arxiv: 2605.13698 · v1 · submitted 2026-05-13 · 💻 cs.CR

Recognition: no theorem link

MQTT Across a Raspberry Pi 5 IoT Network Utilizing Quantum-resistant Signature Algorithms

Ray Feingold , Chansu Yu

Authors on Pith no claims yet

Pith reviewed 2026-05-14 17:57 UTC · model grok-4.3

classification 💻 cs.CR

keywords MQTTpost-quantum cryptographyFALCONRaspberry PiIoT securityquantum-resistant signatureslattice-based PQC

0 comments

The pith

FALCON post-quantum signatures secure MQTT on Raspberry Pi 5 devices while exposing measurable performance overheads.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This paper integrates the FALCON digital signature scheme into an MQTT network on three Raspberry Pi 5 boards to replace quantum-vulnerable TLS methods. It measures the resulting effects on system performance to show the practical costs of lattice-based post-quantum cryptography on lightweight hardware. The work matters because IoT devices in critical systems need long-term protection against quantum attacks that could break current encryption. A sympathetic reader sees the tests as evidence that quantum-resistant upgrades are feasible on constrained devices, provided the added load is acceptable. The central object is the FALCON signature applied to MQTT messages for authenticity and integrity.

Core claim

The research integrates the FALCON digital signature scheme into MQTT-based IoT networks using three Raspberry Pi 5 boards. It maintains message authenticity and integrity across clients and brokers while measuring system performance to characterize the practical trade-offs of deploying lattice-based PQC on lightweight hardware.

What carries the argument

The FALCON digital signature scheme integrated into the MQTT protocol, which supplies quantum-resistant authenticity and integrity checks on resource-constrained Raspberry Pi 5 devices.

Load-bearing premise

Performance results from three Raspberry Pi 5 boards in a controlled lab will generalize to real IoT deployments that have intermittent connectivity, varied sensors, and higher message rates.

What would settle it

Running the same FALCON-MQTT setup on a larger network with real intermittent wireless links and production message rates yields substantially higher latency or packet loss than the lab measurements.

Figures

Figures reproduced from arXiv: 2605.13698 by Chansu Yu, Ray Feingold.

**Figure 2.** Figure 2: High-level architecture of MQTT IoT system [PITH_FULL_IMAGE:figures/full_fig_p004_2.png] view at source ↗

**Figure 3.** Figure 3: Comparison of certificate generation time by cer [PITH_FULL_IMAGE:figures/full_fig_p006_3.png] view at source ↗

read the original abstract

The rapid expansion of the Internet of Things (IoT) has introduced millions of resource-constrained devices into critical infrastructures, consumer environments, and industrial systems. These devices rely on lightweight communication protocols such as MQTT to support low-power, intermittent, and bandwidth-limited operation. However, common TLS algorithms used to secure MQTT communications are vulnerable to quantum attacks made feasible by Shor's algorithm. As a result, IoT infrastructures must evaluate and adopt post-quantum cryptographic (PQC) methods capable of providing long-term resilience. This report investigates the implementation of PQC algorithms within an MQTT-based IoT networks using three Raspberry Pis. Specifically, it integrates the FALCON digital signature scheme, one of NIST's selected post-quantum signature algorithms, to maintain message authenticity and integrity across resource-constrained MQTT clients and brokers. By measuring system performance, the research characterizes the practical trade-offs of deploying lattice-based PQC on lightweight hardware.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

This paper measures FALCON overhead on MQTT with Raspberry Pi 5 hardware and supplies one practical data point, but the experimental details are too thin to assess reliability.

read the letter

The main point is that the authors integrated the FALCON post-quantum signature scheme into an MQTT network running on three Raspberry Pi 5 boards and reported performance numbers for message authenticity in an IoT setting. That gives a concrete, if limited, sense of the resource cost when moving from classical signatures to lattice-based ones on current embedded hardware. For engineers who need rough estimates before rolling out quantum-resistant IoT links, those numbers can serve as a starting reference. The work is an application study rather than a new algorithm or proof. FALCON is already a NIST selection, MQTT is a standard protocol, and the hardware is off-the-shelf, so the contribution sits in the specific measurements taken under their conditions. They do show the integration is feasible and characterize some trade-offs in latency or throughput, which is the useful part. The soft spot is the experimental reporting. The abstract and available text mention performance measurements but give no account of message rates, payload sizes, number of trials, baseline comparisons against classical TLS, or any variability or error bars. Without that information it is difficult to judge whether the results are stable or would hold under different loads or network conditions typical of real IoT deployments. The lab setup with three boards is narrow, and generalization is left open. This is the sort of paper that matters to practitioners planning secure IoT systems who want hardware-specific guidance rather than to researchers seeking new methods or theory. It deserves peer review if the full manuscript adds a clear methods section with controls and statistics, because a documented data point on PQC for MQTT would still be worth having even if the scope stays modest.

