scholarly journals Timing Analysis of Algorithm Substitution Attacks in a Post-Quantum TLS Protocol

2021 ◽  
Author(s):  
Dúnia Marchiori ◽  
Alexandre A. Giron ◽  
João Pedro A. do Nascimento ◽  
Ricardo Custódio
Keyword(s):  
Quantum Cryptography ◽  
Timing Analysis ◽  
Sensitive Information ◽  
Public Attention ◽  
Analysis Of Algorithm ◽  
Cryptographic Algorithm ◽  
Key Encapsulation Mechanism ◽  
Post Quantum Cryptography ◽  
Mass Surveillance

Snowden's revelations about mass surveillance brought to public attention devastating attacks on cryptographic algorithm implementations. One of the most prominent subsets of these attacks is called Algorithm Substitution Attacks (ASA), where a subverted implementation leaks sensitive information. Recently, it has been proposed to modify TLS implementations to use Post-Quantum Cryptography (PQC). In this paper, we propose and analyze ASA in two PQC schemes that can be used in TLS. We attacked the Kyber Key Encapsulation Mechanism (KEM) and Falcon Signature and successfully deployed them in a TLS implementation. Results show that timing analysis can distinguish our Falcon subversion, but it is not enough to detect our attacks deployed in TLS.

scholarly journals From Key Encapsulation to Authenticated Group Key Establishment—A Compiler for Post-Quantum Primitives †

Entropy ◽  
2019 ◽  
Vol 21 (12) ◽  
pp. 1183 ◽  
Author(s):  
Edoardo Persichetti ◽  
Rainer Steinwandt ◽  
Adriana Suárez Corona
Keyword(s):  
Quantum Cryptography ◽  
Signature Scheme ◽  
Key Establishment ◽  
Group Key ◽  
Generic Construction ◽  
Key Encapsulation Mechanism ◽  
Authenticated Group Key ◽  
Post Quantum Cryptography ◽  
Group Key Establishment

Assuming the availability of an existentially unforgeable signature scheme and an (IND- CCA secure) key encapsulation mechanism, we present a generic construction for group key establishment. The construction is designed with existing proposals for post-quantum cryptography in mind. Applied with such existing proposals and assuming their security, we obtain a quantum-safe three-round protocol for authenticated group key establishment that requires only one signature per protocol participant.

scholarly journals On the Performance and Security of Multiplication in GF(2N)

Cryptography ◽  
2018 ◽  
Vol 2 (3) ◽  
pp. 25 ◽  
Author(s):  
Jean-Luc Danger ◽  
Youssef El Housni ◽  
Adrien Facon ◽  
Cheikh Gueye ◽  
Sylvain Guilley ◽  
...  
Keyword(s):  
Quantum Cryptography ◽  
Cryptographic Algorithm ◽  
Post Quantum Cryptography

Multiplications in G F ( 2 N ) can be securely optimized for cryptographic applications when the integer N is small and does not match machine words (i.e., N < 32 ). In this paper, we present a set of optimizations applied to DAGS, a code-based post-quantum cryptographic algorithm and one of the submissions to the National Institute of Standards and Technology’s (NIST) Post-Quantum Cryptography (PQC) standardization call.

scholarly journals Decision Support System for Finding an Optimal Postquantum Key Encapsulation Mechanism. Part 2. Prototype Evaluation

2021 ◽  
Vol 7 (4) ◽  
pp. 78-84
Author(s):  
A. Vlasenko ◽  
M. Evsyukov ◽  
M. Putyato ◽  
A. Makaryan
Keyword(s):  
Decision Support ◽  
Decision Support System ◽  
Support System ◽  
Positive Impact ◽  
Economic Feasibility ◽  
Software Products ◽  
Cryptographic Algorithm ◽  
Key Encapsulation Mechanism ◽  
Efficiency Comparison ◽  
Post Quantum Cryptography

This is the final part of the series of articles devoted to the development of a decision support system for choosing the optimal post-quantum key encapsulation mechanism. Efficiency of the methodology proposed for choosing the optimal implementation of the post-quantum cryptographic algorithm is evaluated and substantiated. The economic feasibility of approach is shown and its positive impact on the quality of the cryptographic information protection subsystem is demonstrated. Efficiency comparison of the prototype of the decision support system with existing software products aimed at supporting decision-making in the field of information security is carried out. The consistency of prototype’s recommendations with the conclusions of analytical studies in the field of post-quantum cryptography is checked.

