.3. IETF, Internet-Draft draft-ietf-tls-hybrid-design-01

    Google Scholar 

  22. Braithwaite M (2016) Experimenting with post-quantum cryptography. Google. Accessed 05 Jan 2024. https://security.googleblog.com/2016/07/experimenting-with-post-quantum.html

  23. Kwiatkowski K, Valenta L (2024) The TLS post-quantum experiment. Cloudflare. Accessed 05 Jan 2024. https://blog.cloudflare.com/the-tls-post-quantum-experiment

  24. Sikeridis D, Kampanakis P, Devetsikiotis M (2020) Post-quantum authentication in TLS 1.3. In: NDSS symposium

    Google Scholar 

  25. Stebila D, Mosca M (2016) Post-quantum key exchange for the ınternet and the open quantum safe project. In: SAC

    Google Scholar 

  26. Kannwischer MJ, Rijneveld J, Schwabe P, Stoffelen K (2019) Pqm4: testing and benchmarking NIST PQC on ARM Cortex-M4. Cryptology ePrint Archive

    Google Scholar 

  27. Bürstinghaus-Steinbach K, Krauß C, Niederhagen R, Schneider M (2020) Post-quantum TLS on embedded systems. In: ACM Asia CCS '20

    Google Scholar 

  28. Fovino IN, Carcano A, Masera M, Trombetaa A (2009) Design and implementation of a secure modbus protocol. Crit Infrastruct Prot 3:83–96

    Google Scholar 

  29. Ferst MK, de Figueiredo HF, Denardin G, Lopes J (2018) Implementation of secure communication with modbus and transport layer security protocols. In: 2018 13th IEEE ınternational conference on ındustry applications (INDUSCON), pp 155–162

    Google Scholar 

  30. Ferst MK, de Figueiredo HF, Denardin GW (2019) Connection time in modbus/TLS for secure communications on photovoltaic systems. In: 2019 IEEE 15th Brazilian power electronics conference and 5th IEEE Southern power electronics conference (COBEP/SPEC), pp 1–6

    Google Scholar 

  31. WolfSSL Documentation. Appendix 7—post quantum cryptography. Accessed 05 Jan 2024. https://www.wolfssl.com/documentation/manuals/wolfssl/appendix07.html

  32. Cloudflare. Sizing up post-quantum signatures. Accessed 05 Jan 2024. https://blog.cloudflare.com/sizing-up-post-quantum-signatures

  33. Libmodbus. Libmodbus: a modbus library for Linux, Mac OS X, FreeBSD, QNX and Win32. Accessed 05 Jan 2024. https://github.com/stephane/libmodbus

  34. Ferst M [mkferst]. Libmodbus with TLS (OpenSSL). Accessed 05 Jan 2024. https://github.com/mkferst/libmodbus/tree/modbus-tls

  35. WolfSSL. Open Quantum Safe (OQS) README. Accessed 05 Jan 2024. https://github.com/wolfSSL/osp/blob/master/oqs/README.md

  36. Introducing: Raspberry Pi 5! Accessed 05 Jan 2024. https://www.raspberrypi.com/news/introducing-raspberry-pi-5/

  37. National Institute of Standards and Technology. Security (Evaluation Criteria). Accessed 05 Jan 2024. https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization/evaluation-criteria/security-(evaluation-criteria)

  38. National Institute of Standards and Technology. NIST Special Publication 800-57 Part 3 Revision 1: Recommendation for Key Management. Accessed 05 Jan 2024. https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-57pt3r1.pdf

Download references

Author information

Authors and Affiliations

  1. Bangalore, India

    Arshid Shyam Kumar & Prashanth Joshi

Authors
  1. Arshid Shyam Kumar
    View author publications

    Search author on:PubMed Google Scholar

  2. Prashanth Joshi
    View author publications

    Search author on:PubMed Google Scholar

Corresponding author

Correspondence to Arshid Shyam Kumar .

Editor information

Editors and Affiliations

  1. School of Comp Science and Engg, REVA University, Bangalore, Karnataka, India

    Syed Muzamil Basha

  2. University Canada West, Vancouver, BC, Canada

    Hamed Taherdoost

  3. Setor 4 - Prédio 43.412 - Sala 219, c/o Brazilian Computer Society, Porto Alegre, Rio Grande do Sul, Brazil

    Cleber Zanchettin

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kumar, A.S., Joshi, P. (2024). Future-Proofing Industrial Protocol Security: Integration of Post-quantum Cryptography in the Modbus Protocol. In: Basha, S.M., Taherdoost, H., Zanchettin, C. (eds) Innovations in Cybersecurity and Data Science. ICICDS 2024. Algorithms for Intelligent Systems. Springer, Singapore. https://doi.org/10.1007/978-981-97-5791-6_13

Download citation

Keywords

Publish with us

Policies and ethics