162 research outputs found

    Quantum-secured time transfer between precise timing facilities: a field trial with simulated satellite links

    Get PDF
    Global Navigation Satellite Systems (GNSSs), such as GPS and Galileo, provide precise time and space coordinates globally and constitute part of the critical infrastructure of modern society. To reliably operate GNSS, a highly accurate and stable system time is required, such as the one provided by several independent clocks hosted in Precise Timing Facilities (PTFs) around the world. The relative clock offset between PTFs is periodically measured to have a fallback system to synchronize the GNSS satellite clocks. The security and integrity of the communication between PTFs is of paramount importance: if compromised, it could lead to disruptions to the GNSS service. Therefore, securing the communication between PTFs is a compelling use-case for protection via Quantum Key Distribution (QKD), since this technology provides information-theoretic security. We have performed a field trial demonstration of such a use-case by sharing encrypted time synchronization information between two PTFs, one located in Oberpfaffenhofen (Germany) and one in Matera (Italy)—more than 900 km apart. To bridge this large distance, a satellite-QKD system is required, plus a “last-mile” terrestrial link to connect the optical ground station (OGS) to the actual location of the PTF. In our demonstration, we have deployed two full QKD systems to protect the last-mile connection at both locations and have shown via simulation that upcoming QKD satellites will be able to distribute keys between Oberpfaffenhofen and Matera, exploiting already existing OGSs

    Flexible Long-Term Secure Archiving

    Get PDF
    Privacy and data protection have always been basic human needs in any society that makes use of written language. From simple personal correspondence over military communication to trade secrets or medical information, confidentiality has been of utmost importance. The implications of a leak of such sensitive information may prove devastating, as the previous examples illustrate perfectly. Furthermore reliability, that is, integrity and authenticitiy of information, is critical with risks reaching from annoying to lethal as can again be seen in the previous examples. This need for data protection has carried over from the analogue to the digital age seamlessly with the amount of data being generated, transmitted and stored increasing steadily and containing more and more personal details. And in regard of the developments in computational technology that recent years have seen, such as the ongoing improvements with respect to quantum computing as well as cryptoanalytical advances, the capabilities of attackers on the security of private information have never been more distinct. Thus the need for privacy and data protection has rarely been more dire

    Interactive Non-Malleable Codes Against Desynchronizing Attacks in the Multi-Party Setting

    Get PDF
    Interactive Non-Malleable Codes were introduced by Fleischhacker et al. (TCC 2019) in the two party setting with synchronous tampering. The idea of this type of non-malleable code is that it "encodes" an interactive protocol in such a way that, even if the messages are tampered with according to some class F of tampering functions, the result of the execution will either be correct, or completely unrelated to the inputs of the participating parties. In the synchronous setting the adversary is able to modify the messages being exchanged but cannot drop messages nor desynchronize the two parties by first running the protocol with the first party and then with the second party. In this work, we define interactive non-malleable codes in the non-synchronous multi-party setting and construct such interactive non-malleable codes for the class F^s_bounded of bounded-state tampering functions

    Quantum key distribution with post-processing driven by physical unclonable functions

    Full text link
    Quantum key-distribution protocols allow two honest distant parties to establish a common truly random secret key in the presence of powerful adversaries, provided that the two users share beforehand a short secret key. This pre-shared secret key is used mainly for authentication purposes in the post-processing of classical data that have been obtained during the quantum communication stage, and it prevents a man-in-the-middle attack. The necessity of a pre-shared key is usually considered as the main drawback of quantum key-distribution protocols, which becomes even stronger for large networks involving more that two users. Here we discuss the conditions under which physical unclonable function can be integrated in currently available quantum key-distribution systems, in order to facilitate the generation and the distribution of the necessary pre-shared key, with the smallest possible cost in the security of the systems. Moreover, the integration of physical unclonable functions in quantum key-distribution networks allows for real-time authentication of the devices that are connected to the network

