Paul, Sebastian (2022)
On the Transition to Post-Quantum Cryptography in the Industrial Internet of Things.
Technische Universität Darmstadt
doi: 10.26083/tuprints-00021368
Dissertation, Erstveröffentlichung, Verlagsversion
Kurzbeschreibung (Abstract)
Large-scale quantum computers will be able to efficiently solve the mathematical problems of currently deployed public-key cryptography, rendering RSA and elliptic-curve cryptosystems insecure in the near future. This looming threat necessitates the design, development, and standardization of cryptography that resists attacks from classical as well as quantum computers, so-called post-quantum cryptography (PQC). In fact, several standardization bodies are in the midst of standardizing PQC as the next generation of cryptography, such as the National Institute of Standards and Technology (NIST). But compared to current public-key cryptosystems, PQC primitives generally incur a higher cost in some metric: computational cost, storage requirements, or network bandwidth. As a result, their performance and design characteristics prevent them from being simple drop-in replacements for current public-key schemes. The impact of PQC, therefore, needs to be carefully evaluated when integrated into protocols and applications.
With new cryptography standards on the horizon, one of the first domains expected to adopt these new standards are industrial control systems (ICS). Since their components have long life spans (≥ 15 years) and are increasingly interconnected to form an Industrial Internet of Things (IIoT), they require strong and long-lasting security guarantees. In turn, this raises the following question: How can a fast, reliable, and secure transition to upcoming PQC standards be ensured, especially in today’s highly interconnected networks, such as IIoT?
In this thesis, we identify, study, and investigate open challenges in order to integrate post-quantum cryptography into IIoT devices, protocols, and applications. First, we propose cryptographic agility as one of the most important prerequisites for the transition to PQC. Apart from the definition of three subtypes of cryptographic agility, we provide guidelines how cryptographic agility can be achieved and maintained in software-based IIoT applications. Second, our evaluation of schemes submitted to NIST’s PQC standardization process identifies different hash-based and lattice-based schemes as suitable candidates for IIoT applications. Furthermore, we demonstrate how Trusted Platform Modules (TPMs) can facilitate the implementation of the lattice-based key establishment scheme CRYSTALS-Kyber and the hash-based signature scheme SPHINCS+, which potentially renders the execution of post-quantum (PQ) schemes more secure.
While related works only consider the transition to post-quantum confidentiality, we are the first to propose and investigate a migration strategy towards post-quantum authentication. Our strategy is based on the concept of mixed certificate chains that use different signature schemes within the same certificate chain. We show that certificate chains only containing hash-based signature schemes at the root certificate level offer acceptable connection establishment times for the network protocol Transport Layer Security (TLS) despite an increase in communication size.
Finally, we present and evaluate three novel integrations of PQC into the industrial protocol Open Platform Communications Unified Architecture (OPC UA): Hybrid-KEX OPC UA, Hybrid OPC UA, and PQ OPC UA. While the first two make use of hybrid constructions that combine conventional with post-quantum cryptography, PQ OPC UA is only based on PQC. In fact, hybrid constructions are considered a feasible transitional strategy that protect today’s communication against tomorrow’s attacks aided by quantum computers, e.g., “harvest now, decrypt later” attacks. Yet, they are no longer needed once PQC schemes are standardized and fully trusted. Furthermore, we provide a symbolic proof of confidentiality and authentication properties for our proposed integrations (Hybrid and PQ OPC UA) based on the state-of-the-art protocol verifier ProVerif.
Ultimately, the different migration and integration strategies presented in this thesis prepare IIoT systems for an efficient transition to PQC.
Typ des Eintrags: | Dissertation | ||||
---|---|---|---|---|---|
Erschienen: | 2022 | ||||
Autor(en): | Paul, Sebastian | ||||
Art des Eintrags: | Erstveröffentlichung | ||||
Titel: | On the Transition to Post-Quantum Cryptography in the Industrial Internet of Things | ||||
Sprache: | Englisch | ||||
Referenten: | Waidner, Prof. Dr. Michael ; Seifert, Prof. Dr. Jean-Pierre | ||||
Publikationsjahr: | 2022 | ||||
Ort: | Darmstadt | ||||
Kollation: | xxix, 188 Seiten | ||||
Datum der mündlichen Prüfung: | 2 Mai 2022 | ||||
DOI: | 10.26083/tuprints-00021368 | ||||
URL / URN: | https://tuprints.ulb.tu-darmstadt.de/21368 | ||||
Kurzbeschreibung (Abstract): | Large-scale quantum computers will be able to efficiently solve the mathematical problems of currently deployed public-key cryptography, rendering RSA and elliptic-curve cryptosystems insecure in the near future. This looming threat necessitates the design, development, and standardization of cryptography that resists attacks from classical as well as quantum computers, so-called post-quantum cryptography (PQC). In fact, several standardization bodies are in the midst of standardizing PQC as the next generation of cryptography, such as the National Institute of Standards and Technology (NIST). But compared to current public-key cryptosystems, PQC primitives generally incur a higher cost in some metric: computational cost, storage requirements, or network bandwidth. As a result, their performance and design characteristics prevent them from being simple drop-in replacements for current public-key schemes. The impact of PQC, therefore, needs to be carefully evaluated when integrated into protocols and applications. With new cryptography standards on the horizon, one of the first domains expected to adopt these new standards are industrial control systems (ICS). Since their components have long life spans (≥ 15 years) and are increasingly interconnected to form an Industrial Internet of Things (IIoT), they require strong and long-lasting security guarantees. In turn, this raises the following question: How can a fast, reliable, and secure transition to upcoming PQC standards be ensured, especially in today’s highly interconnected networks, such as IIoT? In this thesis, we identify, study, and investigate open challenges in order to integrate post-quantum cryptography into IIoT devices, protocols, and applications. First, we propose cryptographic agility as one of the most important prerequisites for the transition to PQC. Apart from the definition of three subtypes of cryptographic agility, we provide guidelines how cryptographic agility can be achieved and maintained in software-based IIoT applications. Second, our evaluation of schemes submitted to NIST’s PQC standardization process identifies different hash-based and lattice-based schemes as suitable candidates for IIoT applications. Furthermore, we demonstrate how Trusted Platform Modules (TPMs) can facilitate the implementation of the lattice-based key establishment scheme CRYSTALS-Kyber and the hash-based signature scheme SPHINCS+, which potentially renders the execution of post-quantum (PQ) schemes more secure. While related works only consider the transition to post-quantum confidentiality, we are the first to propose and investigate a migration strategy towards post-quantum authentication. Our strategy is based on the concept of mixed certificate chains that use different signature schemes within the same certificate chain. We show that certificate chains only containing hash-based signature schemes at the root certificate level offer acceptable connection establishment times for the network protocol Transport Layer Security (TLS) despite an increase in communication size. Finally, we present and evaluate three novel integrations of PQC into the industrial protocol Open Platform Communications Unified Architecture (OPC UA): Hybrid-KEX OPC UA, Hybrid OPC UA, and PQ OPC UA. While the first two make use of hybrid constructions that combine conventional with post-quantum cryptography, PQ OPC UA is only based on PQC. In fact, hybrid constructions are considered a feasible transitional strategy that protect today’s communication against tomorrow’s attacks aided by quantum computers, e.g., “harvest now, decrypt later” attacks. Yet, they are no longer needed once PQC schemes are standardized and fully trusted. Furthermore, we provide a symbolic proof of confidentiality and authentication properties for our proposed integrations (Hybrid and PQ OPC UA) based on the state-of-the-art protocol verifier ProVerif. Ultimately, the different migration and integration strategies presented in this thesis prepare IIoT systems for an efficient transition to PQC. |
||||
Alternatives oder übersetztes Abstract: |
|
||||
Status: | Verlagsversion | ||||
URN: | urn:nbn:de:tuda-tuprints-213680 | ||||
Sachgruppe der Dewey Dezimalklassifikatin (DDC): | 000 Allgemeines, Informatik, Informationswissenschaft > 004 Informatik | ||||
Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Sicherheit in der Informationstechnik |
||||
Hinterlegungsdatum: | 17 Jun 2022 10:25 | ||||
Letzte Änderung: | 19 Aug 2022 06:16 | ||||
PPN: | 496568698 | ||||
Referenten: | Waidner, Prof. Dr. Michael ; Seifert, Prof. Dr. Jean-Pierre | ||||
Datum der mündlichen Prüfung / Verteidigung / mdl. Prüfung: | 2 Mai 2022 | ||||
Export: | |||||
Suche nach Titel in: | TUfind oder in Google |
Frage zum Eintrag |
Optionen (nur für Redakteure)
Redaktionelle Details anzeigen |