Johanna Henrich | UCS

Prototype Development and Benchmarking for Secure Key Forwarding in QKDN

Thu, 18 Dec 2025 11:00:00 +0000

Motivation

Leistungsstarke Quantencomputer könnten aktuell verwendete asymmetrische Verfahren wie Diffie Hellman und RSA brechen. Daher wurde in den vergangenen Jahren intensiv bezüglich quantensicherer Verfahren geforscht. Quantum Key Distribution (QKD) nutzt die Physik der Quanten, um einen informationstheoretisch sicheren Schlüsselaustausch zu gewährleisten. Die Reichweite des Verfahrens ist jedoch begrenzt und es sind nur einfache Punkt-zu-Punkt Verbindungen oder Sterntopologien möglich, weshalb QKD Netzwerke (QKDN) entwickelt wurden, welche den Schlüssel hop-by-hop weiterleiten. Um weiterhin die Sicherheit des Schlüssels zu garantieren, muss die Weiterleitung jedoch streng vertraulich und authentifiziert erfolgen.

English: Powerful quantum computers could break currently used asymmetric schemes such as Diffie Hellman and RSA. For this reason, quantum-secure methods have been intensively researched in recent years. Quantum Key Distribution (QKD) uses the physics of quanta to ensure information theoretically secure key exchange. However, the distance covered by the scheme is limited, and only simple point-to-point connections or star topologies are possible. For this reason, QKD networks (QKDN) have been developed, which forward the key hop by hop. However, in order to maintain the security of the key, the forwarding must be very secure.

Ziel

In vergangenen Projekten wurde eine Benchmarking Anwendung entwickelt, welche in der Lage ist, ein QKDN mit verschiedenen Knoten zu emulieren und ein Benchmarking durchzuführen, um die Schlüsseletablierung in einem QKD unterschiedlichen Konfigurationen zu evaluieren. Diese ist auch als Webanwendung verfügbar. Nun soll die Anwendung um diverse Konfigurationsmöglichkeiten erweitert und ein Benchmarking durchgeführt werden.

English: In previous projects, a benchmarking application was developed that is capable of emulating a QKDN with different nodes and performing benchmarking to evaluate key establishment in a QKD in different configurations. The application is also available as a web application. Now, the application is to be expanded to include various configuration options and benchmarking is to be performed.

Aufgaben

Vertrautmachen mit dem Forschungsfeld QKDN (Es geht um das grobe Verständnis. Du musst kein Experte auf dem Gebiet werden! ;-))
Vertrautmachen mit der bestehenden QKDN Emulationsanwendung
Implementierung neuer Konfigurationsoptionen für das Key Forwarding innerhalb der QKDN Emulationsanwendung wie bspw.:
- Authentifizierungsmechanismus der Knoten
- Hybridisierungsvariante der Schlüssel
- Mehrwegerouting
Benchmarking des Key Forwardings und Gegenüberstellung der Varianten

English:

Familiarize yourself with the QKDN research field (It’s about a rough understanding. You don’t have to become an expert in the field! ;-))
Familiarize yourself with the existing QKDN emulation application
Implementation of new configuration options for key forwarding within the QKDN emulation application, such as:
- Authentication mechanism of the nodes
- Hybridization variant of the keys
- Multi-path routing
Benchmarking of key forwarding and comparison of the variants

Voraussetzungen

Du bist Masterstudent an der HDa
Du besitzt Grundkenntnisse in IT-Sicherheit sowie Computernetze & Protokolle
Du hast Erfahrung im Programmieren
Du kannst eigenständig arbeiten

English:

You are a Master’s student at the HDa
You have basic knowledge of IT security and computer networks & protocols
You have experience in programming
You work independently

Organisation (bei HiWi Jobs)

Wahlweise 40 - 80 Std/Monat
Flexible Arbeitszeiten und flexibler Arbeitsort
Regelmäßige Treffen, um Ergebnisse und weiteres Vorgehen zu besprechen (2-3 Wochen Rhythmus)
Vertragsdauer flexibel

English:

Optional 40-80 hours/month
Flexible work schedule and location
Regular meetings to discuss results and next steps (every 2-3 weeks)
Flexible contract length, beyond 2024 possible

Referenzen und Literatur (Auswahl)

Beginn

Ab April 2026

Bei Interesse melden Sie sich bitte bei Johanna Henrich.

