Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

Circuit-extension handshakes for Tor achieving forward secrecy in a quantum world

Circuit-extension handshakes for Tor achieving forward secrecy in a quantum world Abstract We propose a circuit extension handshake for Tor that is forward secure against adversaries who gain quantum computing capabilities after session negotiation. In doing so, we refine the notion of an authenticated and confidential channel establishment (ACCE) protocol and define pre-quantum, transitional, and post-quantum ACCE security. These new definitions reflect the types of adversaries that a protocol might be designed to resist. We prove that, with some small modifications, the currently deployed Tor circuit extension handshake, ntor, provides pre-quantum ACCE security. We then prove that our new protocol, when instantiated with a post-quantum key encapsulation mechanism, achieves the stronger notion of transitional ACCE security. Finally, we instantiate our protocol with NTRU-Encrypt and provide a performance comparison between ntor, our proposal, and the recent design of Ghosh and Kate. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png Proceedings on Privacy Enhancing Technologies de Gruyter

Circuit-extension handshakes for Tor achieving forward secrecy in a quantum world

Download PDF
18 pages

Loading next page...
 
/lp/de-gruyter/circuit-extension-handshakes-for-tor-achieving-forward-secrecy-in-a-gejjQ6zJz0
Publisher
de Gruyter
Copyright
Copyright © 2016 by the
ISSN
2299-0984
eISSN
2299-0984
DOI
10.1515/popets-2016-0037
Publisher site
See Article on Publisher Site

Abstract

Abstract We propose a circuit extension handshake for Tor that is forward secure against adversaries who gain quantum computing capabilities after session negotiation. In doing so, we refine the notion of an authenticated and confidential channel establishment (ACCE) protocol and define pre-quantum, transitional, and post-quantum ACCE security. These new definitions reflect the types of adversaries that a protocol might be designed to resist. We prove that, with some small modifications, the currently deployed Tor circuit extension handshake, ntor, provides pre-quantum ACCE security. We then prove that our new protocol, when instantiated with a post-quantum key encapsulation mechanism, achieves the stronger notion of transitional ACCE security. Finally, we instantiate our protocol with NTRU-Encrypt and provide a performance comparison between ntor, our proposal, and the recent design of Ghosh and Kate.

Journal

Proceedings on Privacy Enhancing Technologiesde Gruyter

Published: Oct 1, 2016

References

  • Sven Jörg Schwenk On the security of TLS and RSA in the standard model Cryptology ePrint Archive Report http eprint iacr org
    Florian Kohlar
  • extraction key derivation The scheme In Tal editor Advances in - th Santa CA August volume of in pages
    Hugo Krawczyk
  • Kate Post - quantum forwardsecure onion routing In Tal Vladimir Bishop and editors Network th International New NY Revised Selected volume of in pages
    Satrajit Ghosh
  • Sven and Jörg Schwenk On the security of TLS - DHE in the standard model In Reihaneh Naini and Ran editors Advances in Cryptology - volume of in pages
    Tibor Jager
  • Algorithms for quantum computation Discrete logarithms and factoring In Foundations of th on pages
    Peter
  • Tor proposal Two improved relay encryption protocols for Tor cells In path root proposals improved relay crypto txt blob df
    Nick Mathewson
  • Tor proposal Improved circuitcreation key exchange In path root proposals ntor handshake txt blob cd
    Nick Mathewson
  • The Tor Project Torspec Git repository https gitweb torproject org torspec git
  • Algorithms for quantum computation Discrete logarithms and factoring In Foundations of th on pages
    Peter
  • Jeff Choosing parameters for Cryptology ePrint Archive Report http eprint iacr org
    Hoffstein
  • Quantum cryptanalysis of hidden linear functions In Don Coppersmith editor Advances in Cryptology Electronic Proceedings and Index of the CRYPTO and Conferences volume of in chapter pages
    Dan Boneh
  • Tor proposal Request to change key exchange protocol for handshake In path root proposals ntru forpq handshake txt blob a
    John
  • Tor proposal for relay cryptography In path root proposals aez crypto txt blob
    Nick Mathewson
  • Tor proposal Request to change key exchange protocol for handshake In path root proposals ntru forpq handshake txt blob a
    John
  • Jörg and Multi - ciphersuite security of the secure shell SSH protocol In Proceedings of the Conference on Computer and Communications pages New
    Florian Bergsma
  • Tanja Schwabe cryptography library http nacl cr yp to
    Daniel
  • Innovation libntruencrypt reference implementation https github com NTRUOpenSourceProject ntru crypto Version
    NTRUEncrypt
  • United States Patent Public key cryptosystem method and apparatus https www google com patents US
    Jeffrey Hoffstein
  • Joppe and Post - quantum key exchange for the TLS protocol from the ring learning with errors problem In on Privacy San CA pages
    Bos
  • Tor proposal Two improved relay encryption protocols for Tor cells In path root proposals improved relay crypto txt blob df
    Nick Mathewson
  • Lily Kai Report on post quantum cryptography NIST Internal Report http dx doi org
    Chen
  • Joppe and Post - quantum key exchange for the TLS protocol from the ring learning with errors problem In on Privacy San CA pages
    Bos
  • Sven Jörg Schwenk On the security of TLS and RSA in the standard model Cryptology ePrint Archive Report http eprint iacr org
    Florian Kohlar
  • and Wee On the security of the TLS protocol systematic analysis In Ran editors Advances in - rd Cryptology Santa CA USA August Part volume of in pages
    Hugo Krawczyk
  • United States Patent Speed enhanced cryptographic method and apparatus https www google com patents US
    Jeffrey Hoffstein
  • The Tor Project Torspec Git repository https gitweb torproject org torspec git
  • Lily Kai Report on post quantum cryptography NIST Internal Report http dx doi org
    Chen
  • Özgür Marc Anja Christian and Random oracles in a quantum world In editors Advances in Cryptology - th International Conference on the Theory and Application of Cryptology and Seoul South December volume of in pages
    Dan Boneh
  • Zaverucha Hybrid encryption in the multi - user setting Cryptology ePrint Archive Report http eprint iacr org
  • Ian Anonymity and one - way authentication in key exchange protocols Designs and
    Goldberg
  • and The oracle assumptions and an analysis of In editor Topics in The Cryptographers Track at RSA Conference San CA April volume of in pages
    Michel Abdalla
  • and Wee On the security of the TLS protocol systematic analysis In Ran editors Advances in - rd Cryptology Santa CA USA August Part volume of in pages
    Hugo Krawczyk
  • Tor proposal Improved circuitcreation key exchange In path root proposals ntor handshake txt blob cd
    Nick Mathewson
  • Implementation of the current proposal using NTRUEncrypt https github com NTRUOpenSourceProject ntru tor
    John
  • Özgür Marc Anja Christian and Random oracles in a quantum world In editors Advances in Cryptology - th International Conference on the Theory and Application of Cryptology and Seoul South December volume of in pages
    Dan Boneh
  • Jeff Choosing parameters for Cryptology ePrint Archive Report http eprint iacr org
    Hoffstein
  • and Practical stateless hash - based signatures In Elisabeth Oswald and Marc Fischlin editors Advances in Cryptology - th Annual International Conference on the Theory and Applications of Cryptographic Techniques Sofia Bulgaria April Proceedings Part
    Daniel
  • and Practical stateless hash - based signatures In Elisabeth Oswald and Marc Fischlin editors Advances in Cryptology - th Annual International Conference on the Theory and Applications of Cryptographic Techniques Sofia Bulgaria April Proceedings Part
    Daniel
  • Tor proposal for relay cryptography In path root proposals aez crypto txt blob
    Nick Mathewson
  • Implementation of the current proposal using NTRUEncrypt https github com NTRUOpenSourceProject ntru tor
    John
  • Ian Anonymity and one - way authentication in key exchange protocols Designs and
    Goldberg
  • Sven and Jörg Schwenk On the security of TLS - DHE in the standard model In Reihaneh Naini and Ran editors Advances in Cryptology - volume of in pages
    Tibor Jager
  • Kate Post - quantum forwardsecure onion routing In Tal Vladimir Bishop and editors Network th International New NY Revised Selected volume of in pages
    Satrajit Ghosh
  • and The oracle assumptions and an analysis of In editor Topics in The Cryptographers Track at RSA Conference San CA April volume of in pages
    Michel Abdalla
  • Quantum cryptanalysis of hidden linear functions In Don Coppersmith editor Advances in Cryptology Electronic Proceedings and Index of the CRYPTO and Conferences volume of in chapter pages
    Dan Boneh
  • Jörg and Multi - ciphersuite security of the secure shell SSH protocol In Proceedings of the Conference on Computer and Communications pages New
    Florian Bergsma
  • extraction key derivation The scheme In Tal editor Advances in - th Santa CA August volume of in pages
    Hugo Krawczyk
  • United States Patent Public key cryptosystem method and apparatus https www google com patents US
    Jeffrey Hoffstein
  • and Tal Randomness extraction and key derivation using the CBC cascade and modes In editor Advances in Cryptology - volume of in pages
    Yevgeniy Dodis
  • United States Patent Speed enhanced cryptographic method and apparatus https www google com patents US
    Jeffrey Hoffstein
  • Innovation libntruencrypt reference implementation https github com NTRUOpenSourceProject ntru crypto Version
    NTRUEncrypt
  • Zaverucha Hybrid encryption in the multi - user setting Cryptology ePrint Archive Report http eprint iacr org
  • and Tal Randomness extraction and key derivation using the CBC cascade and modes In editor Advances in Cryptology - volume of in pages
    Yevgeniy Dodis
  • Tanja Schwabe cryptography library http nacl cr yp to
    Daniel