Keywords

Introduction

Cellular network also known as mobile network is a type of communication network in which the to-and-from nodes are connected to each other wirelessly. Cellular network has played a very important role in the development of humankind and the evolution of the technologies used nowadays. Moreover, it plays a very significant role in day-to-day life of individuals nowadays, from day to day calling to using social media on cellular networks, it plays a very important role. As per time, cellular networks have evolved and are still evolving, from 1G to current 4G LTE, advancement towards the commercial rollout of 5G and then beyond 5G. Every successor of the cellular network generation evolves in such a way that it provides us with a lot more what its predecessor couldn’t offer. From 4 to 5G, there’s a huge change, from high data transfer speed to high level security to connectivity between objects and machines (Sutton 2015). 5G communication has been formally dispatched in July 2020, and the connected 5G industry is relied upon to drive the vivacious advancement of communication-related parts at home and abroad. At present, the 5G communication in work has a place with the FR1 frequency band, which is likewise a sub-6 GHz frequency band (Ahmad et al. 2020). The communication frequency band is around 1 GHz more than that of 4G LTE communication. In any case, the advancement of the connected communication design has caused incredible contrasts in communication hardware. 5G being still not commercially out yet, the research and study about beyond 5G that is 6G has already begun. Many countries have aimed for commercially rolling out 6G technology by year 2030. As expected, the 6G network is to coordinate the aerial, water and terrestrial communications into a powerful network. This network would be quicker, solid and could uphold an enormous number of gadgets with super low latency prerequisites (Akhtar et al. 2020). Throughout the world, researchers are proposing state of the art advancements as the key technologies in the acknowledgment of beyond 5G and 6G communications. Some of these technologies are tactile internet, mall cell communication, artificial intelligence (AI) and machine learning (ML), edge computing, quantum communication, etc.

In addition to all these features and benefits, cellular networks are susceptible to attackers causing security issues in the communications. With change in generation of cellular network, their security features also change. As the cellular networks evolve, they work on new technologies and these new technologies require new security features. With the advancement in generation security also increases. Cryptography, also referred as the foundation of modern security system, is widely used for the security of both 5G and beyond 5G systems. Many different cryptography algorithms are used for providing confidentiality, authentication and integrity for wireless networks (Qadir and Varol 2019; Arora et al. 2020).

So far only limited use of quantum computing is being studied for 5G networks and as it is expected that 6G will be working on quantum computers providing us with quantum communications, it is essential to keep an eye for quantum technology as it is expected to be the future of computing. Quantum computers, referred by many researchers as un-hackable computers, have proved to be the best replacement for the classical computers due to their high security features (Stubbs 2021). Post-quantum cryptographic algorithms will be used for maintaining the security in devices, communications and other technologies in the future (Malina et al. 2021).

The main aim of the paper is to present an updated conception of current scenario about the security features and review of 5G and B5G networks. The contribution of the paper is as follows:

  • This work provides an in-depth overview as well as recent advancements in 5G and 6G networks.

  • This work provides comparative study about the methodologies and security services related to B5G/6G networks.

  • This work analyzes various data security techniques used by 5G cellular networks.

  • This work highlights the role of quantum computing in securing 5G and B5G cellular systems.

  • Finally, the work evaluates various post-quantum cryptography techniques that are suited for 5G and 6G networks.

The remainder of this work is organized as follows. Section 12.2 gives the depth overview of 5G and 6G networks highlighting the security features that are expected to be provided. Section 12.3 discusses the data security techniques used by the current 5G networks. The section highlights different cryptographic algorithms and key management techniques used by 5G networks. Section 12.4 is dedicated towards the introduction of quantum computing in cryptography for 5G and B5G networks. It provides an overview of quantum computing and discusses various associated attributes. Furthermore, Sect. 12.5 describes the various post-quantum cryptographic schemes highlighting their mathematical background. Finally, the conclusion is presented in Sect. 12.6.

Emerging Cellular Networks

Telecommunications and networking are few of the key technologies responsible for the evolution of human kind and technologies. Wireless communication and cellular communications have played a huge role in daily lives of people. In last few decades, the wireless cellular networks have evolved in various forms from 1G to current 4G LTE and 5G of near future. As we’re advancing towards the commercial rollout of 5G all over the world, we’ll be introduced with high data rates to low latency even these high speed and low latency will be dwarfed in front of the super high data rates and ultra-low latency of beyond 5G (B5G)/6G.

5G Overview

The world has observed a quick development of cellular communication technologies in last few years. From 2 to 3G to 4G, the cellular comminutions technologies have been advancing in a fast pace. The fifth-generation mobile technology standard is known as 5G. It is the next-in-line of the 4G network, which offers connectivity in majority of mobile phones these days. As compared to its predecessors, the 5G connection has broader bandwidth ultimately providing us with great download speed up to 10–20 Gg/s, because of this high speed 5G network will give a huge competition to internet service providers (ISP) of laptop and desktops such as cable internet providers (Malik and Bhushan 2022). Similar to its precursors, 5G also works on different cells. Cells are just the smaller divided geographical areas of the service area. Through a local antenna, these 5G devices are connected to the telephone network and internet. As per the International Telecommunications Union Radiocommunication Sector (ITU-R), 5G has three major applications: Massive Machine Type Communications (mMTC), Enhanced Mobile Broadband (eMBB) and Ultra Reliable Low Latency (URLLC) (Zhang et al. 2019). As of now, only eMBB is deployed in real world. It provides faster download speed as it uses 5G as a development of 4G LTE communications having much higher capacity, quicker connections and higher throughput. The URLLC will be used for latency delicate applications or devices such as remote surgery and autonomous driving, as these applications require super low latency with errors lower than a single packet. As for the mMTC, it can support high connection mass of online devices (Popovski et al. 2018).

Evolution of 6G/B5G Overview

B5G (Beyond 5G) or 6G will be the sixth generation of mobile technology standards and will probably work over 6 GHz. 6G/B5G is currently under development and as being the successor of the 5G it’ll be significantly faster than all of its predecessors. Similar to its predecessors, it’ll be a broadband network working under cells. As compared to the 10–20 Gb/s download speed of 5G, 6G is supposed to have download speed around 1 Tb/s. The lowest latency a 5G network can get is in milliseconds (ms) level as compared to its predecessor, which is supposed to have latency below 1 ms. The traffic density of 10 Tb/s/km2 of 5G will be diminished as compared to 1000 Tb/s/km2 density of 6G. The energy efficiency of 6G will be 10 times relative to that of 5G. In almost every aspect 6G will be better than 5G network whether its spectrum efficiency, end-to-end reliability requirements, processing delays, mobility or radio only delay requirements (Khan et al. 2020). As expected, the 6G network will likely be able to support applications or devices beyond current situations even beyond 5G limits. The 5G network system will open our gates even further 4G with Augmented Reality (AR)/Virtual Reality (VR) and smart cities, but with 6G we’ll be introduced to Internet of Everything (IoE), which is beyond IoT (Bhushan 2022), Edge AI (Chaccour and Saad 2021), AI-enabled smart cities and so on.

