Cryptology ePrint Archive: Report 2021/1019

Implementing and Measuring KEMTLS

Sofía Celi and Armando Faz-Hernández and Nick Sullivan and Goutam Tamvada and Luke Valenta and Thom Wiggers and Bas Westerbaan and and Christopher A. Wood

Abstract: KEMTLS is a novel alternative to the Transport Layer Security (TLS) handshake that integrates post-quantum algorithms. It uses key encapsulation mechanisms (KEMs) for both confidentiality and authentication, achieving post-quantum security while obviating the need for expensive post-quantum signatures. The original KEMTLS paper presents a security analysis, Rust implementation, and benchmarks over emulated networks. In this work, we provide full Go implementations of KEMTLS and other post-quantum handshake alternatives, describe their integration into a distributed system, and provide performance evaluations over real network conditions. We compare the standard (nonquantum-resistant) TLS 1.3 handshake with three alternatives: one that uses post-quantum signatures in combination with post-quantum KEMs (PQTLS), one that uses KEMTLS, and one that is a reduced round trip version of KEMTLS (KEMTLS-PDK). In addition to the performance evaluations, we discuss how the design of these protocols impacts TLS from an implementation and configuration perspective.

Category / Keywords: implementation / Post-Quantum Cryptography, KEMTLS, Transport Layer Security, Cryptographic Engineering

Original Publication (with minor differences): Latincrypt2021

Date: received 3 Aug 2021

Contact author: sceli at cloudflare com, cherenkov at riseup net

Available format(s): PDF | BibTeX Citation

Version: 20210806:075253 (All versions of this report)

Short URL: ia.cr/2021/1019


[ Cryptology ePrint archive ]