A Session Key Service for Post-Quantum Security in Standard Protocols (Q20b)
An operational quantum computer would render insecure the key establishment methods used in most standard communication security protocols. To protect against this eventuality, we develop a model in which a key establishment implementation can obtain additional postquantum-secure keys from an independent Session Key Service (SKS). This model has several attractive properties, which will be outlined in this presentation. It is simple, easy to analyze, robust against synchronization failure, and is well suited for use in existing protocols such as IKE, TLS, and MKA. The service also enables postquantum security to be incrementally deployed into an operational network. Lastly, it can be realized through several security-conservative mechanisms: Quantum Key Distribution (QKD), a symmetric Ratcheting Pseudorandom Function (RPF), or a One Time Pad (OTP). This flexibility enables users to gain experience with different postquantum techniques.
In this presentation, the speaker will describe the SKS model and interface, show how it can be instantiated via QKD, RPF, and OTP, and analyze its security and operational characteristics with those mechanisms. To illustrate its use, the presenter will show an HTTPS binding for the protocol, and outline how it can be used with IKE.