Abstract
Given recent advances in the field of quantum cryptography, cryptographic agility is essential to protect data at rest and in transit. We consider hybrid key exchange and authentication in the framework of the TLS1.3 protocol. Traditional hybrid mode, which uses classical and quantum-safe algorithms together to secure data in the event of one of the algorithms being broken, has been a subject of research for a few years now. However, there are certain engineering challenges that come with using more than one algorithm in the framework of the TLS protocol. In this work, we propose a different hybrid mode that allows seamless negotiation between classical and quantum-safe algorithms. The proposed hybrid mode has different goals from the conventional hybrid mode and could be an excellent solution for entities not required to use standardized cryptographic algorithms and can be used in the timeframe when quantum-safe algorithms have been standardized but certain endpoints have not yet transitioned to post-quantum. We discuss conventional and proposed hybrid modes, described the proposed solution in detail, and briefly review engineering challenges associated with each hybrid mode.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Gambetta, J.: Expanding the IBM Quantum roadmap to anticipate the future of quantum-centric supercomputing, 10 May 2022. https://research.ibm.com/blog/ibm-quantum-roadmap-2025. Accessed 24 Jan 2023
Gilbert, W., Tanttu, T., Lim, W.H., et al.: On-demand electrical control of spin qubits. Nat. Nanotechnol. (2023)
Moody, D.: NIST PQC: Looking into the Future. NIST (2022). https://csrc.nist.gov/csrc/media/Presentations/2022/nist-pqc-looking-into-the-future/images-media/session-1-moody-looking-into-future-pqc2022.pdf. Accessed 24 Jan 2023
Langley, A.: Forward secrecy for Google HTTPS, December 2011. https://www.imperialviolet.org/2011/11/22/forwardsecret.html. Accessed 24 Jan 2023
Moeller, B., Bolyard, N., Gupta, V., Blake-Wilson, S.: Elliptic curve cryptography (ECC) cipher suites for Transport Layer Security (TLS). RFC 4492, May 2006. https://rfc-editor.org/rfc/rfc4492.txt. https://doi.org/10.17487/RFC4492. Accessed 24 Jan 2023
National Institute of Standards and Technology. Specification for the Digital Signature Standard (DSS). Federal Information Professing Standards (FIPS) 186-2, January 2000. https://csrc.nist.gov/CSRC/media/Publications/fips/186/2/archive/2001-10-05/documents/fips186-2-change1.pdf. Accessed 24 Jan 2023
Stern, M.: Transitioning National Security Systems to a Post Quantum Future, 30 November 2022. https://csrc.nist.gov/csrc/media/Presentations/2022/transitioning-national-security-systems-to-a-post/images-media/session3-stern-transitioning-national-security-systems-pqc2022.pdf. Accessed 24 Jan 2023
Barker, E., Chen, L., Davis, R.: August 2020. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf. Accessed 24 Jan 2023
Stebila, D., Fluhrer, S., Gueron, S.: Design issues for hybrid key exchange in TLS 1.3, 08 July 2019. https://datatracker.ietf.org/doc/html/draft-stebila-tls-hybrid-design-01#page-10. Accessed 24 Jan 2023
Kiefer, F., Kwiatkowski, K.: Hybrid ECDHE-SIDH key exchange for TLS. Internet-Draft draft- kiefer-tls-ecdhe-sidh-00, Internet Engineering Task Force (2018). https://datatracker.ietf.org/doc/html/draft-kiefer-tls-ecdhe-sidh-00. Accessed 24 Jan 2023
Schanck, J.M., Stebila, D.: A Transport Layer Security (TLS) Extension For Establishing An Additional Shared Secret, 17 April 2017. https://datatracker.ietf.org/doc/html/draft-schanck-tls-additional-keyshare-00. Accessed 24 Jan 2023
Hoffman, P.E.: The transition from classical to post-quantum cryptography. Internet-Draft draft-hoffman- c2pq-05, Internet Engineering Task Force, May 2019. https://datatracker.ietf.org/doc/html/draft-hoffman-c2pq-05. Accessed 24 Jan 2023
Crockett, E., Paquin, C., Stebila, D.: Prototyping post-quantum and hybrid key exchange and authentication in TLS and SSH. Cryptology ePrint Archive, Paper 2019/858 (2019)
Whyte, W., Zhang, Z., Fluhrer, S., Garcia-Morc, O.: Quantum-safe hybrid (QSH) key exchange for Transport Layer Security (TLS) version 1.3. Internet-Draft draft-whyte-qsh-tls13–06, Internet Engineering Task Force (2017). https://datatracker.ietf.org/doc/html/draft-whyte-qsh-tls13-06. Accessed 24 Jan 2023
Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3, August 2018. https://www.rfc-editor.org/rfc/rfc8446. Accessed 24 Jan 2023
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Rohde, W., Perepechaenko, M., Kuang, R. (2024). Quantum-Secure Autonomous Factories: Hybrid TLS 1.3 for Inter- and Intra-plant Communication. In: Femmam, S., Lorenz, P. (eds) Recent Advances in Communication Networks and Embedded Systems. ICCNT 2022. Lecture Notes on Data Engineering and Communications Technologies, vol 205. Springer, Cham. https://doi.org/10.1007/978-3-031-59619-3_14
Download citation
DOI: https://doi.org/10.1007/978-3-031-59619-3_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-59618-6
Online ISBN: 978-3-031-59619-3
eBook Packages: EngineeringEngineering (R0)