A practical and scalable hybrid quantum-based/quantum-safe group key establishment

Loading...
Thumbnail Image

Date

2023-07

Journal Title

Journal ISSN

Volume Title

Publisher

University of New Brunswick

Abstract

This Ph.D. thesis investigates key establishment protocols, focusing on two-member and group key establishment protocols, with subcategories including classical, quantum-safe, and quantum-based solutions. I have identified research gaps such as the lack of quantum resistance in classical solutions, the inefficiency of quantum-safe solutions, and the impracticality of group-based quantum key distribution. To address these gaps, I have proposed several novel protocols and analyses. Our first contribution is a novel quantum-safe key management scheme called KeyShield. KeyShield is a scalable and quantum-safe system that offers a high level of security. KeyShield achieves re-keying using a single broadcast message in an open channel, rather than establishing pairwise secure channels. I have also proposed another version of KeyShield, called KeyShield2, which is obtained by applying a set of countermeasures to the original KeyShield protocol after conducting cryptanalysis and identifying its vulnerabilities. Furthermore, I have introduced two receiver-device-independent quantum key distribution protocols, QKeyShield and DGL22, based on entanglement-swapping and quantum teleportation, respectively. Both protocols minimize the attack surface, increase the key rate, and provide additional security enhancements. Security proofs and analyses demonstrate their effectiveness in establishing a secret key between Alice and Bob. I found that group-based quantum key distribution protocols are not effective or practical due to several limitations. I have conducted a thorough literature review and proved the impracticality of these protocols. I have proposed a model that can determine the maximum number of members for which group-based protocols are useful. Finally, I have proposed a scalable and practical hybrid group key establishment scheme. This protocol combines the power of the two-member quantum-based protocol, DGL22, to establish symmetric data encryption keys. The symmetric keys are then used to distribute the quantum-safe (KeyShield2) keying materials. The quantum-safe protocol, KeyShield2, is used to distribute a secure lock that can be opened by legitimate members using the keying materials to extract the traffic encryption key, T EK. This hybrid protocol enables a smooth transition between quantum-safe and quantum-based solutions, addressing distance limitations and pairwise channel requirements. It also allows for forward and backward compatibility.

Description

Keywords

Citation