Systematization of Knowledge (SoK): Architecture and Communication Patterns in QKD Networks

Thu, 18 Dec 2025 11:00:00 +0000

Motivation

Damit ein Wissenschaftler gute Arbeit leistet, muss er sich gut in seinem Forschungsfeld auskennen und immer auf dem Laufenden bleiben. Da unser Forschungsfeld der quantensicheren Kommunikation und im speziellen Quantum Key Distribution Networks (QKDN) jedoch sehr interdisziplinär aufgestellt ist und die Weiterentwicklung sehr schnell voran schreitet, ist es nur schwer möglich, stets den Überblick zu behalten. Damit das besser gelingt, nutzen wir das Tool Zotero für die digitale Literaturverwaltung. Auch wenn das vieles erleichtert, müssen die Arbeiten strukturiert eingepflegt und thematisch geordnet werden, um sich im Literaturdschungel zurecht zu finden.

English: For a scientist to do good work, they need to be well-versed in their field of research and always stay up to date. However, since our research field of quantum secure communication and in particular Quantum Key Distribution Networks (QKDN) combines many different specialist areas and advancements are taking place very quickly, it is difficult to keep up with everything all the time. To make this easier, we use the Zotero tool for digital literature management. Even though this makes many things easier, it’s important to enter the work in a structured manner and organize it thematically so you can find your way through the literature jungle.

Ziel

Wir benötigen eine strukturierte, thematisch geordnete Auflistung der verfügbaren Literatur des Forschungsfeldes QKDN. Publikationen müssen entsprechend ihrem Inhalt in Ordnern geclustert und zusätzlich sinnvoll getaggt werden, um für spätere wissenschaftliche Arbeiten schnell auf eine Literturbasis zurückgreifen zu können.

English: We need a structured, thematically organized list of available literature in the field of QKDN research. Publications need to be grouped into folders according to their content and tagged in a meaningful way in order to be able to quickly access a literature base for later scientific work.

Aufgaben

Vertraut machen mit dem Forschungsfeld QKDN (Es geht um das grobe Verständnis. Du musst kein Experte auf dem Gebiet werden! ;-))
Einarbeiten in Zotero und unsere bestehende Literatursammlung
Neue Ordnerstruktur anlegen und die in Zotero gesammelten Arbeiten zuordnen
Noch nicht in Zotero eingepflegte Arbeiten einpflegen und ebenfalls zurordnen
Kontinuierliche Literaturrecherche, damit unsere Sammlung auf dem neuesten Stand bleibt
Optional: Konzept für eine sinnvolle Verwendung von Tags in Zotero

English:

Familiarize yourself with the QKDN research field (It’s about a rough understanding. You don’t have to become an expert in the field! ;-))
Become familiar with Zotero and our existing literature collection
Create a new folder structure and assign works collected in Zotero
Enter and assign works not yet entered in Zotero
Perform ongoing literature research to keep our collection up-to-date
Optional: Conceptualize a meaningful use of tags in Zotero

Voraussetzungen

Du bist Bachelor- oder Masterstudent an der HDa
Du besitzt Grundkenntnisse in IT-Sicherheit sowie Computernetze & Protokolle
Du bist gut im Strukturieren und Sortieren
Du hast Spaß an Literaturrecherche und konzeptioneller Arbeit
Du kannst eigenständig arbeiten

English:

You are a bachelor or master student at the HDa
You have basic knowledge of IT security and computer networks & protocols
You are good at structuring and organizing
You enjoy literature research and conceptual work
You work independently

Organisation

Wahlweise 40 - 80 Std/Monat
Flexible Arbeitszeiten und flexibler Arbeitsort
Regelmäßige Treffen, um Ergebnisse und weiteres Vorgehen zu besprechen (2-3 Wochen Rhythmus)
Vertragsdauer flexibel

English:

Optional 40-80 hours/month
Flexible work schedule and location
Regular meetings to discuss results and next steps (every 2-3 weeks)
Flexible contract length

Referenzen und Literatur (Auswahl)

Beginn

Ab April 2026

Bei Interesse melden Sie sich bitte bei Johanna Henrich.

