Cryptology ePrint Archive: Report 2019/921

Tree authenticated ephemeral keys

Pavol Zajac

Abstract: Public key algorithms based on QC-MPDC and QC-LDPC codes for key encapsulation/encryption submitted to NIST post-quantum competition (BIKE, QC-MDPC KEM, LEDA) are vulnerable against reaction attacks based on decoding failures. To protect algorithms, authors propose to limit the key usage, in the extreme (BIKE) to only use ephemeral public keys. In some authenticated protocols, we need to combine each key with a signature, which can lead to increased traffic overhead, especially given large signature sizes of some of the proposed post-quantum signature schemes. We propose to combine ephemeral public keys with a simple Merkle-tree to obtain a server authenticated key encapsulation/transport suitable for TLS-like handshake protocols.

Category / Keywords: public-key cryptography / public-key cryptography, digital signatures, key management

Date: received 13 Aug 2019

Contact author: pavol zajac at stuba sk

Available format(s): PDF | BibTeX Citation

Version: 20190813:221048 (All versions of this report)

Short URL: ia.cr/2019/921


[ Cryptology ePrint archive ]