Toward Quantum-Resistant Fog-IoT Security: A Dual-Phase Framework with Chaotic Elliptic-Curve Diffie-Hellman and Post-Quantum Encryption

The spread of Internet of Things (IoT) devices along with the distributed nature of fog computing has amplified the necessity for secure, efficient, and quantum-resistant communication protocols, especially in light of emerging quantum threats. This paper presents a two-phase security framework tailored for fog-IoT systems to enhance both data encryption and authentication. In the first phase, a novel lightweight authentication protocol is introduced by integrating the Elliptic-Curve Diffie-Hellman (ECDH) with the Lorenz chaotic system, resulting in highly unpredictable keys and increased resistance to cryptanalytic attacks. In the second phase, quantum-resilient data confidentiality is ensured using the CRYSTALS-Kyber algorithm. Extensive simulations were carried out to evaluate the effectiveness of the framework. Key randomness was statistically validated using the NIST SP 800-22 suite, yielding high -values (0.9414, 0.7659, and 0.9024), confirming strong entropy and cryptographic suitability. The CRYSTALS-Kyber component demonstrated practical performance with a key generation time of 35.64 ms, encryption time of 52.67 ms, and decryption time of 17.62 ms, surpassing comparable schemes in speed. Furthermore, the system maintained a low memory footprint of 71.13 KB and minimal CPU utilization at 7.5%, underscoring its lightweight design. These results confirm the feasibility, scalability, and efficiency of the proposed framework, making it a strong candidate for real-time and secure fog-IoT deployments under classical and quantum threat models.