Paper 2025/742

Seamless Post-Quantum Transition: Agile and Efficient Encryption for Data-at-Rest

Stephan Krenn, Austrian Institute of Technology
Thomas Lorünser, Austrian Institute of Technology
Sebastian Ramacher, Austrian Institute of Technology
Federico Valbusa, Bundeswehr University Munich
Abstract

As quantum computing matures, its impact on traditional cryptographic protocols becomes increasingly critical, especially for data-at-rest scenarios where large data sets remain encrypted for extended periods of time. This paper addresses the pressing need to transition away from pre-quantum algorithms by presenting an agile cryptosystem that securely and efficiently supports post-quantum Key Encapsulation Mechanisms (KEMs). The proposed solution is based on combining a CCA-secure KEM with a robust Authenticated Encryption scheme, allowing only the dynamic component - the symmetric key encapsulation - to be updated when migrating to new cryptographic algorithms. This approach eliminates the need to re-encrypt potentially massive data payloads, resulting in significant savings in computational overhead and bandwidth. We formalize the concept of cryptoagility through an agile-CCA security model, which requires that neither the original ciphertext nor any updated version reveals meaningful information to an attacker. A game-based proof shows that the overall construction remains agile-CCA secure if the underlying KEM and AE are individually CCA secure under a random oracle assumption. The result is a future-proof scheme that eases the transition to post-quantum standards, enabling enterprises and cloud storage providers to protect large amounts of data with minimal disruption while proactively mitigating emerging quantum threats.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Post Quantum MigrationCrypto AgilityKey Encapsulation MechanismAuthenticated Encryption
Contact author(s)
stephan krenn @ ait ac at
thomas loruenser @ ait ac at
sebastian ramacher @ ait ac at
federicovalbusa @ gmail com
History
2025-04-27: approved
2025-04-25: received
See all versions
Short URL
https://ia.cr/2025/742
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2025/742,
      author = {Stephan Krenn and Thomas Lorünser and Sebastian Ramacher and Federico Valbusa},
      title = {Seamless Post-Quantum Transition: Agile and Efficient Encryption for Data-at-Rest},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/742},
      year = {2025},
      url = {https://eprint.iacr.org/2025/742}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.