Migrating Software Systems towards Post-Quantum-Cryptography -- A Systematic Literature Review
- URL: http://arxiv.org/abs/2404.12854v2
- Date: Mon, 24 Jun 2024 09:49:46 GMT
- Title: Migrating Software Systems towards Post-Quantum-Cryptography -- A Systematic Literature Review
- Authors: Christian Näther, Daniel Herzinger, Stefan-Lukas Gazdag, Jan-Philipp Steghöfer, Simon Daum, Daniel Loebenberger,
- Abstract summary: A migration to post-quantum-cryptography (PQC) is necessary for networks and their components.
Recent standardization efforts already push quantum-safe networking forward.
However, the literature is still not in consensus about definitions and best practices.
- Score: 2.4739484546803334
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Networks such as the Internet are essential for our connected world. Quantum computing poses a threat to this heterogeneous infrastructure since it threatens fundamental security mechanisms. Therefore, a migration to post-quantum-cryptography (PQC) is necessary for networks and their components. At the moment, there is little knowledge on how such migrations should be structured and implemented in practice. Our systematic literature review addresses migration approaches for IP networks towards PQC. It surveys papers about the migration process and exemplary real-world software system migrations. On the process side, we found that terminology, migration steps, and roles are not defined precisely or consistently across the literature. Still, we identified four major phases and appropriate substeps which we matched with also emerging archetypes of roles. In terms of real-world migrations, we see that reports used several different PQC implementations and hybrid solutions for migrations of systems belonging to a wide range of system types. Across all papers we noticed three major challenges for adopters: missing experience of PQC and a high realization effort, concerns about the security of the upcoming system, and finally, high complexity. Our findings indicate that recent standardization efforts already push quantum-safe networking forward. However, the literature is still not in consensus about definitions and best practices. Implementations are mostly experimental and not necessarily practical, leading to an overall chaotic situation. To better grasp this fast moving field of (applied) research, our systematic literature review provides a comprehensive overview of its current state and serves as a starting point for delving into the matter of PQC migration.
Related papers
- Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC)
ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic.
We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
arXiv Detail & Related papers (2024-11-21T18:26:05Z) - Formalizing the Cryptographic Migration Problem [2.4739484546803334]
transitioning to post-quantum cryptography is becoming increasingly critical to maintain the security of modern systems.
This paper introduces a formal definition of the cryptographic migration problem and explores its complexities using a suitable directed graph model.
arXiv Detail & Related papers (2024-08-12T08:47:19Z) - Evaluation Framework for Quantum Security Risk Assessment: A Comprehensive Strategy for Quantum-Safe Transition [0.03749861135832072]
The rise of large-scale quantum computing poses a significant threat to traditional cryptographic security measures.
Quantum attacks undermine current asymmetric cryptographic algorithms, rendering them ineffective.
This study explores the challenges of migrating to quantum-safe cryptographic states.
arXiv Detail & Related papers (2024-04-12T04:18:58Z) - Exploring Progress in Multivariate Time Series Forecasting: Comprehensive Benchmarking and Heterogeneity Analysis [70.78170766633039]
We address the need for means of assessing MTS forecasting proposals reliably and fairly.
BasicTS+ is a benchmark designed to enable fair, comprehensive, and reproducible comparison of MTS forecasting solutions.
We apply BasicTS+ along with rich datasets to assess the capabilities of more than 45 MTS forecasting solutions.
arXiv Detail & Related papers (2023-10-09T19:52:22Z) - A Framework for Migrating to Post-Quantum Cryptography: Security Dependency Analysis and Case Studies [3.890207460112498]
cryptography, once deemed secure for decades, are now at risk of being compromised.
There is an urgent need to migrate to quantum-resistant cryptographic systems.
We present a comprehensive framework designed to assist enterprises with this transition.
arXiv Detail & Related papers (2023-07-13T01:51:15Z) - Practical quantum secure direct communication with squeezed states [55.41644538483948]
We report the first table-top experimental demonstration of a CV-QSDC system and assess its security.
This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
arXiv Detail & Related papers (2023-06-25T19:23:42Z) - Attacks in Adversarial Machine Learning: A Systematic Survey from the
Life-cycle Perspective [69.25513235556635]
Adversarial machine learning (AML) studies the adversarial phenomenon of machine learning, which may make inconsistent or unexpected predictions with humans.
Some paradigms have been recently developed to explore this adversarial phenomenon occurring at different stages of a machine learning system.
We propose a unified mathematical framework to covering existing attack paradigms.
arXiv Detail & Related papers (2023-02-19T02:12:21Z) - Addressing Issues of Cross-Linguality in Open-Retrieval Question
Answering Systems For Emergent Domains [67.99403521976058]
We demonstrate a cross-lingual open-retrieval question answering system for the emergent domain of COVID-19.
Our system adopts a corpus of scientific articles to ensure that retrieved documents are reliable.
We show that a deep semantic retriever greatly benefits from training on our English-to-all data and significantly outperforms a BM25 baseline in the cross-lingual setting.
arXiv Detail & Related papers (2022-01-26T19:27:32Z) - Investigating internal migration with network analysis and latent space
representations: An application to Turkey [0.0]
We provide an in-depth investigation into the structure and dynamics of the internal migration in Turkey from 2008 to 2020.
We identify a set of classical migration laws and examine them via various methods for signed network analysis, ego network analysis, representation learning, temporal stability analysis, and network visualization.
The findings show that, in line with the classical migration laws, most migration links are geographically bounded with several exceptions involving cities with large economic activity.
arXiv Detail & Related papers (2022-01-10T18:58:02Z) - How to Certify Machine Learning Based Safety-critical Systems? A
Systematic Literature Review [7.704424642395104]
This paper aims to elucidate challenges related to the certification of ML-based safety-critical systems.
In total, we identified 229 papers covering topics considered to be the main pillars of ML certification.
arXiv Detail & Related papers (2021-07-26T09:03:22Z) - Retrieving and Reading: A Comprehensive Survey on Open-domain Question
Answering [62.88322725956294]
We review the latest research trends in OpenQA, with particular attention to systems that incorporate neural MRC techniques.
We introduce modern OpenQA architecture named Retriever-Reader'' and analyze the various systems that follow this architecture.
We then discuss key challenges to developing OpenQA systems and offer an analysis of benchmarks that are commonly used.
arXiv Detail & Related papers (2021-01-04T04:47:46Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.