Ngo Trung Kien, PhD

Ngo Trung Kien, PhD

Researcher in VLC/WiFi Hybrid Networks, Quantum Communications, Quantum-Safe IoT Security, and Agentic AI

Quantum-Safe Security Meets Visible Light Communication: Where VLC Fits in Future-Proof IoT Networks

5 minute read

Published:

VLC is often described as “naturally secure” because light does not penetrate walls like RF. That’s a useful intuition—but security engineering needs a more precise view.

In this post, I connect two threads:

  1. Quantum-era security (post‑quantum cryptography, and—where feasible—quantum key distribution)
  2. Visible Light Communication (VLC) as a practical indoor optical wireless platform, especially in dense IoT environments like smart buildings and smart agriculture.

1) Security properties VLC gives you “for free”

VLC’s physical layer can reduce some threat surfaces compared to RF:

  • Spatial confinement: line‑of‑sight and limited leakage through walls can reduce passive eavesdropping range.
  • High directionality (in some setups): receiver FOV and luminaire placement can constrain where an attacker can listen.
  • Infrastructure dual‑use: lighting + communications can simplify deployment and enforcement zones.

But VLC is not magically secure:

  • Reflections (glass, polished surfaces) can leak signals.
  • Windows can leak light to the outside.
  • Malicious receivers can be placed inside the room.
  • Jamming is still possible (bright light sources, flicker attacks, saturation).

So VLC helps, but should be treated as a security amplifier, not a replacement for cryptography.

2) What quantum changes for VLC-based IoT

Quantum computing does not “attack VLC” directly. It attacks the cryptographic primitives that you use on top of VLC (and RF):

  • ECDH/ECDSA used for onboarding, key exchange, certificates
  • long-term identity keys used across device lifetimes

This matters because many VLC deployments are envisioned for:

  • dense, long-lived IoT (smart buildings)
  • controlled environments agriculture (greenhouses)
  • hybrid VLC/RF networks with mobility and handovers

If device lifetimes are long, the risk of harvest now, decrypt later applies regardless of whether the bits travel over VLC or RF.

3) A useful mental model: three layers of defense

Layer A — Physical confinement (VLC advantage)

VLC can reduce who can “hear” you.

Layer B — Cryptography (must be quantum-safe over time)

Use post-quantum (or hybrid) key establishment so recorded traffic stays confidential later.

Layer C — System lifecycle controls

Provisioning, firmware updates, key rotation, and monitoring determine whether the security stays intact for years.

A good design uses all three.

4) Where quantum-safe cryptography fits in a VLC deployment

4.1 Commissioning / onboarding

Commissioning is a common weak spot in IoT.

VLC can help because you can do in-room onboarding where a device must physically be present to receive a bootstrap secret (e.g., a short-lived enrollment token).

Quantum-safe upgrade:

  • Use a hybrid key exchange (classical + PQC KEM) during onboarding.
  • Keep the enrollment window short and auditable.

For data links over VLC, you typically still use symmetric encryption for payloads.

Quantum-safe upgrade:

  • Replace ECDH with PQC KEM (or hybrid) for deriving session keys.
  • Consider AES‑256 for long‑term confidentiality margins.

4.3 Identity, signatures, and firmware updates

Even if VLC reduces eavesdropping, firmware signing keys remain critical.

Quantum-safe upgrade:

  • Prepare the update pipeline to support PQC (or hybrid) signatures for firmware and metadata.

5) Can VLC be used for Quantum Key Distribution (QKD)?

QKD distributes keys using quantum states of light. It offers a different security promise: eavesdropping attempts disturb quantum states and can be detected (under the assumptions of the QKD protocol and implementation).

How this relates to VLC:

  • VLC is an optical wireless channel in indoor environments.
  • QKD is typically done with single-photon-level sources and specialized detectors.

Important practical note:

  • Standard VLC LEDs and receivers are not QKD hardware. So QKD is not a drop-in “software upgrade” for VLC.

However, VLC research and deployments can still be relevant:

  • Shared geometry and infrastructure: indoor optical paths, alignment, and line-of-sight planning are common concerns.
  • Hybrid optical setups: a building (or greenhouse) could carry data over VLC and distribute keys over a parallel optical quantum channel (often in a different wavelength band) when the economics and hardware make sense.
  • Key distribution to gateways: even if end devices are constrained, QKD might be feasible between fixed infrastructure nodes (e.g., gateway ↔ server room) rather than every sensor.

In many real deployments, PQC will be the first quantum-safe step, while QKD remains a research/strategic option for high-assurance zones.

6) A concrete architecture example: Smart greenhouse (VLC + quantum-safe security)

A greenhouse is attractive for VLC because grow lights already exist and RF interference constraints can be real.

A pragmatic, quantum-safe architecture looks like:

  1. Sensors/actuators connect to a local controller/gateway (VLC or hybrid VLC/RF)
  2. Gateway ↔ cloud uses TLS with hybrid/PQC key exchange
  3. Device onboarding happens physically inside the greenhouse, using a short-range optical enrollment step
  4. Firmware updates are signed with a scheme that is planned for PQC migration

Why this works:

  • VLC helps enforce physical presence and reduces passive attack radius.
  • PQC/hybrid protects long-term confidentiality even if traffic is recorded.
  • The gateway concentrates heavier crypto where you have compute headroom.

7) Open research questions at the intersection (good blog+paper topics)

  • Handover security in hybrid VLC/RF: how to do quantum-safe rekeying without energy/bandwidth spikes.
  • Optical side-channels and leakage: reflections, windows, and multi-path modeling for adversaries.
  • Quantum-safe group keying for dense IoT clusters under tight MTU constraints.
  • Energy-aware PQC: measurement-driven profiles on common IoT MCUs.
  • Secure localization + VLC: combining positioning and security (and where it can fail).

Takeaway

VLC can reduce exposure, but cryptography must still be future-proof. The clean way to connect “quantum” and “VLC” in IoT is:

  • use VLC’s physical properties to harden onboarding and reduce passive interception, and
  • adopt post‑quantum (or hybrid) key establishment and signatures to keep security intact over long device lifetimes.

You May Also Enjoy

VLC in 6G Networks: From Laboratory Innovation to Real-World Infrastructure

VLC in 6G Networks: From Laboratory Innovation to Real-World Infrastructure

4 minute read

Published:

As we move closer to the 6G era (expected around 2030), Visible Light Communication (VLC) is evolving from a promising laboratory technology into a core component of next-generation wireless infrastructure. In this post, I share my perspective on where VLC fits in the 6G puzzle — and why hybrid VLC/RF systems are the key to unlocking its potential.

The Open-Source AI Renaissance: Rivaling Proprietary Giants

The Open-Source AI Renaissance: Rivaling Proprietary Giants

1 minute read

Published:

The narrative that “proprietary is better” in Artificial Intelligence is officially dead. By early 2026, the gap between closed-source giants and the open-source community has not just narrowed—it has effectively closed.

The Future of Agentic AI in Agriculture: Research Roadmap 2026-2030

The Future of Agentic AI in Agriculture: Research Roadmap 2026-2030

2 minute read

Published:

As we advance our AGRIFARM-AI project, I want to share our research vision for the next five years. The convergence of agentic AI, multi-agent systems, and precision agriculture opens unprecedented opportunities for autonomous food production.