Systematization of Knowledge (SoK): Secure Key Forwarding in QKDN

Thu, 18 Dec 2025 11:00:00 +0000

Motivation

Ziel

In der Arbeit soll eine Übersicht dazu liefern, welche unterschiedlichen Ansätze zum Key Forwarding in QKDN in der wissenschaftlichen Literatur beschrieben werden und wie diese einzuordnen sind.

English: This paper aims to provide an overview of the different approaches to key forwarding in QKDN described in the scientific literature and how these can be classified.

Aufgaben

Vertrautmachen mit dem Forschungsfeld QKDN (Es geht um das grobe Verständnis. Du musst kein Experte auf dem Gebiet werden! ;-))
Literaturrecherche zu QKDN Key Forwarding
Systematisierte Einordnung/Klassifizierung der gefundenen Literatur

English:

Familiarize yourself with the QKDN research field (It’s about a rough understanding. You don’t have to become an expert in the field! ;-))
Literature research on QKDN key forwarding
Systematic classification of the literature found

Voraussetzungen

Du bist Masterstudent an der HDa
Du besitzt Grundkenntnisse in IT-Sicherheit sowie Computernetze & Protokolle
Du hast Erfahrung im Programmieren
Du kannst eigenständig arbeiten

English:

You are a Master’s student at the HDa
You have basic knowledge of IT security and computer networks & protocols
You have experience in programming
You work independently

Referenzen und Literatur (Auswahl)

Beginn

Ab April 2026

Bei Interesse melden Sie sich bitte bei Johanna Henrich.

Integration von PQC in bewährte Netzwerkkommunikationsprotokolle

Thu, 18 Dec 2025 00:00:00 +0000

Motivation

Sobald ein leistungsstarker Quantencomputer verfügbar ist, können aktuell verwendete asymmetrische Verfahren wie Diffie Hellman und RSA gebrochen werden. Der Mathematiker Peter Shor entwickelte bereits 1994 einen entsprechenden Algorithmus. Asymmetrische Kryptografie wird in unzähligen digitalen Systemen für einen vertraulichen Schlüsselaustausch und eine Authentifizierung genutzt. Daher wurde in den vergangenen Jahren intensiv bezüglich quantensicherer Verfahren geforscht. Alternative Verfahren der Post-Quanten-Kryptographie (PQC) weisen jedoch sehr individuelle Charakteristiken auf, sodass in der Regel kein Eins-zu-Eins-Austausch möglich ist.

Ziel

Ziel der Arbeit ist die Ausarbeitung von Möglichkeiten zur Integration von PQC Algorithmen in ein oder mehrere Kommunikationsprotokolle, welche aktuell auf klassische kryptographische Primitive zurückgreifen. Denkbar wären Protokolle wie IPSec und IKEv2 oder DTLS. Sofern bereits mehrere Implementierungen und Evaluationen dieser beschrieben wurden, sollten diese aufgeführt und verglichen werden. Es können auch Änderungen an in der Literatur beschriebenen Konzepten vorgeschlagen oder gänzich neue Versionen designt werden. Verfügbare Implementierungen sollen abschließend mit Hilfe des von UCS entwickelten Frameworks evaluiert werden.

Aufgaben

Literaturrecherche zu Optionen bezüglich Integration in bekannte Protokolle wie IPSec und IKEv2 oder DTLS
Einschätzung zur Anwendbarkeit der Optionen und Ausarbeitung signifikanter Unterschiede zwischen Implementierungen
Vorschläge zur Optimierung der Optionen oder Ausarbeitung von Alternativen
Integration von Implementierungen in das Framework aus der Masterarbeit von Henrich zur Evalueirung der neuen Protkollversionen

Voraussetzungen

Kenntnisse in IT-Sicherheit, insbesondere asymmetrische Kryptographie
Kenntnisse in Computernetze & Protokolle
Grundkenntnisse in Linux
Spaß an Literaturrecherche und konzeptioneller Arbeit

Referenzen und Literatur (Auswahl)

Beginn

Ab April 2026

Bei Interesse melden Sie sich bitte bei Johanna Henrich.

