Versatile Quantum-Safe Hybrid Key Exchange and Its Application to MACsec
- URL: http://arxiv.org/abs/2505.14162v2
- Date: Wed, 21 May 2025 07:54:58 GMT
- Title: Versatile Quantum-Safe Hybrid Key Exchange and Its Application to MACsec
- Authors: Jaime S. Buruaga, Augustine Bugler, Juan P. Brito, Vicente Martin, Christoph Striecks,
- Abstract summary: Quantum computing poses a significant threat to cryptography currently deployed.<n> cryptographic building blocks to mitigate the threat are already available.<n>Following an agile defense-in-depth approach, Hybrid Authenticated Key Exchange protocols have recently been gaining attention.<n>We propose a new versatile HAKE protocol, dubbed VMuckle, which is sufficiently flexible for the use in MACsec to provide LAN participants with hybrid key material ensuring secure communication.
- Score: 1.2641141743223379
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Advancements in quantum computing pose a significant threat to most of the cryptography currently deployed. Fortunately, cryptographic building blocks to mitigate the threat are already available; mostly based on post-quantum and quantum cryptography, but also on symmetric cryptography techniques. Notably, quantum-safe building blocks must be deployed as soon as possible due to the ``harvest-now decrypt-later'' attack scenario, which is already challenging our sensitive and encrypted data today. Following an agile defense-in-depth approach, Hybrid Authenticated Key Exchange (HAKE) protocols have recently been gaining significant attention. Such protocols modularly combine conventional, post-quantum, and quantum cryptography to achieve confidentiality, authenticity, and integrity guarantees for network channels. Unfortunately, only a few protocols have yet been proposed (mainly Muckle and Muckle+) with different flexibility guarantees. Looking at available standards in the network domain (especially at the Media Access Control Security (MACsec) standard), we believe that HAKE protocols could already bring strong security benefits to MACsec today. MACsec is a standard designed to secure communication at the data link layer in Ethernet networks by providing security for all traffic between adjacent entities. In addition, MACsec establishes secure channels within a Local Area Network (LAN), ensuring that data remain protected from eavesdropping, tampering, and unauthorized access, while operating transparently to higher layer protocols. Currently, MACsec does not offer enough protection in the event of cryptographically relevant quantum computers. In this work, we tackle the challenge and propose a new versatile HAKE protocol, dubbed VMuckle, which is sufficiently flexible for the use in MACsec to provide LAN participants with hybrid key material ensuring secure communication.
Related papers
- Secure and Efficient Quantum Signature Scheme Based on the Controlled Unitary Operations Encryption [5.662132994900804]
We present an efficient arbitrated quantum signature protocol to encrypt quantum message ensembles.<n>In contrast to existing protocols, our approach successfully prevents disavowal and forgery attacks.
arXiv Detail & Related papers (2025-07-14T12:56:09Z) - A Quantum Good Authentication Protocol [0.0]
This article presents a novel network protocol that incorporates a quantum photonic channel for symmetric key distribution.<n>The protocol uses strong hash functions to hash original messages and verify heightened data integrity at the destination.
arXiv Detail & Related papers (2025-03-05T20:30:34Z) - Onion Routing Key Distribution for QKDN [1.8637078358591843]
The advance of quantum computing poses a significant threat to classical cryptography.<n>Two main approaches have emerged: quantum cryptography and post-quantum cryptography.<n>We propose a secure key distribution protocol for Quantum Key Distribution Networks (QKDN)
arXiv Detail & Related papers (2025-02-10T16:47:42Z) - Secure Semantic Communication With Homomorphic Encryption [52.5344514499035]
This paper explores the feasibility of applying homomorphic encryption to SemCom.<n>We propose a task-oriented SemCom scheme secured through homomorphic encryption.
arXiv Detail & Related papers (2025-01-17T13:26:14Z) - ACRIC: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
Recent security incidents in safety-critical industries exposed how the lack of proper message authentication enables attackers to inject malicious commands or alter system behavior.<n>These shortcomings have prompted new regulations that emphasize the pressing need to strengthen cybersecurity.<n>We introduce ACRIC, a message authentication solution to secure legacy industrial communications.
arXiv Detail & Related papers (2024-11-21T18:26:05Z) - Practical hybrid PQC-QKD protocols with enhanced security and performance [44.8840598334124]
We develop hybrid protocols by which QKD and PQC inter-operate within a joint quantum-classical network.
In particular, we consider different hybrid designs that may offer enhanced speed and/or security over the individual performance of either approach.
arXiv Detail & Related papers (2024-11-02T00:02:01Z) - Towards efficient and secure quantum-classical communication networks [47.27205216718476]
There are two primary approaches to achieving quantum-resistant security: quantum key distribution (QKD) and post-quantum cryptography (PQC)
We introduce the pros and cons of these protocols and explore how they can be combined to achieve a higher level of security and/or improved performance in key distribution.
We hope our discussion inspires further research into the design of hybrid cryptographic protocols for quantum-classical communication networks.
arXiv Detail & Related papers (2024-11-01T23:36:19Z) - Coding-Based Hybrid Post-Quantum Cryptosystem for Non-Uniform Information [53.85237314348328]
We introduce for non-uniform messages a novel hybrid universal network coding cryptosystem (NU-HUNCC)
We show that NU-HUNCC is information-theoretic individually secured against an eavesdropper with access to any subset of the links.
arXiv Detail & Related papers (2024-02-13T12:12:39Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - The Evolution of Quantum Secure Direct Communication: On the Road to the Qinternet [49.8449750761258]
Quantum secure direct communication (QSDC) is provably secure and overcomes the threat of quantum computing.<n>We will detail the associated point-to-point communication protocols and show how information is protected and transmitted.
arXiv Detail & Related papers (2023-11-23T12:40:47Z) - Practical quantum secure direct communication with squeezed states [55.41644538483948]
We report the first table-top experimental demonstration of a CV-QSDC system and assess its security.
This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
arXiv Detail & Related papers (2023-06-25T19:23:42Z) - Composable Security of Distributed Symmetric Key Establishment Protocol [4.806505912512235]
We show the composable security of the DSKE protocol in the constructive cryptography framework of Maurer.
As DSKE is scalable in a network setting with no distance limit, it is expected to be a cost-effective quantum-safe solution to safeguarding the network security against the threat of quantum computers.
arXiv Detail & Related papers (2023-04-26T19:14:52Z) - Measurement-device-independent QSDC protocol using Bell and GHZ states
on quantum simulator [0.0]
Quantum Secure Direct Communication (QSDC) protocol eliminates the necessity of key, encryption and ciphertext transmission.
It is a unique quantum communication scheme where secret information is transmitted directly over a quantum communication channel.
We make use of measurement-device-independent (MDI) protocol in this scheme where all the measurements of quantum states during communication are performed by a third party.
arXiv Detail & Related papers (2020-07-01T07:47:59Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.