Paper 2024/2083

Fully Hybrid TLSv1.3 in WolfSSL on Cortex-M4

Mila Anastasova, Florida Atlantic University
Reza Azarderakhsh, Florida Atlantic University
Mehran Mozaffari Kermani, University of South Florida
Abstract

To provide safe communication across an unprotected medium such as the internet, network protocols are being established. These protocols employ public key techniques to perform key exchange and authentication. Transport Layer Security (TLS) is a widely used network protocol that enables secure communication between a server and a client. TLS is employed in billions of transactions per second. Contemporary protocols depend on traditional methods that utilize the computational complexity of factorization or (elliptic curve) logarithm mathematics problems. The ongoing advancement in the processing power of classical computers requires an ongoing increase in the security level of the underlying cryptographic algorithms. This study focuses on the analysis of Curve448 and Edwards curve Ed448, renowned for their superior security features that offer a 224-bit level of security as part of the TLSv1.3 protocol. The exponential advancement of quantum computers, however, presents a substantial threat to secure network communication that depends on classical crypto schemes, irrespective of their degree of security. Quantum computers have the capability to resolve these challenges within a feasible timeframe. In order to successfully transition to Post-Quantum secure network protocols, it is imperative to concurrently deploy both classical and post-quantum algorithms. This is done to fulfill the requirements of both enterprises and governments, while also instilling more assurance in the reliability of the post-quantum systems. This paper presents a detailed hybrid implementation architecture of the TLSv1.3 network protocol. We showcase the first deployment of Curve448 and Crystals-Kyber for the purpose of key exchanging, and Ed448 and Crystals-Dilithium for verifying the authenticity of entities and for X.509 Public Key Infrastructure (PKI). We rely upon the widely used OpenSSL library and the specific wolfSSL library for embedded devices to provide our results for server and client applications.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. ACNS 2024: 22nd International Conference on Applied Cryptography and Network Security
Keywords
Network ProtocolsTLSv1.3PKIX.509Elliptic Curve Cryptography (ECC)Post-Quantum Cryptography (PQC)Cortex-M4
Contact author(s)
manastasova2017 @ fau edu
razarderakhsh @ fau edu
mehran2 @ usf edu
History
2024-12-27: approved
2024-12-27: received
See all versions
Short URL
https://ia.cr/2024/2083
License
No rights reserved
CC0

BibTeX 

@misc{cryptoeprint:2024/2083,
      author = {Mila Anastasova and Reza Azarderakhsh and Mehran Mozaffari Kermani},
      title = {Fully Hybrid {TLSv1}.3 in {WolfSSL} on Cortex-M4},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/2083},
      year = {2024},
      url = {https://eprint.iacr.org/2024/2083}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.