Distributed Symmetric Key Establishment: A scalable, quantum-proof key distribution system

• URL: http://arxiv.org/abs/2205.00615v4
• Date: Tue, 30 Jul 2024 01:21:58 GMT
• Title: Distributed Symmetric Key Establishment: A scalable, quantum-proof key distribution system
• Authors: Hoi-Kwong Lo, Mattia Montagna, Manfred von Willich,
• Abstract summary: We propose and implement a protocol for a scalable, cost-effective, information-theoretically secure key distribution and management system. The system, called Distributed Symmetric Key Establishment (DSKE), relies on pre-shared random numbers between DSKE clients and a group of Security Hubs.
• Score: 0.8192907805418583
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: We propose and implement a protocol for a scalable, cost-effective, information-theoretically secure key distribution and management system. The system, called Distributed Symmetric Key Establishment (DSKE), relies on pre-shared random numbers between DSKE clients and a group of Security Hubs. Any group of DSKE clients can use the DSKE protocol to distill from the pre-shared numbers a secret key. The clients are protected from Security Hub compromise via a secret sharing scheme that allows the creation of the final key without the need to trust individual Security Hubs. Precisely, if the number of compromised Security Hubs does not exceed a certain threshold, confidentiality is guaranteed to DSKE clients and, at the same time, robustness against denial-of-service (DoS) attacks. The DSKE system can be used for quantum-secure communication, can be easily integrated into existing network infrastructures, and can support arbitrary groups of communication parties that have access to a key. We discuss the high-level protocol, analyze its security, including its robustness against disruption. A proof-of-principle demonstration of secure communication between two distant clients with a DSKE-based VPN using Security Hubs on Amazon Web Server (AWS) nodes thousands of kilometres away from them was performed, demonstrating the feasibility of DSKE-enabled secret sharing one-time-pad encryption with a data rate above 50 Mbit/s and a latency below 70 ms.

Related papers

• Distributed Symmetric Key Establishment: a Scalable Quantum-Safe Key Distribution Protocol [4.1010893028706255]
  Pre-shared keys (PSK) have been widely used in network security. Existing PSK solutions are not scalable. We propose a new protocol called Distributed Symmetric Key Establishment (DSKE)
  arXiv  Detail & Related papers  (2024-07-30T16:55:17Z)
• The Power of Bamboo: On the Post-Compromise Security for Searchable Symmetric Encryption [43.669192188610964]
  Dynamic searchable symmetric encryption (DSSE) enables users to delegate the keyword search over dynamically updated databases to an honest-but-curious server. This paper studies a new and practical security risk to DSSE, namely, secret key compromise. We introduce the notion of searchable encryption with key-update (SEKU) that provides users with the option of non-interactive key updates.
  arXiv  Detail & Related papers  (2024-03-22T09:21:47Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
  Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
  arXiv  Detail & Related papers  (2024-01-17T00:56:23Z)
• Practical quantum secure direct communication with squeezed states [55.41644538483948]
  We report the first table-top experimental demonstration of a CV-QSDC system and assess its security. This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
  arXiv  Detail & Related papers  (2023-06-25T19:23:42Z)
• Composable Security of Distributed Symmetric Key Establishment Protocol [4.806505912512235]
  We show the composable security of the DSKE protocol in the constructive cryptography framework of Maurer. As DSKE is scalable in a network setting with no distance limit, it is expected to be a cost-effective quantum-safe solution to safeguarding the network security against the threat of quantum computers.
  arXiv  Detail & Related papers  (2023-04-26T19:14:52Z)
• Establishing shared secret keys on quantum line networks: protocol and security [0.0]
  We show the security of multi-user key establishment on a single line of quantum communication. We consider a quantum communication architecture where qubit generation and measurement happen at the two ends of the line.
  arXiv  Detail & Related papers  (2023-04-04T15:35:23Z)
• First demonstration of a post-quantum key-exchange with a nanosatellite [58.579141089302816]
  We demonstrate a post-quantum key-exchange with the nanosatellite SpooQy-1 in low Earth orbit using Kyber-512. This implementation demonstrates the feasibility of a quantum-safe authenticated key-exchange and encryption system on SWaP constrained nanosatellites.
  arXiv  Detail & Related papers  (2022-06-02T10:45:27Z)
• Experimental symmetric private information retrieval with measurement-device-independent quantum network [2.549884936158282]
  We report a realisation of provably-secure SPIR supported by a quantum-secure key-exchange network. The SPIR scheme looks at biometric security, offering secure retrieval of 582-byte fingerprint files from a database with 800 entries.
  arXiv  Detail & Related papers  (2021-09-27T06:56:45Z)
• Practical quantum multiparty signatures using quantum-key-distribution networks [0.0]
  We develop an unconditionally secure signature scheme that guarantees authenticity and transferability of arbitrary length messages in a quantum key distribution network. We provide a comprehensive security analysis of the developed scheme, perform an optimization of the scheme parameters with respect to the secret key consumption, and demonstrate that the developed scheme is compatible with the capabilities of currently available QKD devices.
  arXiv  Detail & Related papers  (2021-07-27T17:41:40Z)
• Experimental quantum conference key agreement [55.41644538483948]
  Quantum networks will provide multi-node entanglement over long distances to enable secure communication on a global scale. Here we demonstrate quantum conference key agreement, a quantum communication protocol that exploits multi-partite entanglement. We distribute four-photon Greenberger-Horne-Zeilinger (GHZ) states generated by high-brightness, telecom photon-pair sources across up to 50 km of fibre.
  arXiv  Detail & Related papers  (2020-02-04T19:00:31Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.