Integration von QKD in TLS

Thu, 18 Dec 2025 00:00:00 +0000

Motivation

Sobald ein leistungsstarker Quantencomputer verfügbar ist, können aktuell verwendete asymmetrische Verfahren wie Diffie Hellman und RSA gebrochen werden. Der Mathematiker Peter Shor entwickelte bereits 1994 einen entsprechenden Algorithmus. Asymmetrische Kryptografie wird in unzähligen digitalen Systemen für einen vertraulichen Schlüsselaustausch und eine Authentifizierung genutzt. Daher wurde in den vergangenen Jahren intensiv bezüglich quantensicherer Verfahren geforscht. Quantum Key Distribution (QKD) nutzt die Physik der Quanten, um einen informationstheoretisch sicheren Schlüsselaustausch zu gewährleisten. Zukünftig sollen Endnutzer über eine einfache HTTP-basierte Schnittstelle an ein QKD-Netzwerk (QKDN) angebunden werden, welches symmetrische Schlüssel für entfernte Kommunikationspartner bereitstellt. Die Schlüssel werden über eine einfache ID eindeutig zugeordnet.

Ziel

Ziel der Arbeit ist die Ausarbeitung von Möglichkeiten zur Integration von QKD in das vielfach verwendete Protokoll TLS 1.3. Dafür muss die Anwendungsschnittstelle eines QKDNs analysiert und mit den unterschiedlichen Erweiterungsmöglichkeiten von TLS abgeglichen werden. Die erarbeiteten Optionen sollen beschrieben und gegenübergestellt werden. Bereits verfügbare Prototypen könnten zudem getestet oder Konzepte selbst prototypisch implementiert werden. Auch eine anschließende Performanz Evaluation wäre denkbar.

Aufgaben

Literatur- und Internetrecherche zu Optionen bezüglich der Integration von QKD in TLS
Ausarbeitung von Integrationsmöglichkeiten für QKD in TLS - sowohl aus der Literatur als auch eigene Ideen
Einschätzung zur Anwendbarkeit der Optionen und Ausarbeitung signifikanter Unterschiede zwischen diesen
Optional: Vorschläge zur Optimierung der Optionen oder Ausarbeitung einer alternativen Vorgehensweise
Optional: Inbetriebnahme verfügbarer Prototypen oder Implementierung eines eigenen Prototypen
Optional: Integration von Implementierungen in das Framework aus der Masterarbeit von Henrich und Evaluierung der Performanz

Voraussetzungen

Kenntnisse in IT-Sicherheit
Kenntnisse in Computernetze & Protokolle, insbesondere TLS
Grundkenntnisse in Linux
Grundkenntnisse und Interesse im Bereich Quantenphysik oder Elektrotechnik wünschenswert, aber nicht zwingend erforderlich
Spaß an Literaturrecherche und konzeptioneller Arbeit

Referenzen und Literatur (Auswahl)

Beginn

Ab April 2026

Bei Interesse melden Sie sich bitte bei Johanna Henrich.

A Lot of Data and Added Complexity. How Does PQC Affect the Performance of My TLS Connection?

Mon, 15 Sep 2025 05:01:40 +0000

Abstract

In a previous study, Henrich et al. (ISC ‘23) demonstrate how TLS handshake performance is affected not only by different Post Quantum Cryptography (PQC) Key Encapsulation Mechanisms KEMs and security levels, but also by varying physical network conditions. In particular, they show that prior to selecting a PQC scheme replacement for TLS, it is important to conduct an analysis of the anticipated network conditions for applications that require a high level of responsiveness. In this paper, we build upon the afore mentioned work and complement the previous experiments to include digital signature PQC schemes and hybrid variants, as well as various compositions of certificate chains. Moreover, an analysis is conducted on the effects of deploying real physical servers and varying the underlying network stack configuration. Our results show that incorporating PQC signature schemes does not negatively impact the overall transmission time as substantially as poor network conditions. However, operating at high security levels frequently results in delays using PQC schemes. These findings are consistent across hybrid schemes as well. We conclude that migrating TLS to PQ-only or hybrid usage can generally be undertaken with a high degree of confidence. However, considering suboptimal network conditions or the use of higher security levels, a cautious transition is recommended. In such cases, the configuration of certificate chains or increasing the TCP Congestion Window might prove beneficial.

