Litcius/Paper detail

Assessing the overhead of post-quantum cryptography in TLS 1.3 and SSH

Dimitrios Sikeridis, Panos Kampanakis, Michael Devetsikiotis

202072 citationsDOI

Abstract

The advances in quantum computing present a threat to public key primitives due to their ability to solve hard cryptographic problems in polynomial time. To address this threat to critical Internet security protocols like the Transfer Layer Security (TLS), and Secure Shell (SSH), the National Institute of Standards and Technology (NIST) is currently working on the new generation of quantum-resistant key encapsulation and authentication schemes. In this paper, we evaluate protocol handshake performance when both post-quantum key exchange and authentication are integrated into TLS and SSH. Our experiments consider realistic network conditions and reveal that the introduced handshake latency ranges between 1-300% for TLS and 0.5-50% for SSH depending on the post-quantum algorithms used. In addition, we examine how the initial TCP window size affects post-quantum TLS and SSH performance, and show that even a small size increase can reduce the observed post-quantum slowdown by 50%. Finally, we discuss alternatives that can encourage the early adoption of post-quantum cryptography with minimum protocol performance degradation.

Topics & Concepts

Transport Layer SecurityComputer scienceHandshakeQuantum cryptographyKey exchangeKey sizeQuantum computerComputer networkComputer securityPublic-key cryptographyCryptographic primitiveCryptographic protocolCryptographyQuantumQuantum informationEncryptionPhysicsQuantum mechanicsAsynchronous communicationQuantum Computing Algorithms and ArchitectureCryptography and Data SecurityChaos-based Image/Signal Encryption