Migrating to Post-Quantum Cryptography: a Framework Using Security Dependency Analysis

Quantum computing is emerging as an unprecedented threat to the current state of widely used cryptographic systems. Cryptographic methods that have been considered secure for decades will likely be broken, with enormous impact on the security of sensitive data and communications in enterprises worldwide. A plan to migrate to quantum-resistant cryptographic systems is required. However, migrating an enterprise system to ensure a quantum-safe state is a complex process. Enterprises will require systematic guidance to perform this migration to remain resilient in a post-quantum era, as many organisations do not have staff with the expertise to manage this process unaided. This paper presents a comprehensive framework designed to aid enterprises in their migration. The framework articulates key steps and technical considerations in the cryptographic migration process. It makes use of existing organisational inventories and provides a roadmap for prioritising the replacement of cryptosystems in a post-quantum context. The framework enables the efficient identification of cryptographic objects, and can be integrated with other frameworks in enterprise settings to minimise operational disruption during migration. Practical case studies are included to demonstrate the utility and efficacy of the proposed framework using graph theoretic techniques to determine and evaluate cryptographic dependencies.Comment: 21 Page

Towards Managing the Migration to Post-Quantum-Cryptography

As soon as cryptographically relevant quantum computers exist, they can break today's prevalent asymmetric cryptographic algorithms. Organizations (and the IT society) have to plan on migrating to quantum-resilient cryptographic measures, also known as post-quantum cryptography (PQC). However, this is a difficult task, and to the best of our knowledge, there is no generalized approach to manage such a complex migration for cryptography used in IT systems. PMMP helps organizations manage the migration to PQC and establish crypto-agility. Having finished the initial theoretical design phase, we are now looking to promote PMMP to encourage practitioners to join the effort and work with us to develop it further.Comment: 20 page

On the State of Crypto-Agility

The demand for crypto-agility, although dating back for more than two decades, recently started to increase in the light of the expected post-quantum cryptography (PQC) migration. Nevertheless, it started to evolve into a science on its own. Therefore, it is important to establish a unified definition of the notion, as well as its related aspects, scope, and practical applications. This paper presents a literature survey on crypto-agility and discusses respective development efforts categorized into different areas, including requirements, characteristics, and possible challenges. We explore the need for crypto-agility beyond PQC algorithms and security protocols and shed some light on current solutions, existing automation mechanisms, and best practices in this field. We evaluate the state of readiness for crypto-agility, and offer a discussion on the identified open issues. The results of our survey indicate a need for a comprehensive understanding. Further, more agile design paradigms are required in developing new IT systems, and in refactoring existing ones, in order to realize crypto-agility on a broad scale

ELCA: Introducing Enterprise-level Cryptographic Agility for a Post-Quantum Era

Given the importance of cryptography to modern security and privacy solutions, it is surprising how little attention has been given to the problem of \textit{cryptographic agility}, or frameworks enabling the transition from one cryptographic algorithm or implementation to another. In this paper, we argue that traditional notions of cryptographic agility fail to capture the challenges facing modern enterprises that will soon be forced to implement a disruptive migration from today’s public key algorithms (e.g., RSA, ECDH) to quantum-safe alternatives (e.g., CRYSTALS-KYBER). After discussing the challenge of real-world cryptographic transition at scale, we describe our work on enterprise-level cryptographic agility for secure communications based on orchestrated \textit{cryptographic providers}. Our policy-driven approach, prototyped in service mesh, provides a much-needed re-envisioning for cryptographic agility and highlights what’s missing today to enable disruptive cryptographic change at scale

QuantumCharge: Post-Quantum Cryptography for Electric Vehicle Charging

ISO 15118 enables charging and billing of Electric Vehicles (EVs) without user interaction by using locally installed cryptographic credentials that must be secure over the long lifetime of vehicles. In the dawn of quantum computers, Post-Quantum Cryptography (PQC) needs to be integrated into the EV charging infrastructure. In this paper, we propose QuantumCharge, a PQC extension for ISO 15118, which includes concepts for migration, crypto-agility, verifiable security, and the use of PQC-enabled hardware security modules. Our prototypical implementation and the practical evaluation demonstrate the feasibility, and our formal analysis shows the security of QuantumCharge, which thus paves the way for secure EV charging infrastructures of the future