DemoQuanDT: a carrier-grade QKD network

Mon, 04 Aug 2025 05:01:40 +0000

Abstract

Quantum key distribution networks (QKDNs) enable secure communication even in the age of powerful quantum computers. In the hands of a network operator, which can offer its service to many users, the economic viability of a QKDN increases significantly. The highly challenging operator–user relationship in a large-scale network setting demands additional requirements to ensure carrier-grade operation. Addressing this challenge, this work presents a carrier-grade QKDN architecture, which combines the functional QKDN architecture with the operational perspective of a network operator, ultimately enhancing the economic viability of QKDNs. The focus is on the network and key management aspects of a QKDN while assuming state-of-the-art commercial QKD modules. The presented architecture was rolled out within an in-field demonstrator, connecting the cities of Berlin and Bonn over a link distance of 923 km across Germany. We could show that the proposed network architecture is feasible, integrable, and scalable, making it suitable for deployment in real-world networks. Overall, the presented carrier-grade QKDN architecture promises to serve as a blueprint for network operators providing QKD-based services to their customers.

Nationale Konferenz IT-Sicherheitsforschung 2025

Sun, 16 Mar 2025 00:00:00 +0000

UCS will present the results of the DemoQuanDT research project in a poster session at the “National Conference IT Security Research 2025 - IT Security and Democracy” in Berlin, which is being hosted by the German Federal Ministry of Education and Research (BMBF).

The presentation will be based on a poster entitled “Confidential and authenticated key forwarding in QKD networks,” which has been accepted for the poster pitch on March 18, 2025. The central inquiry concerns the extent to which security and performance can be assured for key forwarding in extensive, interconnected QKD networks. The technology is poised to facilitate secure transmission of messages, that is, confidentiality and authentication. In contradistinction to the asymmetric cryptographic approaches currently employed, the security of the QKD system is expected to withstand the threat posed by quantum computers.

The poster was authored by Johanna Henrich. Her research focuses on key establishment in QKD networks and the potential for integrating QKD and PQC to ensure quantum-safe and high-performance communication. The research is conducted in close collaboration with the danet research group led by Prof. Dr Martin Stiemerling.

Image ©: National Conference IT Security Research 2025

IETF Meeting 121 in Dublin

Thu, 24 Oct 2024 00:00:00 +0000

UCS took part in the 121st meeting of the Internet Engineering Task Force (IETF) in Dublin from 2.-8. November 2024. The IETF develops standards and best practices for the Internet and thus has a significant influence on its design.

Among other things, Johanna Henrich led a project group together with the danet research group of Prof. Dr. Martin Stiemerling. The project was part of the Hackathon, which took place from 2.-3. November. The aim was to find out how the interfaces in Quantum Key Distribution Networks (QKDN) can be designed and how quantum-resistant protection of their communication can be achieved. Read more in our final presentation.

In addition, Johanna Henrich participated in various IETF and IRTF working group sessions throughout the week to answer questions such as how post-quantum cryptography (PQC) and QKD, individually and in hybrid form, can be integrated into the existing Internet infrastructure.

Rump Session at ECOC 2024

Thu, 24 Oct 2024 00:00:00 +0000

On 24 September 2024, Johanna Henrich accepted an invitation to take part in a rump session at the European Conference on Optical Communication (ECOC) 2024. The session dealt with the pros and cons of post-quantum cryptography and quantum key distribution, and the extent to which they can be used in combination to reliably protect us from future attacks by quantum computers.

ECOC is Europe’s leading conference on optical communications with representatives from science and research. It consists of a broad exhibition and a parallel conference and took place this year from 22 to 26 September in Frankfurt am Main.

2 Jobs for Student Assistants

Tue, 30 Jul 2024 04:12:53 +0000

Wir bieten zwei Stellen für studentische Hilfskräfte. Obwohl beide Tätigkeiten einen Bezug zu IT-Sicherheit und unserem Forschungsfeld Quantum Key Distribution Networks haben, unterscheiden sich die Aufgaben stark. Wenn Du Dinge gut Ordnen und Strukturieren kannst und ein kleines Organisationstalent bist, kannst du gerne versuchen, für Ordnung in unseren Literaturdschungel zu sorgen. Wenn du eher Typ Programmierer und Tüftler bist, darfst Du dich an unseren Prototypen wagen.

Unten findest Du die Links zu unseren Angeboten. Melde Dich bei Interesse gerne per Mail bei Johanna Henrich.

