Quantum computers significantly threaten traditional public key cryptography schemes, potentially breaking protocols such as RSA, Diffie-Hellman scheme, and EC Digital Signature Algorithm. Hybrid schemes combining classically secure and quantum-resistant schemes are being considered to mitigate this risk. These schemes, endorsed by the National Cybersecurity Agency of France and the Federal Office for Information Security in Germany, involve a pre-quantum Key EXchange (KEX), a post-quantum Key Exchange Mechanism (KEM), and a Quantum Key Distribution (QKD) algorithm. A recent study has demonstrated the practical implementation of a 3-key combiner system on a Field Programmable Gate Arrays (FPGA) platform.
What is the Threat of Quantum Computer Attacks on Cryptography?
Quantum computers pose a significant threat to traditional public key cryptography schemes. These schemes, which have long been the foundation for securing communication and information, are based on the hardness of mathematical assumptions such as the Integer Factorization (IF) problem, Discrete Logarithm Problem (DLP), and Elliptic Curve (EC). However, with the advent of quantum computers, quantum-based algorithms could be used to break these traditional public key cryptography schemes. For instance, Shor’s algorithm allows attackers to solve DLP and IF problems, breaking the most commonly used cryptographic protocols such as RSA, Diffie-Hellman scheme, and EC Digital Signature Algorithm (DSA).
The threat of quantum computer attacks has led to the reemergence of combining several same-type primitives so that the resulting scheme is secure as long as one of the components remains secure. This concept, which goes back to Even and Goldreich, is particularly relevant in the context of cryptographic keys. A hybrid quantum key exchange combination allows for preserving the security guarantees of pre-quantum schemes while achieving the quantum resistance of post-quantum schemes.
How Can Hybrid Quantum Key Exchange Mitigate the Risk of Quantum Attacks?
Hybrid schemes permit mitigating the risk of quantum attacks and preserving standard security guarantees by combining classically secure and quantum-resistant schemes. The National Cybersecurity Agency of France (ANSSI) considers the role of hybridization in cryptographic security crucial and mandatory for the next phases. An efficient way to achieve hybridization involves a scheme combiner, where parallelization of the combined schemes can be provided. In this way, the slower Key EXchange (KEX) or Key Exchange Mechanism (KEM) scheme bounds the key generation speed.
The Federal Office for Information Security in Germany (BSI) suggests not using post-quantum cryptography in isolation as it has not been equally well studied. At the same time, the report emphasizes the need to switch to quantum-safe schemes by combining post and pre-quantum schemes. Using new algorithms can be a long and challenging process where backward compatibility has to be maintained without introducing the risk of downgrade attacks. Moreover, there is uncertainty about the hardness of post-quantum assumption where new, even classical attacks may show them to be vulnerable.
What is the Role of Quantum Key Distribution in Hybrid Cryptography?
Quantum Key Distribution (QKD) promises information-theoretic security, whereas classical and post-quantum schemes’ security is based on the intractability of selected computationally hard problems. This means that QKD can provide long-term security and does not impose limits on the adversary’s computational power. Therefore, since they are based on different principles, QKD and post-quantum cryptography can be viewed as complementary methods that can be deployed in both. A hybrid system involving pre-quantum, post-quantum, and quantum schemes guarantees a smooth transaction to Post-Quantum (PQ) cryptography, where QKD and post-quantum complement each other to strengthen the system.
How Can a 3-Key Combiner be Implemented in Practice?
A 3-key combiner system involves a pre-quantum KEX, a post-quantum KEM, and a Quantum Key Distribution (QKD) algorithm. The system stems from the proposed dual-PRF, taking 2 KEX keys and 1 KEM key as input. Due to its relatively low resource usage, the combiner can run in small Field Programmable Gate Arrays (FPGA) platforms. In particular, the key combiner without QKD can output up to 1,624 keys per second, and the key combiner with QKD can output up to 92 keys per second.
Hybrid Quantum Key Exchange. A summary?
The study presents an extensive analysis of existing KEX and KEM combiners. It extends the dual-PRF combiner to work with three keys as input. The security proof of the system is directly derived from the security proof of the dual-PRF combiner. The study also provides a practical implementation of the 3-key combiner on an FPGA platform. The results show that the combiner can be implemented in small FPGA platforms due to its relatively low resource usage.
Hybrid Keys in Practice: Combining Classical, Quantum and Post-Quantum Cryptography, was published in IEEE Access on 2024-01-01, .The authors are Sara Ricci, Patrik Dobiáš, Lukáš Malina, Jan Hajný and Petr Jedlička. Find more at https://doi.org/10.1109/access.2024.3364520
