Paper 2019/921

Tree authenticated ephemeral keys

Pavol Zajac

Abstract

Public key algorithms based on QC-MPDC and QC-LDPC codes for key encapsulation/encryption submitted to NIST post-quantum competition (BIKE, QC-MDPC KEM, LEDA) are vulnerable against reaction attacks based on decoding failures. To protect algorithms, authors propose to limit the key usage, in the extreme (BIKE) to only use ephemeral public keys. In some authenticated protocols, we need to combine each key with a signature, which can lead to increased traffic overhead, especially given large signature sizes of some of the proposed post-quantum signature schemes. We propose to combine ephemeral public keys with a simple Merkle-tree to obtain a server authenticated key encapsulation/transport suitable for TLS-like handshake protocols.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. Minor revision.
Keywords
public-key cryptographydigital signatureskey management
Contact author(s)
pavol zajac @ stuba sk
History
2019-08-13: received
Short URL
https://ia.cr/2019/921
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/921,
      author = {Pavol Zajac},
      title = {Tree authenticated ephemeral keys},
      howpublished = {Cryptology ePrint Archive, Paper 2019/921},
      year = {2019},
      note = {\url{https://eprint.iacr.org/2019/921}},
      url = {https://eprint.iacr.org/2019/921}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.