Wir freuen uns auf Dich.

English:

We offer two positions for student assistants. Although both jobs are related to IT security and our research area Quantum Key Distribution Networks, the tasks are quite different. If you are good at organizing and structuring things and have a talent for keeping things tidy, you are welcome to try to keep our literature jungle in order. If you are more of a programmer and tinkerer, you can try your hand at our prototype.

Below you will find the links to our offers. If you are interested, please send an email to Johanna Henrich.

We are looking forward to hearing from you.

PMMP-PQC Migration Management Process

Sun, 16 Jun 2024 05:02:36 +0000

Abstract

Organizations have to plan on migrating to quantum-resilient cryptographic measures, also known as PQC. However, this is a difficult task, and to the best of our knowledge, there is no generalized approach to manage such a complex migration for cryptography used in IT systems that explicitly integrates into organizations’ steering mechanisms and control systems. We present PMMP, a risk-based process for managing the migration of organizations from classic cryptography to PQC and establishing crypto-agility. Having completed the initial design phase, as well as a theoretical evaluation, we now intend to promote PMMP. Practitioners are encouraged to join the effort in order to enable a comprehensive practical evaluation and further development.

Ways for confidential and authenticated hop-by-hop key establishment in QKDN

Tue, 16 Apr 2024 04:47:14 +0000

Abstract

Asymmetric cryptography, specifically key exchange and digital signatures, enables secure digital communication. However, sufficiently powerful Quantum Computers, which could be available within a few years , would be able to break classical primitives like Elliptic-Curve Diffie–Hellman (ECDH) and RSA in polynomial time. Moreover, the „harvest-then-decrypt“-attack poses the danger that stored encrypted data can be decrypted later. Thus, alternative approaches are urgently needed. Besides Post Quantum Cryptography (PQC), which is based on mathematical problems, Quantum Key Distribution (QKD) uses quantum effects, to establish keys in an information-theoretically secure way. Nevertheless, there are no reliable QKD modules that bridge distances of more than 150 km. Therefore, a QKD Network (QKDN) uses a concatenation of QKD links. End users are connected to each other via a series of QKD nodes performing a hop-by-hop key forwarding. All nodes involved have access to the final shared secret. If a node cannot be trusted the security of the system is no longer guaranteed. Physical protection or key hybridization can mitigate this risk, where hybridization refers to the combination of QKD and PQC. By using both schemes appropriately, the security objectives are met as long as at least one of the schemes used has not been compromised. Nonetheless, there is a lack of concrete concepts and analyzes to enable a secure and efficient key forwarding process. In the following, ’secure’ implies the security objectives of confidentiality and authenticity. ’Efficient’ refers to the time taken to complete the process, the amount of data transferred and the amount of computing required. The analyses available often only consider specific sub-processes, e.g., forwarding between two directly adjacent nodes. The integration into the entire system and its resulting effects are disregarded. A systematic comparison of different options is missing. When implementing a QKDN, it is unclear which variant is suitable for one’s own intentions. This PhD project aims to address the problem by defining the key establishment process, analyzing security requirements, designing and implementing corresponding schemes, and evaluating these approaches.

On Criteria and Tooling for Cryptographic Inventories

Tue, 09 Apr 2024 05:01:40 +0000

Abstract

When cryptography becomes insecure, a migration to new schemes is required. Often the migration process is very complicated, but the time available is very limited. Only if the used cryptographic algorithms, protocols and configurations are known can a system be efficiently and fully adapted to changed security situations. This creates the need for a crypto-inventory that gathers this knowledge. Consequently, the question arises what criteria a crypto-inventory must fulfill to support this adaptation. It also highlights the need for tools to assist compilation. We therefore conducted a literature survey and extracted key requirements. Missing content was supplemented by expanding existing requirements or adding new ones. Furthermore, appropriate metrics were assigned to assess the fulfillment of the requirements for a certain crypto-inventory implementation. Regarding the tooling, we identified five major areas of interest — installed software, connected hardware, communication, stored data and source code scanning — and provide prototypes for semi-automatic creation of crypto-inventories for three of them. This provides organizations with a starting point to understand their cryptographic landscape as a prerequisite for crypto-agility and crypto-migration. However, theoretical design and prototypes have not yet been evaluated. This will be done as a follow-up to this work. All types of organizations are invited to participate.