Referee Report

2 major / 2 minor

Summary. The manuscript describes an implementation of the FALCON post-quantum digital signature scheme within an MQTT-based IoT network deployed across three Raspberry Pi 5 devices. It integrates FALCON to secure message authenticity and integrity, then measures system performance to characterize the practical trade-offs of lattice-based PQC on resource-constrained hardware.

Significance. If the reported measurements prove robust, the work supplies timely empirical benchmarks on deploying a NIST-selected PQC signature algorithm in a lightweight MQTT setting. Such data can help practitioners evaluate quantum-resistant options for IoT infrastructures where classical TLS is vulnerable to Shor's algorithm.

major comments (2)

[Abstract] Abstract: The central claim rests on performance measurements, yet the text provides no description of experimental design, number of trials, error bars, baseline comparisons (e.g., against classical TLS), message rates, or statistical methods. Without these details the reported trade-offs cannot be verified or reproduced.
[Results/Evaluation] Results/Evaluation section: The manuscript does not specify how latency, throughput, or resource usage were quantified under controlled versus realistic IoT conditions, nor does it address variability across the three Raspberry Pi 5 boards. This omission is load-bearing because the paper's contribution is framed as an empirical characterization.

minor comments (2)

[Results] Add explicit comparison tables or figures showing FALCON overhead versus standard TLS signatures to strengthen the trade-off analysis.
[Implementation] Clarify the exact MQTT broker and client configurations (e.g., QoS levels, payload sizes) used in the experiments.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the detailed and constructive comments. We agree that additional experimental details are necessary to support the claims and will revise the manuscript to address the points raised.

read point-by-point responses

Referee: [Abstract] Abstract: The central claim rests on performance measurements, yet the text provides no description of experimental design, number of trials, error bars, baseline comparisons (e.g., against classical TLS), message rates, or statistical methods. Without these details the reported trade-offs cannot be verified or reproduced.

Authors: We agree that the abstract is missing these critical details. In the revised version we will expand the abstract to include a concise description of the experimental design (three Raspberry Pi 5 nodes, MQTT broker/client setup), the number of repeated trials, reporting of standard deviation as error bars, direct comparison against classical TLS, the message rates used, and the statistical methods applied. revision: yes
Referee: [Results/Evaluation] Results/Evaluation section: The manuscript does not specify how latency, throughput, or resource usage were quantified under controlled versus realistic IoT conditions, nor does it address variability across the three Raspberry Pi 5 boards. This omission is load-bearing because the paper's contribution is framed as an empirical characterization.

Authors: We acknowledge the omission. The revised Results/Evaluation section will explicitly describe the measurement methodology for latency (end-to-end message signing and verification), throughput, and resource usage (CPU, memory, power), distinguish controlled lab conditions from realistic IoT traffic patterns, and report observed variability across the three Raspberry Pi 5 boards with per-device statistics. revision: yes

Circularity Check

0 steps flagged

Empirical measurement study with no derivations or self-referential reductions

full rationale

The paper reports an implementation and performance measurement of the FALCON post-quantum signature scheme on three Raspberry Pi 5 boards running an MQTT network. No equations, derivations, or fitted parameters are described that would reduce reported results to inputs by construction. The work contains no load-bearing self-citations, uniqueness theorems, or ansatzes imported from prior author work. All claims rest on direct experimental observations under controlled conditions, rendering the study self-contained with no circular steps.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 0 invented entities

The central claim rests on the standard security assumptions of lattice-based cryptography and the representativeness of Raspberry Pi 5 as IoT hardware. No free parameters, ad-hoc axioms, or new entities are introduced in the abstract.

axioms (2)

domain assumption FALCON provides quantum-resistant security under standard lattice hardness assumptions
Invoked when the paper states that FALCON maintains message authenticity and integrity against quantum attacks.
domain assumption Raspberry Pi 5 performance is representative of resource-constrained IoT devices
Implicit in the choice of hardware for characterizing practical trade-offs.

pith-pipeline@v0.9.0 · 5454 in / 1269 out tokens · 51163 ms · 2026-05-14T17:57:33.593031+00:00 · methodology

discussion (0)

Reference graph

Works this paper leans on

17 extracted references · 5 canonical work pages

[1]

Chen and J.-P

K.-Y. Chen and J.-P. Chen. Masking floating-point number multiplication and addition of Falcon.IACR Transactions on Cryptographic Hardware and Embedded Systems, 2024(2):276–303, 2024. DOI: 10.46586/tches.v2024.i2.276-303

work page doi:10.46586/tches.v2024.i2.276-303 2024
[2]