State-Of-The-Art

There have been various recent advancements in the fields of 5G and beyond 5G/6G networks. Zappone et al. (2020) suggested many different ML approaches that can help in supporting each target 5G network requirement by emphasizing its specific use cases, moreover, they also proposed future research directions on how ML can contribute for B5G networks. Ahmed et al. (2021) devised an incentive framework based on deep learning known as Deep-CRNet for detecting opportunistic spectrum access (OSA) problem in 5G and B5G cognitive radio. The accuracy of the proposed framework was calculated via simulated results and achieved 99.74%. Sekander et al. (2018) projected a brilliant study on multi-tier drone architecture for 5G and B5G networks by analyzing challenges related with multi-tier drone networks and their current advancements. The result of their study has shown the beneficial network load condition for drones. Huang et al. (2021) proposed the very first true data testbed for 5G and B5G intelligent network full for TTIN. It consists of 5G/B5G on location test networks, information obtaining and information distribution center. Mishra et al. (2021) envisaged a framework known as IoT High-end Autonomous Cooper-Ative framework (ITHACA) for 5G networks and communications beyond 5G. Furthermore, Letaief et al. (2019) have discussed the various probable technologies, which will allow mobile AI applications with AI-enabled technologies for 6G networks.

Taxonomy of 6G/B5G Wireless Systems

The taxonomy for 6G network includes key enablers, use cases, emerging ML schemes, communication technologies, network technologies and computing technologies.

Key Enablers

6G uses various types of technologies for operating and offering different applications. The key enablers of 6G are Homomorphic Encryption, Blockchain, AI and Photonics-based Cognitive Radio, Edge intelligence, Network Slicing, Ubiquitous Sensing and Space-Air-Ground Integrated Network (SAGIN) (Mahmood et al. 2020). Out of these Blockchain, Network Slicing, SAGIN and Ubiquitous Sensing are considered the major key enablers (Khan et al. 2020). Blockchain is simply a kind of a database, which makes it hard or even impossible to change alter or hack the data. It’ll basically allow the 6G network to exchange huge amount of data securely. With blockchains being one of the key enablers of 6G, it’ll face few difficulties like high energy consumption and high latency (Hewa et al. 2020). Network Slicing is a process of creating logical and virtualized networks on a common physical infrastructure. As network slicing is already proposed via 5G technology, its actual working or realization will be shown off in 6G. SAGIN as the name suggests consists of satellite communication networks, aerial networks and ground networks. Few of the advantages of SAGIN are high throughput, much better resilience than its counterparts and large coverage areas. Finally, the ubiquitous sensing uses video-captured information for enabling smart decision-making and automated sensing.

Use Cases

5G networks provide us with many applications form AR/VR to smart cities. Generally, the use cases of 5G are divided into three main classes: eMBB, mMTC and URLLC. Several few new technologies require more than these so new use cases are defined for 6G connections. The use cases of 6G apart from that of 5G are: Human-centric services, Holographic communication-based services, Nano-Internet of things (N-IoT), Bio-Internet of things (B-IoT), Massive URLLC (mURLLC), Haptics communications and unmanned mobility (Khan et al. 2020). There is the need to implement more human centrical services than 5G such as the brain-computer interface, for which human physiology is used to measure its performance. The holographic communication-based services are totally based on super high accuracy remote connection. These cannot be obtained from a 5G network as these require high data rates than 5G can offer. The N-IoT and B-IoT as the name suggested are based on the communications of nanodevices and biodevices over a network. Much like 5G, the 6G network will also use URLLC but on a massive scale thus having mURLLC (Zhang et al. 2021a). Based on URLLC, mURLLC denotes IoE applications. It’ll basically merge the 5G URLLC with the machine massive machine-type communications (Mahmood et al. 2021). Last but not the least, Haptics communications are a type of non-verbal communications which works from a remote place with enabling sense of touch.

Emerging Machine Learning Schemes

Machine Learning (ML) is contemplated to play an important role in development and working of 6G network. Recently, in past few years, ML has evoked great attention in various smart applications from self-driving cars to voice assistants. As for 6G, ML is not only expected to provide smart applications but also smart transceivers and smart access control techniques and schemes. This makes ML a fundamental pillar of 6G network. For 6G purposes, ML is basically divided into three categories: Federated learning (Yang et al. 2021), Meta-learning (Jung and Saad 2021) and Quantum Machine Learning (Kashyap et al. 2022). To overcome challenges of the original ML processes, recently federated learning is being adopted. Federated leaning applies ML via a distributed means by allowing on-device ML without drifting data through end devices to the cloud. Meta-learning helps the models to learn with complex designs. Quantum ML is the combination of ML and quantum physics, which ultimately results in fast raining speed of models.

Communication Technologies

6G communications will use many different communication technologies for providing a wide variety of smart applications. The communication technologies that the 6G network will use are quantum communications (Kashyap et al. 2022; Wang and Rahman 2021), visible light communications (Ariyanti and Suryanegara 2020), terahertz communications, 3D wireless communications, holographic communications and nanoscale communications (Khan et al. 2020). Quantum communications is the field of communication that uses the fundamentals of quantum physics and quantum computing for providing protection to data. Basically, the photons of light are used for transmission of data through optic cables. This security feature of quantum communication makes it suitable for 6G networks. Visible light communication full for VLC is a type of data transmission method, which uses visible lights for the transmission of data. It uses the visible light spectrum from 430 to 790 THz. The transmission of data through illuminous sources is the main advantage of VLC. With addition of mmWave bands as used in 5G networks, 6G will use Terahertz communications too. Terahertz communication is also a different type of wireless data transmission technology which provides ultra-high-speed wireless extensions of fiber optics for 6G networks. Another technology that 6G will use is the nanoscale communications, as the name suggests this technology is used for communication as nano level distances of 1 m or cm. It uses very short wavelengths for the transmission of data (Yuan et al. 2020).

Network Technologies

Networking technologies that will be used in 6G networks are bio-networking, 3D networking, nano-networking and optical networking. The N-IoT relies on molecular communication to function. Nanometer-scale devices can be made with a variety of material, such graphene and metamaterials. B-IoT is a type of IoT technology that utilizes biological cells. B-IoT and N-IoT appear to be critical components of future 6G smart services but they face a number of implementation hurdles. Physical layer technology design for molecular communication is a difficult task. Because B-IoT and N-IoT are basically different from traditional IoT, unique routing algorithms must be planned in addition to physical layer techniques. Similarly, new 3D communication models must be developed as they are different in nature than 2D communication network (Calvanese Strinati et al. 2020).

Computing Technologies

As the 6G system will include a huge variety different smart applications and devices, it’ll require different types of computing technologies as well for generating the humongous amounts of data. Quantum computing, high-performance computing and intelligent edge computing will be used for the analysis of such data. The quantum computing is said to change the whole field of computing by providing with much higher speeds we haven’t experienced yet. The key factor of quantum computing is the security it provides. As for huge amount of analyzing and computing of huge loads of data high-performance computing is required (Blog: Samsung Research 2021). Apart from these, intelligent edge computing is required for providing intelligent on-demand computing and storage abilities (Hui et al. 2021) (Table 12.1).

