opensslntru experiences integrating a post quantum kem
play

OpenSSLNTRU: experiences integrating a post-quantum KEM into TLS - PowerPoint PPT Presentation

Nov 16, 2023 •412 likes •509 views

OpenSSLNTRU: experiences integrating a post-quantum KEM into TLS 1.3 via an OpenSSL ENGINE Speaker: Daniel J. Bernstein Joint work with: Billy Bob Brumley, Ming-Shing Chen ( libsntrup761 leader), Nicola Tuveri ( engntru leader)

  1. OpenSSLNTRU: experiences integrating a post-quantum KEM into TLS 1.3 via an OpenSSL ENGINE Speaker: Daniel J. Bernstein Joint work with: Billy Bob Brumley, Ming-Shing Chen ( libsntrup761 leader), Nicola Tuveri ( engntru leader) https://opensslntru.cr.yp.to

  2. OpenSSLNTRU software architecture Web browser TLS terminator fast PQ KEM ( epiphany ), ( stunnel ), unmodified unmodified Back-end web server, unmodified

  3. OpenSSLNTRU software architecture Web browser TLS terminator fast PQ KEM ( epiphany ), ( stunnel ), unmodified unmodified Back-end web server, OpenSSL + OpenSSL + unmodified reference reference KEM code KEM code

  4. OpenSSLNTRU software architecture Web browser TLS terminator fast PQ KEM ( epiphany ), ( stunnel ), unmodified unmodified Back-end web server, OpenSSL + OpenSSL + unmodified reference reference KEM code KEM code New New ENGINE ENGINE engntru engntru

  5. OpenSSLNTRU software architecture Web browser TLS terminator fast PQ KEM ( epiphany ), ( stunnel ), unmodified unmodified Back-end web server, OpenSSL + OpenSSL + unmodified reference reference KEM code KEM code New New ENGINE ENGINE engntru engntru New New optimized optimized KEM library KEM library

  6. OpenSSLNTRU software architecture Web browser TLS terminator fast PQ KEM ( epiphany ), ( stunnel ), unmodified unmodified Back-end web server, OpenSSL + OpenSSL + unmodified reference reference KEM code KEM code Optimized PQ software New New ecosystem is ENGINE ENGINE rapidly evolving. engntru engntru Decouple from OpenSSL. New New optimized optimized KEM library KEM library Bernstein, Brumley, Chen, Tuveri 2 opensslntru.cr.yp.to

  7. OpenSSLNTRU cryptography OpenSSLNTRU adds the new PQ KEM to TLS 1.3. Protocol flow: similar to Google-Cloudflare CECPQ2 experiment. Higher performance than post-quantum component of CECPQ2. New software for faster key generation . Also higher security. Bernstein, Brumley, Chen, Tuveri 3 opensslntru.cr.yp.to

  8. OpenSSLNTRU cryptography OpenSSLNTRU adds the new PQ KEM to TLS 1.3. Protocol flow: similar to Google-Cloudflare CECPQ2 experiment. Higher performance than post-quantum component of CECPQ2. New software for faster key generation . Also higher security. NIST submission ntruhrss701 sntrup761 key+ciphertext traffic 2276 bytes 2197 bytes keygen time 272028 cycles 166000 cycles (new) enc time 26116 cycles 48780 cycles dec time 63632 cycles 59120 cycles 2 125 2 139 PQ Core-SVP security cyclotomic concerns yes no used in CECPQ2 OpenSSLNTRU Bernstein, Brumley, Chen, Tuveri 3 opensslntru.cr.yp.to

  9. OpenSSLNTRU cryptography OpenSSLNTRU adds the new PQ KEM to TLS 1.3. Protocol flow: similar to Google-Cloudflare CECPQ2 experiment. Higher performance than post-quantum component of CECPQ2. New software for faster key generation . Also higher security. NIST submission ntruhrss701 sntrup761 key+ciphertext traffic 2276 bytes 2197 bytes keygen time 272028 cycles 166000 cycles (new) enc time 26116 cycles 48780 cycles dec time 63632 cycles 59120 cycles 2 125 2 139 PQ Core-SVP security cyclotomic concerns yes no used in CECPQ2 OpenSSLNTRU kyber768 : faster keygen but has cyclotomic concerns, consumes 2272 bytes, and is threatened by US patents 9094189 and 9246675. Bernstein, Brumley, Chen, Tuveri 3 opensslntru.cr.yp.to

