[PDF] Towards Quantum-Safe VPNs and Internet | Semantic Scholar (2024)

This research lays the foundation for making DNSSEC, and protocols with similar constraints ready for PQC, and evaluates current candidate PQC signature algorithms in the third round of the NIST competition on their suitability for use in DNSSEC.

This research lays the foundation for making DNSSEC, and protocols with similar constraints ready for PQC, and evaluates current candidate PQC signature algorithms in the third round of the NIST competition on their suitability for use in DNSSEC.

The security challenges and approaches in 5G networks concerning network protocols, interfaces and management organizations are surveyed and the performance and technologies of post-quantum cryptography are discussed.

This work proposes a VPN solution enhanced by QKD for quantum-resistant encryption, it is implemented using IDQ Cerberis XGQKD devices, and its general-purpose capabilities are tested by performing an encrypted video-conference between two endpoints.

This paper presents a systematic mapping study of post-quantum hybrid KEXs, given insights into their characteristics, terminology, efficiency, security and open design challenges, and proposes a hybrid K EX classification taking into account several relevant design considerations associated to these schemes.

More agile design paradigms are required in developing new IT-systems, and in refactoring existing ones, in order to realize crypto-agility on a broad scale.

The National Institute of Standards and Technology (NIST)'s current understanding about the status of quantum computing and post-quantum cryptography is shared, and NIST’s initial plan to move forward is outlined.

New parameters and a better suited error distribution are proposed, the scheme’s hardness against attacks by quantum computers is analyzed in a conservative way, a new and more effi-cient error-reconciliation mechanism is introduced, and a defense against backdoors and all-for the price-of-one attacks is proposed.

This work demonstrates and evaluates how Niederreiter can be used for quantum-secure key exchanges by implementing it in OpenVPN, and provides parameters for 128-bit quantum security that result in almost 35% smaller keys than parameters currently available in literature.

This work demonstrates the practicality of post-quantum key exchange by constructing cipher suites for the Transport Layer Security (TLS) protocol that provide key exchange based on the ring learning with errors (R-LWE) problem, and accompanies these cipher suites with a rigorous proof of security.

Despite conventional wisdom that generic lattices might be too slow and unwieldy, it is demonstrated that LWE-based key exchange is quite practical: the authors' constant time implementation requires around 1.3ms computation time for each party; compared to the recent NewHope R-LWE scheme, communication sizes increase by a factor of 4.7x, but remain under 12 KiB in each direction.

Saber is introduced, a package of cryptographic primitives whose security relies on the hardness of the Module Learning With Rounding problem (Mod-LWR), and the design goals were simplicity, efficiency and flexibility.

This paper introduces Kyber, a portfolio of post-quantum cryptographic primitives built around a key-encapsulation mechanism (KEM), based on hardness assumptions over module lattices, and introduces a CPA-secure public-key encryption scheme and eventually construct, in a black-box manner, CCA-secure encryption, key exchange, and authenticated-key-exchange schemes.

...

...