Efficient Post-Quantum TLS Handshakes using Identity-Based Key Exchange from Lattices

Identity-Based Encryption (IBE) is considered an alternative to traditional certificate-based public key cryptography to reduce communication overheads in wireless sensor networks. In this work, we build on the well-known lattice-based DLP-IBE scheme to construct an ID-based certificateless authenticated key exchange for post-quantum Transport Layer Security (TLS) handshakes. We also propose concrete parameters for the underlying lattice computations and provide detailed implementation results. Finally, we compare the combined computation and communication cost of our ID-based certificate-less handshake with the traditional certificate-based handshake, both using lattice-based algorithms at similar postquantum security levels, and show that our ID-based handshake is $3.7 \times$ more energy-efficient, thus highlighting the advantage of ID-based key exchange for post-quantum TLS.

[1]  Christian Paquin,et al.  Prototyping post-quantum and hybrid key exchange and authentication in TLS and SSH , 2019, IACR Cryptol. ePrint Arch..

[2]  Martin R. Albrecht,et al.  NewHope Algorithm Specifications and Supporting Documentation , 2017 .

[3]  Daniel Apon,et al.  Status report on the first round of the NIST post-quantum cryptography standardization process , 2019 .

[4]  Craig Gentry,et al.  Trapdoors for hard lattices and new cryptographic constructions , 2008, IACR Cryptol. ePrint Arch..

[5]  Panos Kampanakis,et al.  The Viability of Post-quantum X.509 Certificates , 2018, IACR Cryptol. ePrint Arch..

[6]  Lin Li,et al.  Efficient Implementation of Password-based Authenticated Key Exchange from RLWE and Post-Quantum TLS , 2017, Int. J. Netw. Secur..

[7]  Craig Costello,et al.  Post-Quantum Key Exchange for the TLS Protocol from the Ring Learning with Errors Problem , 2015, 2015 IEEE Symposium on Security and Privacy.

[8]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.3 , 2018, RFC.

[9]  Anantha Chandrakasan,et al.  eeDTLS: Energy-Efficient Datagram Transport Layer Security for the Internet of Things , 2017, GLOBECOM 2017 - 2017 IEEE Global Communications Conference.

[10]  Anantha P. Chandrakasan,et al.  Sapphire: A Configurable Crypto-Processor for Post-Quantum Lattice-based Protocols , 2019, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[11]  Tim Güneysu,et al.  Towards lightweight Identity-Based Encryption for the post-quantum-secure Internet of Things , 2017, 2017 18th International Symposium on Quality Electronic Design (ISQED).

[12]  Kenichi Okada,et al.  An ADPLL-centric bluetooth low-energy transceiver with 2.3mW interference-tolerant hybrid-loop receiver and 2.9mW single-point polar transmitter in 65nm CMOS , 2018, 2018 IEEE International Solid - State Circuits Conference - (ISSCC).

[13]  Martin R. Albrecht,et al.  On the concrete hardness of Learning with Errors , 2015, J. Math. Cryptol..

[14]  Neil Smyth,et al.  A Practical Implementation of Identity-Based Encryption Over NTRU Lattices , 2017, IMACC.

[15]  Pooya Farshim,et al.  Generic Constructions of Identity-Based and Certificateless KEMs , 2008, Journal of Cryptology.

[16]  Thomas Unterluggauer,et al.  Efficient Pairings and ECC for Embedded Systems , 2014, IACR Cryptol. ePrint Arch..

[17]  Léo Ducas,et al.  Efficient Identity-Based Encryption over NTRU Lattices , 2014, ASIACRYPT.

[18]  Eike Kiltz,et al.  A Modular Analysis of the Fujisaki-Okamoto Transformation , 2017, TCC.

[19]  Anantha Chandrakasan,et al.  An energy-efficient reconfigurable DTLS cryptographic engine for End-to-End security in iot applications , 2018, 2018 IEEE International Solid - State Circuits Conference - (ISSCC).

[20]  Ricardo Dahab,et al.  Identity-Based Encryption for Sensor Networks , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[21]  Shiyang Liu,et al.  Post-Quantum Enabled Cyber Physical Systems , 2019, IEEE Embedded Systems Letters.

[22]  Quan Zhang,et al.  Improved TLS Handshake Protocols Using Identity-Based Cryptography , 2009, 2009 International Symposium on Information Engineering and Electronic Commerce.

[23]  Atsushi Fujioka,et al.  Strongly secure authenticated key exchange from factoring, codes, and lattices , 2012, Des. Codes Cryptogr..

[24]  Chris Peikert,et al.  A Decade of Lattice Cryptography , 2016, Found. Trends Theor. Comput. Sci..