A Framework for Migrating to Post-Quantum Cryptography: Security Dependency Analysis and Case Studies
- URL: http://arxiv.org/abs/2307.06520v2
- Date: Wed, 21 Feb 2024 22:53:40 GMT
- Title: A Framework for Migrating to Post-Quantum Cryptography: Security Dependency Analysis and Case Studies
- Authors: Khondokar Fida Hasan, Leonie Simpson, Mir Ali Rezazadeh Baee, Chadni Islam, Ziaur Rahman, Warren Armstrong, Praveen Gauravaram, Matthew McKague,
- Abstract summary: cryptography, once deemed secure for decades, are now at risk of being compromised.
There is an urgent need to migrate to quantum-resistant cryptographic systems.
We present a comprehensive framework designed to assist enterprises with this transition.
- Score: 3.890207460112498
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Quantum computing is emerging as a significant threat to information protected by widely used cryptographic systems. Cryptographic methods, once deemed secure for decades, are now at risk of being compromised, posing a massive threat to the security of sensitive data and communications across enterprises worldwide. As a result, there is an urgent need to migrate to quantum-resistant cryptographic systems. This is no simple task. Migrating to a quantum-safe state is a complex process, and many organisations lack the in-house expertise to navigate this transition without guidance. In this paper, we present a comprehensive framework designed to assist enterprises with this migration. Our framework outlines essential steps involved in the cryptographic migration process, and leverages existing organisational inventories. The framework facilitates the efficient identification of cryptographic assets and can be integrated with other enterprise frameworks smoothly. To underscore its practicality and effectiveness, we have incorporated case studies that utilise graph-theoretic techniques to pinpoint and assess cryptographic dependencies. This is useful in prioritising crypto-systems for replacement.
Related papers
- Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC)
ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic.
We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
arXiv Detail & Related papers (2024-11-21T18:26:05Z) - CryptoFormalEval: Integrating LLMs and Formal Verification for Automated Cryptographic Protocol Vulnerability Detection [41.94295877935867]
We introduce a benchmark to assess the ability of Large Language Models to autonomously identify vulnerabilities in new cryptographic protocols.
We created a dataset of novel, flawed, communication protocols and designed a method to automatically verify the vulnerabilities found by the AI agents.
arXiv Detail & Related papers (2024-11-20T14:16:55Z) - Revocable Encryption, Programs, and More: The Case of Multi-Copy Security [48.53070281993869]
We show the feasibility of revocable primitives, such as revocable encryption and revocable programs.
This suggests that the stronger notion of multi-copy security is within reach in unclonable cryptography.
arXiv Detail & Related papers (2024-10-17T02:37:40Z) - Formalizing the Cryptographic Migration Problem [2.4739484546803334]
transitioning to post-quantum cryptography is becoming increasingly critical to maintain the security of modern systems.
This paper introduces a formal definition of the cryptographic migration problem and explores its complexities using a suitable directed graph model.
arXiv Detail & Related papers (2024-08-12T08:47:19Z) - A Security Assessment tool for Quantum Threat Analysis [34.94301200620856]
The rapid advancement of quantum computing poses a significant threat to many current security algorithms used for secure communication, digital authentication, and information encryption.
A sufficiently powerful quantum computer could potentially exploit vulnerabilities in these algorithms, rendering data in insecure transit.
This work developed a quantum assessment tool for organizations, providing tailored recommendations for transitioning their security protocols into a post-quantum world.
arXiv Detail & Related papers (2024-07-18T13:58:34Z) - The Latency Price of Threshold Cryptosystem in Blockchains [52.359230560289745]
We study the interplay between threshold cryptography and a class of blockchains that use Byzantine-fault tolerant (BFT) consensus protocols.
Existing approaches for threshold cryptosystems introduce a latency overhead of at least one message delay for running the threshold cryptographic protocol.
We propose a mechanism to eliminate this overhead for blockchain-native threshold cryptosystems with tight thresholds.
arXiv Detail & Related papers (2024-07-16T20:53:04Z) - Evaluation Framework for Quantum Security Risk Assessment: A Comprehensive Strategy for Quantum-Safe Transition [0.03749861135832072]
The rise of large-scale quantum computing poses a significant threat to traditional cryptographic security measures.
Quantum attacks undermine current asymmetric cryptographic algorithms, rendering them ineffective.
This study explores the challenges of migrating to quantum-safe cryptographic states.
arXiv Detail & Related papers (2024-04-12T04:18:58Z) - Cryptanalysis and improvement of multimodal data encryption by
machine-learning-based system [0.0]
encryption algorithms to accommodate varied requirements of this field.
Best approach to analyzing an encryption algorithm is to identify a practical and efficient technique to break it.
arXiv Detail & Related papers (2024-02-24T10:02:21Z) - When Quantum Information Technologies Meet Blockchain in Web 3.0 [86.91054991998273]
We introduce a quantum blockchain-driven Web 3.0 framework that provides information-theoretic security for decentralized data transferring and payment transactions.
We discuss the potential applications and challenges of implementing quantum blockchain in Web 3.0.
arXiv Detail & Related papers (2022-11-29T05:38:42Z) - NEQRX: Efficient Quantum Image Encryption with Reduced Circuit Complexity [2.7985570786346745]
We propose an efficient implementation scheme for a quantum image encryption algorithm combining the generalized affine transform and logistic map.
We achieve a remarkable 50% reduction in cost while maintaining security and efficiency.
arXiv Detail & Related papers (2022-04-14T10:15:23Z) - Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance.
We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems.
We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.