Open-Source Post-Quantum Encryptor: Design, Implementation and Deployment

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F24%3APU151731" target="_blank" >RIV/00216305:26220/24:PU151731 - isvavai.cz</a>

Výsledek na webu

<a href="https://www.scitepress.org/PublicationsDetail.aspx?ID=8jUQgq8nzaI%3d&t=1" target="_blank" >https://www.scitepress.org/PublicationsDetail.aspx?ID=8jUQgq8nzaI%3d&t=1</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.5220/0012839200003767" target="_blank" >10.5220/0012839200003767</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Open-Source Post-Quantum Encryptor: Design, Implementation and Deployment

Popis výsledku v původním jazyce

This article describes an open-source quantum-resistant network traffic encryptor for the Linux platform. Our encryptor uses a combination of quantum and post-quantum key establishment methods to achieve quantum resistance combined with a fast encryption speed of AES to make quantum-resistant encryption readily available to the public. The packet-by-packet encryption architecture ensures that every bit of information is properly authenticated and encrypted. The combination of multiple key sources further increases the encryptor’s security – be it elliptic curve-based (Elliptic Curve Diffie Hellman, ECDH), quantum (Quantum Key Distribution, QKD) or post-quantum (CRYSTALS-Kyber). Without knowing all the keys obtained from different types of key sources, the final hybrid encryption key can only be obtained by brute-force means. Our contribution is very practical as the encryptor has reasonable performance, despite not being part of the Linux kernel.

Název v anglickém jazyce

Open-Source Post-Quantum Encryptor: Design, Implementation and Deployment

Popis výsledku anglicky

This article describes an open-source quantum-resistant network traffic encryptor for the Linux platform. Our encryptor uses a combination of quantum and post-quantum key establishment methods to achieve quantum resistance combined with a fast encryption speed of AES to make quantum-resistant encryption readily available to the public. The packet-by-packet encryption architecture ensures that every bit of information is properly authenticated and encrypted. The combination of multiple key sources further increases the encryptor’s security – be it elliptic curve-based (Elliptic Curve Diffie Hellman, ECDH), quantum (Quantum Key Distribution, QKD) or post-quantum (CRYSTALS-Kyber). Without knowing all the keys obtained from different types of key sources, the final hybrid encryption key can only be obtained by brute-force means. Our contribution is very practical as the encryptor has reasonable performance, despite not being part of the Linux kernel.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

20203 - Telecommunications

Projekt

<a href="/cs/project/VJ01010008" target="_blank" >VJ01010008: Kybernetická bezpečnost sítí v postkvantové éře</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2024

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of the 21st International Conference on Security and Cryptography (SECRYPT 2024)

ISBN

978-989-758-709-2

ISSN

2184-7711

e-ISSN

—

Počet stran výsledku

6

Strana od-do

826-831

Název nakladatele

SciTePress

Místo vydání

neuveden

Místo konání akce

Dijon, France

Datum konání akce

8. 7. 2024

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—