PQKMS: Provably Zero-Trust, Attribute-Based Key Management System (U31c)
Most modern cloud-based Key Management Systems (KMS) rely heavily on Cloud Service Providers (CSPs), posing challenges in understanding key management and security practices. PQKMS, a cloud-based KMS designed for both classical and post-quantum cryptography, addresses these challenges by incorporating novel features. The talk will explore its provably zero-trust operation, post-compromise security measures, and cryptographic agility. PQKMS utilizes Rust for server components, minimizing the potential damage in case of compromise, and ensures cryptographic agility throughout its operation, supporting both classical and post-quantum primitives.