What is it about?
This research looks at the performance implications of using post-quantum algorithms in TLS 1.3 handshakes. Quantum Computers are known to break the encryption and authentication techniques we use to secure our communication over the Internet as soon as they get more powerful. Novel post-quantum algorithms claim to be resilient against these Quantum Computers. However, they have different performance characteristics. We investigate currently relevant algorithms and found that most are as fast as our state-of-the-art algorithms and some are even faster. In contrast to other works, we highlight the perspective of real-worl networks that are complex. For example, the large key sizes of the post-quantum algorithms can cause unwanted side-effects that we highlight in the paper (e.g., additional RTTs for each handshake). Our results might be relevant for algorithm designers, TLS library developers, and server admins that want to decide on the best algorithms or want to tune their library or their servers. We could confirm that hybrid algorithms are a good choice right now because we observed a neglectible performance drawback in using them.
Featured Image
Photo by FLY:D on Unsplash
Why is it important?
Quantum Computers are not powerful enough to break the encryption algorithms we use today. However, there exists the threat of "store-now, decrypt-later" attacks, basically, an attack where an actor captures network traffic today and extracts the sensitive data as soon as more powerful Quantum Computers are available. This means we should use the novel post-quantum algorithms ideally already yesterday! This paper highlights the implications this could have on the performance.
Perspectives
Read the Original
This page is a summary of: The Performance of Post-Quantum TLS 1.3, December 2023, ACM (Association for Computing Machinery),
DOI: 10.1145/3624354.3630585.
You can read the full text:
Resources
Contributors
The following have contributed to this page