Skip to main content
SpringerLink
Log in

Vision Paper: Do We Need to Change Some Things?

Open Questions Posed by the Upcoming Post-quantum Migration to Existing Standards and Deployments

  • Conference paper
  • First Online:
Security Standardisation Research (SSR 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13895))

Included in the following conference series:

Abstract

Cryptographic algorithms are vital components ensuring the privacy and security of computer systems. They have constantly improved and evolved over the years following new developments, attacks, breaks, and lessons learned. A recent example is that of quantum-resistant cryptography, which has gained a lot of attention in the last decade and is leading to new algorithms being standardized today. These algorithms, however, present a real challenge: they come with strikingly different size and performance characteristics than their classical counterparts. At the same time, common foundational aspects of our transport protocols have lagged behind as the Internet remains a very diverse space in which different use-cases and parts of the world have different needs.

This vision paper motivates more research and possible standards updates related to the upcoming quantum-resistant cryptography migration. It stresses the importance of amplification reflection attacks and congestion control concerns in transport protocols and presents research and standardization takeaways for assessing the impact and the efficacy of potential countermeasures. It emphasizes the need to go beyond the standardization of key encapsulation mechanisms in order to address the numerous protocols and deployments of public-key encryption while avoiding pitfalls. Finally, it motivates the critical need for research in anonymous credentials and blind signatures at the core of numerous deployments and standardization efforts aimed at providing privacy-preserving trust signals.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The standardization process continues with a fourth round for alternates key encapsulation mechanisms (BIKE [9], Classic McEliece [4], HQC [3], and SIKE [47]), and a new call for proposal for digital signatures.

  2. 2.

    https://www.nccoe.nist.gov/crypto-agility-considerations-migrating-post-quantum-cryptographic-algorithms.

  3. 3.

    https://datatracker.ietf.org/wg/pquip/about/.

  4. 4.

    https://www.cisa.gov/uscert/ncas/alerts/TA14-017A.

  5. 5.

    https://cwe.mitre.org/data/definitions/406.html.

  6. 6.

    https://www.cisa.gov/uscert/ncas/alerts/TA13-088A.

  7. 7.

    https://www.kb.cert.org/vuls/id/419128.

  8. 8.

    https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/2ak2U_MxyrQ/m/L-kQ-SubBwAJ.

  9. 9.

    https://datatracker.ietf.org/wg/mls/about/.

  10. 10.

    https://datatracker.ietf.org/wg/ppm/about/.

  11. 11.

    They also instantiated the KEM using SIKE [48], which subsequently suffered fatal attacks [16, 66] and should no longer be used [47], so we do not discuss this further.

  12. 12.

    https://mailarchive.ietf.org/arch/msg/cfrg/zTnaLhO5N7ipvPyJ8lmV7Iic9RU/.

  13. 13.

    https://opensource.apple.com/source/Security/Security-59754.80.3/keychain/SecureObjectSync/SOSECWrapUnwrap.c.

  14. 14.

    https://cloud.google.com/kms/docs/key-wrapping.

  15. 15.

    https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-get-public-key-and-token.html.

  16. 16.

    https://docs.aws.amazon.com/cloudhsm/latest/userguide/key_mgmt_util-wrapKey.html.

  17. 17.

    https://support.apple.com/guide/security/how-imessage-sends-and-receives-messages-sec70e68c949/1/web/1.

  18. 18.

    https://blog.1password.com/developers-how-we-use-srp-and-you-can-too/.

  19. 19.

    https://proton.me/blog/encrypted-email-authentication.

  20. 20.

    https://mailarchive.ietf.org/arch/msg/cfrg/dtf91cmavpzT47U3AVxrVGNB5UM/.

  21. 21.

    https://support.cloudflare.com/hc/en-us/articles/115001992652-Using-Privacy-Pass-with-Cloudflare.

  22. 22.

    https://blog.cloudflare.com/eliminating-captchas-on-iphones-and-macs-using-new-standard/.

  23. 23.

    https://web.dev/trust-tokens/.

