This work identifies a fundamental flaw in quantum remote memory attestation for IoT devices: its security model is inherently incompatible with classical memory attestation, and this limitation persists even when devices possess quantum computational capabilities. To address this, the paper first establishes a structural distinction between quantum and classical memory proofs. It then introduces the first quantum-enhanced classical memory attestation framework—designed to maintain full compatibility with classical hardware while simultaneously achieving high communication efficiency and resilience against malicious or compromised devices. Leveraging quantum information theory and hybrid protocol design, the authors uncover multiple critical security vulnerabilities in existing schemes. Their new protocol reduces communication overhead by approximately 40%, significantly improves detection sensitivity to memory tampering, and provides rigorous information-theoretic security guarantees.

In this article we uncover flaws and pitfalls of a quantum-based remote memory attestation procedure for Internet-of-Things devices. We also show limitations of quantum memory that suggests the attestation problem for quantum memory is fundamentally different to the attestation problem for classical memory, even when the devices can perform quantum computation. The identified problems are of interest for quantum-based security protocol designers in general, particularly those dealing with corrupt devices. Finally, we make use of the lessons learned to design a quantum-based attestation system for classical memory with improved communication efficiency and security.