Table 12.1 Various B5G/6G taxonomies
Full size table

Security Services in 6G/B5G Wireless Networks

The 6G/B5G is a new technology with new use cases, features and architecture with these it also brings necessities for new security services. Basically, there are four security services required for 6G network, they are: Confidentiality, Availability, Authentication and Integrity (Bhushan and Sahoo 2017).

Confidentiality

Confidentiality consists of two things: privacy and data confidentiality. Privacy helps in the protection of the traffic flow from an attacker as an attacker can study the traffic flow and can identify sensitive information. As 5G and B5G, both will be used throughout various applications loads of user’s data will be associated with their privacy (Saxena et al. 2021). Data confidentiality on the other hand limits the data access only to the authorized users and prevents the data leakage or disclosure to unauthorized users. Data encryption is widely used for securing the data confidentiality by stopping unlicensed users from gaining sensitive information.

Availability

Availability as the name suggests defines, to which extent some data or service is available or accessible. It basically estimates the strength of the system or network. Availability attacks are most common types of attacks happening over systems or networks. Denial of Service (DoS) is the most common type of availability attack. In this, a particular service or series or service made inaccessible to the user by flooding the network resulting in crashing of the service. As a huge number of IoT and IoE devices will be connected to the 6G network, it’ll be a challenge for the network to prevent availability attacks such as DoS and Distributed Denial of Service (DDoS) (Bhushan and Sahoo 2017).

Authentication

Authenticity is of two types: Message authenticity and Entity authenticity. Message authenticity makes sure that the message has not been changed or modified, while in between the transmit and that the receiver is getting the same message as which the sender has sent. On the other hand, entity authenticity makes sure that the sending party or the receiving party is the same that they claim to be and not someone else. 6G having data speeds up to 1 Tb/s with ultra-low latency will have much faster authenticity as compared to its predecessors. Various public key-based Authenticated Key Agreements (AKA) are proposed for better security (Goyal et al. 2021).

Integrity

Integrity means protection against inappropriate modification or deletion of information or data. Authentication makes sure about the source of the message is not altered, integrity protects from the alteration or replication of the message by unauthorized entities. As cellular networks are aimed towards more and more connectivity easing human lives by supporting and connecting to applications used by humans in daily lives, integrity of user’s data is a key security necessity as more and more of user’s data is being used. Integrity security can be delivered by the mutual authentication of mobility management entity (MME) and user equipment (UE).

Data Security Techniques for 5G Heterogeneous Networks

As we are moving towards a more digital era, come digital attackers. No network is safe from cyber-attackers. Security is of the data that is very substantial. Hence, numerous data security techniques are used in 5G networks for providing the safest and securest communication of data.

Visual Secret Sharing

Cryptography is an art of sharing data secretly. Visual secret sharing also known as visual cryptography is a method of sharing data by encysting visual media such as text, image, etc. in a way such that the final decrypted data are in the form of a visual image. In this, the secret data are divided into many different shares or parts, for decryption and getting the secret message the user must have all the shares of the original image. This technique provides high security as all the shares are required and even if one share is missing no information or the data can be decrypted. Another advantage of visual secret sharing is that it requires low computational complexity (Liu and Chang 2018).

Steganography

Steganography is the method of obscuring data or a message inside another message or file like an image, audio or video file to avoid exposure of the data. The data are extracted by the one for whom the data are intended to receive. For enhanced protection, steganography is used with encryption techniques for concealing and protecting of the data. It basically works by replacing some useless or vacant parts of the file with the bits of data which is to be hidden. There are five major types of steganography: Steganography in images, videos, audio, text and network. Three of the most used approaches for steganography are: Least Significant bit (LSB) (Singh et al. 2016), secure cover selection (Qin et al. 2021) and palette-based technique (Hao et al. 2021). In LSB, the useless bits of the transporter file are identified, which are then replaced with the secret data. In secure cover selection, the blocks of carrier files are compared to find the perfect match to carry the secret data. Lastly, in palette-based technique, digital images are used. First, the secret data are encrypted then it is hidden among the wide palette of cover image. In network steganography, the data are hidden in the network control protocols like UDP, TCP, etc.

Cryptographic Algorithms

Cryptography is a method of securely transmitting the data from sender to receiver with the use of secret writing. The data are sent to the receiver in form of cipher text, for which cryptographic algorithms are used for conversion pf the pain text to cipher text. The main applications of these algorithms are digital signatures, data encryption and authentication.

Elliptic-Curve Cryptography

Elliptic-curve cryptography (ECC) is a type of public key cryptography method or cryptosystem based on mathematical elliptic curves. ECC is popular for creating smaller, quicker and more efficient cryptographic keys (Wikimedia Foundation 2021a). ECC has all the properties that an asymmetric cryptosystem has from encryption decryption to key exchange and signatures. Mostly the ECC is used for encryption of internet traffic. Private Keys in ECC are integer values mostly a 256-bit integer. While the public keys are the coordinates of the curve, these points are known as EC points. The key generation in ECC is very simple and easy as just random integers within a range are generated, any integer within that range can be used as a valid private key. There are significant overheads in ECC. The size of the blocks is also key dependent here. ECC also does provide resistance towards mutual authentication and replay attacks. It also provides differential fault analysis. Apart from these, ECC also provides various different features like key provisioning, key monitoring, key maintenance and management. ECC is also resilient and scalable method of cryptography. Different algorithms are used by ECC such as EdDSA and ECDSA for digital signatures, FHMQV, X25519 and ECDH for key agreement and EEECC and ECIES for encryption (ECC keys 2021).

RSA

RSA stands for Rivest-Shamir-Adleman. It is also a type of public key cryptography system used for secure transmission of data. It is one of the oldest cryptosystems. As being a traditional public key cryptosystem, it can perform various tasks such as encryption, decryption, key exchange and signatures. Similar to ECC, it’s also a type of asymmetric cryptography (Wikimedia Foundation 2021b). The block size is of 86 bytes. There are less overheads in RSA cryptosystem. It also provides partial resistance towards mutual authentication and replay attacks. Similar to ECC, the RSA is also provided key provisioning, key monitoring, key maintenance and management and is also scalable and resilient. RSA provides partial analysis of differential fault. In RSA, the keys are generated usually using two large prime numbers. RSA is used in many services like VPN, web browsers, email services and many more communication services. As compared to ECC, RSA is slow thus, it is not used directly for encryption of data.

Diffie-Helman

Diffie-Helman is a technique of exchanging cryptographic keys securely. It is the first broadly used technique of exchanging keys over an insecure channel. Hence, it is called Diffie-Helman key exchange. As two different organizations or parties need to exchange keys for a successful encrypted communication (Li 2010). The channel between these parties needs to be secure for usual security reasons, here the Diffie-Helman exchange is used for exchange of keys between two unknown or known parties by forming a shared secret key in an uncertain channel. Here the cipher overheads are significant. Diffie-Helman also shows resistance towards mutual authentication and replay attacks up to some degree. The cipher block size here is variable, as it is dependent upon the selected prime number. As compared to ECC and RSA, the Diffie-Helman is partially resilient and scalable, and it also provides partial key provisioning, key monitoring, key maintenance and management.