Optimizing BIKE for the Intel Haswell and ARM Cortex-M4

2021 ◽  
pp. 97-124
Author(s):  
Ming-Shing Chen ◽  
Tung Chou ◽  
Markus Krausz
Keyword(s):  
Quantum Cryptography ◽  
Constant Time ◽  
The Third ◽  
Level 3 ◽  
Key Encapsulation Mechanism ◽  
Standardization Process ◽  
Level 1 ◽  
Post Quantum Cryptography ◽  
Algorithm Level

BIKE is a key encapsulation mechanism that entered the third round of the NIST post-quantum cryptography standardization process. This paper presents two constant-time implementations for BIKE, one tailored for the Intel Haswell and one tailored for the ARM Cortex-M4. Our Haswell implementation is much faster than the avx2 implementation written by the BIKE team: for bikel1, the level-1 parameter set, we achieve a 1.39x speedup for decapsulation (which is the slowest operation) and a 1.33x speedup for the sum of all operations. For bikel3, the level-3 parameter set, we achieve a 1.5x speedup for decapsulation and a 1.46x speedup for the sum of all operations. Our M4 implementation is more than two times faster than the non-constant-time implementation portable written by the BIKE team. The speedups are achieved by both algorithm-level and instruction-level optimizations.

scholarly journals DAGS: Key encapsulation using dyadic GS codes

2018 ◽  
Vol 12 (4) ◽  
pp. 221-239 ◽  
Author(s):  
Gustavo Banegas ◽  
Paulo S. L. M. Barreto ◽  
Brice Odilon Boidje ◽  
Pierre-Louis Cayrel ◽  
Gilbert Ndollane Dione ◽  
...  
Keyword(s):  
Quantum Cryptography ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Competitive Performance ◽  
Key Encapsulation Mechanism ◽  
Post Quantum Cryptography ◽  
Areas Of Interest ◽  
Code Based Cryptography

Abstract Code-based cryptography is one of the main areas of interest for NIST’s Post-Quantum Cryptography Standardization call. In this paper, we introduce DAGS, a Key Encapsulation Mechanism (KEM) based on quasi-dyadic generalized Srivastava codes. The scheme is proved to be IND-CCA secure in both random oracle model and quantum random oracle model. We believe that DAGS will offer competitive performance, especially when compared with other existing code-based schemes, and represent a valid candidate for post-quantum standardization.

scholarly journals Network Coding-Based Post-Quantum Cryptography

2021 ◽  
pp. 1-1
Author(s):  
Alejandro Cohen ◽  
Rafael G. L. DrOliveira ◽  
Salman Salamatian ◽  
Muriel Medard
Keyword(s):  
Network Coding ◽  
Quantum Cryptography ◽  
Post Quantum Cryptography

Unsettled Topics Concerning the Impact of Quantum Technologies on Automotive Cybersecurity

2020 ◽  
Author(s):  
Joachim Taiber ◽  
Keyword(s):  
Quantum Computing ◽  
Quantum Cryptography ◽  
Research Report ◽  
Quantum Computers ◽  
Encrypted Data ◽  
Automated Vehicle ◽  
Vehicle Technologies ◽  
Post Quantum Cryptography ◽  
Vehicle Sensors ◽  
The Impact

Quantum computing is considered the “next big thing” when it comes to solving computational problems impossible to tackle using conventional computers. However, a major concern is that quantum computers could be used to crack current cryptographic schemes designed to withstand traditional cyberattacks. This threat also impacts future automated vehicles as they become embedded in a vehicle-to-everything (V2X) ecosystem. In this scenario, encrypted data is transmitted between a complex network of cloud-based data servers, vehicle-based data servers, and vehicle sensors and controllers. While the vehicle hardware ages, the software enabling V2X interactions will be updated multiple times. It is essential to make the V2X ecosystem quantum-safe through use of “post-quantum cryptography” as well other applicable quantum technologies. This SAE EDGE™ Research Report considers the following three areas to be unsettled questions in the V2X ecosystem: How soon will quantum computing pose a threat to connected and automated vehicle technologies? What steps and measures are needed to make a V2X ecosystem “quantum-safe?” What standardization is needed to ensure that quantum technologies do not pose an unacceptable risk from an automotive cybersecurity perspective?

Sign in / Sign up

Export Citation Format

Share Document