Hybrid post-quantum cryptography in network protocols

Tese (doutorado) - Universidade Federal de Santa Catarina, Centro Tecnológico, Programa de Pós-Graduação em Ciência da Computação, Florianópolis, 2023.A segurança de redes é essencial para as comunicações do dia-a-dia. Protocolos como o Transport Layer Security (TLS) e o Automatic Certificate Management Environment (ACME) permitem comunicações seguras para várias aplicações. O TLS fornece canais seguros com autenticação de pares comunicantes, desde que estes pares já possuam um certificado digital para comprovar sua identidade. Já o protocolo ACME contribui com a adoção de TLS com funcionalidades para envio e gerenciamento de certificados digitais. Tanto o TLS quanto o ACME dependem da Criptografia de Chaves Públicas para autenticação e troca de chaves (Key Exchange - KEX). No entanto, o advento do Computador Quântico Criptograficamente Relevante (CQCR) enfraquece os protocolos de KEX e certificados digitais criados com a criptografia clássica usada atualmente, tais como RSA e Diffie-Hellman. Dada a grande adoção do TLS e ACME, esta ameaça alcança uma escala global. Neste contexto, trata-se de tese dos desafios da adoção da Criptografia Pós-Quântica (CPQ) no TLS e ACME, focando-se na abordagem recomendada chamada de CPQ híbrido (ou modo híbrido). A CPQ é criada usando suposições matemáticas diferentes das em uso atualmente. Essas suposições são viáveis ??para construção de esquemas criptográficos resistentes ao computador quântico, pois não se conhece algoritmo (clássico ou quântico) eficiente. Porém, a transição para CPQ é assunto complexo. No modo híbrido, a transição para CPQ é suavizada, pois ela é combinada com a criptografia tradicional. Assim, esta tese defende uma estratégia de adoção de CPQ pelo modo híbrido com as seguintes contribuições: um estudo secundário classificando e mostrando a eficiência e segurança do modo híbrido; uma ferramenta para verificar as garantias quantum-safe em conexões TLS de usuários; um estudo e uma otimização para a emissão de certificados digitais com CPQ no ACME; o projeto e implementação de uma abordagem híbrida para uma alternativa de TLS chamada KEMTLS; e um conceito híbrido inovador, com implementação, para autenticação usando certificados embrulhados. Na maioria dos cenários de avaliações com modo híbrido propostos neste trabalho, as previsões de desempenho não são significativas quando comparadas com a implantação de CPQ sem o modo híbrido. O conceito inovador da autenticação híbrida também habilitou um plano de contingência para o modo híbrido, contribuindo com a adoção do CPQ. Por meio das propostas e avaliações em diferentes cenários, abordagens e protocolos, esta tese soma esforços em direção ao uso de CPQ híbrido para mitigar os efeitos preocupantes da ameaça quântica à criptografia.Abstract: Network security is essential for today?s communications. Protocols such as Transport Layer Security (TLS) and Automatic Certificate Management Environment (ACME) enable secure communications for various applications. TLS provides secure channels with peer authentication, given that the peer already has a digital certificate to prove its identity. ACME contributes to TLS adoption with facilities for issuing and managing digital certificates. Both protocols depend on Public-Key Cryptography for authentication and Key Exchange (KEX) of symmetric key material. However, the advent of a Cryptographically Relevant Quantum Computer (CRQC) weakens KEX and digital certificates built with today?s classical cryptography (like RSA and Diffie-Hellman). Given the widespread adoption of TLS and ACME, such a threat reaches a global scale. In this context, this thesis aims at the challenges of adopting Post- Quantum Cryptography (PQC) in TLS and ACME, focusing on the recommended approach called Hybrid PQC (or hybrid mode). PQC is created using different mathematical assumptions in which there is no known efficient solution by classical and quantum computers. Hybrids ease the PQC transition by combining it with classical cryptography. This thesis defends the hybrid mode adoption by the following contributions: a secondary study classifying and showing hybrid mode efficiency and security; a tool for users checking their TLS connections for quantum-safe guarantees; a study and an optimized approach for issuance of PQC digital certificates in ACME; a design and implementation of a hybrid approach for the TLS alternative called KEMTLS; and a novel hybrid concept (and implementation) for authentication using wrapped digital certificates. In all proposed hybrid mode evaluations, the penalty in performance was non-significant when compared to PQC-only deployment, except in certain situations. The novel concept for hybrid authentication also allows a contingency plan for hybrids, contributing to the PQC adoption. By proposing and evaluating different scenarios, approaches and protocols, this thesis sums efforts towards using hybrid PQC to mitigate the worrisome effects of the quantum threat to cryptography

On the Role of Hash-Based Signatures in Quantum-Safe Internet of Things:Current Solutions and Future Directions

The Internet of Things (IoT) is gaining ground as a pervasive presence around us by enabling miniaturized things with computation and communication capabilities to collect, process, analyze, and interpret information. Consequently, trustworthy data act as fuel for applications that rely on the data generated by these things, for critical decision-making processes, data debugging, risk assessment, forensic analysis, and performance tuning. Currently, secure and reliable data communication in IoT is based on public-key cryptosystems such as Elliptic Curve Cryptosystem (ECC). Nevertheless, reliance on the security of de-facto cryptographic primitives is at risk of being broken by the impending quantum computers. Therefore, the transition from classical primitives to quantum-safe primitives is indispensable to ensure the overall security of data en route. In this paper, we investigate applications of one of the post-quantum signatures called Hash-Based Signature (HBS) schemes for the security of IoT devices in the quantum era. We give a succinct overview of the evolution of HBS schemes with emphasis on their construction parameters and associated strengths and weaknesses. Then, we outline the striking features of HBS schemes and their significance for the IoT security in the quantum era. We investigate the optimal selection of HBS in the IoT networks with respect to their performance-constrained requirements, resource-constrained nature, and design optimization objectives. In addition to ongoing standardization efforts, we also highlight current and future research and deployment challenges along with possible solutions. Finally, we outline the essential measures and recommendations that must be adopted by the IoT ecosystem while preparing for the quantum world.Comment: 18 pages, 7 tables, 7 figure