ElGamal

ElGamal is a type of asymmetric encryption system used for public key cryptosystems. It is based on Diffie-Helman key exchange system (Wikimedia Foundation 2021c). It comprises of three parts the key generation, encryption and decryption algorithm (Tsiounis and Yung 1998). This cryptosystem depends on the trouble of discovering discrete logarithm inside a cyclic group. ElGamal is a type of probabilistic encryption, it means that many different ciphertexts of a plaintext can be generated. As compared to RSA and ECC, they both worked on integer factorization while ElGamal works with discrete logarithm. There are moderate number of overheads in ElGamal. The block size of ciphertext is variable and depends upon the key length. This doesn’t show resiliency and scalability. Key provisioning, key monitoring, key maintenance and management are also absent here. The resistance towards replay attacks and mutual authentication is not effective as much. Furthermore, the differential fault analysis provided by ElGamal is not as effect as much too.

DES

DES, short for Data Encryption Standard, is a type of symmetric cryptosystem method meaning it requires a single key for encryption and decryption of data. It is based on LUCIFER (Wikimedia Foundation 2021d), a Feistel block cipher. It has a 64-bit block size. Here, 64-bit blocks of ciphertexts are transformed into 48-bit keys. There are total of 16 rounds of encryption in DES and each round executes the essential attributes of cryptography which are transposition and substitution. This offers important and generic tools for watermarking digital videos and streams for tamper detection and protection against watermark copy attacks. There are very few overheads of ciphertexts here. DES is not scalable or resilient and doesn’t provide differential fault analysis, key provisioning, key monitoring, key maintenance and management. Furthermore, it doesn’t show resistance towards mutual authentication and replay attacks. Because of these problems, there are concerns about security and speed of DES is making users to shift towards newer block cipher designs or reusing DES like Triple DES (TDES).

AES

AES stands for Advanced Encryption Standard. Similar to DES, it is also a type of symmetric block cipher system. It is well known for its use by the U.S. government for the protection of classified data (Bernstein and Cobb 2021). It was developed as an alternative for DES. It has the cipher blocks of 128-bit and key lengths of 128, 192 and 256 bits. The cipher overhead is also noteworthy in AES. As being an improvement of DES, it does have resistance against mutual authentication and replay attacks and also does provide users with differential fault analysis and was also faster and more reliable. It does also provide partial resiliency and scalability with key management and provisioning but the key provisioning is dependent upon the computational speed of the system. Due to so many advantages and high security, it is one of the most popular encryption algorithms used today, used in many ways from wireless security to web browsers (Table 12.2).

Table 12.2 Different types of cryptographic algorithms used in 5G networks
Full size table

Key Management

CKSM stands for Cryptographic Key Management System. It is a system that is used to protect key data. Key management as the name suggests is the process of managing or handling the cryptographic keys inside a cryptosystem. It basically includes storing, generating and exchanging keys as per user’s requirement.

Key Escrow

Key escrow is a method in which keys that are required to decrypt an encrypted data are stored in an escrow. Escrow is basically a bond kept in safekeeping of third party and engaged only when certain conditions are met. In simple words, key escrow is nothing more than a process of storing cryptographic keys. As a third party is involved key escrow system is not much on the safer side and does include some risks (Sugumar and Ramakrishnan 2018; Foundation 2020). Apart from this, there are other problems related to this too like the mutual authentication of both parties is not always satisfactory and key escrow also have shown some problem with identity-based encryption.

Identity-Based Encryption (IBE)

IBE is public key-based encryption (PKE) that uses identifiers as the source for encryption. In this, the public key of the user is the distinctive detail about the identity of the user. Here, the public key of the user is created with the public key of a third party. Similarly, the private key of the user is also computed in conjunction of the private key of the third party, making it secure as no one else than the third party can access the user’s private key (Khan and Niemi 2017). These third parties are known as private key generators (PKG).

Attribute-Based Encryption (ABE)

ABE is also a type of PKE in which the secret key and the ciphertext both are reliant upon attributes such as the country of the user or the particular type of services they’ve enrolled for. Here, decryption of cyphertext is only possible if the attributes of the user key match that of the ciphertext (Zhang et al. 2021b). ABE is divided into two different types those are: Key-policy attribute-based encryption (KP-ABE) and Ciphertext-policy attribute-based encryption (CP-ABE) (Wikimedia Foundation 2021e). User’s secret keys in KP-ABE are produced by an access tree that describes the user’s privilege and encrypts data over set of attributes. CP-ABE, on the other hand, encrypts data using an access tree and secret key is encrypted based on set of attributes.

Overview and Fundamentals of Quantum Computing

In causal and simple words, the use of computers is known as computing. There are two major types of computing: classical and quantum. Classical being the one which we all use in our day to day lives. Other is quantum computing, it is a type of computing that combined concepts of computer science and quantum physics. Quantum computing is still a progressively growing research area (Elsevier. (n.d.). 2021).

Architecture of Classical Computing Versus Quantum Computing

There are huge differences between classical computing and quantum computing. With the increment of quantum properties in quantum computers, it makes the difference between the two even greater.

Classical Computing

Classical computing also known as binary computing is the traditional approach in computing. In classical computing, the information is kept in bits. Everything words, integers, audio, video, image, all are represented in the form of bits. These bits are represented either in 0 or 1. The information is fragmented into simple Boolean logical gates. Every logical gate in classical computing takes input as 1 or 2 bits and as an output, it gives new bits as a result (Navaneeth and Dileep 2020). There are a total of seven logical gates in classical computing, each takes and gives output in unique way. The computation is done by specially arranging the logical gates accordingly.

Quantum Computing

Quantum computing is the type of computing as the name suggests which uses the properties of quantum mechanics to provide a huge leap over classical computation for solving problems and calculations. Quantum computers follow the probabilistic approach for calculations, meaning they solve problem upon the most probable outcome, simultaneously using several other dimensions. As compared to classical computing which uses 0’s and 1’s for representing the data, quantum computing offers many new ways of data representation. In quantum computing, quantum bits are used. These quantum bits are known as qubits. The operations which the qubits contain are sensitive and are unstable (Haller 2021), due to which the qubits require very specific requirements for working correctly. For functioning efficiently, vacuum and temperature very close to absolute zero are required by the qubits. Furthermore, they endure no interference, which turns out to be exceptionally muddled while working on a nanoscale individual electrons and photons. For differentiating bits and qubits, lets take an example—as classic computer uses 8 bits to denote a number between 0 and 255, instead of bits 8 qubits can represent all the number between 0 and 255, that too simultaneously.

Quantum computing offers superposition (Khrennikov 2021), due to which between these 0’s and 1’s, infinite other states can also be present there. In these states, there are infinite number of qubits. Apart from superposition quantum, computers also offer other quantum mechanics-based phenomenon such as quantum entanglement (Duarte 2019). It is a phenomenon that occurs when particles are created. It is a property between two or more qubits, which allows the qubits to have higher amount of correlation with each other. These properties like superposition, quantum entanglement, quantum interference, No-cloning theorem and destructive measurement are not present in the classical computing. Hence, making a huge difference between quantum computing and classical computing.

