Topo-Kyber: A Lightweight Post-Quantum Authenticated Key Exchange using Topological Data Analysis over Physical Channels | Research Square window.SnipcartSettings = { analytics: { enabled: false } }; (function() { var accessVector = localStorage.getItem('access_vector') || ''; window.dataLayer = window.dataLayer || []; if (accessVector) { window.dataLayer.push({ user: { profile: { profileInfo: { snid: accessVector } } } }); } })(); (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-K279D39R'); Browse Preprints In Review Journals COVID-19 Preprints AJE Video Bytes Research Tools Research Promotion AJE Professional Editing AJE Rubriq About Preprint Platform In Review Editorial Policies Our Team Advisory Board Help Center Sign In Submit a Preprint Cite Share Download PDF Research Article Topo-Kyber: A Lightweight Post-Quantum Authenticated Key Exchange using Topological Data Analysis over Physical Channels Khiem Pham Tuan, Minh Quang Le, Khuong Nguyen-An This is a preprint; it has not been peer reviewed by a journal. https://doi.org/ 10.21203/rs.3.rs-9698022/v1 This work is licensed under a CC BY 4.0 License Status: Posted Version 1 posted You are reading this latest preprint version Abstract The advent of 6G and the Internet of Things (IoT) is severely threatened by quantum-empowered “Harvest-Now, Decrypt-Later” attacks. While the NIST FIPS 203 (ML-KEM) standard addresses this vulnerability, integrating it with post-quantum digital signatures (e.g., ML-DSA) within a traditional Public Key Infrastructure (PKI) imposes prohibitive memory and computational over heads on resource-constrained microcontrollers. Alternatively, Physical Layer Security (PLS) offers lightweight key generation, but traditionally struggles with ambient noise and active power-spoofing, necessitating computationally heavy error-correcting codes (e.g., BCH) that risk leaking key material. In this paper, we propose Topo-Kyber, a novel PKI-less, explicitly authenticated post-quantum key exchange protocol that synergizes Topological Data Analysis (TDA) with ML-KEM. By applying Min-Max normalization and mapping 1D Received Signal Strength Indicator (RSSI) time-series into state-space clouds, Topo-Kyber extracts robust homological invariants (Betti-0 and Betti-1 life times) via Vietoris-Rips filtration. This amplitude-invariant physical root-of-trust inherently neutralizes active power-matched spoofing and enables a lightweight Dithered Quantization Index Modulation (QIM) secure sketch, completely cir cumventing classical error correction. The derived physical seed is intrinsically bound to the ML-KEM encapsulation to guarantee explicit mutual authen tication and thwart active Man-in-the-Middle (MitM) attacks. We rigorously prove the protocol’s session-key security using the Game-Hopping methodology within the Canetti-Krawczyk framework. Hardware implementations on ARM Cortex-M4 (STM32) microcontrollers demonstrate that Topo-Kyber completes a secure mutual handshake in just 3.36 million cycles (roughly 20.0ms). By entirely bypassing post-quantum signatures, the protocol reduces computational latency by 69.8% and saves 16.8KiB of Flash memory compared to a pure PQ-TLS baseline, emerging as a highly scalable, quantum-resistant solution for ultra-constrained wireless ecosystems. Post-Quantum Cryptography ML-KEM Topological Data Analysis Physical Layer Security Internet of Things 6G Networks Full Text Additional Declarations The authors declare no competing interests. Cite Share Download PDF Status: Posted Version 1 posted You are reading this latest preprint version Research Square lets you share your work early, gain feedback from the community, and start making changes to your manuscript prior to peer review in a journal. As a division of Research Square Company, we’re committed to making research communication faster, fairer, and more useful. We do this by developing innovative software and high quality services for the global research community. Our growing team is made up of researchers and