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum

The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum

The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum Crypto JP Aumasson uantum /me 15 years experience in applied cryptography (PhD, industry, consulting) Designed widely used algorithms Author of the

816 views • 52 slides
Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers

Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers

Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers can break public-key cryptography that is based on assuming hardness of factoring, discrete logs, and a few other problems I Post-quantum

2.98k views • 37 slides
SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design

SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design

SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design Methodologies Farnoud Farahmand, Duc Tri Nguyen, Viet B. Dang*, Ahmed Ferozpuri and Kris Gaj George Mason University Post st-Quantum Quantum

441 views • 14 slides
Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About Cryptographic Standards History of post-quantum cryptography 2003 Daniel J. Bernstein introduces term Post-quantum cryptography. PQCrypto 2006:

623 views • 23 slides
Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why

Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why

R. van der Gaag, D. Weller Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why think about post-quantum cryptography W. Buchanan et. al concluded Gate-based quantum computers pose a significant

349 views • 18 slides
Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers

Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers

Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers Using quantum states for computation: Introduced in 1985 by David Deutsch [3]. Operate on qubits using gates that perform reversible

1.69k views • 157 slides
UDT 2020 Experiences and insights of integrating multiple AIs for submarine command teams Dr

UDT 2020 Experiences and insights of integrating multiple AIs for submarine command teams Dr

UDT 2020 Extended Abstract Integrating multiple AIs for submarine command teams UDT 2020 Experiences and insights of integrating multiple AIs for submarine command teams Dr Darrell Jaya-Ratnam 1 , Paul Bass 2 1 Managing Director, DIEM

318 views • 5 slides
REFOCUSING RE ENTRY Integrating International Experiences into Professional and Community

REFOCUSING RE ENTRY Integrating International Experiences into Professional and Community

photo cred : Matt Norman REFOCUSING RE ENTRY Integrating International Experiences into Professional and Community Engagement Ali Droster University of San Diego Studies Abroad Advisor Karen Eisenhut Point Loma Nazarene University Study

718 views • 34 slides
The Picnic Post-Quantum Signature Scheme and its Security Analysis Itai Dinur Ben-Gurion

The Picnic Post-Quantum Signature Scheme and its Security Analysis Itai Dinur Ben-Gurion

The Picnic Post-Quantum Signature Scheme and its Security Analysis Itai Dinur Ben-Gurion University Credit for some slides: Melissa Chase and Picnic team Post-Quantum Cryptography Large-scale quantum computer could efficiently factor large

533 views • 34 slides
Post-quantum cryptography Tanja Lange 07 October 2015 SPACE 2015 In the long term, all

Post-quantum cryptography Tanja Lange 07 October 2015 SPACE 2015 In the long term, all

Post-quantum cryptography Tanja Lange 07 October 2015 SPACE 2015 In the long term, all encryption needs to be post-quantum Mark Ketchen, IBM Research, 2012, on quantum computing: Were actually doing things that are making us think like,

901 views • 41 slides
An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

Basics on Public Key Crypto Systems Research Directions in Post-Quantum Cryptography Variants of McEliece System Distinguisher Attacks McEliece for Rank Metric Codes An Overview on Post-Quantum Cryptography with an Emphasis on Code based

1.05k views • 100 slides
Seemingly Unrelated Experiences: Integrating the First Year Experience and Institutional Leaders

Seemingly Unrelated Experiences: Integrating the First Year Experience and Institutional Leaders

Seemingly Unrelated Experiences: Integrating the First Year Experience and Institutional Leaders Dr. Ken Spring, Assistant Professor of Sociology and Coordinator of First Year Seminar Matt Burchett, Director of New Student & Parent Programs

55 views • 5 slides
Twitter: @PatrickLonga Outline Motivation: the quantum menace Post-quantum key exchange

Twitter: @PatrickLonga Outline Motivation: the quantum menace Post-quantum key exchange

https://microsoft.com/en-us/research/people/plonga http://patricklonga.com Twitter: @PatrickLonga Outline Motivation: the quantum menace Post-quantum key exchange from supersingular isogenies: Preliminaries SIDH SIKE

1.82k views • 154 slides
Post-quantum cryptography Tanja Lange 02 October 2015 Academy Contact Forum Coding Theory and

Post-quantum cryptography Tanja Lange 02 October 2015 Academy Contact Forum Coding Theory and

Post-quantum cryptography Tanja Lange 02 October 2015 Academy Contact Forum Coding Theory and Cryptography VI In the long term, all encryption needs to be post-quantum Mark Ketchen, IBM Research, 2012, on quantum computing: Were

854 views • 42 slides
for Post-Quantum Lattice-based Protocols Utsav Banerjee * , Tenzin S. Ukyab, Anantha P.

for Post-Quantum Lattice-based Protocols Utsav Banerjee * , Tenzin S. Ukyab, Anantha P.