  24. 24.

    https://datatracker.ietf.org/wg/privacypass/about/.

  25. 25.

    https://one.google.com/about/vpn/howitworks.

References

  1. Abdalla, M., Haase, B., Hesse, J.: CPace, a balanced composable PAKE. Technical report, Internet Research Task Force (2022). https://datatracker.ietf.org/doc/draft-irtf-cfrg-cpace/

  2. Agrawal, S., Kirshanova, E., Stehle, D., Yadav, A.: Can round-optimal lattice-based blind signatures be practical? Cryptology ePrint Archive, Report 2021/1565 (2021). https://ia.cr/2021/1565

  3. Aguilar Melchor, C., et al.: HQC. Technical report, National Institute of Standards and Technology (2022). https://csrc.nist.gov/Projects/post-quantum-cryptography/round-4-submissions

  4. Albrecht, M.R., et al.: Classic McEliece. Technical report, National Institute of Standards and Technology (2022). https://csrc.nist.gov/projects/post-quantum-cryptography/round-4-submissions

  5. Albrecht, M.R., Davidson, A., Deo, A., Smart, N.P.: Round-optimal verifiable oblivious pseudorandom functions from ideal lattices. In: Garay, J.A. (ed.) PKC 2021. LNCS, vol. 12711, pp. 261–289. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-75248-4_10

    Chapter  Google Scholar 

  6. American National Standards Institute Inc: ANSI X9.44-2007 key establishment using integer factorization cryptography (2007). https://webstore.ansi.org/standards/ascx9/ansix9442007r2017

  7. Anastasova, M., Kampanakis, P., Massimo, J.: PQ-HPKE: post-quantum hybrid public key encryption. In: International Cryptographic Module Conference 2022 (2022). https://ia.cr/2022/414

  8. American National Standards Institute (ANSI) X9.F1 subcommittee. ANSI X9.63 Public key cryptography for the Financial Services Industry: Elliptic curve key agreement and key transport schemes, 5 July 1998. working draft version 2.0

    Google Scholar 

  9. Aragon, N., et al.: BIKE. Technical report, National Institute of Standards and Technology (2022). https://csrc.nist.gov/Projects/post-quantum-cryptography/round-4-submissions

  10. Barnes, R., Bhargavan, K., Lipp, B., Wood, C.A.: Hybrid public key encryption. RFC, Internet Engineering Task Force (2022). https://www.rfc-editor.org/rfc/rfc9180

  11. Bas Westerbaan, C.: Sizing Up Post-Quantum Signatures, November 2021. https://blog.cloudflare.com/sizing-up-post-quantum-signatures/

  12. Basso, A.: A post-quantum round-optimal oblivious PRF from isogenies. Cryptology ePrint Archive, Paper 2023/225 (2023). https://eprint.iacr.org/2023/225

  13. Benhamouda, F., Lepoint, T., Loss, J., Orrù, M., Raykova, M.: On the (in)security of ROS. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12696, pp. 33–53. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77870-5_2

    Chapter  MATH  Google Scholar 

  14. Boneh, D., Kogan, D., Woo, K.: Oblivious pseudorandom functions from isogenies. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12492, pp. 520–550. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64834-3_18

    Chapter  Google Scholar 

  15. Bourdrez, D., Krawczyk, D.H., Lewi, K., Wood, C.A.: The OPAQUE asymmetric PAKE protocol. Technical report, Internet Research Task Force (2022). https://datatracker.ietf.org/doc/draft-irtf-cfrg-opaque/

  16. Castryck, W., Decru, T.: An efficient key recovery attack on SIDH (preliminary version). Cryptology ePrint Archive, Report 2022/975 (2022). https://ia.cr/2022/975

  17. Chairattana-Apirom, R., Hanzlik, L., Loss, J., Lysyanskaya, A., Wagner, B.: PI-cut-choo and friends: compact blind signatures via parallel instance cut-and-choose and more. In: Dodis, Y., Shrimpton, T. (eds.) CRYPTO 2022, Part III. LNCS, vol. 13509, pp. 3–31. Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 15–18 August 2022. https://doi.org/10.1007/978-3-031-15982-4_1