industry professionals working together to solve the most critical problems facing scientific publishing. Also discoverable on Platform About Our Team In Review Editorial Policies Advisory Board Help Center Resources Author Services Accessibility API Access RSS feed Manage Cookie Preferences © Research Square 2026 | ISSN 2693-5015 (online) Privacy Policy Terms of Service Do Not Sell My Personal Information {"props":{"pageProps":{"initialData":{"identity":"rs-9698022","acceptedTermsAndConditions":true,"allowDirectSubmit":true,"archivedVersions":[],"articleType":"Research Article","associatedPublications":[],"authors":[{"id":639393730,"identity":"6510a386-188f-4f08-b41f-62319a96084f","order_by":0,"name":"Khiem Pham Tuan","email":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAAyAQMAAABI0h/eAAAABlBMVEX///8AAABVwtN+AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAA+UlEQVRIie3RMWrDMBiG4c8Y2kXFq4yLe4UfMpUUcpWYDl4syJgxwWAvOYBLcomQxaONIF10gJQuTYdOHVy6BJqhsqCjHY8d9C76lgcJBNhs/zDOnYUZ3l2FqjFzOogQ/AKoi2HEHAQ6AC4bQvx1unx/Kc/Aa3qUD3MJ7zoh96bsJsFtnY6EIjibPclESfirT01UNwl5lAUiI7iYkhSZ1C9MyHnKekn+05IrxI2812RyiQT6FrcljCcknfYWPfDVQ/wiSgOhRowzNatXKmZcfcyqPsIP8fFblGE4ec53zWk+Dr38cfsW9RCT/k32t82oLgBDbDabzdbdLy1VUYremwAkAAAAAElFTkSuQmCC","orcid":"https://orcid.org/0009-0007-4453-1240","institution":"Faculty of Information Technology, Ho Chi Minh City University of Industry and Trade (HUIT)","correspondingAuthor":true,"prefix":"","firstName":"Khiem","middleName":"Pham","lastName":"Tuan","suffix":""},{"id":639393731,"identity":"26953f83-ef0e-44da-b181-0cb12e28454a","order_by":1,"name":"Minh Quang Le","email":"","orcid":"https://orcid.org/0000-0002-4109-8054","institution":"Faculty of Information Technology, Ho Chi Minh City Open University","correspondingAuthor":false,"prefix":"","firstName":"Minh","middleName":"Quang","lastName":"Le","suffix":""},{"id":639393732,"identity":"24a701d8-5225-417c-b093-e7ffd766f2bd","order_by":2,"name":"Khuong Nguyen-An","email":"","orcid":"https://orcid.org/0000-0002-9910-6387","institution":"Department of Computer Science, Faculty of Computer Science and Engineering, University of Technology (HCMUT)","correspondingAuthor":false,"prefix":"","firstName":"Khuong","middleName":"","lastName":"Nguyen-An","suffix":""}],"badges":[],"createdAt":"2026-05-13 03:40:21","currentVersionCode":1,"declarations":{"humanSubjects":false,"vertebrateSubjects":false,"conflictsOfInterestStatement":false,"humanSubjectEthicalGuidelines":false,"humanSubjectConsent":false,"humanSubjectClinicalTrial":false,"humanSubjectCaseReport":false,"vertebrateSubjectEthicalGuidelines":false},"doi":"10.21203/rs.3.rs-9698022/v1","doiUrl":"https://doi.org/10.21203/rs.3.rs-9698022/v1","draftVersion":[],"editorialEvents":[],"editorialNote":"","failedWorkflow":false,"files":[{"id":109252424,"identity":"249414c5-7d7c-4d09-bbf1-f0530a4447fb","added_by":"auto","created_at":"2026-05-14 09:26:12","extension":"pdf","order_by":1,"title":"","display":"","copyAsset":false,"role":"manuscript-pdf","size":991143,"visible":true,"origin":"","legend":"","description":"","filename":"TopoKyberALightweightPostQuantumAuthenticatedKeyExchangeusingTopologicalDataAnalysisoverPhysicalChannels.pdf","url":"https://assets-eu.researchsquare.com/files/rs-9698022/v1_covered_c2ed5b10-2f14-4e90-b466-b6f707a6d593.pdf"}],"financialInterests":"The authors declare no competing interests.","formattedTitle":"\u003cp\u003eTopo-Kyber: A Lightweight Post-Quantum Authenticated Key Exchange using Topological Data Analysis over Physical Channels\u003c/p\u003e","fulltext":[],"fulltextSource":"","fullText":"","funders":[],"hasAdminPriorityOnWorkflow":false,"hasManuscriptDocX":false,"hasOptedInToPreprint":true,"hasPassedJournalQc":"","hasAnyPriority":true,"hideJournal":true,"highlight":"","institution":"HCMC Open University","isAcceptedByJournal":false,"isAuthorSuppliedPdf":true,"isDeskRejected":"","isHiddenFromSearch":false,"isInQc":false,"isInWorkflow":true,"isPdf":true,"isPdfUpToDate":true,"isWithdrawnOrRetracted":false,"journal":{"display":true,"email":"