Mathematical Representation for Quantum Computing

In quantum physics, the qubits work upon the spin of the qubits and their direction of spin. Mathematically, the use of calculus is not required for qubits. Hence, the concept of vectors is highly useful for describing and analyzing the spin of qubits. Apart from this, fundamentals of matrices are also used for the measurement of qubit spin in some cases (Lam 2019). The likelihood of getting a particular estimation for spin, as far as one might be concerned, can be depicted utilizing probability. In this way, a comprehension of probability hypothesis is somewhat valuable as it relates with quantum mechanics. Hence, matrices, complex number, vectors and probability play an extremely huge part in mathematics and calculations of quantum computing (Chamola et al. 2021). The states zero and one in qubit are presented by \(\left|0\right.\rangle\) and \(\left|1\right.\rangle ,\) respectively. Entanglement of two qubits can be represented as:

$$\left|0\right.\rangle \otimes \left|1\right.\rangle = \left|01\right.\rangle$$
(12.1)

In quantum computing, vectors are represented as a list of numbers. A single qubit is considered a two-dimensional vector. The dimension of vector is represented as the rows, i.e., the dimension of the vector is labeled as number of rows of the vector. Representation of qubit in vector is as follows:

$$\left| 0 \right\rangle :\left[ {\begin{array}{*{20}c} 1 \\ 0 \\ \end{array} } \right]$$
(12.2)
$$\left| 1 \right\rangle :\left[ {\begin{array}{*{20}c} 0 \\ 1 \\ \end{array} } \right]$$
(12.3)

While in the state of a superposition, the qubit has 50–50% probability of becoming a zero and one respectively. For mathematical representation, let’s take an example of superposition:

$$\sqrt {2/3} \cdot \left| 0 \right\rangle + \sqrt {1/3} \cdot \left| 1 \right\rangle \to \left[ {\begin{array}{*{20}c} {\sqrt {2/3} } \\ {\sqrt {1/3} } \\ \end{array} } \right]$$
(12.4)

Above, superposition is shown in which \(|0\rangle\) has the probability of 2/3 and the probability of \(|1\rangle\) is 1/3. The square roots are there because the unit circle where the sum of probabilities is always one can be represented by vectors.

The Impact of Quantum Computing on Modern Cryptography

The rapid increment in the field of quantum computing can also disturb many big and small organizations. As quantum computing is a lot different and superior than that of classical computing in many different aspects, it has several impacts on cryptographic algorithms made for classical computers.

Cryptanalysis

As quantum computers are expected to provide a huge number amount of leap over the common classical computers, it will be very easy for the quantum computers to break the security provided to us by the classical methods of cryptography. With the large-scale rollout of quantum computers for people, havoc will be caused regarding the security, as majority of the technology uses the classical cryptography algorithms. Quantum computing algorithms have proved to be efficient against both symmetric and asymmetric cryptography algorithms (Mitchell 2020; Schanck 2020). As asymmetric algorithms rely on the huge amount of time taken by classical computers to factorize huge integers for their security, this can easily be tackled with use of Shor’s algorithm (Devitt et al. 2005). On the other hand, for finding the key of symmetric cryptographic algorithms, computers take around \(k/2\) operations, with quantum algorithms like Grove’s algorithm (Mandviwalla et al. 2018), this time could be further reduced to \(\sqrt{k}\) (\(k\) being the size of key) operations.

Security Impacts

Cryptography is one of the most significant techniques used in modern technology for securing a communication either between two users or a user and its machine. As current cryptographic algorithms are considered insecure in comparison to quantum computers, it can cause catastrophic impacts on the digital world. For algorithms that are only used for affirming the integrity of sent data, for instance whose use has no extended-out influence, there will no big issues, to the extent that until new and secure algorithms are introduced. Comparing to key establishment algorithms and encryption algorithms, here the impact will be tremendous (Fernandez-Carames 2020).

Replacement Algorithms

As these quantum computers will have such a destructive impact on the security given by current cryptographic algorithms, many organizations have already started development, research and studies on new cryptographic algorithms and standards. As for symmetric cryptographic algorithms, no promising new technologies and advancements are made as current symmetric cryptographic algorithms work on using 265-bit keys apart from moving towards using more longer keys for encryption. As for asymmetric cryptographic algorithms, it relies on the factorization of huge integers. It has been proved to be a piece of cake for the quantum computers to factorize huge integers. So many other factors are also needed to be taken care for the development of new asymmetric cryptographic algorithms, which can withstand the quantum computers. Many agencies such as ISO, NIST, IEC, etc. have already started their development of quantum-resistant asymmetric cryptographic algorithms (Mitchell 2020).

Quantum Algorithms Affecting Cryptosystems

As stated above that the quantum algorithms will have a significant amount of impact upon the current cryptographic systems. Whether its symmetric or asymmetric cryptographic algorithms, some quantum algorithms with the help of quantum computers can easily surpass them.

Shor’s Algorithm

Peter Williston Shor, in 1994, created an algorithm for integer factorization known as Shor’s algorithm. It’s a polynomial-time quantum computer algorithm. In his research, he proposed that large factorization of large integers can be done via quantum computers (Wikimedia Foundation 2021f). Modern cryptographic algorithms such as RSA provide security on the basis that classical computers have slower computational speed for factorizing huge integers and could take huge amount of time basically millions or billions of years for the factorization (Devitt et al. 2005; Bhatia and Ramkumar 2020). Shor guaranteed that it is feasible to change the factorization issue over to another issue of finding the time of an integer \(0<x<N\). A periodic function where \(a\ge 0,x\) is an integer coprime to N:

$$F\left(a\right)={x}^{a} mod N$$
(12.5)

Shor’s Algorithm works as:

  • Firstly, the factorization problem is converted into the problem of period finding:

Since period is r and it is periodic with F(a)

$${x}^{0} mod N=1$$
(12.6)

So,

$${x}^{r} mod N=1$$
(12.7)

Then,

$${X}^{r}=1 mod N$$
(12.8)

Mathematically,

$$({x}^{r/2}+1)({x}^{r/2}-1)= 0 mod N$$
(12.9)

Following equation is a multiple of N

$$({x}^\frac{r}{2}+1)({x}^\frac{r}{2}-1)= 0$$
(12.10)

Between \(({x}^{r/2}+1)\) and \(({x}^{r/2}-1)\) at least one of these should have a non-trivial factor common to N, for not being a multiple of N.

Now obtaining a factor of N using:

$$GCD(({x}^\frac{r}{2}+1), N)$$
(12.11)
$$GCD(({x}^{r/2}-1), N)$$
(12.12)

Above GCD stands for Greatest Common Divisor.

  • Now finding the period using Quantum Fourier Transformation.

Initialize the qubits in superposition and compute the modular exponentiation. Now perform the Quantum Fourier Transformation multiple times for getting the good probabilistic result. The Quantum Fourier Transformation uses amplitude amplification.

  • Finally, finding with the use of periods finding the factors, after r is recognized.

Out of:

$$GCD(({x}^{r/2}+1), N)$$
(12.13)
$$GCD(({x}^{r/2}-1), N)$$
(12.14)

At least, one factor of these equations will be a non-trivial factor of N. Hence, the factor is found.

Quantum Annealing

Quantum annealing is a process of finding the most efficient solution. It is a process used for solving optimization problems. It normally gives low-energy solutions for applications that necessitate the genuine least energy and others require great low-energy tests. Several companies use quantum annealing such as IBM, Microsoft, D-Wave, etc. (Mitchell 2020; Hauke et al. 2020).

As for cryptography, quantum annealing is used for factorizing integers into prime numbers, same as Shor’s algorithm. Similarly, like Shor’s algorithm, it can be used for factorizing large integer values using quantum computers. The quantum annealing approach is as follows:

Take \(N=pq\), here both p and q are the prime numbers. These two prime numbers can be written into binary form as,

$$p=1+\sum_{i=1...{s}_{p}}{2}^{i}{p}_{i}$$
(12.15)

and,

$$q=1+\sum_{i=1...{s}_{q}}{2}^{i}{q}_{i}$$
(12.16)

So, the function can be,

$$f\left(p1, p2,\dots ,{p}_{sp},q1,q2,\dots {q}_{sp}\right)={(N-pq)}^{2}$$
(12.17)

If the \({p}_{i}{,q}_{i}\) are found for which the value of \(f\) is minimum or 0, the problem for factorization is solved. For such situations, quantum annealing such as D-Wave is used for finding the minimum value.

For example, suppose,

$$N=15=pq$$
(12.18)

And let the binary depiction of \(p\) has 2 bits: \(({x}_{1},1)\)

So,

$$p\left({x}_{1},1\right)=2{x}_{1}+1$$
(12.19)

Similarly,

$$q\left({x}_{2},{x}_{3},1\right)={2}^{2}{x}_{2}+2{x}_{3}+1$$
(12.20)

Likewise, the binary depiction of a prime number will always comprehend a 1 as its least important number. The function to minimize is \(f\),

$$f\left({x}_{1},{x}_{2},{x}_{3}\right)={(N-pq)}^{2}$$
(12.21)
$$={(15-(2{x}_{1}+1)({2}^{2}{x}_{2}+2{x}_{3}+1))}^{2}$$
(12.22)

Further solving for \(({x}_{1},{x}_{2},{x}_{3})\) and we will get the factors.

As quantum computing is based upon the probabilistic approach, it is always a must to run these algorithms multiple times for getting the best probabilistic result.

Grover’s Algorithm

In 1996, Lov Grover came up with a quantum search algorithm called as Grover’s algorithm. It is used for improved efficiency of searching data over an unstructured database. For a database of \(N\) number of items in it and we want to search for a specific item, it would take a classical computer \(N/2\) opertaions to find the specified item at average case and at worst case it would take \(N\) operations (Devitt et al. 2005; Brickman et al. 2005). For quantum computers, the time required for searching is very less as it would only take \(\sqrt{N}\) opertains to find the specified item.

For example, we have to find an item \(s\) from a set \(S\) having \({2}^{n}\) items in it.

Denoting every time in the set with a number so,

$$x \in \left\{\mathrm{0,1},\dots {2}^{n}-1\right\}$$
(12.23)

Let \(f(x)\) be a function in which \(f\left(x\right)\) checks for the required item and checks if it is or not,

$$f\left(x\right)=\left\{\begin{array}{l}1\,\, if \,x=s\\ 0 \,\,otherwise\end{array}\right.$$
(12.24)

For computing the problem in a quantum computer, few changes are needed to be made, such as:

\(x\) converted to a qubit, \(x \to \left| x \right\rangle\)

\(f\) converted into an operator, \(f \to \hat{\theta }\)

Now, \(\widehat{\theta } |x\rangle\) can be represented as,

$$\widehat{\theta } \left|x\right.\rangle =\left\{\begin{array}{c}\left|x\right.\rangle \,\, if x=s\\ -\left|x\right.\rangle \,otherwise\end{array}\right.$$
(12.25)

In a simplified manner, it can be written as,

$$\widehat{\theta } \left|x\right.\rangle ={(-1)}^{f(x)}\left|x\right.\rangle$$
(12.26)

Now, we can modify the problem and say that we want to find the qubit \(\left|s\right.\rangle\) from the set of qubits \(S=\{\left|x\right.\rangle :x\in \{\mathrm{0,1},\dots ,\}\}\).

As for solving the above problem, we will have to start with from superposition of all the possible solutions:

$$\left|E\right.\rangle =\frac{1}{\sqrt{{2}^{n}}}\sum_{x=0}^{{2}^{n}-1}\left|x\right.\rangle$$
(12.27)

The \(\left|E\right.\rangle\) contains all the solutions including \(\left|s\right.\rangle\). There are \(\frac{1}{{2}^{n}}\) probability that \(\left|E\right.\rangle\) will give the required solution. As all the solutions have same amplitude, we have to grow the amount of amplitude for \(\left|s\right.\rangle\) in \(\left|E\right.\rangle\). For that we have to take an intermediate state. So,

Let us take \(\left|{\psi }_{1}\right.\rangle\) as intermediate state.

$$\left|{\psi }_{1}\right.\rangle =\left|E\right.\rangle$$
(12.28)
$$=\widehat{\theta } \left|E\right.\rangle$$
(12.29)
$$=\left(2\left|E\right.\rangle \left|E\right.\rangle -1\right) \widehat{\theta } \left|E\right.\rangle$$
(12.30)

Similarly,

$$\left|{\psi }_{2}\right.\rangle =\left|{\psi }_{1}\right.\rangle$$
(12.31)
$$=\widehat{\theta } \left|{\psi }_{1}\right.\rangle$$
(12.32)
$$=\left(2\left|E\right.\rangle \left|E\right.\rangle -1\right) \widehat{\theta } \left|{\psi }_{1}\right.\rangle$$
(12.33)

Generally,

$$\left|{\psi }_{1}\right.\rangle =({\left(2\left|E\right.\rangle \left|E\right.\rangle -1\right) \widehat{\theta })}^{t}\left|E\right.\rangle$$
(12.34)

Hence, with each iteration of \(\left|\psi \right.\rangle\), amplitude of the solution also increases.

Post-Quantum Cryptography

Post-quantum cryptography also known as quantum resistant or quantum proof cryptography is a type of cryptography, which is thought to protect us from attacks conducted via quantum computers (Wikimedia Foundation 2021g; Bernstein n.d). Cryptography is one of the most important techniques used in modern technology for secure communication either between two users or a user and its machine. According to several surveys, more than 90% of the currency is digital, all of it uses the concept of cryptography for security purposes. As quantum computers are the possible future, they offer huge advantages and new technologies as compared to classical computers. They will break the current infrastructure of computations and current cryptographic techniques will not be powerful enough to counter them. Hence, we’ll be requiring new cryptographic techniques or algorithms to protect us from such scenarios, where we’ve to protect our data from hacker or attacks coming from quantum computers. The National Security Agency (NSA) of USA has already transitioned to post-quantum cryptographic algorithms as it is not known when a powerful enough quantum computer will be there which can break current cryptographic techniques. Dissimilar to quantum-based cryptography, post-quantum cryptosystems depend on some numerical issues that are not difficult to figure out for the receiving end, however, harder for the attacker (Chen et al. 2016).

Mathematical View

There are various quantum resistant cryptographic techniques that have already been proven to work effectively to provide security that current cryptography schemes couldn’t provide while facing quantum computers. The working of these techniques is heavily relied upon their mathematical backgrounds.

Lattice-Based Cryptography

Lattice-based cryptography (Pradhan et al. 2019; Yao et al. 2021) as the name suggests is a type of cryptographic primitive, which uses the lattices for creation of cryptographic algorithms. Unlike common cryptographic schemes, some lattice-based constructions seem, by all accounts, to be impervious to assault by both traditional and quantum computers (Nejatollahi et al. 2019). Moreover, numerous lattice-based developments are viewed as secure under the supposition that specific all around concentrated on computational lattice issues can't be tackled proficiently.

  • SVP (Shortest Vector Problem) is the widely used Lattice-based cryptosystem. The key generation in SVP is done:

$$\left(p,q,n,m\right),B\in {Z}^{n\times m}$$
(12.35)
$$\mathrm{The encryption is carried out by}: {H}_{B}:1,\dots ,{d}^{m}\to {Z}_{p}^{n}$$
(12.36)
$$\mathrm{The decryption of key is done by}: {H}_{B}\left(x\right)= {B}_{x} mod p$$
(12.37)

  • DGS (Discrete Gaussian sampling) is another type of lattice-based scheme. Key generation in DGS is done using:

$$M\ge {u}^{2 }\times \left(Q{D}^{2}{Q}^{-1}\right)= {u}^{2}\left(V.{V}^{c}\right), a\mathrm{\epsilon \Lambda }+\mathrm{P c }= \left(\mathrm{P }-\mathrm{ a}2\right)$$
(12.38)
$$\mathrm{The\, encryption\, equations\, are}: {a}_{2}\leftarrow {D}_{\Lambda 2+\mathrm{P}2 , \sqrt{{M}_{2}}}$$
(12.39)
$${a}_{1}\leftarrow {D}_{\Lambda 1+\mathrm{P}1-{a}_{2},\sqrt{{M}_{1}}+{a}_{2}}$$
(12.40)
$$M=\left({M}_{1}+{M}_{2}\right)>0$$
(12.41)
$${V}_{2}=\sqrt{{M}_{2}}$$
(12.42)
$${a}_{2}\to {D}_{\sqrt{{M}_{2}}}={V}_{2}\times {S}_{1}$$
(12.43)

Decryption is done by:

$$a={a}_{2}+\left(P+{a}_{2}\right)-{V}_{1}\left[{V}_{1}^{-1}\times \left(P-{a}_{2}\right)\right]u$$
(12.44)
$$a={a}_{2}+c-{V}_{1}[{V}_{a}^{-1}\times c]u$$
(12.45)

  • NTRU is another cryptosystem based on Lattice-based cryptography. It is a public key-based cryptosystem. The key generation in NRTU is done:

$$K\equiv p{I}_{q}\times J\left(mod q\right)$$
(12.46)
$$\mathrm{Encryption of the data is done by}: C\equiv R\times K+M(mod q)$$
(12.47)
$$\mathrm{Finally},\mathrm{ the decryption of the data is done by}:u=I\times C\left(mod q\right)$$
(12.48)
$$u=I(Rp{I}_{q}J+M)(mod q)$$
(12.49)
$$u=[Rp{I}_{q}J+M](mod q)$$
(12.50)
$$v= {I}_{p}IM\left(mod q\right)=M$$
(12.51)

Multivariate Cryptography

Multivariate cryptography (Ding and Petzoldt 2017; Carenzo and Polak 2019), as the name suggests, is a cryptographic primitive that used multivariate polynomial equations. Multivariate means multiple variables. Multivariate public key cryptosystems have an arrangement of nonlinear multivariate polynomials.

$${p}^{\left(1\right)}\left({x}_{1},{x}_{2},\dots {x}_{n}\right)=\sum_{i=1}^{n}\sum_{j=1}^{n}{p}_{ij}^{(1)}\cdot {x}_{i}{x}_{j}+\sum_{i=j}^{n}\cdot {x}_{i}+{P}_{0}^{(1)}$$
(12.52)
$${p}^{\left(2\right)}\left({x}_{1},{x}_{2},\dots {x}_{n}\right)==\sum_{i=1}^{n}\sum_{j=1}^{n}{p}_{ij}^{(2)}\cdot {x}_{i}{x}_{j}+\sum_{i=j}^{n}\cdot {x}_{i}+{P}_{0}^{\left(2\right)}$$
(12.53)
$${p}^{\left(n\right)}\left({x}_{1},{x}_{2},\dots {x}_{n}\right)==\sum_{i=1}^{n}\sum_{j=1}^{n}{p}_{ij}^{(n)}\cdot {x}_{i}{x}_{j}+\sum_{i=j}^{n}\cdot {x}_{i}+{P}_{0}^{\left(n\right)}$$
(12.54)

The size of the public key is roughly around: \(m\cdot (\frac{n+d}{d})\).

Here d is the degree of the polynomials in the equation. Most of the time d is taken as 2 for better efficiency. The security of the system is based on the problem:

The m multivariate quadratic polynomials \({p}^{\left(1\right)}\left(x\right),\dots ,{p}^{\left(m\right)}\left(x\right)\). Now we have to find the vector \(\overline{x }={\overline{x} }_{1},\dots ,{\overline{x} }_{n}\) such that \({p}^{1}(\overline{x })={p}^{\left(m\right)}(\overline{x })\).

This problem is ended up being a NP-hard and resolving system of multivariate polynomials is demonstrated as NP-complete (Garey and Johnson 2009). This being the reason it is viewed as a good contender for post-quantum cryptography. The above-stated problem is supposed to be hard for classical as well as quantum computers. For the construction of multivariate cryptosystem, let \(\mathscr{F}\) be an effectively invertible quadratic such that,

$$\mathscr{F}:\boldsymbol{ }{\mathbb{F}}^{{\varvec{n}}}\to {\mathbb{F}}^{{\varvec{m}}}$$
(12.55)

Two invertible linear maps,

$$\mathscr{S}: {\mathbb{F}}^{m}\to {\mathbb{F}}^{m}$$
(12.56)
$$\mathscr{T}: {\mathbb{F}}^{n}\to {\mathbb{F}}^{n}$$
(12.57)

Public key will be,

$$\mathscr{P}:\mathcal{S}\circ \mathcal{F}\circ \mathcal{T}$$
(12.58)

Private key will be,

$$\mathscr{S},\mathcal{F},\mathcal{T}$$
(12.59)

The \(\mathscr{F}\) is combined with \(\mathscr{T}\) and \(\mathscr{S}\) and is well hid in the public key. If the public key is \(\mathscr{P}\), find linear maps \(\overline{\mathscr{S} }\) and \(\overline{\mathscr{T} }\) as well as a simply invertible quadratic map \(\overline{\mathscr{F} }\) such that \(\mathscr{P}:\overline{\mathscr{S} }\circ \overline{\mathscr{F} }\circ \overline{\mathscr{T} }\).

The encryption will be:

$$w=\mathscr{P}\left(z\right)$$
(12.60)
$$z\in {\mathbb{F}}^{n}$$
(12.61)
$$w\in {\mathbb{F}}^{m}$$
(12.62)

Here, z is the message and the decryption is done by:

$$x={\mathscr{S}}^{-1}\left(w\right)$$
(12.63)
$$y={\mathscr{F}}^{-1}(x)$$
(12.64)
$$z={\mathscr{T}}^{-1}\left(y\right)$$
(12.65)

And \(m\ge n\), as it ensures that the ciphertext has only one possible plain text.

Hash-Based Cryptography

Hash-based cryptography (Potii et al. 2017) is the cryptographic primitive that uses hash functions for security of the message. As of now hash-based cryptography is used for creation of digital signatures. It is used in almost all the digital signature algorithms (Wikimedia Foundation 2021h). The hash-based cryptography algorithm is as follows.

Let \(\mathscr{H}\) be the hash function so that,

$$\mathscr{H}:\left\{\mathrm{0,1}\right\}* \to \{\mathrm{0,1}\}\mathrm{n}$$
(12.66)

Make 2 random strings \({X}_{0}\) and \({X}_{1}\)

$$S=({X}_{0},{X}_{1})$$
(12.67)

Here S is the secret key. Let P be the public key,

$$P=(\mathscr{H}\left({X}_{0}\right),\mathscr{H}({X}_{1}))$$
(12.68)

Now the public key is published. Now to sign a bit let’s say 0 the signer has to make the string \({X}_{0}\) public. Then the verifier will calculate the \(\mathscr{H}({X}_{0})\) and match it with the value of public key. Similarly, to sign the bit 1 the signer has to make the string \({X}_{1}\) public then the verifier need to calculate the \(\mathscr{H}({X}_{1})\) and match the value with the public key. Bit string of length b, for signing it, the secret key will be generated by the signer of length 2b.

$$S=({X}_{10},{X}_{11},{X}_{20},{X}_{21},\dots ,{X}_{m0},{X}_{m1})$$

The public key will be:

$$P=(\mathscr{H}\left({X}_{10}\right),\mathscr{H}\left({X}_{11}\right),\dots ,\mathscr{H}\left({X}_{m0}\right),\mathscr{H}\left({X}_{m1}\right))$$

Some of the hash-based cryptography schemes are newer versions of XMSS, Lamport signatures, SPHINCS and Merkle signature scheme.

Code-Based Cryptography

Code-based cryptography (Cohen et al. 2021; Samokhina and Trushina 2017) uses error correctional and detection algorithms for security. In these, the errors are used for encrypting the message and for decryption the errors are removed from the message. While moving data, at least one or more bits may get flicked. To recuperate the original message, the error detection and corrections are utilized. Linear error correction codes are widely used code-based cryptography schemes as they can also be used for creating one-way functions (Alagic et al. 2019). A bounded distance decoding problem is as follows:

Linear code:

$$C\subseteq {F}_{2}^{n}$$
$$y\in {F}_{2}^{n}$$
$$t\in {\mathbb{N}}$$

In this linear code, we’ve to find,

$$x\in C\, such\, that\, dist(x,y)\le t$$

This problem is proved to be a NP-Complete problem. McEliece encryption scheme can be used as a probable solution for the above-stated problem. In this scheme, the sender adds up error in the message with the help of receiver’s public key. The errors are added in such a way that only the receiver can find and correct them as they have the private key.

Mathematically, let’s take S, G and P be the matrices over F. G here is the generator matrix for the Goppa code. These codes are used for error correction efficiently.

So, public key is

$${G}^{^{\prime}}=S\circ G\circ P,t$$
(12.69)

And secret key,

$$P,S,G$$
(12.70)

Encryption can be done by,

$$c=m{G}^{^{\prime}}+z\in {F}^{n}$$
(12.71)

Here, the message is multiplied using the receiver’s public key and z is the error, which has been added. Now for decryption,

$$x=c{P}^{-1}=mSG+z{P}^{-1}$$
(12.72)

That’s how the receiver detects and corrects the error.

Post-Quantum Analysis

It is a must to analyze how security of the 5G and B5G systems would affect in the post-quantum era. The 5G systems will have huge impact on their security schemes as they follow modern/classical cryptography. The USIM and unique identifier of 5G which is Subscription Permanent Identifier (SUPI) will majorly affect as these will be the focus of the attackers. As for B5G or 6G networks, the quantum computers won’t have much effect as of now because these networks will use quantum computing approaches for development. Hence, providing security in post-quantum era.

Authentication and Key Establishment

In post-quantum era, the 5G systems will be heavily under vulnerability. If an attacker interrupts the matching pair of authentication response message and authentication request of the authentication and key agreement, both the messages will be carrying 128-bit values. For cracking them, Groover’s algorithm can be used as it will reduce the time to \({2}^{64}\) operations only. This can provide enough data to the attacker about the key of the USIM. Furthermore, if the SUPI of the network is also discovered, it can lead to cloning of the whole USIM (Wang et al. 2021). As for B5G or 6G networks, the studies are still undergoing and so far, these networks are supposed to be working fine in the post-quantum era because of much superiority as compared to their predecessors and higher security measures.

Symmetric Encryption and Integrity Protection

In case of symmetric encryption, when an attacker interrupts the traffic which is sent over the network, he gets 32-bit MAC that addresses along with encrypted protocol data units. Using this information, an attack could be initiated, though it will be harder as compared to when the attacker has both the authentication and key agreement messages (Munilla et al. 2021). Here, the attacker would also need to know other information such as the plaintext, ciphertext and counter values. Thus, due to these many complications, conducting attacks using the information of authentication and key agreement message is much easier as compared to conducting attacks by intercepting the traffic of the network.

Asymmetric Encryption

As for security of asymmetric encryption, it is used for the protection of the user equipment’s permanent identity, which, in the case of 5G, is SUPI. Usually, the USIM stores the home network public key that can be obtained using the user equipment (What next in the world of post-quantum cryptography 2021). As stated above that the Shor’s algorithm has already proved to be decimating the modern asymmetric cryptographic schemes easily, the private key can be easily discovered just by knowing the public key in post-quantum era. This can cause menace by canceling the service of mobile identity confidentiality in all the USIMs having public key.

Conclusion

As an evolving study of 5G and beyond 5G networks, it has proved to be the technology of future which can revolutionize our daily lives. The 5G systems will open gates to new technologies such as AR/VR and smart cities. Furthermore, Internet of Everything (IoE) that is beyond IoT, Edge AI, AI-enabled smart cities and so on will be brought to us by 6G or beyond 5G networks, resulting in the total change of the way of living for humans. With these functionalities, the network systems will also need proper data security standards. By applying proper security techniques into the cellular networks, the users can be rest assured about security, and these future cellular networking technologies will come out to be an outstanding communication technology. In this paper, the evolution of 5G and 6G networks is discussed. Further, this paper explores the taxonomy used in 6G networks, security services provided by 6G networks and data security methods used in 5G networks such as steganography, RSA, AES, etc. Furthermore, the paper describes the architecture of quantum computers and presents the mathematical background of various quantum cryptographic schemes. Finally, the work describes the post-quantum cryptographic algorithms such as lattice-based cryptosystems, code-based cryptography, etc.