2024 • In MOROGAN, Luciana; ROENNE, Peter (Eds.) Innovative Security Solutions for Information Technology and Communications, 17th International Conference, SECITC 2024, Virtual Event, November 21-22, 2024, Revised Selected Papers
[en] Noise is a framework for the design and security assessment of Authenticated Key Exchange (AKE) protocols between two parties using Diffie-Hellman (DH) as the only public-key cryptosystem. In this paper, we present an evaluation of the computation and communication cost of Noise and PQNoise, a recently introduced post-quantum version of the Noise protocol framework. Furthermore, we present combinations of the 12 fundamental (interactive) Noise patterns and their PQNoise counterparts, thereby obtaining hybrid handshake patterns, and include them in our evaluation. We integrated PQNoise and the novel hybrid patterns into Noise-C, a reference implementation of the Noise protocol framework written in C. In order to evaluate Noise and its variants, we emulated networks with different latency, throughput, and packet-loss settings using Linux network emulation tools. For all Noise handshakes we chose cryptosystems that provide a comparable (pre-quantum) level of security, namely X25519 and Kyber512. We ran our experiments on two different devices, one is a laptop with an Intel Core i5-10210U CPU and the other an Orange Pi One development board with a 32-bit ARM Cortex-A7 processor. The results we collected show that, under normal network conditions, the Noise patterns and their PQNoise counterparts have nearly identical execution times, except when the latter require an additional handshake message. However, under bad network conditions with high packet-loss rates, PQNoise falls behind Noise, mainly because of the relatively large public-key and ciphertext sizes of Kyber512. The execution times of our hybrid handshakes are almost indistinguishable from the corresponding PQNoise handshakes when the packet-loss rates are low, and at higher loss rates the differences are small.
Disciplines :
Sciences informatiques
Auteur, co-auteur :
RENCKENS, Joshua; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCM)
ROENNE, Peter ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > APSIA
GROSZSCHÄDL, Johann ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
RYAN, Peter Y A ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Co-auteurs externes :
no
Langue du document :
Anglais
Titre :
An Evaluation of Post-Quantum and Hybrid Noise Protocol Variants on Mobile Devices
Date de publication/diffusion :
novembre 2024
Nom de la manifestation :
17th International Conference on Security for Information Technology and Communications (SecITC 2024)
Lieu de la manifestation :
Bucharest, Roumanie
Date de la manifestation :
from 21 -11-2024 to 22-11-2024
Titre de l'ouvrage principal :
Innovative Security Solutions for Information Technology and Communications, 17th International Conference, SECITC 2024, Virtual Event, November 21-22, 2024, Revised Selected Papers
Editeur scientifique :
MOROGAN, Luciana; Military Technical Academy "Ferdinand I"
ROENNE, Peter ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > APSIA
Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange – A new hope. In: Proceedings of the 25th USENIX Security Symposium (USS 2016), pp. 327–343. USENIX Association (2016)
Alnahawi, N., Müller, J., Oupickỳ, J., Wiesmaier, A.: A comprehensive survey on post-quantum TLS. IACR Commun. Cryptol. 1(2) (Jul 2024)
Angel, Y., Dowling, B., Hülsing, A., Schwabe, P., Weber, F.: Post quantum Noise. In: Proceedings of the 29th ACM Conference on Computer and Communications Security (CCS 2022), pp. 97–109. ACM (2022)
Armbian Operating System Community: Armbian: Linux for ARM development boards. https://www.armbian.com (2024)
Avanzi, R., et al.: CRYSTALS-Kyber: Algorithm Specifications and Supporting Documentation (Version 3.02) (2021)
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)
Dowling, B., Rösler, P., Schwenk, J.: Flexible authenticated and confidential channel establishment (fACCE): analyzing the Noise protocol framework. In: Public-Key Cryptography — PKC 2020. Lecture Notes in Computer Science, vol. 12110, pp. 341–373. Springer (2020)
EE Limited: 4G Speed. https://business.ee.co.uk/help/network-and-coverage/4g-speed-what-you-can-expect/(2024)
Gajland, P., de Kock, B., Quaresma, M., Malavolta, G., Schwabe, P.: SWOOSH: efficient lattice-based non-interactive key exchange. In: Proceedings of the 33rd USENIX Security Symposium (USS 2024), USENIX Association (2024)
Ho, S., Protzenko, J., Bichhawat, A., Bhargavan, K.: Noise: A library of verified high-performance secure channel protocol implementations. In: 2022 IEEE Symposium on Security and Privacy (SP), pp. 107–124. IEEE (2022)
Kampanakis, P., Childs-Klein, W.: The impact of data-heavy, post-quantum TLS 1.3 on the time-to-last-byte of real-world connections. IACR ePrint Archive (2024)
Kobeissi, N., Nicolas, G., Bhargavan, K.: Noise explorer: fully automated modeling and verification for arbitrary noise protocols. In: 2019 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 356–370. IEEE (2019)
Langley, A., Hamburg, M., Turner, S.: Elliptic curves for security. Internet Engineering Task Force, Internet Research Task Force, RFC 7748 (Jan 2016)
Paquin, C., Stebila, D., Tamvada, G.: Benchmarking post-quantum cryptography in TLS. In: Post-Quantum Cryptography: 11th International Conference, PQCrypto 2020, Paris, France, April 15–17, 2020, Proceedings 11, pp. 72–91. Springer (2020)
Paterson, K.G., van der Merwe, T.: Reactive and proactive standardisation of TLS. In: Security Standardisation Research — SSR 2016. Lecture Notes in Computer Science, vol. 10074, pp. 160–186. Springer (2016)
Pereira, R., et al.: Ranking programming languages by energy efficiency. Sci. Comput. Program. 205 (2021)
Perrin, T.: KEM-based Hybrid Forward Secrecy for Noise. Specification. https://github.com/noiseprotocol/noise hfs spec/blob/master/output/noise hfs.pdf (2018)
Perrin, T.: The Noise Protocol Framework, Revision 34. Specification. https://noiseprotocol.org/noise.pdf (2018)
Rescorla, E.K.: The Transport Layer Security (TLS) Protocol Version 1.3. Internet Engineering Task Force, Network Working Group, RFC 8446 (Aug 2018)
Schwabe, P., Stebila, D., Wiggers, T.: Post-quantum TLS without handshake signatures. In: Proceedings of the 27th ACM Conference on Computer and Communications Security (CCS 2020), pp. 1461–1480. ACM (2020)
Sheffer, Y., Holz, R., Saint-Andre, P.: Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS). Internet Engineering Task Force, Using TLS in Applications Working Group, RFC 7457 (Feb 2015)
Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: Proceedings of the 35th Annual Symposium on Foundations of Computer Science (FOCS 1994), pp. 124–134. IEEE (1994)
Stallings, W.: Cryptography and Network Security: Principles and Practice. Pearson, 7th edn. (2016)
Stebila, D., Mosca, M.: Post-quantum key exchange for the internet and the open quantum safe project. In: International Conference on Selected Areas in Cryptography, pp. 14–37. Springer (2016)
Weatherley, R.: Noise-C: A plain C implementation of the Noise protocol. Source code. https://github.com/rweather/noise-c (2023)
WhatsApp LLC: WhatsApp encryption overview. Technical white paper. http://www.whatsapp.com/security/WhatsApp-Security-Whitepaper.pdf (2020)