[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true},"keywords":"Post-Quantum Cryptography, ML-KEM, Topological Data Analysis, Physical Layer Security, Internet of Things, 6G Networks","lastPublishedDoi":"10.21203/rs.3.rs-9698022/v1","lastPublishedDoiUrl":"https://doi.org/10.21203/rs.3.rs-9698022/v1","license":{"name":"CC BY 4.0","url":"https://creativecommons.org/licenses/by/4.0/"},"manuscriptAbstract":"\u003cp\u003eThe advent of 6G and the Internet of Things (IoT) is severely threatened by quantum-empowered “Harvest-Now, Decrypt-Later” attacks. While the NIST FIPS 203 (ML-KEM) standard addresses this vulnerability, integrating it with post-quantum digital signatures (e.g., ML-DSA) within a traditional Public Key Infrastructure (PKI) imposes prohibitive memory and computational over heads on resource-constrained microcontrollers. Alternatively, Physical Layer Security (PLS) offers lightweight key generation, but traditionally struggles with ambient noise and active power-spoofing, necessitating computationally heavy error-correcting codes (e.g., BCH) that risk leaking key material. In this paper, we propose Topo-Kyber, a novel PKI-less, explicitly authenticated post-quantum key exchange protocol that synergizes Topological Data Analysis (TDA) with ML-KEM. By applying Min-Max normalization and mapping 1D Received Signal Strength Indicator (RSSI) time-series into state-space clouds, Topo-Kyber extracts robust homological invariants (Betti-0 and Betti-1 life times) via Vietoris-Rips filtration. This amplitude-invariant physical root-of-trust inherently neutralizes active power-matched spoofing and enables a lightweight Dithered Quantization Index Modulation (QIM) secure sketch, completely cir cumventing classical error correction. The derived physical seed is intrinsically bound to the ML-KEM encapsulation to guarantee explicit mutual authen tication and thwart active Man-in-the-Middle (MitM) attacks. We rigorously prove the protocol’s session-key security using the Game-Hopping methodology within the Canetti-Krawczyk framework. Hardware implementations on ARM Cortex-M4 (STM32) microcontrollers demonstrate that Topo-Kyber completes a secure mutual handshake in just 3.36 million cycles (roughly 20.0ms). By entirely bypassing post-quantum signatures, the protocol reduces computational latency by 69.8% and saves 16.8KiB of Flash memory compared to a pure PQ-TLS baseline, emerging as a highly scalable, quantum-resistant solution for ultra-constrained wireless ecosystems.\u003c/p\u003e","manuscriptTitle":"Topo-Kyber: A Lightweight Post-Quantum Authenticated Key Exchange using Topological Data Analysis over Physical Channels","msid":"","msnumber":"","nonDraftVersions":[{"code":1,"date":"2026-05-14 05:43:22","doi":"10.21203/rs.3.rs-9698022/v1","editorialEvents":[{"type":"communityComments","content":0}],"status":"published","journal":{"display":true,"email":"
[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true}}],"origin":"","ownerIdentity":"7810a785-ba77-4a1b-a104-a22dcd4da3b1","owner":[],"postedDate":"May 14th, 2026","published":true,"recentEditorialEvents":[],"rejectedJournal":[],"revision":"","amendment":"","status":"posted","subjectAreas":[],"tags":[],"updatedAt":"2026-05-14T05:43:22+00:00","versionOfRecord":[],"versionCreatedAt":"2026-05-14 05:43:22","video":"","vorDoi":"","vorDoiUrl":"","workflowStages":[]},"version":"v1","identity":"rs-9698022","journalConfig":"researchsquare"},"__N_SSP":true},"page":"/article/[identity]/[[...version]]","query":{"redirect":"/article/rs-9698022","identity":"rs-9698022","version":["v1"]},"buildId":"XKTyCvWXoU3ODBz1xrDgd","isFallback":false,"isExperimentalCompile":false,"dynamicIds":[84888],"gssp":true,"scriptLoader":[]}
Text is read by the "Ask this paper" AI Q&A widget below.
Extraction quality varies by source — PMC NXML preserves structure
cleanly, OA-HTML may include some navigation residue, and OA-PDF can
have broken hyphenation. The publisher copy
(via DOI)
is the canonical version.