Talk Descriptions

Session talks - part one

1. Conor Spangler, Arqit. 13 ways to establish keys using symmetric methods, and why you might want more Show Abstract
   We examine the methods of the ISO/IEC 11770-2 which cover point-to-point, key distribution and key translation. We will consider the security properties of the methods as laid out in the standard and a more comprehensive list from academic proposals. We will also consider more abstract security goals such as zero trust, defence in depth, and cryptographic agility and usability metrics such as round trip count and number of calls to primitives. We will see how existing symmetric key methods can be described under the framework and how other proposals could be similarly evaluated.
2. Manfred von Willich , QuantumBridge. Distributed Symmetric Key Establishment: cryptographic primitives” Show Abstract
   Distributed Symmetric Key Establishment is a protocol that provides a practical, scalable, robust solution to the challenge posed by the quantum threat, and has a rigorous proof of information-theoretic security in a distributed trust model. This presentation gives a detailed insight into the composition of its primitives, all well-known. One such composition with a novel property provides end-to-end authentication without a prior shared secret while eliminating share manipulation attacks by rogue semi-trusted entities.
3. David Jao, EvolutionQ. Quantum-secure end-to-end key establishment using Multimodal Cryptography Show Abstract
   We present a crypto-agile protocol for quantum-secure end-to-end (E2E) encryption key establishment with extremely strong security properties. It is based on a concept that we call multimodal cryptography, which combines various forms of computational cryptography (symmetric-key, asymmetric-key, and post-quantum). If available, quantum key distribution (QKD) can be seamlessly integrated to further fortify the key establishment process. Alternatively, if the availability of QKD is taken as a given, one can consider multimodal cryptography a solution to quantum communication’s last-mile problem.

Session talks - part two

1. Christopher Batterbee, University of Sorbonne. Muckle++: Improved Quantum-Secure Hybrid Key Exchange” Show Abstract
   End-to-end authenticity in public networks plays a significant role. Namely, without authenticity, the adversary might be able to retrieve even confidential information straight away by impersonating others. Proposed solutions to establish an authenticated channel cover pre-shared keybased, password-based, and certificate-based techniques. To add confidentiality to an authenticated channel, authenticated key exchange (AKE) protocols usually have one of the three solutions built in. As an amplification, hybrid AKE (HAKE) approaches are getting more popular nowadays and were presented in several flavors to incorporate classical, post-quantum, or quantum-key-distribution components. The main benefit is redundancy, i.e., if some of the components fail, the primitive still yields a confidential and authenticated channel.
   At PQCrypto20, Dowling, Brandt, Hansen, and Paterson introduced a new modular framework for designing HAKE and presented a first instantiation, dubbed Muckle, requires pre-shared keys (and hence yields inefficient end-to-end authenticity). Recently (at PQCrypto23), Bruckner, Ramacher and Striecks proposed a new extended instantiation called Muckle+, that utilizes post-quantum digital signatures. In this talk, we will present Muckle++ that extends previous works by using post-quantum KEM for authentication. While replacing pre-shared keys with public-key authenticators is rather straightforward, the challenge is to derive the proof in the HAKE framework. As emphasised in KEMTLS, the main motivation is that pq KEM turn to be more efficient than pq signature schemes.
   Joint work with Sebastian Ramacher, Christoph Striecks, Ludovic Perret.