Performance Impact of PQC KEMs on TLS 1.3 Under Varying Network Characteristics

Fri, 16 Jun 2023 05:00:35 +0000

Abstract

Widely used asymmetric primitives such as RSA or Elliptic Curve Diffie Hellman (ECDH), which enable authentication and key exchange, could be broken by Quantum Computers (QCs) in the coming years. Quantum-safe alternatives are urgently needed. However, a thorough investigation of these schemes is crucial to achieve sufficient levels of security, performance, and integrability in different application contexts. The integration into Transport Layer Security (TLS) plays an important role, as this security protocol is used in about 90% of today’s Internet connections and relies heavily on asymmetric cryptography. In this work, we evaluate different Post Quantum Cryptography (PQC) key establishment schemes in TLS 1.3 by extending the framework of Paquin et al.. We analyze the TLS handshake performance under variation of network parameters such as packet loss. This allows us to investigate the suitability of PQC KEMs in specific application contexts. We observe that Kyber and other structured lattice-based algorithms achieve very good overall performance and partially beat classical schemes. Other approaches such as FrodoKEM, HQC and BIKE show individual disadvantages. For these algorithms, there is a clear performance decrease when increasing the security level or using a hybrid implementation, e.g., a combination with ECDH. This is especially true for FrodoKEM, which, however, meets high security requirements in general. It becomes clear that performance is strongly influenced by the underlying network processes, which must be taken into account when selecting PQC algorithms.

Best Poster Award at EICC 2023

Thu, 15 Jun 2023 00:00:00 +0000

Our poster contribution to the EICC2023 titled “Crytpo-agile Design and Testbed for QKD-Networks” by Johanna Henrich, Andreas Heinemann, Martin Stiemerling & Fabian Seidl was honored with the best poster award.

Group photo

Johanna

👏👏

Crypto-Agile Design and Testbed for QKD-Networks

Thu, 15 Jun 2023 00:00:00 +0000

EICC ‘23 Poster

Performanz Evaluation von PQC in TLS 1.3 unter variierenden Netzwerkcharakteristiken

Wed, 23 Feb 2022 00:00:00 +0000

Abstract

The used cryptographic primitives rely on the computational difficulty of certain mathematical problems. In the last years there has been much research on quantum computers which could be able to efficiently solve these problems in future years. Especially asymmetric primitives, used for authentication and key exchange could be broken. The affected algorithms are actually used within many internet protocols and applications and quantum-safe alternatives are urgently needed. NIST started a process to find and standardize quantum-safe digital signature schemes and key establishment schemes, but the candidates and alternatives come along with specific characteristics and differ from classical proceedings. So, besides analyzing the security of these new algorithms, it is also necessary to evaluate their performance and integrability into existing infrastructures and applications. Especially the integration into TLS protocol, used within about 90 percent of today’s internet connections, plays an important role. The current version 1.3 uses the threatened asymmetric primitives for both, digital signatures and key establishment.

In this work, NIST candidates and alternatives for quantum-safe key establishment were evaluated while using them within TLS 1.3. The focus was on analyzing the performance trend while changing certain network parameters like rate or packetloss and examining the suitability of the PQC algorithms under different network scenarios and in the entire application context. To achieve this, the framework of Paquin, Stebila, and Tamvada was extended to emulate various network conditions while frequently establishing a TLS 1.3 connection and measuring handshake duration.

Among our key results, we observe that on the one hand the evaluated candidates Kyber, Saber and NTRU as well as the alternative NTRU Prime achieve very good overall performance and partially beat the classical ECDH. Choosing a higher security level or hybrid versions does not have a significant impact to the handshake times. On the other hand the alternatives FrodoKEM, HQC, SIKE and BIKE show individual disadvantages and the performance is linked to the used security level and variant. This applies in particular to FrodoKEM. SIKE seems to be a worthwhile alternative in specific circumstances, like rates less than 2 Mbps, due to its small key and ciphertext sizes. In general, network conditions should be taken into account while choosing the algorithm and parameter set. Furthermore, it becomes clear that the handshake performance dependents on numerous factors, like TCP mechanisms and MTU, which could compensate the disadvantages of PQC or make them obsolete.