Paper 2025/742
Seamless Post-Quantum Transition: Agile and Efficient Encryption for Data-at-Rest
Abstract
As quantum computing matures, its impact on traditional cryptographic protocols becomes increasingly critical, especially for data-at-rest scenarios where large data sets remain encrypted for extended periods of time. This paper addresses the pressing need to transition away from pre-quantum algorithms by presenting an agile cryptosystem that securely and efficiently supports post-quantum Key Encapsulation Mechanisms (KEMs). The proposed solution is based on combining a CCA-secure KEM with a robust Authenticated Encryption scheme, allowing only the dynamic component - the symmetric key encapsulation - to be updated when migrating to new cryptographic algorithms. This approach eliminates the need to re-encrypt potentially massive data payloads, resulting in significant savings in computational overhead and bandwidth. We formalize the concept of cryptoagility through an agile-CCA security model, which requires that neither the original ciphertext nor any updated version reveals meaningful information to an attacker. A game-based proof shows that the overall construction remains agile-CCA secure if the underlying KEM and AE are individually CCA secure under a random oracle assumption. The result is a future-proof scheme that eases the transition to post-quantum standards, enabling enterprises and cloud storage providers to protect large amounts of data with minimal disruption while proactively mitigating emerging quantum threats.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- Post Quantum MigrationCrypto AgilityKey Encapsulation MechanismAuthenticated Encryption
- Contact author(s)
-
stephan krenn @ ait ac at
thomas loruenser @ ait ac at
sebastian ramacher @ ait ac at
federicovalbusa @ gmail com - History
- 2025-04-27: approved
- 2025-04-25: received
- See all versions
- Short URL
- https://ia.cr/2025/742
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/742, author = {Stephan Krenn and Thomas Lorünser and Sebastian Ramacher and Federico Valbusa}, title = {Seamless Post-Quantum Transition: Agile and Efficient Encryption for Data-at-Rest}, howpublished = {Cryptology {ePrint} Archive, Paper 2025/742}, year = {2025}, url = {https://eprint.iacr.org/2025/742} }