    HyperPlonk: Plonk with Linear-Time Prover and High-Degree Custom Gates

    Get PDF
    Plonk is a widely used succinct non-interactive proof system that uses univariate polynomial commitments. Plonk is quite flexible: it supports circuits with low-degree ``custom\u27\u27 gates as well as circuits with lookup gates (a lookup gate ensures that its input is contained in a predefined table). For large circuits, the bottleneck in generating a Plonk proof is the need for computing a large FFT. We present HyperPlonk, an adaptation of Plonk to the boolean hypercube, using multilinear polynomial commitments. HyperPlonk retains the flexibility of Plonk but provides several additional benefits. First, it avoids the need for an FFT during proof generation. Second, and more importantly, it supports custom gates of much higher degree than Plonk without harming the running time of the prover. Both of these can dramatically speed up the prover\u27s running time. Since HyperPlonk relies on multilinear polynomial commitments, we revisit two elegant constructions: one from Orion and one from Virgo. We show how to reduce the Orion opening proof size to less than 10kb (an almost factor 1000 improvement) and show how to make the Virgo FRI-based opening proof simpler and shorter

    Hardware-Supported Cryptographic Protection of Random Access Memory

    Get PDF
    Confidential Computing is the protection of data in use from access or modification by any unauthorized agent, including privileged software. For example, in Intel SGX (Client and Scalable versions) and TDX, AMD SEV, Arm CCA, and IBM Ultravisor this protection is implemented via access control policies. Some of these architectures also include memory protection schemes relying on cryptography, to protect against physical attacks. We review and classify such schemes, from academia and industry, according to protection levels corresponding of adversaries with varying capabilities, budget, and strategy. The building blocks of all memory protection schemes are encryption and integrity primitives and modes of operation, as well as anti-replay structures. We review these building blocks, consider their possible combinations, and evaluate the performance impact of the resulting schemes. We present a framework for performance evaluation in a simulated system. To understand the best and worst case overhead, systems with varying load levels are considered. We propose new solutions to further reduce the performance and memory overheads of such technologies. Advanced counter compression techniques make it viable to store counters used for replay protection in a physically protected memory. By additionally repurposing some ECC bits to store integrity tags, we can provide the highest levels of confidentiality, integrity, and replay protection at a hitherto unattained performance penalty, namely 3.32%, even under extreme load and at costs that make them reasonable in data centers. Combinations of technologies that are suitable for client devices are also discussed

    Secure authentication and key agreement via abstract multi-agent interaction

    Get PDF
    Authentication and key agreement are the foundation for secure communication over the Internet. Authenticated Key Exchange (AKE) protocols provide methods for communicating parties to authenticate each other, and establish a shared session key by which they can encrypt messages in the session. Within the category of AKE protocols, symmetric AKE protocols rely on pre-shared master keys for both services. These master keys can be transformed after each session in a key-evolving scheme to provide the property of forward secrecy, whereby the compromise of master keys does not allow for the compromise of past session keys. This thesis contributes a symmetric AKE protocol named AMI (Authentication via Multi-Agent Interaction). The AMI protocol is a novel formulation of authentication and key agreement as a multi-agent system, where communicating parties are treated as autonomous agents whose behavior within the protocol is governed by private agent models used as the master keys. Parties interact repeatedly using their behavioral models for authentication and for agreeing upon a unique session key per communication session. These models are evolved after each session to provide forward secrecy. The security of the multi-agent interaction process rests upon the difficulty of modeling an agent's decisions from limited observations about its behavior, a long-standing problem in AI research known as opponent modeling. We conjecture that it is difficult to efficiently solve even by a quantum computer, since the problem is fundamentally one of missing information rather than computational hardness. We show empirically that the AMI protocol achieves high accuracy in correctly identifying legitimate agents while rejecting different adversarial strategies from the security literature. We demonstrate the protocol's resistance to adversarial agents which utilize random, replay, and maximum-likelihood estimation (MLE) strategies to bypass the authentication test. The random strategy chooses actions randomly without attempting to mimic a legitimate agent. The replay strategy replays actions previously observed by a legitimate client. The MLE strategy estimates a legitimate agent model using previously observed interactions, as an attempt to solve the opponent modeling problem. This thesis also introduces a reinforcement learning approach for efficient multi-agent interaction and authentication. This method trains an authenticating server agent's decision model to take effective probing actions which decrease the number of interactions in a single session required to successfully reject adversarial agents. We empirically evaluate the number of interactions required for a trained server agent to reject an adversarial agent, and show that using the optimized server leads to a much more sample-efficient interaction process than a server agent selecting actions by a uniform-random behavioral policy. Towards further research on and adoption of the AMI protocol for authenticated key-exchange, this thesis also contributes an open-source application written in Python, PyAMI. PyAMI consists of a multi-agent system where agents run on separate virtual machines, and communicate over low-level network sockets using TCP. The application supports extending the basic client-server setting to a larger multi-agent system for group authentication and key agreement, providing two such architectures for different deployment scenarios

