Cryptology ePrint Archive: Report 2022/220

Cache-22: A Highly Deployable End-To-End Encrypted Cache System with Post-Quantum Security

Keita Emura and Shiho Moriai and Takuma Nakajima and Masato Yoshimi

Abstract: Cache systems are crucial for reducing communication overhead on the Internet. The importance of communication privacy is being increasingly and widely recognized; therefore, we anticipate that nearly all end-to-end communication will be encrypted via secure sockets layer/transport layer security (SSL/TLS) in the near future. Herein we consider a catch-22 situation, wherein the cache server checks whether content has been cached or not, i.e., the cache server needs to observe it, thereby violating end-to-end encryption. We avoid this catch-22 situation by proposing an encrypted cache system which we call Cache-22. To maximize its deployability, we avoid heavy, advanced cryptographic tools, and instead base our Cache-22 system purely on traditional SSL/TLS communication. It employs tags for searching, and its design concept enables the service provider to decide, e.g., via an authentication process, whether or not a particular user should be allowed to access particular content. We provide a prototype implementation of the proposed system using the color-based cooperative cache proposed by Nakajima et al. (IEICE Trans. 2017) under several ciphersuites containing post-quantum key exchanges in addition to ECDHE (Elliptic Curve-based). We consider NIST Post-Quantum Cryptography round 3 finalists and alternate candidates: lattice-based (Kyber, SABER, NTRU), code-based (BIKE), and isogeny-based (SIKE). Compared to direct HTTPS communication between a service provider and a user, employing our Cache-22 system has a merit to drastically reduce communications between a cache server and the service provider (approximately 95%) which is effective in a hierarchical network with a cost disparity.

Category / Keywords: cryptographic protocols / Encrypted Cache System, SSL/TLS, Post Quantum Security

Original Publication (with major differences): ISITA2020

Date: received 22 Feb 2022

Contact author: k-emura at nict go jp, yoshimi masato at tis co jp

Available format(s): PDF | BibTeX Citation

Version: 20220225:074815 (All versions of this report)

Short URL: ia.cr/2022/220


[ Cryptology ePrint archive ]