Verifying Classic McEliece: examining the role of formal methods in post-quantum cryptography standardisation

Developers of computer-aided cryptographic tools are optimistic that formal methods will become a vital part of developing new cryptographic systems. We study the use of such tools to specify and verify the implementation of Classic McEliece, one of the code-based cryptography candidates in the fourth round of the NIST Post-Quantum standardisation Process. From our case study we draw conclusions about the practical applicability of these methods to the development of novel cryptography

Energy Saving Mechanisms in the Security of the Internet of Things

Energy consumption is one of the priorities of security on the Internet of Things. It is not easy to find the best solutions that will reduce energy consumption, while ensuring that the security requirements are met. Many of the issues that have been presented so far have covered the basics of security, such as the basic principles of encryption, extension environments, target applications, and so on.This paper examines one of the most effective energy-efficiency mechanisms for providing Internet-based security services. By studying techniques that enable the development of advanced energy-efficient security solutions, we take a closer look at the ideas that have already been introduced in this area. In this study, not only the security issues, but also the energy impacts on solutions have been considered. Initially, the amount of energy related to security services is introduced. Then a classification is proposed for energy efficient mechanisms on the Internet of Things. Finally, the main drivers of the impact of energy saving techniques are analyzed for security solutions

Performanz Evaluation von PQC in TLS 1.3 unter variierenden Netzwerkcharakteristiken

Quantum computers could break currently used asymmetric cryptographic schemes in a few years using Shor's algorithm. They are used in numerous protocols and applications to secure authenticity as well as key agreement, and quantum-safe alternatives are urgently needed. NIST therefore initiated a standardization process. This requires intensive evaluation, also with regard to performance and integrability. Here, the integration into TLS 1.3 plays an important role, since it is used for 90% of all Internet connections. In the present work, algorithms for quantum-safe key exchange during TLS 1.3 handshake were reviewed. The focus is on the influence of dedicated network parameters such as transmission rate or packet loss in order to gain insights regarding the suitability of the algorithms under corresponding network conditions. For the implementation, a framework by Paquin et al. was extended to emulate network scenarios and capture the handshake duration for selected algorithms. It is shown that the evaluated candidates Kyber, Saber and NTRU as well as the alternative NTRU Prime have a very good overall performance and partly undercut the handshake duration of the classical ECDH. The choice of a higher security level or hybrid variants does not make a significant difference here. This is not the case with alternatives such as FrodoKEM, SIKE, HQC or BIKE, which have individual disadvantages and whose respective performance varies greatly depending on the security level and hybrid implementation. This is especially true for the data-intensive algorithm FrodoKEM. In general, the prevailing network characteristics should be taken into account when choosing scheme and variant. Further it becomes clear that the performance of the handshake is influenced by external factors such as TCP mechanisms or MTU, which could compensate for possible disadvantages due to PQC if configured appropriately.Comment: Master's thesis, 160 pages, in Germa