  18. Chairattana-Apirom, R., Lysyanskaya, A.: Compact cut-and-choose: boosting the security of blind signature schemes, compactly. Cryptology ePrint Archive, Report 2022/003 (2022). https://ia.cr/2022/003

  19. Chu, J., Dukkipati, N., Cheng, Y., Mathis, M.: Increasing TCP’s Initial Window. RFC 6928, April 2013. https://www.rfc-editor.org/info/rfc6928

  20. Davidson, A., Faz-Hernandez, A., Sullivan, N., Wood, C.A.: Oblivious pseudorandom functions (OPRFs) using prime-order groups. Technical report, Internet Research Task Force (2022). https://datatracker.ietf.org/doc/draft-irtf-cfrg-voprf/

  21. Davidson, A., Goldberg, I., Sullivan, N., Tankersley, G., Valsorda, F.: Privacy pass: bypassing internet challenges anonymously. PoPETs 2018(3), 164–180 (2018). https://doi.org/10.1515/popets-2018-0026

    Article  Google Scholar 

  22. del Pino, R., Katsumata, S.: A new framework for more efficient round-optimal lattice-based (partially) blind signature via trapdoor sampling. In: Dodis, Y., Shrimpton, T. (eds.) CRYPTO 2022, Part II. LNCS, vol. 13508, pp. 306–336. Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 15–18 August 2022. https://doi.org/10.1007/978-3-031-15979-4_11

  23. Denis, F., Jacobs, F., Wood, C.A.: RSA blind signatures. Technical report, Internet Research Task Force (2022). https://datatracker.ietf.org/doc/draft-irtf-cfrg-rsa-blind-signatures/

  24. Dent, A.W.: A designer’s guide to KEMs. In: Paterson, K.G. (ed.) Cryptography and Coding 2003. LNCS, vol. 2898, pp. 133–151. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-40974-8_12

    Chapter  Google Scholar 

  25. Dukkipati, N., et al.: An argument for increasing TCP’s initial congestion window. SIGCOMM Comput. Commun. Rev. 40(3), 26–33 (2010). https://doi.org/10.1145/1823844.1823848

  26. Durak, F.B., Vaudenay, S., Chase, M.: Anonymous tokens with hidden metadata bit from algebraic macs. Cryptology ePrint Archive, Paper 2022/1622 (2022). https://ia.cr/2022/1622

  27. Eaton, E., Stebila, D.: The quantum annoying property of password-authenticated key exchange protocols. In: Cheon, J.H., Tillich, J.-P. (eds.) PQCrypto 2021 2021. LNCS, vol. 12841, pp. 154–173. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-81293-5_9

    Chapter  MATH  Google Scholar 

  28. ETSI: ETSI TC Cyber Working Group for Quantum-Safe Cryptography (2017). https://portal.etsi.org/TBSiteMap/CYBER/CYBERQSCToR.aspx. Accessed 25 July 2019

  29. Fregly, A., Harvey, J., Jr., B.S.K., Sheth, S.: Merkle tree ladder mode: reducing the size impact of NIST PQC signature algorithms in practice. Cryptology ePrint Archive, Paper 2022/1730 (2022). https://ia.cr/2022/1730

  30. Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537–554. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_34

    Chapter  Google Scholar 

  31. Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. J. Cryptol. 26(1), 80–101 (2011). https://doi.org/10.1007/s00145-011-9114-1

    Article  MathSciNet  MATH  Google Scholar 

  32. Gao, X., Ding, J., Liu, J., Li, L.: Post-quantum secure remote password protocol from RLWE problem. Cryptology ePrint Archive, Report 2017/1196 (2017). https://ia.cr/2017/1196

  33. Gayoso Martínez, V., Hernández Á lvarez, F., Hernández Encinas, L., Sánchez Á vila, C.: A comparison of the standardized versions of ECIES. In: 2010 Sixth International Conference on Information Assurance and Security, pp. 1–4 (2010). https://doi.org/10.1109/ISIAS.2010.5604194

