Open-Source Post-Quantum Encryptor: Design, Implementation and Deployment

conference paper

English

This article describes an open-source quantum-resistant network traffic encryptor for the Linux platform. Our encryptor uses a combination of quantum and post-quantum key establishment methods to achieve quantum resistance combined with a fast encryption speed of AES to make quantum-resistant encryption readily available to the public. The packet-by-packet encryption architecture ensures that every bit of information is properly authenticated and encrypted. The combination of multiple key sources further increases the encryptor’s security – be it elliptic curve-based (Elliptic Curve Diffie Hellman, ECDH), quantum (Quantum Key Distribution, QKD) or post-quantum (CRYSTALS-Kyber). Without knowing all the keys obtained from different types of key sources, the final hybrid encryption key can only be obtained by brute-force means. Our contribution is very practical as the encryptor has reasonable performance, despite not being part of the Linux kernel.

Cryptography;Key Establishment;Post-Quantum Cryptography;Security;Quantum Key Distribution (QKD);Network Encryption

TŮMA, P.; HAJNÝ, J.; MUZIKANT, P.; HAVLÍN, J.; MALINA, L.; DOBIÁŠ, P.; WILLEMSON, J.

9. 7. 2024

SciTePress

978-989-758-709-2

Proceedings of the 21st International Conference on Security and Cryptography (SECRYPT 2024)

2184-7711

Proceedings of the 21st International Conference on Security and Cryptography (SECRYPT 2024)

Portuguese Republic

826

831

6

https://www.scitepress.org/PublicationsDetail.aspx?ID=8jUQgq8nzaI%3d&t=1

http://hdl.handle.net/11012/249920