Performanz Evaluation von PQC in TLS 1.3 unter variierenden Netzwerkcharakteristiken

by   Johanna Henrich, et al.

Quantum computers could break currently used asymmetric cryptographic schemes in a few years using Shor's algorithm. They are used in numerous protocols and applications to secure authenticity as well as key agreement, and quantum-safe alternatives are urgently needed. NIST therefore initiated a standardization process. This requires intensive evaluation, also with regard to performance and integrability. Here, the integration into TLS 1.3 plays an important role, since it is used for 90 algorithms for quantum-safe key exchange during TLS 1.3 handshake were reviewed. The focus is on the influence of dedicated network parameters such as transmission rate or packet loss in order to gain insights regarding the suitability of the algorithms under corresponding network conditions. For the implementation, a framework by Paquin et al. was extended to emulate network scenarios and capture the handshake duration for selected algorithms. It is shown that the evaluated candidates Kyber, Saber and NTRU as well as the alternative NTRU Prime have a very good overall performance and partly undercut the handshake duration of the classical ECDH. The choice of a higher security level or hybrid variants does not make a significant difference here. This is not the case with alternatives such as FrodoKEM, SIKE, HQC or BIKE, which have individual disadvantages and whose respective performance varies greatly depending on the security level and hybrid implementation. This is especially true for the data-intensive algorithm FrodoKEM. In general, the prevailing network characteristics should be taken into account when choosing scheme and variant. Further it becomes clear that the performance of the handshake is influenced by external factors such as TCP mechanisms or MTU, which could compensate for possible disadvantages due to PQC if configured appropriately.


page 1

page 2

page 3

page 4


QSOR: Quantum-Safe Onion Routing

In this work, we propose a study on the use of post-quantum cryptographi...

The Engineering of Software-Defined Quantum Key Distribution Networks

Quantum computers will change the cryptographic panorama. A technology o...

Algorithmic Security is Insufficient: A Comprehensive Survey on Implementation Attacks Haunting Post-Quantum Security

This survey is on forward-looking, emerging security concerns in post-qu...

A Quantum Safe Key Hierarchy and Dynamic Security Association for LTE/SAE in 5G Scenario

Millions of devices are going to participate in 5G producing a huge spac...

Quantum Amnesia Leaves Cryptographic Mementos: A Note On Quantum Skepticism

Leonard Shelby, the protagonist of Memento, uses mementos in the form of...

Please sign up or login with your details

Forgot password? Click here to reset