  34. Ghedini, A., Vasiliev, V.: TLS Certificate Compression. RFC 8879, December 2020. https://doi.org/10.17487/RFC8879, https://www.rfc-editor.org/info/rfc8879

  35. Goertzen, J., Stebila, D.: Post-quantum signatures in DNSSEC via request-based fragmentation. CoRR abs/2211.14196 (2022). https://doi.org/10.48550/arXiv.2211.14196

  36. Hanzlik, L., Loss, J., Wagner, B.: Rai-choo! Evolving blind signatures to the next level. Cryptology ePrint Archive, Report 2022/1350 (2022). https://ia.cr/2022/1350

  37. Hauck, E., Kiltz, E., Loss, J.: A modular treatment of blind signatures from identification schemes. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11478, pp. 345–375. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17659-4_12

    Chapter  Google Scholar 

  38. Hauck, E., Kiltz, E., Loss, J., Nguyen, N.K.: Lattice-based blind signatures, revisited. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12171, pp. 500–529. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56880-1_18

    Chapter  Google Scholar 

  39. Housley, R.: Use of the HSS/LMS Hash-Based Signature Algorithm in the Cryptographic Message Syntax (CMS). RFC 8708, February 2020. https://www.rfc-editor.org/info/rfc8708

  40. http archive: Report: State of the Web. http://httparchive.org/trends.php

  41. Huelsing, A., Butin, D., Gazdag, S.L., Rijneveld, J., Mohaisen, A.: XMSS: eXtended Merkle Signature Scheme. RFC 8391, May 2018. https://rfc-editor.org/rfc/rfc8391

  42. Hulsing, A.,et al.: SPHINCS+. Technical report, National Institute of Standards and Technology (2022). https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022

  43. IEEE draft standard P1363.2. Password-based public key cryptography, May 2004. draft Version 15. http://grouper.ieee.org/groups/1363/passwdPK

  44. IEEE P1363a Committee. IEEE P1363a / D9 – standard specifications for public key cryptography: Additional techniques, June 2001. draft Version 9. http://grouper.ieee.org/groups/1363/index.html/

  45. ISO: Information technology - security techniques - key management - part 4: Mechanisms based on weak secrets. ISO/IEC, International Organization for Standardization (2017). https://www.iso.org/standard/67933.html

  46. Iyengar, J., Swett, I.: QUIC Loss Detection and Congestion Control. RFC 9002, May 2021. https://www.rfc-editor.org/info/rfc9002

  47. Jao, D., et al.: SIKE. Technical report, National Institute of Standards and Technology (2022). https://csrc.nist.gov/Projects/post-quantum-cryptography/round-4-submissions

  48. Jao, D., et al.: SIKE. Technical report, National Institute of Standards and Technology (2020). https://csrc.nist.gov/projects/post-quantum-cryptography/round-3-submissions

  49. Jaques, S.: Landscape of quantum computing in 2022 (2022). https://sam-jaques.appspot.com/quantum_landscape_2022

  50. Jivsov, A.: Elliptic curve cryptography (ECC) in OpenPGP. RFC, Internet Engineering Task Force (2016). https://www.rfc-editor.org/rfc/rfc6637

  51. Jonsson, J., Kaliski, B.: Public-key cryptography standards (PKCS) #1: RSA cryptography specifications version 2.1. RFC, Internet Engineering Task Force (2003). https://www.rfc-editor.org/rfc/rfc3447

  52. K. Moriarty, E., Kaliski, B., Jonsson, J., Rusch, A.: PKCS #1: RSA cryptography specifications version 2.2. RFC, Internet Engineering Task Force (2012). https://www.rfc-editor.org/rfc/rfc8017

  53. Kaliski, B.: PKCS #1: RSA encryption version 1.5. RFC, Internet Engineering Task Force (1998). https://www.rfc-editor.org/rfc/rfc2313

