Post-quantum MACsec in Ethernet Networks
The demand on MACsec in Ethernet is increasing substantially since MACsec fits well for industrial applications which require strong security as well as efficiency. To provide a long-term security, the MACsec protocol should be resistant to future attacks including quantum attacks. In this paper, MACsec is analysed under a quantum attack scenario. To achieve 128-bit quantum security, AES (Advanced Encryption Standard) algorithms defined in MACsec should mandate to use 256-bit keys. On the other hand, classical public-key cryptosystems in MKA are not secure at all against quantum attacks so that they need to be replaced by post-quantum crypto schemes in a quantum world. We propose an authenticated post-quantum key establishment protocol which is suitable for long-term secure MACsec. The proposed protocol is used in the hybrid mode, an ephemeral key exchange, and an end-to-end encryption. We verified by experiments that the proposed protocol can be deployed in existing a MACsec-enabled Ethernet network.