Sponsor: EPITA
Supervisor: L. Perret
Context
Quantum technologies are challenging today’s digital security. The potential emergence of a large quantum computer will make obsolete current public-key standards (such as RSA, Dife-Hellman, ECDSA, . . . ), that form the backbone of current digital security [6].
There are two complementary approaches to circumvent the quantum threat and provide quantum-safe communications: post-quantum cryptography (PQC, e.g. [3]) and quantum cryptography with, in particular, Quantum Key Distribution (QKD, e.g. [2]). The security of PQC relies on the computational hardness of new algorithmic problems (considering both classical and quantum adversaries). Whereas the security of QKD holds assuming the validity of quantum physics laws.
In theory, QKD ofers the maximum level of security but there exist practical limitations to current technologies limiting current practical QKD technologies to distances of up to about 100km between nodes that have to be physically secure (so-called “trusted nodes”). In the future, quantum repeaters and new techniques should be able to increase such distances, but at present these are still being researched and not about to emerge as practical technologies. The most important next step to make towards practical quantum-safe communications is
to combine PQC and QKD in a secure manner.
The primary goal of this project is to develop a comprehensive suite of software tools designed to compare and evaluate existing protocols that combine PQC and QKD. Potentially, this could lead to propose improved or even new protocols.
Objectives
As a starting point, we will consider the authentication problem is a QKD-network and the Hybrid Authenticated Key Exhange protocol as introduced by Dowling, Hansen and Paterson in [5]. In particular, Muckle is a new QKD-based HAKE that generates a shared secret-key by combining QKD with a post-quantum Key Encapsulation Mechanism (KEM). A limitation of Muckle is that it assumes the existence of a pre-shared key for authentication which is not a scalable option.
In PQCrypto 2023, Bruckner, Ramacher and Striecks proposed [4] an improved version Muckle, dubbed Muckle+, that is particularly useful in large quantum-safe networks utilizing post-quantum digital signatures. However, available instantiations of such signatures schemes are not yet efcient enough compared to their post-quantum key-encapsulation mechanism (KEM) counterparts, particularly in large networks with potentially several connections in a short period of time. To mitigate this gap, the authors of [1] proposed Muckle# that pushes the efciency boundaries of currently known HAKE constructions using post-quantum key-encapsulating mechanisms for implicit authentication.
The goal of this project is to develop software tools for implementing and benchmarking Muckle+ and Muckle#.
References
[1] C. Battarbee, C. Striecks, L. Perret, S. Ramacher, and K. Verhaeghe. Quantum-safe hybrid key exchanges with kem-based authentication. CoRR, abs/2411.04030, 2024.
[2] C. Bennett and G. Brassard. Quantum Cryptography: Public Key Distribution and Coin Tossing. volume 560, pages 175–179, 01 1984.
[3] D. J. Bernstein, J. Buchmann, and E. Dahmen, editors. Post-quantum cryptography. Mathematics and Statistics. Springer, 2009.
[4] S. Bruckner, S. Ramacher, and C. Striecks. Muckle+: End-to-end hybrid authenticated key exchanges. In T. Johansson and D. Smith-Tone, editors, Post-Quantum Cryptography - 14th International Workshop, PQCrypto 2023, College Park, MD, USA, August 16-18, 2023, Proceedings, volume 14154 of Lecture Notes in Computer Science, pages 601–633. Springer, 2023.
[5] B. Dowling, T. B. Hansen, and K. G. Paterson. Many a Mickle Makes a Muckle: A Framework for Provably Quantum-Secure Hybrid Key Exchange. In J. Ding and J. Tillich, editors, Post-Quantum Cryptography - 11th International Conference, PQCrypto 2020, Paris, France, April 15-17, 2020, Proceedings, volume 12100 of Lecture Notes in Computer Science, pages 483–502. Springer, 2020.
[6] P. W. Shor. Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer. SIAM J. Comput., 26(5):1484–1509, 1997.