  54. Kaliski, B., Jonsson, J.: PKCS #1: RSA cryptography specifications version 2.0. RFC, Internet Engineering Task Force (1998). https://www.rfc-editor.org/rfc/rfc2437

  55. Kampanakis, P., Kallitsis, M.: Faster post-quantum TLS handshakes without intermediate CA certificates. In: Dolev, S., Katz, J., Meisels, A. (eds.) Cyber Security, Cryptology, and Machine Learning. CSCML 2022. LNCS, vol. 13301, pp. 337–355. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-07689-3_25

  56. Kampanakis, P., Sikeridis, D.: Two PQ signature use-cases: Non-issues, challenges and potential solutions. Cryptology ePrint Archive, Report 2019/1276 (2019). https://ia.cr/2019/1276

  57. Kampanakis, P., Stebila, D., Hansen, T.: Post-quantum Hybrid Key Exchange in SSH. Internet-Draft draft-kampanakis-curdle-ssh-pq-ke-00, Internet Engineering Task Force, November 2022. work in Progress. https://datatracker.ietf.org/doc/draft-kampanakis-curdle-ssh-pq-ke/00/

  58. Kastner, J., Loss, J., Xu, J.: The abe-okamoto partially blind signature scheme revisited. Cryptology ePrint Archive, Report 2022/1232 (2022). https://ia.cr/2022/1232

  59. Katz, J., Loss, J., Rosenberg, M.: Boosting the security of blind signature schemes. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021. LNCS, vol. 13093, pp. 468–492. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-92068-5_16

    Chapter  Google Scholar 

  60. Kaufman, C., Hoffman, P.E., Nir, Y., Eronen, P., Kivinen, T.: Internet Key Exchange Protocol Version 2 (IKEv2). RFC 7296, October 2014. https://www.rfc-editor.org/info/rfc7296

  61. Kinnear, E., McManus, P., Pauly, T., Verma, T., Wood, C.A.: Oblivious DNS over HTTPS. RFC, Internet Engineering Task Force (2022). https://www.rfc-editor.org/rfc/rfc9230

  62. Kreuter, B., Lepoint, T., Orrù, M., Raykova, M.: Anonymous tokens with private metadata bit. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12170, pp. 308–336. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56784-2_11

    Chapter  Google Scholar 

  63. Kris Kwiatkowski, L.V.: The TLS Post-Quantum Experiment, October 2020. https://blog.cloudflare.com/the-tls-post-quantum-experiment/

  64. Lyubashevsky, V., et al.: CRYSTALS-DILITHIUM. Technical report, National Institute of Standards and Technology (2022). https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022

  65. Lyubashevsky, V., Nguyen, N.K., Plancon, M.: Efficient lattice-based blind signatures via gaussian one-time signatures. Cryptology ePrint Archive, Report 2022/006 (2022). https://ia.cr/2022/006

  66. Maino, L., Martindale, C.: An attack on SIDH with arbitrary starting curve. Cryptology ePrint Archive, Report 2022/1026 (2022). https://ia.cr/2022/1026

  67. Majkowski, M.: Reflections on reflection (attacks), May 2017. https://blog.cloudflare.com/reflections-on-reflections/

  68. Massimo, J., Kampanakis, P., Turner, S., Westerbaan, B.: Internet X.509 Public Key Infrastructure: Algorithm Identifiers for Dilithium. Internet-Draft draft-ietf-lamps-dilithium-certificates-00, Internet Engineering Task Force, September 2022. work in Progress. https://datatracker.ietf.org/doc/draft-ietf-lamps-dilithium-certificates/00/

  69. McGrew, D., Curcio, M., Fluhrer, S.: Leighton-Micali Hash-Based Signatures. RFC 8554, April 2019. https://rfc-editor.org/rfc/rfc8554

  70. Mononen, T., Kause, T., Farrell, S., Adams, D.C.: Internet X.509 public key infrastructure certificate management protocol (CMP). RFC, Internet Engineering Task Force (2005). https://www.rfc-editor.org/rfc/rfc4210

