Quantum-Resilient IoT Energy Metering on Blockchain: A Secure Framework of Real-Time Monitoring with Artificial Intelligence-Driven Analytics

Q: Why permissioned blockchain instead of public?

Public blockchains add cost and latency that smart-grid telemetry cannot absorb. Permissioned ledgers give you tamper-evidence and auditability without the consensus overhead, with the trust assumption already matching utility-grade deployments.

Q: Can ESP8266 really run Dilithium-III?

It is tight but feasible with careful implementation. Signature generation is the constrained step; verification is comfortable. The framework places the heavy operations on the gateway, not the sensor.

Q: How does this compare to NIST PQC migration timeline?

NIST CNSA 2.0 timeline calls for PQC adoption in critical infrastructure by 2030 to 2033. This framework is a deployable preview of what compliance looks like in practice.

Q: Is the AI layer doing anything novel?

The novelty is in the integration: anomaly detection over PQC-protected telemetry, with the RL layer optimising resource allocation under genuinely tamper-evident inputs. The individual ML pieces are standard.

Q: How does this connect to my IETF and ISA99 work?

Directly. PQ-EDHOC is the key-exchange layer this framework would use for device onboarding. ISA99 and 62443 are the security-management framework the deployment lives inside. This paper is the integration test.

Shujaatali Badami

Home / Research / Quantum-Resilient IoT Metering

Smart meters, built for the day quantum breaks RSA.

A hybrid post-quantum, AI-driven, blockchain-anchored energy metering framework that survives the harvest-now-decrypt-later threat model and still costs under fifty dollars per node.

Shujaatali Badami ·Lead author of 6 ·Springer NGCCOM · 2025 ·15 September 2025 ·~7 min read

At a glance

VenueSpringer NGCCOM2025 (accepted)

PQC primitivesKyber-1024 + Dilithium-IIINIST PQC selections

Throughput1850 TPSpermissioned blockchain

Anomaly detection97.8% F1AI analytics layer

Latency<300 mssense to ledger

Cost per node<$50Arduino + ESP8266 + sensor

Conference ↗ Cite All publications

Abstract, verbatim

Internet of Things, blockchain technology, and quantum computing convergence are offering more opportunities to implement secure and intelligent energy management systems. The paper proposes a Quantum-Resilient IoT Energy Metering Framework, combining Arduino-powered smart meters, post-quantum cryptography and AI-assisted analytics to secure real-time energy measurement. The system uses an Arduino Uno microcontroller, ACS712 Hall-effect sensor and ESP8266 Wi-Fi component to collect data, and uses lattice-based cryptographic primitives (CRYSTALS-Kyber and CRYSTALS-Dilithium) to provide quantum-safe data communication to blockchain-based cloud platforms. Measurement accuracy of 95 to 98 percent with sub-0.3-second latency has been experimentally validated, with throughput of 1850 TPS, 97.8 percent F1-score on anomaly detection and reinforcement-learning-based resource allocation cutting energy consumption by 23 percent.

01Harvest now, decrypt later, today

The smart-meter problem is not just about today's adversaries. It is about tomorrow's. Every encrypted billing record, consumption pattern, grid-control message you transmit today using RSA or ECC can be archived by a patient adversary and decrypted in fifteen years when a cryptographically-relevant quantum computer exists. That is the harvest-now-decrypt-later threat, and it is already happening.

For energy infrastructure the implications are concrete. Consumption data exposes occupancy patterns. Grid telemetry exposes operational margins. Both are intelligence assets. RSA and ECC have to go before they are broken, not after.

02The architecture, top to bottom

Six layers, each accepting the constraints of the next:

Sensing. Arduino Uno with an ACS712 Hall-effect current sensor. Sub-cent accuracy, five dollars in parts.
Connectivity. ESP8266 Wi-Fi for backhaul, picked for the deployment cost rather than the prestige.
Cryptography. CRYSTALS-Kyber-1024 for key encapsulation, CRYSTALS-Dilithium-III for signatures. Both are NIST PQC selections, both run acceptably on ESP-class silicon.
Ledger. Permissioned blockchain for tamper-evident auditability without the energy cost of public PoW.
Analytics. AI layer for anomaly detection and reinforcement-learning-driven resource allocation.
Operations. Real-time dashboards over the analytics outputs.