Sapphire: A Configurable Crypto-Processor for Post-Quantum Lattice-based Protocols Utsav Banerjee * , Tenzin S. Ukyab, Anantha P. Chandrakasan * utsav@mit.edu Massachusetts Institute of Technology Post-Quantum Cryptography Current public key

911 views • 25 slides
From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren

From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren

Quantum computers and factoring Learning with errors Cryptography from LWE From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren frederik.vercauteren@gmail.com Open Security Research (China) ESAT/COSIC - KU Leuven

1.34k views • 70 slides
Using Local Neighborhoods to Find Subspace Clusters Emin Aksehirli with Bart Goethals, Emmanuel

Using Local Neighborhoods to Find Subspace Clusters Emin Aksehirli with Bart Goethals, Emmanuel

Using Local Neighborhoods to Find Subspace Clusters Emin Aksehirli with Bart Goethals, Emmanuel Mller and Jilles Vreeken High Dimensional Data ? 2 High Dimensional Data 3 High Dimensional Data 4 High Dimensional

690 views • 34 slides
Type-based termination analysis with disjunctive invariants Dimitrios Vytiniotis, MSR Cambridge

Type-based termination analysis with disjunctive invariants Dimitrios Vytiniotis, MSR Cambridge

Type-based termination analysis with disjunctive invariants Dimitrios Vytiniotis, MSR Cambridge with Byron Cook (MSR Cambridge) and Ranjit Jhala (UCSD) IFIP WG 2.8, Austin TX, March 2011 or, what am I doing hanging out with these people?

554 views • 18 slides
HTTPS Token Binding & TLS Termination Brian Campbell IETF 97 Seoul November 2016 1

HTTPS Token Binding & TLS Termination Brian Campbell IETF 97 Seoul November 2016 1

HTTPS Token Binding & TLS Termination Brian Campbell IETF 97 Seoul November 2016 1 Situation l Very common in HTTPS application deployments to have TLS terminated by a reverse proxy sitting in front of the actual application l For

322 views • 5 slides
Lec07: Return-oriented programming Taesoo Kim 2 Scoreboard 3 Administrivia Please submit

Lec07: Return-oriented programming Taesoo Kim 2 Scoreboard 3 Administrivia Please submit

1 Lec07: Return-oriented programming Taesoo Kim 2 Scoreboard 3 Administrivia Please submit both working exploit and write-up on time! Due: Lab04 is due on Oct 11 Due: Lab05 is out and its due on Oct 18 (two weeks)!

558 views • 43 slides
August 4, 1997: Skynet goes online August 29, 1997, 2:14am ET: Skynet gains consciousness

August 4, 1997: Skynet goes online August 29, 1997, 2:14am ET: Skynet gains consciousness

August 4, 1997: Skynet goes online August 29, 1997, 2:14am ET: Skynet gains consciousness August 29, 1997: Judgement Day Terminator (1984) What features does T-800 have? What features does T-800 have? Vision/Perception

747 views • 62 slides
Mohamed Thahir Traditional and Open Relation Extraction Read the Web Relation Extraction

Mohamed Thahir Traditional and Open Relation Extraction Read the Web Relation Extraction

Mohamed Thahir Traditional and Open Relation Extraction Read the Web Relation Extraction Experimental Results Coupled learning of Predicates Challenges and ongoing work A relation is instantiated with a set of manually

550 views • 27 slides
I would like to know (empirically) Bertrand Meyer (SEAFOOD)

I would like to know (empirically) Bertrand Meyer (SEAFOOD)

Two or three things I would like to know (empirically) Bertrand Meyer (SEAFOOD) - , 2010 Chair of Software Engineering 2 Supplementary topics Experiences in industry

904 views • 68 slides
CN Computer Networks Research Group G R Department of Computer Science University of New

CN Computer Networks Research Group G R Department of Computer Science University of New

Closed-Form Expression for the Collision Probability in the IEEE EPON Registration Scheme Swapnil Bhatia (with Dr. Radim Barto s) CN Computer Networks Research Group G R Department of Computer Science University of New Hampshire This

1.06k views • 29 slides

More recommend