  71. Müller, M., de Jong, J., van Heesch, M., Overeinder, B., van Rijswijk-Deij, R.: Retrofitting post-quantum cryptography in internet protocols: a case study of DNSSEC. SIGCOMM Comput. Commun. Rev. 50(4), 49–57 (2020). https://doi.org/10.1145/3431832.3431838

  72. Nawrocki, M., Tehrani, P.F., Hiesgen, R., Mücke, J., Schmidt, T.C., Wählisch, M.: On the interplay between TLS certificates and QUIC performance. In: Proceedings of the 18th International Conference on emerging Networking EXperiments and Technologies. ACM, November 2022. https://doi.org/10.1145/3555050.3569123

  73. NIST: NIST PQ project, February 2022. https://csrc.nist.gov/projects/post-quantum-cryptography

  74. Paquin, C., Stebila, D., Tamvada, G.: Benchmarking post-quantum cryptography in TLS. In: Ding, J., Tillich, J.-P. (eds.) PQCrypto 2020. LNCS, vol. 12100, pp. 72–91. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-44223-1_5

    Chapter  MATH  Google Scholar 

  75. Partridge, D.C., Allman, M., Floyd, S.: Increasing TCP’s Initial Window. RFC 3390, November 2002. https://www.rfc-editor.org/info/rfc3390

  76. Paxson, D.V., Allman, M., Stevens, W.R.: TCP Congestion Control. RFC 2581, April 1999. https://www.rfc-editor.org/info/rfc2581

  77. Planet, C.: Initcwnd settings of major CDN providers, February 2017. https://www.cdnplanet.com/blog/initcwnd-settings-major-cdn-providers/

  78. Prest, T., et al.: FALCON. Technical report, National Institute of Standards and Technology (2022). https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022

  79. Prince, M.: The DDoS That Almost Broke the Internet, May 2017. https://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet/

  80. Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446, August 2018. https://rfc-editor.org/rfc/rfc8446

  81. Rescorla, E., Modadugu, N.: Datagram Transport Layer Security Version 1.2. RFC 6347, January 2012. https://www.rfc-editor.org/info/rfc6347

  82. Rescorla, E., Oku, K., Sullivan, N., Wood, C.A.: TLS encrypted client hello. Technical report, Internet Engineering Task Force (2022). https://datatracker.ietf.org/doc/draft-ietf-tls-esni/

  83. Rescorla, E., Tschofenig, H., Modadugu, N.: The Datagram Transport Layer Security (DTLS) Protocol Version 1.3. RFC 9147, April 2022. https://www.rfc-editor.org/info/rfc9147

  84. Rossow, C.: Amplification hell: revisiting network protocols for ddos abuse, January 2014. https://doi.org/10.14722/ndss.2014.23233

  85. Rückert, M.: Lattice-based blind signatures. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 413–430. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17373-8_24

    Chapter  Google Scholar 

  86. Rüth, J., Bormann, C., Hohlfeld, O.: Large-scale scanning of TCP’s initial window. In: Proceedings of the 2017 Internet Measurement Conference, pp. 304–310. IMC 2017, Association for Computing Machinery, New York, NY, USA (2017). https://doi.org/10.1145/3131365.3131370

  87. Schwabe, P., et al.: CRYSTALS-KYBER. Technical report, National Institute of Standards and Technology (2022). https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022

  88. Certicom research, standards for efficient cryptography group (SECG) – sec 1: Elliptic curve cryptography, 20 September 2000. version 1.0. http://www.secg.org/secg_docs.htm

  89. Shoup, V.: A proposal for an ISO standard for public key encryption. Cryptology ePrint Archive, Report 2001/112 (2001). https://ia.cr/2001/112

  90. Shoup, V.: ISO 18033–2: an emerging standard for public-key encryption, December 2004. final Committee Draft. https://shoup.net/iso/std6.pdf

  91. Sikeridis, D., Kampanakis, P., Devetsikiotis, M.: Assessing the overhead of post-quantum cryptography in TLS 1.3 and SSH. In: Proceedings of the 16th International Conference on Emerging Networking EXperiments and Technologies, pp. 149–156. CoNEXT 2020, Association for Computing Machinery, New York, NY, USA (2020). https://doi.org/10.1145/3386367.3431305