Build a Motion Detection System with a Raspberry Pi.open- source.com, 2020

Janěnas, Lukas. Build a Motion Detection System with a Raspberry Pi.open- source.com, 2020. Available at: https://opensource.com/article/20/11/motion- detection-raspberry-pi. Accessed February 5, 2026

2020
[3]

Introducing the MQTT Protocol – MQTT Essentials: Part 1

HiveMQ Team. Introducing the MQTT Protocol – MQTT Essentials: Part 1. HiveMQ Blog, 2024. Available at: https://www.hivemq.com/blog/mqtt-essentials- part-1-introducing-mqtt/. Accessed January 5, 2026

2024
[4]

Lin, X. et al. Thorough power analysis on Falcon Gaussian samplers and practical countermeasure. InLecture Notes in Computer Science, pages 229–258. Springer,
[5]

DOI: 10.1007/978-3-031-91820-9_8

work page doi:10.1007/978-3-031-91820-9_8
[6]

Quantum-resistant and secure MQTT communication

Malina, Lukáš et al. Quantum-resistant and secure MQTT communication. In Proceedings of the 19th International Conference on A vailability, Reliability and Security, pages 1–8. ACM, 2024. DOI: 10.1145/3664476.3670463. MQTT Across a Raspberry Pi 5 IoT Network Utilizing Quantum-resistant Signature Algorithms

work page doi:10.1145/3664476.3670463 2024
[7]

Shift Snare: Uncovering Secret Keys in Falcon via Single-Trace Analysis.IACR Cryptology ePrint Archive, 2025

Qiu, Jiaqi and Aydin Aysu. Shift Snare: Uncovering Secret Keys in Falcon via Single-Trace Analysis.IACR Cryptology ePrint Archive, 2025. Available at: https://eprint.iacr.org/2025/146. Accessed January 5, 2026

2025
[8]

Salih, K. O. et al. A comprehensive survey on the Internet of Things with the Industrial Marketplace.Sensors, 22(3):730, 2022. DOI: 10.3390/s22030730

work page doi:10.3390/s22030730 2022
[9]

Sarker, Arijit, Mehran Mozaffari Kermani, and Reza Azarderakhsh. Efficient error detection architectures for postquantum signature Falcon’s sampler and KEM Saber.IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 30(6):794–802, 2022. DOI: 10.1109/TVLSI.2022.3156479

work page doi:10.1109/tvlsi.2022.3156479 2022
[10]

liboqs: C Library for Post-Quantum Cryptography

Open Quantum Safe Project. liboqs: C Library for Post-Quantum Cryptography. GitHub repository, 2025. Available at: https://github.com/open-quantum-safe/ liboqs. Accessed February 5, 2026

2025
[11]

OpenSSL: Cryptography and SSL/TLS Toolkit

OpenSSL Software Foundation. OpenSSL: Cryptography and SSL/TLS Toolkit. GitHub repository, 2025. Available at: https://github.com/openssl/openssl. Ac- cessed February 5, 2026

2025
[12]

OQS Provider for OpenSSL

Open Quantum Safe Project. OQS Provider for OpenSSL. GitHub repository,
[13]

Ac- cessed February 5, 2026

Available at: https://github.com/open-quantum-safe/oqs-provider. Ac- cessed February 5, 2026

2026
[14]

Eclipse Mosquitto MQTT Broker

Eclipse Foundation. Eclipse Mosquitto MQTT Broker. GitHub repository, 2025. Available at: https://github.com/eclipse-mosquitto/mosquitto. Accessed February 5, 2026

2025
[15]

OQS-Demos: Post-Quantum Mosquitto Demonstra- tion

Open Quantum Safe Project. OQS-Demos: Post-Quantum Mosquitto Demonstra- tion. GitHub repository, 2025. Available at: https://github.com/open-quantum- safe/oqs-demos/tree/main/mosquitto. Accessed February 5, 2026

2025
[16]

Post-Quantum Cryptog- raphy Standardization

National Institute of Standards and Technology (NIST). Post-Quantum Cryptog- raphy Standardization. Available at: https://csrc.nist.gov/projects/post-quantum- cryptography. Accessed May 6, 2026

2026
[17]

K. Kim, M. Tibouchi, A. Wallet, T. Espitau, Y. Yu, and Y. Kim. SOLMAE: Faster and simpler quantum-safe signature based on NTRU-lattices. Technical Report, Ver. 2.0, 2024. Available at: https://kpqc.or.kr/images/pdf/SOLMAE.pdf

2024