PROJECT
Secure Key-Exchange in a Quantum World
doctoral candidate
Supervisors
Hülsing (TU/e), Skoric (TU/e), Lange (TU/e), Schaffner (UvA), Broadbent (TTBE), Daum (Genua), Shields (TOSHEU)
Objectives
Modelling and developing secure KE protocols in a setting with quantum adversaries. Understanding the impact of quantum communications in this setting.
Expected Results
Sound models for KE in a oven security in these models.
Description
One of the most challenging tasks of modern cryptography is to establish a commonly known secret between two parties, without pre-shared information, using only publicly known information. This is a setting that everyone faces multiple times a day when securely connecting to servers on the Internet. The KE mechanisms used today are all vulnerable to attacks using Shor’s algorithm and consequently will all be broken by quantum computers. This setting is also not solved by standard QKD protocol, which require pre-shared information and is therefore of no use in this scenario. Different applications have different requirements on KE mechanisms. Most importantly, KE mechanisms are distinguished by which parties are authenticated (authenticated or partially authenticated KE), if no parties are authenticated (anonymous KE), or if parties can even deny having participated in a KE although being authenticated towards the other party (deniable authenticated KE). The first step of the project will be to define appropriate security models for these different flavours of KE for settings in which adversaries and possibly also honest parties have quantum computing capabilities. So far there only exist models that consider quantum adversaries for the most basic flavour of KE; models for the more advanced flavours of KE are still lacking in this setting. In the case of honest parties with quantum computing capabilities, models are limited to the more basic primitives of secret key encryption, message authentication, and digital signatures. After defining sound models, the Doctoral Candidate will do research in protocols that are secure in these models and will analyse advantages and disadvantages of using quantum communications to achieve KE in this setting.
Methodology
The project takes the approach of exact provable security, where reductionist proofs relate the security of protocols to the complexity of solving a (supposedly hard) mathematical problem, or of breaking a smaller building block, like an encryption scheme. In this approach, the given bounds are given exactly, which allows us to later justify parameter choices using these proofs.
Risks
It might be impossible to develop KE mechanisms with the discussed special properties, even when considering quantum communications. If the research points in this direction, the project will aim at proving this instead. This would be a major result demonstrating what is achievable.