Paper 2018/903
Hybrid Key Encapsulation Mechanisms and Authenticated Key Exchange
Nina Bindel, Jacqueline Brendel, Marc Fischlin, Brian Goncalves, and Douglas Stebila
Abstract
Concerns about the impact of quantum computers on currently deployed public key cryptography have instigated research into not only quantum-resistant cryptographic primitives but also how to transition applications from classical to quantum-resistant solutions. One approach to mitigate the risk of quantum attacks and to preserve common security guarantees are hybrid schemes, which combine classically secure and quantum-resistant schemes. Various academic and industry experiments and draft standards related to the Transport Layer Security (TLS) protocol already use some form of hybrid key exchange; however sound theoretical approaches to substantiate the design and security of such hybrid key exchange protocols are missing so far. We initiate the modeling of hybrid authenticated key exchange protocols. We consider security against adversaries with varying levels of quantum power over time, such as adversaries who may become quantum in the future or are quantum in the present. We reach our goal using a three-step approach: First, we introduce security notions for key encapsulation mechanisms (KEMs) that enable a fine-grained distinction between different quantum scenarios. Second, we propose several combiners for constructing hybrid KEMs that correspond closely to recently proposed Internet-Drafts for hybrid key exchange in TLS 1.3. Finally, we present a provably sound design for hybrid key exchange using KEMs as building blocks.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Major revision. 10th International Workshop on Post-Quantum Cryptography (PQCrypto 2019)
- DOI
- 10.1007/978-3-030-25510-7_12
- Keywords
- hybrid key exchangekey exchangehybridscombinerspost-quantum key exchange
- Contact author(s)
- jacqueline brendel @ cryptoplexity de
- History
- 2019-10-21: revised
- 2018-09-25: received
- See all versions
- Short URL
- https://ia.cr/2018/903
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2018/903, author = {Nina Bindel and Jacqueline Brendel and Marc Fischlin and Brian Goncalves and Douglas Stebila}, title = {Hybrid Key Encapsulation Mechanisms and Authenticated Key Exchange}, howpublished = {Cryptology {ePrint} Archive, Paper 2018/903}, year = {2018}, doi = {10.1007/978-3-030-25510-7_12}, url = {https://eprint.iacr.org/2018/903} }