Proceedings of the 16th International Conference on Emerging Networking EXperiments and Technologies 2020
DOI: 10.1145/3386367.3431305
|View full text |Cite
|
Sign up to set email alerts
|

Assessing the overhead of post-quantum cryptography in TLS 1.3 and SSH

Abstract: The advances in quantum computing present a threat to public key primitives due to their ability to solve hard cryptographic problems in polynomial time. To address this threat to critical Internet security protocols like the Transfer Layer Security (TLS), and Secure Shell (SSH), the National Institute of Standards and Technology (NIST) is currently working on the new generation of quantumresistant key encapsulation and authentication schemes. In this paper, we evaluate protocol handshake performance when both… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
12
0

Year Published

2021
2021
2022
2022

Publication Types

Select...
5
2
2

Relationship

0
9

Authors

Journals

citations
Cited by 38 publications
(12 citation statements)
references
References 33 publications
0
12
0
Order By: Relevance
“…Another important characteristic of candidates is their potential performance impact in existing widely used protocols (e.g., TLS, IPSec, and SSH) and certificates. The 3rd Round saw some real-world experiments to see if there would be any performance problems arising from any of the algorithms (see, for example, [101][102][103][104][105][106][107][108]). NIST observed that the structured lattice finalists for both KEMs and signatures could be substituted into these protocols for existing public-key algorithms with relatively small (or no) performance loss.…”
Section: Algorithm and Implementation Characteristicsmentioning
confidence: 99%
“…Another important characteristic of candidates is their potential performance impact in existing widely used protocols (e.g., TLS, IPSec, and SSH) and certificates. The 3rd Round saw some real-world experiments to see if there would be any performance problems arising from any of the algorithms (see, for example, [101][102][103][104][105][106][107][108]). NIST observed that the structured lattice finalists for both KEMs and signatures could be substituted into these protocols for existing public-key algorithms with relatively small (or no) performance loss.…”
Section: Algorithm and Implementation Characteristicsmentioning
confidence: 99%
“…However, the cryptographic algorithms that will be included in the protocol will change. In this case, it should be assessed how existing methods will evolve and what impact postquantum technology will have on existing protocols [6]. These assessments have been made, for example, for the Transport Layer Security (TLS) protocol, which is used in many places, especially in web applications [7].…”
Section: -) Communicationmentioning
confidence: 99%
“…In [12] , an assessment, through relative experiments, of the concurrent use of quantum-resistant key exchange and authentication in TLS 1.3, as well as SSH protocols, under realistic network conditions, is carried out. It is shown that there exist combinations of algorithms that offer handshake performance close to the current standards (a minimum slowdown of about 1% has been monitored).…”
Section: Relevant Previous Workmentioning
confidence: 99%
“…Moreover, with respect to the time 𝑧, Mosca estimated since 2015 [8] that there is a 1/7 chance of breaking RSA-2048 by 2026 and a 1/2 chance by 2031. Therefore, incorporating post-quantum ciphers in the TLS protocol is currently a significant research field (see, e.g., [9][10][11][12][13][14] ).…”
Section: Introductionmentioning
confidence: 99%