03What the numbers actually look like

"Quantum-resistant does not have to mean cloud-grade. The whole stack fits in fifty dollars of components and answers in under 300 milliseconds."

Headline measurements from the experimental deployment: 95 to 98 percent measurement accuracy, sub-300 ms end-to-end latency, 1850 TPS through the permissioned chain, 97.8 percent F1 on anomaly detection, 23 percent energy reduction from the RL-based resource allocator. The cost-per-node target of under fifty dollars is what makes this deployable at residential scale, not just industrial.

04Why this matters for standards work

This is the application layer of the same standards stack I work on at IETF (PQ-EDHOC) and ISA99 (IEC 62443). Kyber and Dilithium are the cryptographic primitives PQ-EDHOC is wiring into LAKE-style key establishment. The paper shows what an end-to-end quantum-resilient IoT deployment looks like once those standards are in place.

FAQWhat people ask me about this paper

Q1Why permissioned blockchain instead of public?

Public blockchains add cost and latency that smart-grid telemetry cannot absorb. Permissioned ledgers give you tamper-evidence and auditability without the consensus overhead, with the trust assumption already matching utility-grade deployments.

Q2Can ESP8266 really run Dilithium-III?

It is tight but feasible with careful implementation. Signature generation is the constrained step; verification is comfortable. The framework places the heavy operations on the gateway, not the sensor.

Q3How does this compare to NIST PQC migration timeline?

NIST CNSA 2.0 timeline calls for PQC adoption in critical infrastructure by 2030 to 2033. This framework is a deployable preview of what compliance looks like in practice.

Q4Is the AI layer doing anything novel?

The novelty is in the integration: anomaly detection over PQC-protected telemetry, with the RL layer optimising resource allocation under genuinely tamper-evident inputs. The individual ML pieces are standard.

Q5How does this connect to my IETF and ISA99 work?

Directly. PQ-EDHOC is the key-exchange layer this framework would use for device onboarding. ISA99 and 62443 are the security-management framework the deployment lives inside. This paper is the integration test.

CITEHow to cite this paper

@inproceedings{badami2025qriot,
  author    = {Shujaatali Badami and others},
  title     = {Quantum-Resilient IoT Energy Metering on Blockchain: A Secure Framework of Real-Time Monitoring with Artificial Intelligence-Driven Analytics},
  booktitle = {Springer NGCCOM 2025},
  year      = {2025},
  publisher = {Springer}
}

S. Badami et al., "Quantum-Resilient IoT Energy Metering on Blockchain: A Secure Framework of Real-Time Monitoring with Artificial Intelligence-Driven Analytics," in Springer NGCCOM 2025, 2025.

Badami, S., et al. (2025). Quantum-Resilient IoT Energy Metering on Blockchain: A Secure Framework of Real-Time Monitoring with Artificial Intelligence-Driven Analytics. In Springer NGCCOM 2025.

TY  - CONF
AU  - Badami, Shujaatali
TI  - Quantum-Resilient IoT Energy Metering on Blockchain: A Secure Framework of Real-Time Monitoring with Artificial Intelligence-Driven Analytics
T2  - Springer NGCCOM 2025
PB  - Springer
PY  - 2025
ER  -

At a glance

01Harvest now, decrypt later, today

02The architecture, top to bottom

03What the numbers actually look like

04Why this matters for standards work

FAQWhat people ask me about this paper

CITEHow to cite this paper

SEE ALSORelated work in this portfolio

Quantum kernels for ICS anomaly detection

Lightweight oneM2M for IoT

AI-optimised VLSI for sustainable IoT