Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Distributed Symmetric Key Establishment: a Scalable Quantum-Safe Key Distribution Protocol

Jie Lin, Hoi-Kwong Lo, Jacob Johannsson, Mattia Montagna, Manfred von Willich

TL;DR

The security (correctness and confidentiality) and robustness of this protocol against a computationally unbounded adversary, who additionally may have fully compromised a bounded number of the intermediaries and can eavesdrop on all communication are proved.

Abstract

Pre-shared keys (PSK) have been widely used in network security. Nonetheless, existing PSK solutions are not scalable. Moreover, whenever a new user joins a network, PSK requires an existing user to get a new key before they are able to communicate with the new user. The key issue is how to distribute the PSK between different users. Here, we solve this problem by proposing a new protocol called Distributed Symmetric Key Establishment (DSKE). DSKE has the advantage of being scalable. Unlike standard public key infrastructure (PKI) which relies on computational assumptions, DSKE provides information-theoretic security in a universally composable security framework. Specifically, we prove the security (correctness and confidentiality) and robustness of this protocol against a computationally unbounded adversary, who additionally may have fully compromised a bounded number of the intermediaries and can eavesdrop on all communication. DSKE also achieves distributed trust through secret sharing. We present several implementations of DSKE in real environments, such as providing client services to link encryptors, network encryptors, and mobile phones, as well as the implementation of intermediaries, called Security Hubs, and associated test data as evidence for its versatility. As DSKE is highly scalable in a network setting with no distance limit, it is expected to be a cost-effective quantum-safe cryptographic solution to the network security threat presented by quantum computers.

Distributed Symmetric Key Establishment: a Scalable Quantum-Safe Key Distribution Protocol

TL;DR

The security (correctness and confidentiality) and robustness of this protocol against a computationally unbounded adversary, who additionally may have fully compromised a bounded number of the intermediaries and can eavesdrop on all communication are proved.

Abstract

Pre-shared keys (PSK) have been widely used in network security. Nonetheless, existing PSK solutions are not scalable. Moreover, whenever a new user joins a network, PSK requires an existing user to get a new key before they are able to communicate with the new user. The key issue is how to distribute the PSK between different users. Here, we solve this problem by proposing a new protocol called Distributed Symmetric Key Establishment (DSKE). DSKE has the advantage of being scalable. Unlike standard public key infrastructure (PKI) which relies on computational assumptions, DSKE provides information-theoretic security in a universally composable security framework. Specifically, we prove the security (correctness and confidentiality) and robustness of this protocol against a computationally unbounded adversary, who additionally may have fully compromised a bounded number of the intermediaries and can eavesdrop on all communication. DSKE also achieves distributed trust through secret sharing. We present several implementations of DSKE in real environments, such as providing client services to link encryptors, network encryptors, and mobile phones, as well as the implementation of intermediaries, called Security Hubs, and associated test data as evidence for its versatility. As DSKE is highly scalable in a network setting with no distance limit, it is expected to be a cost-effective quantum-safe cryptographic solution to the network security threat presented by quantum computers.
Paper Structure (23 sections, 2 theorems, 2 figures, 1 table)

This paper contains 23 sections, 2 theorems, 2 figures, 1 table.

Table of Contents

  1. Introduction
  2. Background
  3. Quantum-Safe Networks
  4. Real-World PSK Use Cases
  5. Technological Landscape
  6. Related Work
  7. Our Contribution
  8. The DSKE Protocol
  9. Conceptual Outline
  10. Security of DSKE
  11. Implementations of DSKE
  12. Share Performance
  13. Layer 3 VPN & QKD Experiment
  14. Layer 3 VPN
  15. QKD
  16. ...and 8 more sections

Key Result

Theorem 4.1

The DSKE protocol using an $(n, k)$-threshold scheme is $\epsilon + 2n \epsilon'$-secure, where $\epsilon = \min({n \choose k}\frac{m+1}{|F|}, 1)$ and $\epsilon' = \min(\frac{s}{|F|},1)$. Here, $|F|$ is the number of elements of the field $F$, $m$ is the number of field elements in the final secret,

Figures (2)

  • Figure 1: The results of the one-time set-up: Steps 1 (PSRD generation and distribution) and 2 (Peer identity establishment) of the protocol. DSKE users Alice, Bob and Charlie share an ordered table of PSRD with each of the Security Hubs. Each Security Hub only knows its own part of the users' tables. In this illustration, the PSRD is shown as bits.
  • Figure 2: Scaling behavior of processing time as a function of $k$ for different values of $n$ with $k \leq n$. The data fitting curve is $f(k) = 0.141 k^{1.977} + 0.183$. All data points fall in between $0.8f(k)$ and $1.12f(k)$. The processing time scales close to proportionally with $k^2$ with minimal dependence on $n$.

Theorems & Definitions (3)

  • Theorem 4.1: Security of the DSKE protocol
  • Theorem 4.2: Robustness of the DSKE protocol
  • Remark 1