Qers Demonstrates Protocol Resilience for MQTT, HTTP, and HTTPS under PQC

Researchers are increasingly focused on securing communication protocols against the emerging threat of quantum computing, but implementing post-quantum cryptography (PQC) introduces substantial performance challenges! Jonatan Rassekhnia from Lulea University of Technology, alongside his colleagues, addresses this critical issue by presenting a novel framework , the Quantum Encryption Resilience Score (QERS) , for evaluating MQTT, HTTP, and HTTPS under PQC conditions! Their work, detailed in a new experimental evaluation utilising ESP32-C6 and Raspberry Pi CM4 platforms, systematically measures key metrics like latency, energy consumption and CPU utilisation to provide a comprehensive comparison of protocol efficiency and security! This research is significant because it offers a practical method for assessing and optimising protocol selection, ultimately facilitating smoother and more secure transitions to PQC-enabled systems within the rapidly expanding IoT and IIoT landscapes.

QERS integrates these heterogeneous metrics into normalized Basic, Tuned, and Fusion scores, facilitating systematic comparison of protocol efficiency and security resilience, a crucial step towards securing future IoT and IIoT deployments.

The study reveals that MQTT provides the highest efficiency when operating under post-quantum cryptography constraints, offering a compelling solution for bandwidth-limited applications! Researchers formulated and validated QERS through three proposed formulas applied to experimental measurements, encompassing both performance and security metrics. These metrics included detailed analysis of CPU utilization, signal strength indicated by RSSI, TLS handshake latency, energy consumption, and the substantial impact of encryption key size, all critical factors in resource-constrained environments. By unifying these diverse elements into a single, comparative score, QERS enables objective evaluation across communication protocols and post-quantum cryptographic schemes, providing a powerful tool for informed decision-making.
Experiments show that while MQTT excels in efficiency, HTTPS achieves the highest security-weighted resilience, albeit at the cost of increased latency and resource consumption! The work opens new avenues for protocol selection and migration planning, offering a data-driven approach to deploying PQC-enabled IoT and IIoT systems. This research establishes a reproducible end-to-end measurement methodology, combining embedded devices, protocol instrumentation, and data-driven analysis, ensuring objective comparison of PQC readiness across various IoT protocols and deployment scenarios. The proposed framework supports informed protocol selection and migration planning for PQC-enabled IoT and IIoT deployments, addressing a critical gap in the field.

Furthermore, the research contributes additional empirical validation to the initial QERS formulation, providing valuable insight into secure and efficient deployment of constrained computing, IoT, and industrial IoT systems in post-quantum-enabled environments. The team meticulously characterized the performance of each protocol, revealing the nuanced interplay between security and efficiency under PQC, and demonstrating the practical implications of larger key sizes and increased cryptographic overhead. The innovative QERS framework integrates these heterogeneous metrics into normalized0.39 in close-range scenarios and 60.44 at 10 feet distance! Data shows that HTTP attained a Basic QERS of 25.44 close-range and 24.22 at 10 feet, while HTTPS registered the lowest efficiency with a Basic QERS of 11.06 and 10.75 respectively! However, HTTPS achieved the highest security-weighted resilience, with a Fusion QERS of 54.65 in close range and 54.69 at 10 feet, despite0.39) and Tuned (60.76) QERS in close range, while HTTPS achieves the highest Fusion QERS (54. The authors acknowledge a limitation in the scope of metrics currently included, focusing on immediate performance indicators! Future research will expand QERS to incorporate additional factors such as packet loss variance, temperature, and long-term energy profiling, alongside cross-platform validation on diverse hardware. This work delivers a reproducible, protocol-aware evaluation instrument, enabling informed protocol selection and migration planning for the adoption of post-quantum cryptography in constrained computing systems.