    Physical-Layer Security, Quantum Key Distribution and Post-quantum Cryptography

    Get PDF
    The growth of data-driven technologies, 5G, and the Internet place enormous pressure on underlying information infrastructure. There exist numerous proposals on how to deal with the possible capacity crunch. However, the security of both optical and wireless networks lags behind reliable and spectrally efficient transmission. Significant achievements have been made recently in the quantum computing arena. Because most conventional cryptography systems rely on computational security, which guarantees the security against an efficient eavesdropper for a limited time, with the advancement in quantum computing this security can be compromised. To solve these problems, various schemes providing perfect/unconditional security have been proposed including physical-layer security (PLS), quantum key distribution (QKD), and post-quantum cryptography. Unfortunately, it is still not clear how to integrate those different proposals with higher level cryptography schemes. So the purpose of the Special Issue entitled “Physical-Layer Security, Quantum Key Distribution and Post-quantum Cryptography” was to integrate these various approaches and enable the next generation of cryptography systems whose security cannot be broken by quantum computers. This book represents the reprint of the papers accepted for publication in the Special Issue

    Quantum information in security protocols

    Get PDF
    Information security deals with the protection of our digital infrastructure. Achieving meaningful real-world security requires powerful cryptographic models that can give strong security guarantees and it requires accuracy of the model. Substantial engineering effort is required to ensure that a deployment meets the requirements imposed by the model. Quantum information impacts the field of security in two major ways. First, it allows more efficient cryptanalysis of currently widely deployed systems. New "post-quantum" cryptographic algorithms are designed to be secure against quantum attacks, but do not require quantum technology to be implemented. Since post-quantum algorithms have different properties, substantial effort is required to integrate these in the existing infrastructure. Second, quantum cryptography leverages quantum-mechanical properties to build new cryptographic systems with potential advantages, however these require a more substantial overhaul of the infrastructure. In this thesis I highlight the necessity of both the mathematical rigour and the engineering efforts that go into security protocols in the context of quantum information. This is done in three different contexts. First, I analyze the impact of key exhaustion attacks against quantum key distribution, showing that they can lead to substantial loss of security. I also provide two mitigations that thwart such key exhaustion attacks by computationally bounded adversaries, without compromising the information theoretically secure properties of the protocol output. I give various security considerations for secure implementation of the mitigations. Second, I consider how quantum adversaries can successfully attack quantum distance bounding protocols that had previously been claimed to be secure by informal reasoning. This highlights the need for mathematical rigour in the analysis of quantum adversaries. Third, I propose a post-quantum replacement for the socialist millionaire protocol in secure messaging. The protocol prevents some of the usability problems that have been observed in other key authentication ceremonies. The post-quantum replacement utilizes techniques from private set intersection to build a protocol from primitives that have seen much scrutiny from the cryptographic community

    Interactive Non-Malleable Codes Against Desynchronizing Attacks in the Multi-Party Setting

    Get PDF
    Interactive Non-Malleable Codes were introduced by Fleischhacker et al. (TCC 2019) in the two party setting with synchronous tampering. The idea of this type of non-malleable code is that it encodes an interactive protocol in such a way that, even if the messages are tampered with according to some class F\mathcal{F} of tampering functions, the result of the execution will either be correct, or completely unrelated to the inputs of the participating parties. In the synchronous setting the adversary is able to modify the messages being exchanged but cannot drop messages nor desynchronize the two parties by first running the protocol with the first party and then with the second party. In this work, we define interactive non-malleable codes in the non-synchronous multi-party setting and construct such interactive non-malleable codes for the class Fboundeds\mathcal{F}^{s}_{\textsf{bounded}} of bounded-state tampering functions. The construction is applicable to any multi-party protocol with a fixed message topology
    • 

    corecore