Enhancing TLS Security with Post-Quantum Key Exchange Using Ring Learning with Errors π
Discover how the Ring Learning with Errors problem enables post-quantum secure key exchange for the TLS protocol, strengthening future internet security.
IEEE Symposium on Security and Privacy
2.1K views β’ Sep 12, 2015
About this video
Post-Quantum Key Exchange for the TLS Protocol from the Ring Learning with Errors Problem
Douglas Stebila
Presented at the
2015 IEEE Symposium on Security & Privacy
May 18--20, 2015
San Jose, CA
http://www.ieee-security.org/TC/SP2015/
ABSTRACT
Lattice-based cryptographic primitives are believed to offer resilience against attacks by quantum computers. We demonstrate the practicality of post-quantum key exchange by constructing cipher suites for the Transport Layer Security (TLS) protocol that provide key exchange based on the ring learning with errors (R-LWE) problem, we accompany these cipher suites with a rigorous proof of security. Our approach ties lattice-based key exchange together with traditional authentication using RSA or elliptic curve digital signatures: the post-quantum key exchange provides forward secrecy against future quantum attackers, while authentication can be provided using RSA keys that are issued by today's commercial certificate authorities, smoothing the path to adoption. Our cryptographically secure implementation, aimed at the 128-bit security level, reveals that the performance price when switching from non-quantum-safe key exchange is not too high. With our R-LWE cipher suites integrated into the Open SSL library and using the Apache web server on a 2-core desktop computer, we could serve 506 RLWE-ECDSA-AES128-GCM-SHA256 HTTPS connections per second for a 10 KiB payload. Compared to elliptic curve Diffie-Hellman, this means an 8 KiB increased handshake size and a reduction in throughput of only 21%. This demonstrates that provably secure post-quantum key-exchange can already be considered practical.
Douglas Stebila
Presented at the
2015 IEEE Symposium on Security & Privacy
May 18--20, 2015
San Jose, CA
http://www.ieee-security.org/TC/SP2015/
ABSTRACT
Lattice-based cryptographic primitives are believed to offer resilience against attacks by quantum computers. We demonstrate the practicality of post-quantum key exchange by constructing cipher suites for the Transport Layer Security (TLS) protocol that provide key exchange based on the ring learning with errors (R-LWE) problem, we accompany these cipher suites with a rigorous proof of security. Our approach ties lattice-based key exchange together with traditional authentication using RSA or elliptic curve digital signatures: the post-quantum key exchange provides forward secrecy against future quantum attackers, while authentication can be provided using RSA keys that are issued by today's commercial certificate authorities, smoothing the path to adoption. Our cryptographically secure implementation, aimed at the 128-bit security level, reveals that the performance price when switching from non-quantum-safe key exchange is not too high. With our R-LWE cipher suites integrated into the Open SSL library and using the Apache web server on a 2-core desktop computer, we could serve 506 RLWE-ECDSA-AES128-GCM-SHA256 HTTPS connections per second for a 10 KiB payload. Compared to elliptic curve Diffie-Hellman, this means an 8 KiB increased handshake size and a reduction in throughput of only 21%. This demonstrates that provably secure post-quantum key-exchange can already be considered practical.
Video Information
Views
2.1K
Likes
29
Duration
17:06
Published
Sep 12, 2015
User Reviews
4.4
(2) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.