  92. Sikeridis, D., Kampanakis, P., Devetsikiotis, M.: Post-quantum authentication in TLS 1.3: a performance study. In: 27th Annual Network and Distributed System Security Symposium, NDSS 2020, San Diego, California, USA, 23–26 February 2020. The Internet Society (2020). https://www.ndss-symposium.org/ndss-paper/post-quantum-authentication-in-tls-1-3-a-performance-study/

  93. Smyslov, V.: Intermediate Exchange in the Internet Key Exchange Protocol Version 2 (IKEv2). RFC 9242, May 2022. https://www.rfc-editor.org/info/rfc9242

  94. Stebila, D., Fluhrer, S., Gueron, S.: Hybrid key exchange in TLS 1.3. Internet-Draft draft-ietf-tls-hybrid-design-04, Internet Engineering Task Force, January 2022. work in Progress. https://datatracker.ietf.org/doc/html/draft-ietf-tls-hybrid-design-04

  95. Stebila, D., Fluhrer, S., Gueron, S.: Hybrid key exchange in TLS 1.3. Internet-Draft draft-ietf-tls-hybrid-design-05, Internet Engineering Task Force, August 2022. work in Progress. https://datatracker.ietf.org/doc/draft-ietf-tls-hybrid-design/05/

  96. Stevens, W.R.: TCP Slow Start, Congestion Avoidance, Fast Retransmit, and Fast Recovery Algorithms. RFC 2001, January 1997. https://www.rfc-editor.org/info/rfc2001

  97. Thomson, M., Kampanakis, P., Bytheway, C., Westerbaan, B.: Suppressing CA Certificates in TLS 1.3. Internet-Draft draft-kampanakis-tls-scas-latest-02, Internet Engineering Task Force, July 2022. work in Progress. https://datatracker.ietf.org/doc/draft-kampanakis-tls-scas-latest/02/

  98. Thomson, M., Turner, S.: Using TLS to Secure QUIC. RFC 9001, May 2021. https://www.rfc-editor.org/info/rfc9001

  99. Tjhai, C., et al.: Multiple key exchanges in IKEv2. Internet-Draft draft-ietf-ipsecme-ikev2-multiple-ke-04, Internet Engineering Task Force, September 2021. work in Progress. https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-ikev2-multiple-ke-04

  100. Tjhai, C., et al.: Multiple key exchanges in IKEv2. Internet-Draft draft-ietf-ipsecme-ikev2-multiple-ke-12, Internet Engineering Task Force, December 2022. work in Progress. https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-multiple-ke/12/

  101. Touch, D.J.D.: Automating the Initial Window in TCP. Internet-Draft draft-touch-tcpm-automatic-iw-03, Internet Engineering Task Force, July 2012. work in Progress. https://datatracker.ietf.org/doc/draft-touch-tcpm-automatic-iw/03/

  102. Wu, T.: The SRP authentication and key exchange system. RFC, Internet Engineering Task Force (2000). https://www.rfc-editor.org/rfc/rfc2945

Download references

Author information

Authors and Affiliations

  1. Amazon Web Services, Seattle, USA

    Panos Kampanakis & Tancrède Lepoint

Authors
  1. Panos Kampanakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tancrède Lepoint
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Panos Kampanakis .

Editor information

Editors and Affiliations

  1. ETH Zurich, Zurich, Switzerland

    Felix Günther

  2. IBM Research Europe - Zurich, Rüschlikon, Switzerland

    Julia Hesse

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kampanakis, P., Lepoint, T. (2023). Vision Paper: Do We Need to Change Some Things?. In: Günther, F., Hesse, J. (eds) Security Standardisation Research. SSR 2023. Lecture Notes in Computer Science, vol 13895. Springer, Cham. https://doi.org/10.1007/978-3-031-30731-7_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-30731-7_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-30730-0

  • Online ISBN: 978-3-031-30731-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation