Skip to main content
Springer Nature Link
Log in

\(\text {Muckle}+\): End-to-End Hybrid Authenticated Key Exchanges

  • Conference paper
  • First Online:
Post-Quantum Cryptography (PQCrypto 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14154))

Included in the following conference series:

  • 1190 Accesses

Abstract

End-to-end authenticity in public networks plays a significant role. Namely, without authenticity, the adversary might be able to retrieve even confidential information straight away by impersonating others. Proposed solutions to establish an authenticated channel cover pre-shared key-based, password-based, and certificate-based techniques. To add confidentiality to an authenticated channel, authenticated key exchange (AKE) protocols usually have one of the three solutions built in. As an amplification, hybrid AKE (HAKE) approaches are getting more popular nowadays and were presented in several flavors to incorporate classical, post-quantum, or quantum-key-distribution components. The main benefit is redundancy, i.e., if some of the components fail, the primitive still yields a confidential and authenticated channel. However, current HAKE instantiations either rely on pre-shared keys (which yields inefficient end-to-end authenticity) or only support one or two of the three above components (resulting in reduced redundancy and flexibility).

In this work, we present an extension of a modular HAKE framework due to Dowling, Brandt Hansen, and Paterson (PQCrypto’20) that does not suffer from the above constraints. While their instantiation, dubbed Muckle, requires pre-shared keys (and hence yields inefficient end-to-end authenticity), our extended instantiation called \(\text {Muckle}+\) utilizes post-quantum digital signatures. While replacing pre-shared keys with digital signatures is rather straightforward in general, this turned out to be surprisingly non-trivial when applied to HAKE frameworks (resulting in adapted proof techniques).

S. Bruckner—The work was conducted while the author was at AIT Austrian Institute of Technology.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://www.ietf.org/archive/id/draft-ietf-tls-hybrid-design-05.html, https://csrc.nist.gov/projects/post-quantum-cryptography.

  2. 2.

    https://www.reuters.com/article/us-toshiba-cyber-idUSKBN2730KW.

  3. 3.

    https://digital-strategy.ec.europa.eu/en/policies/european-quantum-communication-infrastructure-euroqci.

  4. 4.

    Interestingly, while some approaches even backed by patents (https://www.ipo.gov.uk/p-ipsum/Case/PublicationNumber/GB2590064) claim to provide long-range QKD networks without trusted nodes (i.e., establishing a secure channel between any two nodes), a recent work [46] demonstrates that such claim cannot be met.

  5. 5.

    We are sticking to the term “hybrid” here as it was coined in prior work on AKEs [36] in the meaning of combining classical (or, non-quantum-safe), QKD, and post-quantum cryptographic primitives. Other works may use the term “quantum-safe” to combine QKD and PQC primitives, or different terms.

  6. 6.

    Due to Qualys SSL Labs, https://www.ssllabs.com/ssl-pulse/, accessed in June 2023.

  7. 7.

    https://github.com/open-quantum-safe/liboqs-python.

  8. 8.

    https://pypi.org/project/cryptography/.

  9. 9.

    We observed no significant differences for the initiator and responder.

  10. 10.

    See https://github.com/open-quantum-safe/liboqs/issues/1476 for some background on this issue.

References

  1. Aas, J., et al.: Let’s encrypt: an automated certificate authority to encrypt the entire web. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 2473–2487. ACM Press (2019). https://doi.org/10.1145/3319535.3363192

  2. Alléaume, R., et al.: Using quantum key distribution for cryptographic purposes: a survey. Theor. Comput. Sci. 560, 62–81 (2014). https://doi.org/10.1016/j.tcs.2014.09.018

    Article  MathSciNet  MATH  Google Scholar 

  3. Baum, C., de Saint Guilhem, C.D., Kales, D., Orsini, E., Scholl, P., Zaverucha, G.: Banquet: short and fast signatures from AES. In: Garay, J.A. (ed.) PKC 2021. LNCS, vol. 12710, pp. 266–297. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-75245-3_11

    Chapter  Google Scholar 

  4. Bellare, M., Lysyanskaya, A.: Symmetric and dual PRFs from standard assumptions: a generic validation of an HMAC assumption. Cryptology ePrint Archive, Report 2015/1198 (2015). https://eprint.iacr.org/2015/1198

  5. Bellare, M., Miner, S.K.: A forward-secure digital signature scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 431–448. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_28

    Chapter  Google Scholar 

  6. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6_11

    Chapter  Google Scholar 

  7. Bellare, M., Rogaway, P.: Provably secure session key distribution: the three party case. In: 27th ACM STOC, pp. 57–66. ACM Press (1995). https://doi.org/10.1145/225058.225084

  8. Bernstein, D.J.: Curve25519: new Diffie-Hellman speed records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207–228. Springer, Heidelberg (2006). https://doi.org/10.1007/11745853_14

    Chapter  Google Scholar 

  9. Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.-Y.: High-speed high-security signatures. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 124–142. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_9

    Chapter  Google Scholar 

  10. Bernstein, D.J., Hülsing, A., Kölbl, S., Niederhagen, R., Rijneveld, J., Schwabe, P.: The SPHINCS\(^+\) signature framework. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 2129–2146. ACM Press (2019). https://doi.org/10.1145/3319535.3363229

  11. Beullens, W.: Breaking rainbow takes a weekend on a laptop. In: Dodis, Y., Shrimpton, T. (eds.) CRYPTO 2022. LNCS, vol. 13508, pp. 464–479. Springer, Heidelberg (2022). https://doi.org/10.1007/978-3-031-15979-4_16

    Chapter  Google Scholar 

  12. Bindel, N., Brendel, J., Fischlin, M., Goncalves, B., Stebila, D.: Hybrid key encapsulation mechanisms and authenticated key exchange. In: Ding, J., Steinwandt, R. (eds.) PQCrypto 2019. LNCS, vol. 11505, pp. 206–226. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-25510-7_12

    Chapter  Google Scholar 

  13. Bos, J.W., Costello, C., Naehrig, M., Stebila, D.: Post-quantum key exchange for the TLS protocol from the ring learning with errors problem. In: 2015 IEEE Symposium on Security and Privacy, pp. 553–570. IEEE Computer Society Press (2015). https://doi.org/10.1109/SP.2015.40

  14. Bost, R., Minaud, B., Ohrimenko, O.: Forward and backward private searchable encryption from constrained cryptographic primitives. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 1465–1482. ACM Press (2017). https://doi.org/10.1145/3133956.3133980

  15. Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6_12

    Chapter  Google Scholar 

  16. Brendel, J., Fischlin, M., Günther, F.: Breakdown resilience of key exchange protocols: newhope, TLS 1.3, and hybrids. In: Sako, K., Schneider, S., Ryan, P.Y.A. (eds.) ESORICS 2019. LNCS, vol. 11736, pp. 521–541. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-29962-0_25

    Chapter  Google Scholar 

  17. Buchmann, J., Dahmen, E., Hülsing, A.: XMSS - a practical forward secure signature scheme based on minimal security assumptions. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 117–129. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25405-5_8

    Chapter  Google Scholar 

  18. Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 255–271. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-39200-9_16

    Chapter  Google Scholar 

  19. Castryck, W., Decru, T.: An efficient key recovery attack on SIDH. In: Hazay, C., Stam, M. (eds.) EUROCRYPT 2023. LNCS, vol. 14008, pp. 423–447. Springer, Heidelberg (2023). https://doi.org/10.1007/978-3-031-30589-4_15

    Chapter  Google Scholar 

  20. Chase, M., et al.: Post-quantum zero-knowledge and signatures from symmetric-key primitives. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 1825–1842. ACM Press (2017). https://doi.org/10.1145/3133956.3133997

  21. Chen, L., Chen, J., Chen, Q., Zhao, Y.: A quantum key distribution routing scheme for hybrid-trusted QKD network system. Quantum Inf. Process. 22(1), 75 (2023). https://doi.org/10.1007/s11128-022-03825-x

    Article  MathSciNet  MATH  Google Scholar 

  22. Cini, V., Ramacher, S., Slamanig, D., Striecks, C.: CCA-secure (puncturable) KEMs from encryption with non-negligible decryption errors. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12491, pp. 159–190. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64837-4_6

    Chapter  Google Scholar 

  23. Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.T.: Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. RFC 5280, 1–151 (2008). https://doi.org/10.17487/RFC5280

  24. Costea, S., Choudary, M.O., Gucea, D., Tackmann, B., Raiciu, C.: Secure opportunistic multipath key exchange. In: Lie, D., Mannan, M., Backes, M., Wang, X. (eds.) ACM CCS 2018, pp. 2077–2094. ACM Press (2018). https://doi.org/10.1145/3243734.3243791

  25. Cremers, C., Feltz, M.: Beyond eCK: perfect forward secrecy under actor compromise and ephemeral-key reveal. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 734–751. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33167-1_42

    Chapter  Google Scholar 

  26. Dallmeier, F., et al.: Forward-secure 0-RTT goes live: implementation and performance analysis in QUIC. In: Krenn, S., Shulman, H., Vaudenay, S. (eds.) CANS 2020. LNCS, vol. 12579, pp. 211–231. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-65411-5_11

    Chapter  Google Scholar 

  27. Dauterman, E., Corrigan-Gibbs, H., Mazières, D.: SafetyPin: encrypted backups with human-memorable secrets. In: 14th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2020, Virtual Event, 4–6 November 2020, pp. 1121–1138. USENIX Association (2020)

    Google Scholar 

  28. Derler, D., Gellert, K., Jager, T., Slamanig, D., Striecks, C.: Bloom filter encryption and applications to efficient forward-secret 0-RTT key exchange. J. Cryptol. 34(2), 13 (2021)

    Article  MathSciNet  MATH  Google Scholar 

  29. Derler, D., Jager, T., Slamanig, D., Striecks, C.: Bloom filter encryption and applications to efficient forward-secret 0-RTT key exchange. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 425–455. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78372-7_14

    Chapter  Google Scholar 

  30. Derler, D., Krenn, S., Lorünser, T., Ramacher, S., Slamanig, D., Striecks, C.: Revisiting proxy re-encryption: forward secrecy, improved security, and applications. In: Abdalla, M., Dahab, R. (eds.) PKC 2018. LNCS, vol. 10769, pp. 219–250. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-76578-5_8

    Chapter  Google Scholar 

  31. Derler, D., Ramacher, S., Slamanig, D., Striecks, C.: Fine-grained forward secrecy: allow-list/deny-list encryption and applications. In: Borisov, N., Diaz, C. (eds.) FC 2021. LNCS, vol. 12675, pp. 499–519. Springer, Heidelberg (2021). https://doi.org/10.1007/978-3-662-64331-0_26

    Chapter  MATH  Google Scholar 

  32. Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976). https://doi.org/10.1109/TIT.1976.1055638

    Article  MathSciNet  MATH  Google Scholar 

  33. Diffie, W., van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Des. Codes Cryptogr. 2(2), 107–125 (1992)

    Article  MathSciNet  Google Scholar 

  34. Donenfeld, J.A.: WireGuard: next generation kernel network tunnel. In: NDSS 2017. The Internet Society (2017)

    Google Scholar 

  35. Dowling, B., Fischlin, M., Günther, F., Stebila, D.: A cryptographic analysis of the TLS 1.3 handshake protocol. J. Cryptol. 34(4), 37 (2021). https://doi.org/10.1007/s00145-021-09384-1

    Article  MathSciNet  MATH  Google Scholar 

  36. Dowling, B., Hansen, T.B., Paterson, K.G.: Many a mickle makes a muckle: a framework for provably quantum-secure hybrid key exchange. In: Ding, J., Tillich, J.-P. (eds.) PQCrypto 2020. LNCS, vol. 12100, pp. 483–502. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-44223-1_26

    Chapter  MATH  Google Scholar 

  37. Drijvers, M., Gorbunov, S., Neven, G., Wee, H.: Pixel: multi-signatures for consensus. In: Capkun, S., Roesner, F. (eds.) USENIX Security 2020, pp. 2093–2110. USENIX Association (2020)

    Google Scholar 

  38. ETSI: Quantum key distribution (QKD): Protocol and data format of rest-based key delivery API (2019). https://www.etsi.org/deliver/etsi_gs/QKD/001_099/014/01.01.01_60/gs_qkd014v010101p.pdf

  39. Fitzi, M., Franklin, M., Garay, J., Vardhan, S.H.: Towards optimal and efficient perfectly secure message transmission. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 311–322. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_17

    Chapter  Google Scholar 

  40. Groth, J.: Non-interactive distributed key generation and key resharing. Cryptology ePrint Archive, Report 2021/339 (2021). https://eprint.iacr.org/2021/339

  41. Günther, C.G.: An identity-based key-exchange protocol. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 29–37. Springer, Heidelberg (1990). https://doi.org/10.1007/3-540-46885-4_5

    Chapter  Google Scholar 

  42. Günther, F., Hale, B., Jager, T., Lauer, S.: 0-RTT key exchange with full forward secrecy. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 519–548. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56617-7_18

    Chapter  Google Scholar 

  43. Hövelmanns, K., Kiltz, E., Schäge, S., Unruh, D.: Generic authenticated key exchange in the quantum random oracle model. In: Kiayias, A., Kohlweiss, M., Wallden, P., Zikas, V. (eds.) PKC 2020. LNCS, vol. 12111, pp. 389–422. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45388-6_14

    Chapter  MATH  Google Scholar 

  44. Hülsing, A., Butin, D., Gazdag, S., Rijneveld, J., Mohaisen, A.: XMSS: extended Merkle signature scheme. RFC 8391, 1–74 (2018). https://doi.org/10.17487/RFC8391

  45. Hülsing, A., Ning, K.C., Schwabe, P., Weber, F., Zimmermann, P.R.: Post-quantum WireGuard. In: 2021 IEEE Symposium on Security and Privacy, pp. 304–321. IEEE Computer Society Press (2021). https://doi.org/10.1109/SP40001.2021.00030

  46. Huttner, B., et al.: Long-range QKD without trusted nodes is not possible with current technology. npj Quantum Inf. 8(1), 1–5 (2022)

    Google Scholar 

  47. Iyengar, J., Thomson, M.: QUIC: a UDP-based multiplexed and secure transport. RFC 9000, 1–151 (2021). https://doi.org/10.17487/RFC9000

  48. Katz, J., Kolesnikov, V., Wang, X.: Improved non-interactive zero knowledge with applications to post-quantum signatures. In: Lie, D., Mannan, M., Backes, M., Wang, X. (eds.) ACM CCS 2018, pp. 525–537. ACM Press (2018). https://doi.org/10.1145/3243734.3243805

  49. Katz, J., Lindell, Y.: Introduction to Modern Cryptography, 2nd edn. CRC Press (2014). https://www.crcpress.com/Introduction-to-Modern-Cryptography-Second-Edition/Katz-Lindell/p/book/9781466570269

  50. Kaufman, C.: Internet key exchange (IKEv2) protocol. RFC 4306, 1–99 (2005). https://doi.org/10.17487/RFC4306

  51. Krawczyk, H.: SIGMA: the “SIGn-and-MAc’’ approach to authenticated Diffie-Hellman and its use in the IKE protocols. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 400–425. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_24

    Chapter  Google Scholar 

  52. Kumar, M.V.N.A., Goundan, P.R., Srinathan, K., Rangan, C.P.: On perfectly secure communication over arbitrary networks. In: Ricciardi, A. (ed.) 21st ACM PODC, pp. 193–202. ACM (2002). https://doi.org/10.1145/571825.571858

  53. Kwiatkowski, K., Sullivan, N., Langley, A., Levin, D., Mislove, A.: Measuring TLS key exchange with post-quantum KEM. In: Workshop Record of the Second PQC Standardization Conference (2019). https://csrc.nist.gov/CSRC/media/Events/Second-PQC-Standardization-Conference/documents/accepted-papers/kwiatkowski-measuring-tls.pdf

  54. Langley, A.: Cecpq1 results. Blog post (2016). https://www.imperialviolet.org/2016/11/28/cecpq1.html

  55. Langley, A., et al.: The QUIC transport protocol: design and internet-scale deployment. In: Proceedings of the Conference of the ACM Special Interest Group on Data Communication, SIGCOMM 2017, Los Angeles, CA, USA, 21–25 August 2017, pp. 183–196. ACM (2017). https://doi.org/10.1145/3098822.3098842

  56. Lauer, S., Gellert, K., Merget, R., Handirk, T., Schwenk, J.: T0RTT: non-interactive immediate forward-secret single-pass circuit construction. PoPETs 2020(2), 336–357 (2020). https://doi.org/10.2478/popets-2020-0030

    Article  Google Scholar 

  57. Li, J., Kim, K., Zhang, F., Chen, X.: Aggregate proxy signature and verifiably encrypted proxy signature. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 208–217. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-75670-5_15

    Chapter  Google Scholar 

  58. Maurer, U.M.: Protocols for secret key agreement by public discussion based on common information. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 461–470. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_32

    Chapter  Google Scholar 

  59. Mehic, M., et al.: Quantum key distribution: a networking perspective. ACM Comput. Surv. 53(5), 96:1–96:41 (2020). https://doi.org/10.1145/3402192

  60. Mosca, M., Stebila, D., Ustaoğlu, B.: Quantum key distribution in the classical authenticated key exchange framework. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 136–154. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38616-9_9

    Chapter  MATH  Google Scholar 

  61. Pacher, C., et al.: Attacks on quantum key distribution protocols that employ non-its authentication. Quantum Inf. Process. 15(1), 327–362 (2016). https://doi.org/10.1007/s11128-015-1160-4

    Article  MathSciNet  MATH  Google Scholar 

  62. Paquin, C., Stebila, D., Tamvada, G.: Benchmarking post-quantum cryptography in TLS. In: Ding, J., Tillich, J.-P. (eds.) PQCrypto 2020. LNCS, vol. 12100, pp. 72–91. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-44223-1_5

    Chapter  MATH  Google Scholar 

  63. Ramacher, S., Slamanig, D., Weninger, A.: Privacy-preserving authenticated key exchange: stronger privacy and generic constructions. In: Bertino, E., Shulman, H., Waidner, M. (eds.) ESORICS 2021. LNCS, vol. 12973, pp. 676–696. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-88428-4_33

    Chapter  Google Scholar 

  64. Rashidi, L., et al.: More than a fair share: network data remanence attacks against secret sharing-based schemes. In: NDSS 2021. The Internet Society (2021)

    Google Scholar 

  65. Rass, S., König, S.: Indirect eavesdropping in quantum networks. In: ICQNM 2011: The Fifth International Conference on Quantum, Nano and Micro Technologies (2011)

    Google Scholar 

  66. Rass, S., Schartner, P.: Multipath authentication without shared secrets and with applications in quantum networks. In: Arabnia, H.R., et al. (eds.) Proceedings of the 2010 International Conference on Security & Management, SAM 2010, Las Vegas Nevada, USA, 12–15 July 2010, vol. 2, pp. 111–115. CSREA Press (2010)

    Google Scholar 

  67. Rescorla, E.: The transport layer security (TLS) protocol version 1.3. RFC 8446, 1–160 (2018). https://doi.org/10.17487/RFC8446

  68. Rösler, P., Slamanig, D., Striecks, C.: Unique-path identity based encryption with applications to strongly secure messaging. In: Hazay, C., Stam, M. (eds.) EUROCRYPT 2023. LNCS, vol. 14008, pp. 3–34. Springer, Heidelberg (2023). https://doi.org/10.1007/978-3-031-30589-4_1

    Chapter  Google Scholar 

  69. Schäge, S., Schwenk, J., Lauer, S.: Privacy-preserving authenticated key exchange and the case of IKEv2. In: Kiayias, A., Kohlweiss, M., Wallden, P., Zikas, V. (eds.) PKC 2020. LNCS, vol. 12111, pp. 567–596. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45388-6_20

    Chapter  MATH  Google Scholar 

  70. Schwabe, P., Stebila, D., Wiggers, T.: Post-quantum TLS without handshake signatures. In: Ligatti, J., Ou, X., Katz, J., Vigna, G. (eds.) ACM CCS 2020, pp. 1461–1480. ACM Press (2020). https://doi.org/10.1145/3372297.3423350

  71. Slamanig, D., Striecks, C.: Puncture ’em all: updatable encryption with no-directional key updates and expiring ciphertexts. Cryptology ePrint Archive, Report 2021/268 (2021). https://eprint.iacr.org/2021/268

  72. Stebila, D., Mosca, M.: Post-quantum key exchange for the internet and the open quantum safe project. In: Avanzi, R., Heys, H. (eds.) SAC 2016. LNCS, vol. 10532, pp. 14–37. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69453-5_2

    Chapter  Google Scholar 

  73. Yu, X., et al.: Multi-path-based quasi-real-time key provisioning in quantum-key-distribution enabled optical networks (QKD-on). Opt. Express 29(14), 21225–21239 (2021). https://doi.org/10.1364/OE.425562

    Article  Google Scholar 

  74. Zhao, Y.: Identity-concealed authenticated encryption and key exchange. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM CCS 2016, pp. 1464–1479. ACM Press (2016). https://doi.org/10.1145/2976749.2978350

Download references

Acknowledgements

The authors want to thank Christian Rechberger and Felix Wissel for insightful discussions, and Florian Kutschera for helping with the setup of the QKD devices. This work received funding from the Austrian Research Promotion Agency (FFG) under grant agreement number FO999886370 (“QKD4GOV”), from the European Defence Industrial Development Programme (EDIDP) under grant agreement number SI2858093 (“DISCRETION”), and from the Digital Europe Program under grant agreement number 101091642 (“QCI-CAT”).

Author information

Authors and Affiliations

  1. University of Applied Sciences Upper Austria, Hagenberg, Austria

    Sonja Bruckner

  2. AIT Austrian Institute of Technology, Vienna, Austria

    Sebastian Ramacher & Christoph Striecks

Authors
  1. Sonja Bruckner
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sebastian Ramacher
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Christoph Striecks
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sebastian Ramacher .

Editor information

Editors and Affiliations

  1. Lund University, Lund, Sweden

    Thomas Johansson

  2. National Institute of Standards and Technology, Gaithersburg, MD, USA

    Daniel Smith-Tone

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bruckner, S., Ramacher, S., Striecks, C. (2023). \(\text {Muckle}+\): End-to-End Hybrid Authenticated Key Exchanges. In: Johansson, T., Smith-Tone, D. (eds) Post-Quantum Cryptography. PQCrypto 2023. Lecture Notes in Computer Science, vol 14154. Springer, Cham. https://doi.org/10.1007/978-3-031-40003-2_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-40003-2_22

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-40002-5

  • Online ISBN: 978-3-031-40003-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics